CN105931040A - Security verification method and system for mobile phone bank customer - Google Patents

Security verification method and system for mobile phone bank customer Download PDF

Info

Publication number
CN105931040A
CN105931040A CN201610395921.1A CN201610395921A CN105931040A CN 105931040 A CN105931040 A CN 105931040A CN 201610395921 A CN201610395921 A CN 201610395921A CN 105931040 A CN105931040 A CN 105931040A
Authority
CN
China
Prior art keywords
client
information
binding
binding relationship
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610395921.1A
Other languages
Chinese (zh)
Inventor
王进
李震
彭勇
李曦
劳醒苟
陈锋
林浪桥
林锦群
林友明
邓亚芳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
Original Assignee
China Construction Bank Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp filed Critical China Construction Bank Corp
Priority to CN201610395921.1A priority Critical patent/CN105931040A/en
Publication of CN105931040A publication Critical patent/CN105931040A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • General Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Strategic Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • Development Economics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Economics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Power Engineering (AREA)
  • Technology Law (AREA)
  • Marketing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a security verification method and system for a mobile phone bank customer. The method includes the following steps that: equipment hardware information and customer number of the customer are obtained; the binding relation between the equipment hardware information of the customer and customer registration information is verified according to the equipment hardware information and the customer number; and a static login password inputted by the customer is obtained, and the static login password is verified; after the binding relation and the static login password both pass verification, it is determined that the login of the customer is successful. With the security verification method and system for the mobile phone bank customer of the invention adopted, the relevance of the customer and equipment is enhanced through the binding relation between the customer information and the equipment hardware information, and harm caused by the stealing of the account password of the customer by criminals can be decreased.

Description

A kind of safe verification method for Mobile banking client and system
Technical field
The present invention relates to a kind of information security process field, particularly relate to a kind of for Mobile banking client Safe verification method and system.
Background technology
Along with the rise of mobile Internet, the equipment such as smart mobile phone, panel computer uses Mobile banking The demand of client also grows with each passing day, and therefore the function of Mobile banking's client is the most powerful.Same with this Time, the fishing APP that be enough to mix the spurious with the genuine that the risk of information leakage, lawless person make is to Mobile banking visitor The safety of family end causes the biggest threat.And the most most Mobile banking safety verification mode is also Being the simple authentication method of traditional customer name/password, this mode safety coefficient is low, is easily cracked, The information security of client can not be protected very well.Part bank uses the form of dynamic password to further enhance The safety of Mobile banking, but this mode still has its limitation, can not be suitable for the most urgent client Information security demand.
Summary of the invention
The present invention is directed to the deficiency of conventional authentication mode, it is provided that a kind of safety for Mobile banking client is tested Card method and system, solves the problem that traditional client name/password authentification mode safety is the strongest, passes through equipment The multiple checking means of binding are that client uses the safety of Mobile banking to provide solution party the most flexibly Case, strengthens client and uses the financing security of Mobile banking.
Embodiment of the present invention provides a kind of safe verification method for Mobile banking client, wherein, Described method includes:
Obtain device hardware information and client's number of client;
Device hardware information according to client described in described device hardware information and client's number verification and registration Binding relationship between customer information;
Obtain the static entry password of described client input, and verify described static entry password;
Described binding relationship and static entry password are all verified, and determine that described client logins successfully.
Correspondingly, embodiment of the present invention additionally provides a kind of safety verification system for Mobile banking client System, wherein, described system includes:
Data obtaining module, for obtaining device hardware information and client's number of client;
Binding validatation module, for according to client's described in described device hardware information and client's number verification Binding relationship between device hardware information and registered client's information;
Password authentication module, for obtaining the static entry password of described client input, and verifies described quiet State entry password;
Login module, is all verified for described binding relationship and static entry password, determines described visitor Family logins successfully.
Embodiment of the present invention is used to have following beneficial effect: by customer information and device hardware information Binding relationship enhance the relatedness of client and equipment, reduce lawless person and steal customer accounting code password and make The hazardness become.
Accompanying drawing explanation
Fig. 1 is a kind of safe verification method for Mobile banking client according to embodiment of the present invention Flow chart;
Fig. 2 is a kind of security authentication systems for Mobile banking client according to embodiment of the present invention Block diagram.
Detailed description of the invention
For the ease of understanding the various aspects of technical solution of the present invention, feature and advantage, below in conjunction with attached The present invention is specifically described by figure.Should be appreciated that following various embodiments are served only for illustrating, Not for limiting the scope of the invention.
Fig. 1 is a kind of safe verification method for Mobile banking client according to embodiment of the present invention Flow chart, as it is shown in figure 1, described method includes:
Step S1, obtains device hardware information and client's number of client;
Step S2, believes according to the device hardware of client described in described device hardware information and client's number verification Binding relationship between breath and registered client's information;
Step S3, obtains the static entry password of described client input, and verifies described static entry password;
Step S4, described binding relationship and static entry password are all verified, and determine that described client logs in Success.
It should be noted that the order that the present invention performs step to described method is not particularly limited, ability Field technique personnel can flexibly set different execution sequences as required, and such as, step S3 can be with Step S1 or step S2 perform simultaneously, or perform after step S1 and before step S2.
In another embodiment of the present invention, wherein, according to described device hardware information and client's number Verify that between the device hardware information of described client and registered client's information, binding relationship includes:
Judge whether described client exists device hardware information according to described device hardware information and client's number And the binding information between registered client's information;And
When the binding information of described client exists, according to the device hardware information of described acquisition and Client's number verification, binding information verify the binding relationship between described facility information and registered client's information.
In another embodiment of the present invention, wherein, according to described device hardware information and client's number Verify that between the device hardware information of described client and registered client's information, binding relationship also includes:
Under the non-existent situation of binding information of described client, set up the hardware equipment information of described client And the binding information between registered client's information;
Send dynamic password by SMS platform to the equipment of described client, and verify what described client inputted Dynamic password.
In another embodiment of the present invention, wherein, as described binding relationship and static entry password All it is verified, determines the alternate process that described client logins successfully, including:
Described binding relationship, dynamic password and static entry password are all verified, it is determined that described client Login successfully.
In an embodiment, such as when client logs in Mobile banking, this customer ID in safe verification method Information such as includes the information such as customer name, card number, and described method also obtains the hardware carrying out logging in and sets The hardware information of standby (hereinafter referred to as logging device), the hardware information of this logging device such as includes mobile phone IMEI (International Mobile Equipment Identity, International Mobile Station Equipment Identification), The hardware equipment information such as WIFIMAC, and security authentication systems 1 can also be together with Client handset number general These information are sent to Mobile banking's server.
During binding relationship between checking logging device and customer ID, the client first got Number information and logging device information and binding information storage part in storage customer ID and bound device it Between binding information mate, if obtaining matching result, then checking customer ID carry out with logging device Cross binding, directly according to the type of binding information checking binding relationship.If not obtaining matching result, then test Card customer ID was not by binding with logging device, and now, binding relationship generating unit makes customer ID and steps on Recording apparatus generates binding relationship, obtains binding information simultaneously, according to the class of binding information checking binding relationship Type.
Such as, in the case of customer ID A logs in hardware device a, security authentication systems 1 Data obtaining module 10 obtains customer ID A and the information of logging device a, afterwards, by customer ID A and step on In the information of recording apparatus a and binding information storage part, the binding between customer ID and the hardware device of storage is believed Breath mates.
Mobile banking's client obtains the device hardware information such as mobile phone IMEI Yu WIFIMAC;Mobile banking Server authentication Client handset number is the most legal, if open Mobile banking;Binding relationship storage assembly pair Customer ID, IMEI, WIFIMAC generate unique constraint, and preserve BINDTIME (binding time). Binding relationship model provides judgement depend on as the basis of the present invention, design and foundation for other modules According to.
In embodiments of the present invention, according to the device hardware information of described acquisition and client's number verification, Binding information verifies that the binding relationship between described facility information and registered client's information includes:
When described binding information only exists unique binding record and the device hardware information of current bindings and guarantor When the device hardware deposited is inconsistent, update apparatus bound state.Wherein, described renewal apparatus bound state Including: the equipment the earliest of the binding time in binding being recorded is set to entirely tie up equipment (that is, Mobile banking visitor Family end is bound by customer ID, equipment uniquely mark etc.), the non-equipment the earliest of described binding time It is set to partly tie up equipment (that is, be different from and entirely tie up equipment, Mobile banking's equipment has limit control after partly tying up).
In the above-described embodiments, the binding record that first inquiry client is current, obtained by client's binding relationship Existing customer bound device information;If bound device information only exists a binding record and current tying up Determine information inconsistent with the facility information preserved, then update apparatus bound state for entirely tying up or partly tying up;Its The BINDTIME (binding time) of middle binding record equipment the earliest is for entirely tying up equipment, and the most main tying up sets Standby;Remaining is partly to tie up equipment.Consideration based on raising Mobile banking safety in utilization, half-and-half ties up equipment real The limit of line parameter controls.
In another embodiment of the present invention, described method can farther include: closes having described binding Described binding relationship between the equipment of system changes, and with described, described equipment of entirely tying up partly is tied up equipment Binding relationship is interchangeable.
Such as, first log into use device A, establish the binding of customer information and facility information in device A After relation, if second time log in use device A, bound this equipment due to existing customer and only one tie up Determine record, then the non-equipment of partly tying up of device A, partly ties up checking and terminates;If second time logs in use equipment B, by In existing customer this equipment unbound, then setting up binding relationship, now, device A is that master ties up equipment, if Standby B is partly to tie up equipment.On the basis of second time logs in use equipment B, if third time logs in use equipment A, then enter binding changing process, if client selects change, then device A unbinds, and equipment B becomes main and ties up Equipment;If third time logs in use equipment B, then binding relationship is constant.
If obtaining matching result (i.e. binding information storage part to exist between customer ID A and logging device a Binding information c, this customer ID A and this hardware device a between set up binding relationship), then can root According to matching result (in binding information c) checking customer ID A and logging device a between the class of binding relationship Type.
If not obtaining matching result (binding information storage part i.e. not to exist customer ID A and logging device a Between binding information, do not set up binding relationship between this customer ID A and this hardware device a), then first First judge whether this customer ID A exists whether other bound device (i.e. exist in binding information storage part and tie up Determine information), if there are not other bound device and (i.e. binding information storage part do not exist and tie up in this customer ID A Determine information), then customer ID A be first log into (or before customer ID A binding hardware device all solutions Tie up), binding relationship generating unit makes to set up binding relationship between customer ID A and logging device a, makes login set Standby a becomes the bound device of customer ID A, and logging device a is that the full bound device of customer ID A (is led and tied up Locking equipment), and binding relationship is full binding relationship, and the customer ID A that will generate in binding relationship generating unit And binding information is stored in binding information storage part between logging device a.If there are other in this customer ID A (i.e. there is binding information in binding information storage part) in bound device, then customer ID A does not first logs into, Binding relationship generating unit makes to set up binding relationship between customer ID A and logging device a, makes logging device a Becoming the bound device of customer ID A, logging device a is half bound device of customer ID A, and binding is closed System is half binding relationship, and between customer ID A and the logging device a that will generate in binding relationship generating unit Binding information is stored in binding information storage part.
Wherein, binding relationship generating unit such as generates unique constraint to customer ID, IMEI, WIFIMAC, Make customer ID and logging device information generate binding relationship, and generate binding time (BINDTIME), And this binding time such as can be determined that the type of binding (ties up the binding time of equipment the most entirely ).Therefore, the binding information between customer ID and logging device may include that customer ID information and Customer ID generates the information of hardware device of binding relationship, the information etc. of bindtype.
In security authentication systems 1, such as, set except the hardware of binding (or binding time is the earliest) first Standby for entirely to tie up outside equipment, remaining bound device is equipment of partly tying up.Security authentication systems 1 is by checking Which kind of bound device logging device is, verifies the binding relationship between logging device and customer ID.
According to present embodiment, it is possible to make to generate binding between the hardware information of logging device and customer ID and close System, and verify the binding relationship type between customer ID and logging device, based on this security authentication systems (such as some function is entirely bound and is set different types of bound device can be carried out the control of parameterized limit For using, half bound device cannot use;The amount of money that equipment of partly tying up can be concluded the business is less than entirely tying up equipment Deng), thus improve Mobile banking's safety in utilization.Such as, partly the relation of tying up facilitates client in emergency Second equipment of lower use is traded, and controls to enhance the safety of use by limit.
Owing to can make to generate between the hardware information of logging device and customer ID binding relationship, therefore safety Checking system 1 is preferably provided with binding relationship changing unit, and the binding between change customer ID and bound device is closed System.
Specifically, binding relationship changing unit can release the binding relationship between customer ID and hardware device, Such as delete the binding information between customer ID and the hardware device of storage in binding information storage part.Such as, If wanting to release the binding relationship between hardware device a and customer ID A, then deleted by binding relationship changing unit Except the binding information between customer ID A and the hardware device a stored in binding information storage part.Binding is closed It it is the changing unit type that can also change the binding relationship between customer ID and bound device.Such as, client Number A logs in Mobile banking by entirely tying up equipment a, and by relieving customer ID A and entirely tying up equipment a Between binding, but customer ID A is also equipped with half bound device b, bindtype changing unit will partly be tied up The bindtype of locking equipment b changes to master and ties up equipment.This half bound device b can be in addition to entirely tie up equipment a Outside carry out, with customer ID A, the equipment the earliest bound, it is also possible to be that this partly being tied up of specifying of client sets For changing to entirely tie up the hardware device of equipment.
In another embodiment of the invention, according to described device hardware information and client's number verification Between device hardware information and registered client's information of client, binding relationship also includes: in the given time, When the number of devices of described binding relationship is in excess of the quota, then refusal resettles described binding relationship.
Such as: sometimes, same equipment can be bound by multiple clients, in order to ensure customer information The risk that safety, reduction equipment are utilized by lawless person, therefore, security authentication systems 1 can also be preferably Possess: single binding validatation subelement.Hardware device is carried out binding number of times by single binding validatation subelement Be controlled.When multiple clients use same equipment repeatedly to bind, store according to binding information Binding information between the customer ID and the hardware device that store in portion, to same within the parameterized time period The quantity of the binding customer ID of hardware device is added up;If the quantity of binding customer ID is in excess of the quota, Refusal customer ID is bound with this hardware device.Such as, 10 clients were had to bind s in one hour This equipment, if the time that parameter is arranged is one hour, binding limit is 10, now another customer ID A attempt bound device s then can point out apparatus bound quantity to transfinite volume, it is impossible to binding.
In another embodiment of the invention, according to described device hardware information and client's number verification Between device hardware information and registered client's information of client, binding relationship includes: close when having described binding The equipment of system is more than two equipment, and when described bound device information and current device are inconsistent, then described Current device enters switching binding state.
Present embodiment is in order to save memory space, accelerate matching speed, it is also possible to change at binding relationship Portion possesses switching binding subelement.Such as, only store about a customer ID in switching binding subelement Article one, entirely tie up information and one and half and tie up information.In this case, such as, customer ID S has bound a, b Two equipment, wherein equipment a is that master ties up equipment, and equipment b is equipment of partly tying up, and binds c the most again such as S Equipment, then switching binding portion makes c equipment enter switching binding state, unbound device become partly to tie up and set Standby, equipment b is unbinding.And, it is also possible to if parametrization time device is 10 minutes, then equipment c Dynamic account class transaction such as transferring accounts is cannot be carried out in 10 minutes.
In another embodiment of the invention, according to described device hardware information and client's number verification Between device hardware information and registered client's information of client, binding relationship includes: when client is at Preset Time Inside it is not logged in, the binding state that when first logging into, entrance exceeded the time limit after the most described Preset Time.
In order to protect the safety of client further, security authentication systems 1 can also possess exceeds the time limit to bind son list Unit.Such as, client contracts after Mobile banking, as do not logged in Mobile banking's (time parameterisable for a long time Configuration), log in Mobile banking client and bind first laggard to enter to exceed the time limit binding state.Based on improving hands The consideration of machine bank safety in utilization, the binding state that exceeds the time limit is carried out parameterized limit and is controlled.Client Ke Tong Cross Net silver or limit is modified by sales counter.Such as, customer ID S signing Mobile banking did not stepped in later six months Record Mobile banking binds, and first logs into and (store in binding information storage part first and tie up after half a year Determine information), then enter the binding state that exceeds the time limit.The now dynamic account class transaction of client S receives limit control, than Transferring accounts such as single and not can exceed that 50,000, such as, equipment of entirely tying up this is also carried out limit control.
In sum, according to the safe verification method for Mobile banking client of present embodiment, pass through The binding relationship of customer information and device hardware information enhances the relatedness of client and equipment, reduces illegal Molecule steals the hazardness that customer accounting code password causes;Partly the relation of tying up facilitates client in case of emergency to use Second equipment is traded, and controls to enhance the safety of use by limit;Single binding limits The number of times of same apparatus bound client, prevents the behavior that malice is bound to a certain extent;Moving of switching binding Account class transaction suspension time limits the fund security protecting client to a certain extent;Exceed the time limit binding limit Control to reduce stolen the caused threat of customer accounting code password.
The described safe verification method for Mobile banking client on the basis of the hardware device that checking logs in, Basis can also get the information of customer ID of login, the hardware equipment information of logging device, cell-phone number, Verify that this Client handset number is the most legal, if open Mobile banking, carry out communication with SMS platform simultaneously, Reversely acquisition dynamic password is to Client handset, in checking logging device and the bindtype logging in customer ID The static entry password transmission simultaneously client inputted is tested to Mobile banking's server security correction verification module Card;After binding relationship, dynamic password and static password are by verification, jump to Mobile banking client End homepage;Otherwise output log-on message authentication failed message.
See Fig. 2, it is shown that a kind of safety verification system for Mobile banking client of embodiment of the present invention The block diagram of system.Based on a kind of safe verification method for Mobile banking client described in above-mentioned embodiment, Described system includes:
Data obtaining module 100, for obtaining device hardware information and client's number of client;
Binding validatation module 200, for according to client described in described device hardware information and client's number verification Device hardware information and registered client's information between binding relationship;
Password authentication module 300, for obtaining the static entry password of described client input, and verifies described Static entry password;
Login module 400, is all verified for described binding relationship and static entry password, determines described Client logins successfully.
In another embodiment of the present invention, wherein, according to described device hardware information and client's number Verify that between the device hardware information of described client and registered client's information, binding relationship includes:
Judge whether described client exists device hardware information according to described device hardware information and client's number And the binding information between registered client's information;And
When the binding information of described client exists, according to the device hardware information of described acquisition and Client's number verification, binding information verify the binding relationship between described facility information and registered client's information.
In another embodiment of the present invention, wherein, according to described device hardware information and client's number Verify that between the device hardware information of described client and registered client's information, binding relationship also includes:
Under the non-existent situation of binding information of described client, set up the hardware equipment information of described client And the binding information between registered client's information;
Send dynamic password by SMS platform to the equipment of described client, and verify what described client inputted Dynamic password.
In another embodiment of the present invention, wherein, as described binding relationship and static entry password The alternate process being all verified, it is determined that described client logins successfully and includes:
Described binding relationship, dynamic password and static entry password are all verified, it is determined that described client Login successfully.
In another embodiment of the present invention, device hardware information and client's number according to described acquisition are tested Card, binding information verify that the binding relationship between described facility information and registered client's information includes: work as institute State the equipment of device hardware information and the preservation only existing unique binding record and current bindings in binding information When hardware is inconsistent, update apparatus bound state.Wherein, described renewal apparatus bound state includes: will Binding time in binding record equipment the earliest is set to entirely tie up equipment, and (that is, Mobile banking's client is passed through Customer ID, equipment uniquely mark etc. is bound), the non-equipment the earliest of described binding time is set to partly tie up Equipment (that is, is different from and entirely ties up equipment, Mobile banking's equipment has limit control after partly tying up).
Specifically, when there is not binding relationship between checking logging device and customer ID, inquiry is described Whether customer ID exists bound device, if described customer ID does not exist bound device, then makes described login set For setting up binding relationship with customer ID, logging device is made to become the bound device of customer ID, and binding relationship For full binding relationship, if described customer ID exists bound device, then described logging device is made to build with customer ID Vertical binding relationship, makes logging device become the bound device of customer ID, and binding relationship is half binding relationship.
Described in the security authentication systems of Mobile banking client, it is also possible to close having described binding Described binding relationship between the equipment of system changes, and described full bound device is set with described half binding Standby binding relationship is interchangeable.
Described in the security authentication systems of Mobile banking client, the described logging device of described checking Facility information can farther include with the binding relationship of registered client's information: in the given time, when described When the number of devices of binding relationship is in excess of the quota, then refusal resettles described binding relationship.Checking customer ID Whether the time carrying out binding with logging device first exceedes certain time limit.If customer ID sets with login first The standby time carrying out binding exceedes certain time limit, then make described logging device and customer ID set up binding relationship, Make logging device become the bound device of customer ID, and binding relationship is the binding relationship that exceeds the time limit.
Described in the security authentication systems of Mobile banking client, setting of the described logging device of described checking Standby information can further include with the binding relationship of registered client's information: when having described binding relationship Equipment more than two equipment, and when described bound device information and current device are inconsistent, then described work as Front equipment enters switching binding state.
Described in the security authentication systems of Mobile banking client, setting of the described logging device of described checking Standby information includes with the binding relationship of registered client's information: when client is not logged in Preset Time, then institute State the binding state that entrance exceeded the time limit when first logging into after Preset Time.
According to present embodiment, it is possible to make to generate binding between the hardware information of logging device and customer ID and close System, and verify the bindtype between customer ID and logging device, permissible based on this security authentication systems Different types of bound device is carried out the control of parameterized limit, and (the such as full bound device of some function can To use, half bound device cannot use;The amount of money that equipment of partly tying up can be concluded the business is less than entirely tying up equipment etc.), Thus improve Mobile banking's safety in utilization.Such as, partly the relation of tying up facilitates client in case of emergency to make It is traded with second equipment, controls to enhance the safety of use by limit.
It should be noted that the detailed description of the invention of the described security authentication systems for Mobile banking client, Completely the same, at this with the above-mentioned embodiment content corresponding for the safe verification method of Mobile banking client It is no longer repeated.
Through the above description of the embodiments, those skilled in the art is it can be understood that arrive this Bright can realize by the mode of software combined with hardware platform.Based on such understanding, the technology of the present invention What background technology was contributed by scheme can embody with the form of software product in whole or in part, This computer software product can be stored in storage medium, such as ROM/RAM, magnetic disc, CD etc., Including some instructions with so that computer equipment (can be personal computer, server, intelligent Mobile phone or the network equipment etc.) perform described in some part of each embodiment of the present invention or embodiment Method.
The term used in description of the invention and wording, just to illustrating, are not intended to constitute limit Fixed.It will be appreciated by those skilled in the art that before the ultimate principle without departing from disclosed embodiment Put, each details in above-mentioned embodiment can be carried out various change.Therefore, the scope of the present invention is only Being determined by claim, in the claims, except as otherwise noted, all of term should be by broadest conjunction The meaning of reason understands.

Claims (12)

1. the safe verification method for Mobile banking client, it is characterised in that described method includes:
Obtain device hardware information and client's number of client;
Device hardware information according to client described in described device hardware information and client's number verification and registration Binding relationship between customer information;
Obtain the static entry password of described client input, and verify described static entry password;
Described binding relationship and static entry password are all verified, and determine that described client logins successfully.
2. the safe verification method for Mobile banking client as claimed in claim 1, it is characterised in that Device hardware information according to client described in described device hardware information and client's number verification and registered client Between information, binding relationship includes:
Judge whether described client exists device hardware information according to described device hardware information and client's number And the binding information between registered client's information;And
When the binding information of described client exists, according to the device hardware information of described acquisition and Client's number verification, binding information verify the binding relationship between described facility information and registered client's information.
3. the safe verification method for Mobile banking client as claimed in claim 2, it is characterised in that Device hardware information according to client described in described device hardware information and client's number verification and registered client Between information, binding relationship also includes:
Under the non-existent situation of binding information of described client, set up the hardware equipment information of described client And the binding information between registered client's information;
Send dynamic password by SMS platform to the equipment of described client, and verify what described client inputted Dynamic password.
4. the safe verification method for Mobile banking client as claimed in claim 3, it is characterised in that All it is verified as described binding relationship and static entry password, determines that what described client logined successfully replaces In generation, processes, including:
Described binding relationship, dynamic password and static entry password are all verified, it is determined that described client Login successfully.
5. the safe verification method for Mobile banking client as claimed in claim 2, it is characterised in that Device hardware information and client's number verification, binding information according to described acquisition verify described facility information And the binding relationship between registered client's information includes:
When described binding information only exists unique binding record and the device hardware information of current bindings and guarantor When the device hardware deposited is inconsistent, update apparatus bound state.
6. the safe verification method for Mobile banking client as claimed in claim 5, it is characterised in that Described renewal apparatus bound state includes:
Binding time equipment the earliest in binding record is set to entirely tie up equipment, described except binding time the earliest Equipment outside equipment be set to partly tie up equipment.
7. the safe verification method for Mobile banking client as claimed in claim 5, it is characterised in that Described method includes:
The described binding relationship having between the equipment of described binding relationship is changed, described entirely tying up is set For being interchangeable with the described binding relationship partly tying up equipment.
8. the safe verification method for Mobile banking client as claimed in claim 3, it is characterised in that Device hardware information according to client described in described device hardware information and client's number verification and registered client Between information, binding relationship also includes:
In the given time, when the number of devices of described binding relationship is in excess of the quota, then refusal resettles institute State binding relationship.
9. the safe verification method for Mobile banking client as claimed in claim 8, it is characterised in that Device hardware information according to client described in described device hardware information and client's number verification and registered client Between information, binding relationship includes:
When there is the quantity of equipment of described binding relationship more than 2, and described bound device information with currently set For time inconsistent, the most described current device enters switching binding state.
10. the safe verification method for Mobile banking client as claimed in claim 9, it is characterised in that Device hardware information according to client described in described device hardware information and client's number verification and registered client Between information, binding relationship includes:
When client is not logged in Preset Time, when first logging into, entrance is surpassed after the most described Preset Time Phase binding state.
11. 1 kinds of security authentication systems for Mobile banking client, it is characterised in that described system bag Include:
Data obtaining module, for obtaining device hardware information and client's number of client;
Binding validatation module, for according to client's described in described device hardware information and client's number verification Binding relationship between device hardware information and registered client's information;
Password authentication module, for obtaining the static entry password of described client input, and verifies described quiet State entry password;
Login module, is all verified for described binding relationship and static entry password, determines described visitor Family logins successfully.
12. as claimed in claim 11 for the security authentication systems of Mobile banking client, and its feature exists In, described system can perform the peace for Mobile banking client as described in claim 2-10 any one Full verification method.
CN201610395921.1A 2016-06-07 2016-06-07 Security verification method and system for mobile phone bank customer Pending CN105931040A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610395921.1A CN105931040A (en) 2016-06-07 2016-06-07 Security verification method and system for mobile phone bank customer

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610395921.1A CN105931040A (en) 2016-06-07 2016-06-07 Security verification method and system for mobile phone bank customer

Publications (1)

Publication Number Publication Date
CN105931040A true CN105931040A (en) 2016-09-07

Family

ID=56833336

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610395921.1A Pending CN105931040A (en) 2016-06-07 2016-06-07 Security verification method and system for mobile phone bank customer

Country Status (1)

Country Link
CN (1) CN105931040A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106685914A (en) * 2016-10-25 2017-05-17 腾讯科技(深圳)有限公司 Information authentication method, server and client
CN108600234A (en) * 2018-04-27 2018-09-28 中国农业银行股份有限公司 A kind of auth method, device and mobile terminal
CN110602676A (en) * 2019-09-09 2019-12-20 飞天诚信科技股份有限公司 Method for preventing hardware wallet from being maliciously paired
CN112511510A (en) * 2020-11-18 2021-03-16 建信金融科技有限责任公司 Authorization authentication method, system, electronic equipment and readable storage medium
CN112995227A (en) * 2021-05-13 2021-06-18 深圳格隆汇信息科技有限公司 One-stop information service platform based on three-party credit management
CN113486315A (en) * 2021-06-07 2021-10-08 广发银行股份有限公司 User login verification method, system and storage medium
CN113645268A (en) * 2021-06-25 2021-11-12 宁波奥克斯电气股份有限公司 Household appliance control method and device, server and mobile terminal

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101742499A (en) * 2009-12-31 2010-06-16 优视科技有限公司 Account number protection system for mobile communication equipment terminal and application method thereof
CN102624680A (en) * 2011-02-01 2012-08-01 福建新大陆电脑股份有限公司 Mobile payment system employing combined cipher and mobile payment method thereof
CN103186861A (en) * 2011-12-30 2013-07-03 上海博泰悦臻电子设备制造有限公司 Electronic payment method based on cloud data processing technology
CN105024980A (en) * 2014-04-29 2015-11-04 孙银海 On-line near-field payment system and method based on cell phone number

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101742499A (en) * 2009-12-31 2010-06-16 优视科技有限公司 Account number protection system for mobile communication equipment terminal and application method thereof
CN102624680A (en) * 2011-02-01 2012-08-01 福建新大陆电脑股份有限公司 Mobile payment system employing combined cipher and mobile payment method thereof
CN103186861A (en) * 2011-12-30 2013-07-03 上海博泰悦臻电子设备制造有限公司 Electronic payment method based on cloud data processing technology
CN105024980A (en) * 2014-04-29 2015-11-04 孙银海 On-line near-field payment system and method based on cell phone number

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106685914A (en) * 2016-10-25 2017-05-17 腾讯科技(深圳)有限公司 Information authentication method, server and client
CN106685914B (en) * 2016-10-25 2021-03-12 腾讯科技(深圳)有限公司 Information verification method, server and client
CN108600234A (en) * 2018-04-27 2018-09-28 中国农业银行股份有限公司 A kind of auth method, device and mobile terminal
CN110602676A (en) * 2019-09-09 2019-12-20 飞天诚信科技股份有限公司 Method for preventing hardware wallet from being maliciously paired
CN112511510A (en) * 2020-11-18 2021-03-16 建信金融科技有限责任公司 Authorization authentication method, system, electronic equipment and readable storage medium
CN112511510B (en) * 2020-11-18 2022-09-30 中国建设银行股份有限公司 Authorization authentication method, system, electronic equipment and readable storage medium
CN112995227A (en) * 2021-05-13 2021-06-18 深圳格隆汇信息科技有限公司 One-stop information service platform based on three-party credit management
CN112995227B (en) * 2021-05-13 2021-07-13 深圳格隆汇信息科技有限公司 One-stop information service platform based on three-party credit management
CN113486315A (en) * 2021-06-07 2021-10-08 广发银行股份有限公司 User login verification method, system and storage medium
CN113645268A (en) * 2021-06-25 2021-11-12 宁波奥克斯电气股份有限公司 Household appliance control method and device, server and mobile terminal

Similar Documents

Publication Publication Date Title
CN105931040A (en) Security verification method and system for mobile phone bank customer
CN102510337B (en) Quantitative risk and income self-adaptive dynamic multiple-factor authentication method
CN103944737B (en) Method for authenticating user identity, Third Party Authentication platform, carrier authorization platform
CN106850200A (en) A kind of method for using the digital cash based on block chain, system and terminal
CN107480540B (en) Data access control system and method
CN105262588B (en) Login method, account management server based on dynamic password and mobile terminal
CN108292331A (en) Method and system for creating, verifying and managing identity
CN106785146A (en) The charging method and system of the electric automobile charging pile with bluetooth
CN109272606A (en) A kind of smart lock monitoring equipment, method and storage medium based on block chain
CN103903140B (en) A kind of O2O safe payment methods, system and a kind of secure payment backstage
CN105338000B (en) A kind of verification method, verification system
WO2004091170A3 (en) Method and system for secure authentication
CN107194694A (en) A kind of off line method of payment based on Quick Response Code
CN104067304B (en) Portable terminal device, terminal function management system and terminal function management method
CN103177388B (en) For authoring system and for authorization method
CN104125230B (en) A kind of short message certification service system and authentication method
CN106411950A (en) Block-chain transaction ID based authentication method, device and system
CN107122977A (en) A kind of payment system based on bio-identification
CN107317807A (en) A kind of apparatus bound method, apparatus and system
CN106850693A (en) The method and real-name authentication system of a kind of real-name authentication
CN106452796A (en) Authentication and authorization method, tax-related business platform and related device
CN108960820A (en) A kind of real name identification method based on block chain, system and storage medium
CN104184836B (en) Multi-service single-node login system and method based on remote service business
CN101009558A (en) Real name system and method for network access
CN107742085A (en) A kind of data security system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20160907

RJ01 Rejection of invention patent application after publication