CN107463851B - Page verification method, device and system - Google Patents

Page verification method, device and system Download PDF

Info

Publication number
CN107463851B
CN107463851B CN201610387546.6A CN201610387546A CN107463851B CN 107463851 B CN107463851 B CN 107463851B CN 201610387546 A CN201610387546 A CN 201610387546A CN 107463851 B CN107463851 B CN 107463851B
Authority
CN
China
Prior art keywords
fingerprint
fingerprint verification
verification result
server
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610387546.6A
Other languages
Chinese (zh)
Other versions
CN107463851A (en
Inventor
侯菊敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba China Co Ltd
Original Assignee
Alibaba China Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba China Co Ltd filed Critical Alibaba China Co Ltd
Priority to CN201610387546.6A priority Critical patent/CN107463851B/en
Publication of CN107463851A publication Critical patent/CN107463851A/en
Application granted granted Critical
Publication of CN107463851B publication Critical patent/CN107463851B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2133Verifying human interaction, e.g., Captcha

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention discloses a method, a device and a system for page verification, relates to the technical field of internet, and aims to solve the problem that fingerprint characteristic information is leaked in the fingerprint verification process. The method of the invention comprises the following steps: after a page returned by the site server is obtained, the terminal searches a verification tag in a source code of the page; if the verification tag is found, calling a fingerprint verification interface to perform fingerprint verification to obtain a fingerprint verification result, wherein the fingerprint verification result is mark information for marking whether the fingerprint verification is successful or not; sending the fingerprint verification result to a site server; and the site server returns page information of successful verification or failed verification according to the fingerprint verification result. The method and the device are mainly applied to the webpage verification process based on the browser.

Description

Page verification method, device and system
Technical Field
The invention relates to the technical field of internet, in particular to a method, a device and a system for page verification.
Background
The verification code (Captcha) is an automatic program for distinguishing a user from a computer or a human, is used in a verification process of a website passing page, prevents hackers from using brute force cracking programs to perform actions such as password cracking, forum watering, page swiping or ticket swiping and the like by requiring a requester to input verification prompt information, and can effectively guarantee the safety and the order of a network environment.
The existing verification mechanism mainly displays verification prompt information (such as letters and numbers) in a picture format in a webpage, and a user manually inputs the seen verification prompt information into a verification box to complete a verification process. Because the time consumption of identifying the picture content by the computer program is long and the accuracy is low, the verification prompt information is difficult to acquire from the picture quickly and accurately. In addition, some verification code pictures display verification prompt information in a non-standard font format, such as lengthening or distorting alphanumerics, and interference lines or patterns are added on the basis, so that the difficulty of image recognition is further increased, and the possibility of obtaining the verification prompt information by a computer program is reduced.
As can be seen from the above, the existing authentication mechanism requires the user to perform subjective identification and manual input of the authentication prompt information, which involves two problems: on one hand, interference factors are added in the verification prompt information, and the difficulty of user identification is increased while the difficulty of computer identification is increased; on the other hand, the process of manually inputting the verification prompt information by the user is complicated in operation and low in efficiency. In order to improve the convenience of page verification, the prior art also provides a verification mode based on biological characteristic information. This approach needs to be implemented in conjunction with the terminal-side fingerprinting module. The terminal informs the user to perform fingerprint verification, the user presses a finger on a fingerprint acquisition area (such as an HOME key), and the terminal uploads acquired fingerprint characteristic information to a website server on a network side for comparison and verification. Compared with the verification mechanism, the fingerprint verification process only needs the user to press the fingerprint, and the operation is convenient and fast.
However, in the process of fingerprint verification, the inventor finds that: fingerprint characteristic information of a user can be uploaded to a site server for verification, and a hacker can steal the fingerprint characteristic information of the user through an illegal means in the data transmission process, so that the user data is leaked. In addition, the site server side stores the fingerprint characteristic information of the user, which also has a risk of data leakage, and what is more dire, the site server usually needs to map and store the fingerprint characteristic information of the user and account information, and if a hacker steals the data at the same time, the hacker can illegally log in the account of the user, perform network transaction or transfer, and cause economic loss to the user.
Disclosure of Invention
The invention provides a page verification method, a device and a system, which can solve the problem that the fingerprint characteristic information is leaked in the fingerprint verification process.
In order to solve the above problem, in a first aspect, the present invention provides a method for page verification, including:
after a page returned by the site server is obtained, the terminal searches a verification tag in a source code of the page;
if the verification tag is found, calling a fingerprint verification interface to perform fingerprint verification to obtain a fingerprint verification result, wherein the fingerprint verification result is mark information for marking whether the fingerprint verification is successful or not;
sending the fingerprint verification result to a site server;
and the site server returns page information of successful verification or failed verification according to the fingerprint verification result.
In a second aspect, the present invention further provides an apparatus for page verification, including:
the searching unit is used for searching the verification tag in the source code of the page after the page returned by the site server is obtained;
the interface calling unit is used for calling the fingerprint verification interface to perform fingerprint verification when the verification tag is found out to obtain a fingerprint verification result, wherein the fingerprint verification result is mark information for marking whether the fingerprint verification is successful;
and the sending unit is used for sending the fingerprint verification result to the site server so that the site server returns page information of successful verification or failed verification according to the fingerprint verification result.
In a third aspect, the present invention further provides a device for page verification, where the device includes:
the terminal comprises a receiving unit and a processing unit, wherein the receiving unit is used for receiving a fingerprint verification result sent by the terminal after the terminal calls a fingerprint verification interface to perform fingerprint verification, and the fingerprint verification result is mark information for marking whether the fingerprint verification is successful or not;
and the execution unit is used for returning page information of successful verification or failed verification to the terminal according to the fingerprint verification result.
In a fourth aspect, the present invention further provides an apparatus for page verification, including:
a transceiver configured to obtain a page returned by a site server;
a processor configured to:
searching a verification tag in a source code of a page;
when the verification tag is found, calling a fingerprint verification interface to perform fingerprint verification to obtain a fingerprint verification result, wherein the fingerprint verification result is mark information for marking whether the fingerprint verification is successful or not;
the transceiver is configured to send the fingerprint verification result to the site server, so that the site server returns page information of successful verification or failed verification according to the fingerprint verification result;
a memory configured to store executable instructions of the processor;
a bus configured to couple the transceiver, the processor, and the memory.
In a fifth aspect, the present invention further provides an apparatus for page verification, including:
the terminal comprises a transceiver and a fingerprint verification interface, wherein the transceiver is configured to receive a fingerprint verification result sent by the terminal after the terminal calls the fingerprint verification interface to perform fingerprint verification, and the fingerprint verification result is mark information for marking whether the fingerprint verification is successful;
the processor is configured to return page information of successful verification or failed verification to the terminal according to the fingerprint verification result;
a memory configured to store executable instructions of the processor;
a bus configured to couple the transceiver, the processor, and the memory.
In a sixth aspect, the present invention further provides a system for page verification, including: a terminal and a site server; wherein the content of the first and second substances,
the terminal comprises an apparatus as referred to in the second aspect above;
the site server comprises an apparatus as referred to in the previous third aspect.
In a seventh aspect, the present invention further provides a system for page verification, where the system includes: a terminal and a site server; wherein the content of the first and second substances,
the terminal comprises the apparatus as indicated in the fourth aspect above;
the site server comprises an apparatus as referred to in the fifth aspect above.
The method, the device and the system for verifying the page can complete fingerprint acquisition and matching verification processes based on a local fingerprint verification interface by the terminal, and send a fingerprint verification result of whether the fingerprint is successfully matched to the site server. In the invention, the fingerprint verification result is only one flag bit information used for marking whether the fingerprint verification is successful, and no fingerprint characteristic information is involved, so that compared with the prior art, the problem of data leakage in the transmission and storage processes can be effectively solved, and the safety of personal information of a user is ensured.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 is a flowchart illustrating a first method for verifying a page according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a second method for verifying a page according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a third method for verifying a page according to an embodiment of the present invention;
FIG. 4 is a block diagram illustrating a first apparatus for page verification according to an embodiment of the present invention;
FIG. 5 is a block diagram illustrating an apparatus for page verification according to a second embodiment of the present invention;
FIG. 6 is a block diagram illustrating an apparatus for third page verification according to an embodiment of the present invention;
FIG. 7 is a block diagram illustrating an apparatus for fourth page verification according to an embodiment of the present invention;
FIG. 8 is a block diagram illustrating an apparatus for fifth page verification according to an embodiment of the present invention;
fig. 9 is a block diagram illustrating a sixth apparatus for page verification according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
In order to solve the problem of fingerprint characteristic information leakage in the page verification process, the embodiment of the invention provides a page verification method, which relates to a terminal and a site server. The terminal needs to have at least a fingerprint acquisition function and a network communication function, where the network communication function includes but is not limited to a communication function implemented based on GSM, 3G, 4G, LTE, etc. networks, or a broadband communication function based on wired or wireless forms; the site server is a deployed website server on the website side, is at least integrated with or independently connected with a website database, and is in a form including but not limited to a physical machine or a virtual machine. In practical applications, the terminal and the site server may communicate directly, or communicate with each other via a relay server.
Embodiments of the present invention will be described below with reference to the accompanying drawings. As shown in fig. 1, the method for page verification provided by the present invention includes:
101. and after the page returned by the site server is obtained, the terminal searches the verification tag in the source code of the page.
When a user logs in an account, downloads resources or carries out online payment, the site server returns a verification page to the terminal, and the page is used for prompting the user to scan fingerprints to carry out identity verification. When the terminal receives the page returned by the site server, a preset verification tag can be searched in the source code of the terminal, and the verification tag is used for identifying the current page as a verification page. When the verification tag is found in the source code, the terminal determines that the current page is a verification page and continues to execute the subsequent steps; otherwise, the terminal determines that the current page is a common webpage, renders and displays the current page according to the prior implementation, and finishes executing the subsequent steps in the figure 1.
102. And if the verification label is found, calling a fingerprint verification interface to perform fingerprint verification to obtain a fingerprint verification result.
The terminal calls a pre-configured fingerprint verification interface to inform a fingerprint acquisition module in the terminal to perform fingerprint verification. After the fingerprint characteristic information pressed by the user is collected by the fingerprint collecting module, the fingerprint characteristic information is compared with standard fingerprint characteristic information (namely authorized fingerprint characteristic information set in the user initialization stage) prestored in the terminal, if the fingerprint characteristic information and the authorized fingerprint characteristic information are consistent or the error does not exceed a preset range, the fingerprint verification is successful, otherwise the fingerprint verification fails. And after finishing the fingerprint verification, the terminal acquires a fingerprint verification result returned by the fingerprint acquisition module.
In this embodiment, the fingerprint verification result is flag information for marking whether the fingerprint verification is successful, for example, the fingerprint verification result may be a flag bit, where the flag bit indicates that the verification is successful when the flag bit is 1, and indicates that the verification is failed when the flag bit is 0; or the flag bit indicates that the verification is successful when the flag bit is True and indicates that the verification fails when the flag bit is False. Of course, in practical applications, other information in the form of two classifications may also be used as the flag bit, and the present embodiment does not specifically limit the content, data type, data length, and the like of the fingerprint verification result.
103. And sending the fingerprint verification result to the site server.
After obtaining the fingerprint verification result, the terminal transmits the result to the site server. Different from the prior art, the terminal sends a result with the mark information to the site server, and does not contain specific fingerprint characteristic information, so that the leakage of the fingerprint characteristic information in the data transmission process can be effectively prevented. Meanwhile, the website server side cannot acquire or store the fingerprint characteristic information, so that a hacker cannot acquire the fingerprint characteristic information of the user even if the hacker attacks or hangs a horse on the website.
104. And the site server returns page information of successful verification or failed verification according to the fingerprint verification result.
When the fingerprint verification result shows that the fingerprint verification is successful, the site server can return the account page after the login is successful, or a download page of the downloaded resource, or a transaction page to the terminal. When the fingerprint verification result shows that the fingerprint verification fails, the site server can return a page prompting that the verification fails or requiring re-verification to the terminal, or cancel any response to the terminal.
Generally, a browser is used to request, load, render, and display a web page, and the present embodiment mainly relates to a fingerprint verification process based on a web page, so that in the present embodiment, a terminal may implement the flow shown in fig. 1 through a browser. It should be clear that this implementation does not exclude other feasible solutions, and in practical applications, for a non-native application, when it can load a WEB page and has a page verification function, the terminal may also implement the flow shown in fig. 1 through the application.
The page verification method provided by the embodiment of the invention can be used for completing the fingerprint acquisition and matching verification process based on the local fingerprint verification interface by the terminal and sending the fingerprint verification result of whether the fingerprint is successfully matched to the site server. In the embodiment of the invention, the fingerprint verification result is only one flag bit information used for marking whether the fingerprint verification is successful, and no fingerprint characteristic information is involved, so that compared with the prior art, the problem of data leakage in the transmission and storage processes can be effectively solved, and the safety of personal information of a user is ensured.
Further, as a supplement to the flow shown in fig. 1, an embodiment of the present invention further provides a method for page verification, where as shown in fig. 2, the method includes:
201. the terminal initiates a page access request to the site server.
For example, when a user needs to log in an account, the terminal requests an account login page from the site server, or when the user clicks to download a certain resource, the terminal requests a download page of the resource from the site server.
202. And the site server returns a verification page to the terminal.
And the site server judges whether page authentication is needed according to the page type requested by the terminal, and returns a verification page to the terminal if the page authentication is needed. Illustratively, the page may contain teletext information prompting the user for fingerprint verification.
Furthermore, considering that the relationship between the site server and the terminal is often "one-to-many", in order to facilitate the site server to distinguish the authentication processes of different terminals, the site server may also allocate a session identifier to the terminal when returning the authentication page to the terminal. Each session identifier is unique and is used to identify a session procedure (e.g., an authentication procedure) of a terminal. In particular, for the case that the terminal has already obtained the session identifier during the history access, the terminal may also send the stored identifier to the site server in step 201. For such a case, the site server may no longer separately allocate the session identifier to the terminal in this step.
In practical applications, the session identifier may be, but is not limited to, a Cookie, a session number, or a Token.
203. And the terminal scans the source code of the received page and searches for the verification tag.
As described above, when receiving a page returned by a site server, a terminal does not know whether the page is a verification page, and needs to scan a source code of the page to search for a preset verification tag.
In one implementation manner of this embodiment, the verification tag is "< fp > </p >", and when the tag is found in the source code, the terminal determines that the page is a verification page. For example, in the following section of source code:
<body>
< p > Web Page content >
<fp>fingerprint</fp>
</body>
"< fp > </p >" is a verification tag, wherein "finger print" is a tag name, and in practical application, the tag name can be replaced by any other characters.
204. And if the verification tag is found, calling a fingerprint verification interface to perform fingerprint verification.
In practical applications, fingerprint verification interfaces called by different operating systems are different. For example, for the IOS system, fingerprint verification may be performed by calling the [ context. evaluateLipacy (LAPolicy. device Owner authentication Withbiometrics, localizedReason: reassoString, reply { (success: Bool, evapolicyeerror: NSError; for the Android system, FingerprintManager class and authentication () methods can be called for fingerprint verification. The embodiment does not limit the name, number, sequence and kind of the calling interface.
205. And the terminal sends the obtained fingerprint verification result and the session identification to the site server.
In this step, the fingerprint verification result is the flag bits of True and False, True indicating that verification is successful, and False indicating that verification is failed. When the fingerprint verification result is sent, the terminal at least needs to send the session identifier allocated before to the site server, so that the site server can conveniently identify which session the fingerprint verification result corresponds to.
In addition, the terminal can further carry a device identifier of the terminal, so that the site server can identify the terminal. In practical applications, the device identifier may be, but is not limited to: the Mobile device includes a Mobile Equipment International Identity (IMEI), a MAC address, and a SIM card number.
206. And the site server returns page information of successful verification or failed verification according to the fingerprint verification result.
Further, as an addition to the method shown in fig. 1 or fig. 2, an embodiment of the present invention further provides a method for page verification. The method is characterized in that a first-level transfer server cluster is additionally arranged between a terminal and a site server and is used for forwarding information generated in the verification process. And moreover, the verification and cheating of an illegal device simulating a user terminal are effectively avoided through an IP address credible mechanism. Specifically, as shown in fig. 3, the method includes:
301. the terminal requests domain name resolution from the DNS server to obtain the IP address of the site server.
When a user needs to log in a certain website, the terminal acquires a domain name selected or input by the user, and sends the domain name to the DNS server for resolution to acquire the IP address of the site server.
302. And the terminal sends a page access request to the site server according to the obtained IP address.
303. And the site server returns the page content and the session identifier to the terminal.
The page is a verification page, and a verification tag is recorded in the source code of the page.
304. And the terminal analyzes the page source code, searches for the verification tag and calls a fingerprint verification interface to perform fingerprint verification.
305. And the terminal encrypts and sends the obtained fingerprint verification result, the session identifier and the uniform resource locator of the site to the transit server cluster.
In this step, the purpose of sending a Uniform Resource Locator (URL) of the site is to enable the transit server cluster to know the site corresponding to the verification process, so as to send the fingerprint verification result to the corresponding site server.
In this embodiment, to ensure the security of communication between the terminal and the transit server, the terminal may encrypt and send the fingerprint verification result, the session identifier, and the uniform resource locator of the site to the transit server. In practical application, the terminal may encrypt the information by using a combination of a symmetric key and an asymmetric key, that is, on the basis of encrypting by using the symmetric key, the terminal further encrypts by using the asymmetric key.
306. And the transfer server cluster sends the fingerprint verification result and the session identifier to the site server according to the uniform resource locator.
307. And the site server judges whether the source IP address sending the fingerprint verification result is recorded in a preset credible IP address list.
In this embodiment, what the terminal uploads to the site server is not fingerprint feature information of the user any longer, but is a binary flag bit, and a hacker can easily forge a flag bit (e.g., True) that is successfully verified and send the flag bit to the site server on the basis of obtaining the user account and the session identifier, thereby cheating in logging in the user account.
In order to prevent this, an IP address trusted mechanism may be further designed in this embodiment, and the site server side may maintain a trusted IP address list, where the list is stored in a database of the site server side and is used to record IP addresses of all relay servers in the relay server cluster. After receiving the fingerprint verification result and the session identifier, the site server queries whether the source IP address sending the information is in the trusted IP address list, and if the query result is yes, the information is sent by an authorized transfer server, and the site server performs step 308; if the query result is no, it indicates that the information is sent by an unknown device, and the information may be suspected of being forged, and the site server performs step 309 to discard the information.
308. And the site server returns page information of successful verification or failed verification according to the fingerprint verification result.
309. And the site server discards the fingerprint verification result and ends the verification process.
Further, considering that a hacker may obtain an IP address of the transit server through a ping packet test or the like, and simulate the transit server to send a fake fingerprint verification result to the site server based on the IP address, two solutions are provided in a modification of the embodiment:
mode one, multi-level transit server forwarding
In this mode, a network architecture of a relay server cluster is adopted, the relay server cluster is composed of a plurality of relay servers, and the IP addresses of the relay servers are different from each other. The terminal sends the fingerprint verification result to a first transit server in the transit server cluster, the first transit server forwards the fingerprint verification result to a second transit server based on a load balancing strategy, and the second transit server sends the fingerprint verification result to the site server.
In this manner, the IP address of the first relay server is not recorded in the trusted IP list on the site server side. Although the hacker can simulate the IP address of the terminal Ping to the first transit server, because the first transit server and the second transit server use different IP addresses and the hacker cannot break through the gateway of the transit server cluster to obtain the IP address of the second transit server, the method can effectively prevent the hacker from simulating a trusted IP address to send a forged fingerprint verification result to the site server.
For the load balancing strategy, the method provides two load balancing implementation modes:
1. allocation based on real-time terminal load number
When a terminal sends a fingerprint verification result to the first transit server, the first transit server inquires the current terminal load quantity of all the second transit servers, and distributes the fingerprint verification result of the terminal to the second transit server with the minimum current terminal load quantity for forwarding.
2. Allocation based on session identification
And when receiving the fingerprint verification result, the first transit server performs Hash (Hush) calculation on the corresponding session identifier, and distributes the fingerprint verification result to the corresponding second transit server through a Hash load balancing algorithm.
Second, the transfer server encrypts the fingerprint verification result
In this way, the terminal sends the fingerprint verification result to a third transit server in the transit server cluster, and the third transit server encrypts the fingerprint verification result and then sends the fingerprint verification result to the site server. And the site server decrypts the received information to obtain a fingerprint verification result.
In practical application, the third transit server may encrypt the fingerprint verification result by using a combination of a symmetric key and an asymmetric key, that is, on the basis of encrypting by using the symmetric key, further encrypt by using the asymmetric key. Since a hacker cannot obtain a private key agreed by the transit server and the site server in advance, the site server cannot successfully decrypt a forged fingerprint authentication result when the forged fingerprint authentication result is encrypted using another key, thereby preventing the hacker from spoofing the site server using the forged fingerprint authentication result.
Through the scheme, the hacker can be prevented from simulating the transit server to send the fake fingerprint verification result to the site server, and the security of fingerprint verification is effectively guaranteed.
Further, considering that although a hacker cannot obtain the IP address of the relay server, the hacker may attempt the IP address by means of brute force cracking, and the like, in another implementation manner of this embodiment, on the basis of combining the above scheme, the site server may further limit the number of times of discarding the result of the same session identifier, and if none of the IP addresses used by the same session identifier within the preset number of times is recorded in the trusted IP address, the site server terminates the authentication procedure of the session identifier, thereby preventing the hacker from attempting an unlimited IP address. Specifically, the method comprises the following steps:
the site server receives the fingerprint verification result and the corresponding session identifier, and when it is determined that the source IP address sending the information is not in the trusted IP address list, the site server performs step 309 to discard the fingerprint verification result, and then records the number of times of result discard corresponding to the session identifier, for example, increments a counter set corresponding to the session identifier by 1. And if the discarding times of the result corresponding to the session identifier exceeds a preset threshold, the site server terminates the fingerprint verification process and subsequently refuses to receive a new fingerprint verification result corresponding to the session identifier.
In practical applications, the preset threshold may be set according to a certain ratio according to the address segment range of the IP address, for example, for the address segments of 192.168.1.0 to 192.168.1.255, which relate to 256 IP addresses, the preset threshold may be set 64 times according to a ratio of 4 to 1. In addition, the preset threshold may also be manually set by the operation and maintenance personnel of the station according to experience, for example, 3 times, 10 times, and the like. In a scenario where the requirement for the security level standard is high, the preset threshold may be set to 1 time.
In an implementation manner of this embodiment, the transit server cluster may update the IP address of the transit server periodically or aperiodically through a Dynamic Host Configuration Protocol (DHCP), and synchronize the new IP address to the site server to update the trusted IP address list. Even if a hacker tries an IP address using different session identifiers, the time cost of the IP address try can be greatly increased and the possibility that the hacker cracks the IP address of the relay server is further reduced because the IP address of the relay server changes at intervals.
Further, as an implementation of the method shown in the above figures, an embodiment of the present invention further provides a device for page verification, where the device is mainly located at one side of the terminal, and may be located inside the terminal, or may be independent of the terminal but establish a data interaction relationship with the terminal. As shown in fig. 4, the apparatus includes: a lookup unit 41, an interface call unit 42, and a sending unit 43. Wherein the content of the first and second substances,
the searching unit 41 is configured to search the verification tag in the source code of the page after obtaining the page returned by the site server;
the interface calling unit 42 is configured to call the fingerprint verification interface to perform fingerprint verification when the verification tag is found, and obtain a fingerprint verification result, where the fingerprint verification result is flag information that indicates whether fingerprint verification is successful;
and a sending unit 43, configured to send the fingerprint verification result to the site server, so that the site server returns page information of successful verification or failed verification according to the fingerprint verification result.
Further, as shown in fig. 5, the transmitting unit 43 includes:
the first sending module 431 is configured to send the fingerprint verification result to a first transit server in a transit server cluster, so that the first transit server forwards the fingerprint verification result to a second transit server based on a load balancing policy, and the second transit server sends the fingerprint verification result to a site server, where the first transit server and the second transit server use different IP addresses.
Further, as shown in fig. 5, the transmitting unit 43 includes:
the second sending module 432 is configured to send the fingerprint verification result to a third transit server in the transit server cluster, so that the third transit server encrypts the fingerprint verification result, and sends the encrypted fingerprint verification result to the site server.
Further, as an implementation of the method shown in each of the above figures, an embodiment of the present invention further provides a page verification apparatus, where the apparatus is mainly located at one side of the site server, and may be located inside the site server, or may be independent of the site server but establish a data interaction relationship with the site server. As shown in fig. 6, the apparatus includes: a receiving unit 61 and an executing unit 62. Wherein the content of the first and second substances,
the receiving unit 61 is configured to receive a fingerprint verification result sent by the terminal after the terminal invokes the fingerprint verification interface to perform fingerprint verification, where the fingerprint verification result is flag information for marking whether fingerprint verification is successful;
and the execution unit 62 is configured to return page information of successful authentication or failed authentication to the terminal according to the fingerprint authentication result.
Further, as shown in fig. 7, the receiving unit 61 includes:
the first receiving module 611 is configured to receive a fingerprint verification result sent by a second transit server in the transit server cluster, where the fingerprint verification result is sent to the second transit server by a first transit server in the transit server cluster based on a load balancing policy, and the first transit server and the second transit server use different IP addresses.
Further, as shown in fig. 7, the receiving unit 61 includes:
the second receiving module 612 is configured to receive an encrypted fingerprint verification result sent by a third transit server in the transit server cluster.
Further, as shown in fig. 7, the apparatus further includes:
a determining unit 63, configured to determine, after receiving the fingerprint verification result, whether a source IP address that sends the fingerprint verification result is recorded in a preset trusted IP address list;
and the execution unit 62 is used for discarding the fingerprint verification result when the judgment result is negative.
Further, as shown in fig. 7, the apparatus further includes a recording unit 64;
the receiving unit 61 is further configured to receive a session identifier of the session;
a recording unit 64, configured to record a result discarding number corresponding to the session identifier after discarding the fingerprint verification result;
and the execution unit 62 is configured to terminate the fingerprint verification process when the result discarding number exceeds a preset threshold.
Further, as an implementation of the method shown in the above figures, an embodiment of the present invention further provides a device for page verification, where the device is mainly located at one side of the terminal, and may be located inside the terminal, or may be independent of the terminal but establish a data interaction relationship with the terminal. As shown in fig. 8, the apparatus includes: a transceiver 81, a processor 82, a memory 83, and a bus 84. Wherein the content of the first and second substances,
a transceiver 81 configured to obtain a page returned by the site server;
a processor 82 configured to:
searching a verification tag in a source code of a page;
when the verification tag is found, calling a fingerprint verification interface to perform fingerprint verification to obtain a fingerprint verification result, wherein the fingerprint verification result is mark information for marking whether the fingerprint verification is successful or not;
a transceiver 81 configured to transmit a fingerprint verification result to the site server, so that the site server returns page information of verification success or verification failure according to the fingerprint verification result;
a memory 83 configured to store executable instructions of the processor 82;
a bus 84 configured to couple the transceiver 81, the processor 82, and the memory 83.
Further, the transceiver 81 is configured to send the fingerprint verification result to a first transit server in the transit server cluster, so that the first transit server forwards the fingerprint verification result to a second transit server based on the load balancing policy, and sends the fingerprint verification result to the site server by the second transit server, where the first transit server and the second transit server use different IP addresses.
Further, the transceiver 81 is configured to send the fingerprint verification result to a third transit server in the transit server cluster, so that the third transit server encrypts the fingerprint verification result, and sends the encrypted fingerprint verification result to the site server.
Further, as an implementation of the method shown in each of the above figures, an embodiment of the present invention further provides a page verification apparatus, where the apparatus is mainly located at one side of the site server, and may be located inside the site server, or may be independent of the site server but establish a data interaction relationship with the site server. As shown in fig. 9, the apparatus includes: a transceiver 91, a processor 92, a memory 93, and a bus 94. Wherein the content of the first and second substances,
the transceiver 91 is configured to receive a fingerprint verification result sent by the terminal after the terminal calls the fingerprint verification interface to perform fingerprint verification, wherein the fingerprint verification result is flag information for marking whether fingerprint verification is successful;
the processor 92 is configured to return page information of successful verification or failed verification to the terminal according to the fingerprint verification result;
a memory 93 configured to store executable instructions of the processor 92;
a bus 94 configured to couple the transceiver 91, the processor 92, and the memory 93.
Further, the transceiver 91 is configured to receive a fingerprint verification result sent by a second transit server in the transit server cluster, where the fingerprint verification result is sent by a first transit server in the transit server cluster to the second transit server based on a load balancing policy, and the first transit server and the second transit server use different IP addresses.
Further, the transceiver 91 is configured to:
and receiving an encrypted fingerprint verification result sent by a third transit server in the transit server cluster.
Further, the processor 92 is configured to:
after receiving the fingerprint verification result, judging whether a source IP address sending the fingerprint verification result is recorded in a preset credible IP address list or not;
and when the judgment result is negative, discarding the fingerprint verification result.
Further, the transceiver 91 is configured to receive a session identifier of the current session;
the processor 92 is configured to:
after discarding the fingerprint verification result, recording the result discarding times corresponding to the session identifier;
and when the discarding times of the result exceeds a preset threshold, terminating the fingerprint verification process.
Further, an embodiment of the present invention further provides a system for page verification, where the system includes: a terminal and a site server; wherein the content of the first and second substances,
the terminal comprises the apparatus shown in fig. 4 or fig. 5;
the site server includes the apparatus shown in fig. 6 or fig. 7.
Further, an embodiment of the present invention further provides a system for page verification, where the system includes: a terminal and a site server; wherein the content of the first and second substances,
the terminal comprises the apparatus shown in fig. 8;
the site server includes the apparatus shown in fig. 9.
The device and the system for verifying the page provided by the embodiment of the invention can complete fingerprint acquisition and matching verification processes based on a local fingerprint verification interface by the terminal, and send a fingerprint verification result of whether the fingerprint is successfully matched to the site server. In the embodiment of the invention, the fingerprint verification result is only one flag bit information used for marking whether the fingerprint verification is successful, and no fingerprint characteristic information is involved, so that compared with the prior art, the problem of data leakage in the transmission and storage processes can be effectively solved, and the safety of personal information of a user is ensured.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
It will be appreciated that the relevant features of the method and apparatus described above are referred to one another. In addition, "first", "second", and the like in the above embodiments are for distinguishing the embodiments, and do not represent merits of the embodiments.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the detailed description are hereby expressly incorporated into this detailed description, with each claim standing on its own as a separate embodiment of this invention.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. The modules or units or components of the embodiments may be combined into one module or unit or component, and furthermore they may be divided into a plurality of sub-modules or sub-units or sub-components. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.
The various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or Digital Signal Processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components in the title of the invention (e.g., means for determining the level of links within a web site) in accordance with embodiments of the invention. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.

Claims (18)

1. A method of page verification, the method comprising:
after a page returned by a site server is obtained, a terminal searches a verification tag in a source code of the page;
if the verification tag is found, calling a fingerprint verification interface to perform fingerprint verification to obtain a fingerprint verification result, wherein the fingerprint verification result is mark information for marking whether the fingerprint verification is successful, and the method comprises the following steps:
the terminal calls a preconfigured fingerprint verification interface to inform a fingerprint acquisition module in the terminal of acquiring fingerprint characteristic information pressed by a user, the fingerprint characteristic information is compared with standard fingerprint characteristic information prestored in the terminal, and the terminal acquires the fingerprint verification result returned by the fingerprint acquisition module;
sending the fingerprint verification result to the site server, including:
the terminal sends the fingerprint verification result to a third transit server in a transit server cluster;
the third transfer server encrypts the fingerprint verification result and sends the encrypted fingerprint verification result to the site server;
and the site server returns page information of successful verification or failed verification according to the fingerprint verification result.
2. The method of claim 1, wherein sending the fingerprint verification result to the site server comprises:
the terminal sends the fingerprint verification result to a first transit server in a transit server cluster;
the first transit server forwards the fingerprint verification result to a second transit server based on a load balancing strategy, wherein the first transit server and the second transit server use different IP addresses;
and the second transit server sends the fingerprint verification result to the site server.
3. The method of claim 2, wherein after the sending the fingerprint verification result to the site server, the method further comprises:
the site server judges whether a source IP address sending a fingerprint verification result is recorded in a preset credible IP address list or not;
and if the judgment result is negative, discarding the fingerprint verification result.
4. The method according to claim 3, wherein the session identifier of the session is sent to the site server together with the fingerprint verification result;
after the discarding the fingerprint verification result, the method further comprises:
the site server records the result discarding times corresponding to the session identifier;
and if the result discarding times exceeds a preset threshold, terminating the fingerprint verification process.
5. An apparatus for page verification, the apparatus comprising:
the searching unit is used for searching the verification tag in the source code of the page after the page returned by the site server is obtained;
an interface calling unit for calling the fingerprint verification interface to perform fingerprint verification when the verification tag is found out to obtain a fingerprint verification result, wherein the fingerprint verification result is the mark information for marking whether the fingerprint verification is successful or not,
the interface calling unit is specifically used for calling a pre-configured fingerprint verification interface, informing a fingerprint acquisition module to acquire fingerprint characteristic information pressed by a user, and comparing the fingerprint characteristic information with pre-stored standard fingerprint characteristic information to obtain a fingerprint verification result;
the sending unit is used for sending the fingerprint verification result to the site server so that the site server returns page information of successful verification or failed verification according to the fingerprint verification result;
wherein the sending unit includes:
and the second sending module is used for sending the fingerprint verification result to a third transit server in a transit server cluster so that the third transit server encrypts the fingerprint verification result and sends the encrypted fingerprint verification result to the site server.
6. The apparatus of claim 5, wherein the sending unit comprises:
a first sending module, configured to send the fingerprint verification result to a first transit server in a transit server cluster, so that the first transit server forwards the fingerprint verification result to a second transit server based on a load balancing policy, and the second transit server sends the fingerprint verification result to the site server, where the first transit server and the second transit server use different IP addresses.
7. An apparatus for page verification, the apparatus comprising:
a receiving unit, configured to receive a fingerprint verification result sent by a terminal after the terminal invokes a fingerprint verification interface to perform fingerprint verification, where the fingerprint verification result is flag information indicating whether fingerprint verification is successful or not,
the receiving unit is specifically configured to call a preconfigured fingerprint verification interface, notify a fingerprint acquisition module to acquire fingerprint feature information pressed by a user, compare the fingerprint feature information with pre-stored standard fingerprint feature information, and receive the fingerprint verification result sent by the terminal after the fingerprint feature information is obtained;
the receiving unit includes:
the second receiving module is used for receiving the encrypted fingerprint verification result sent by a third transit server in the transit server cluster;
and the execution unit is used for returning page information of successful verification or failed verification to the terminal according to the fingerprint verification result.
8. The apparatus of claim 7, wherein the receiving unit comprises:
the first receiving module is configured to receive a fingerprint verification result sent by a second transit server in the transit server cluster, where the fingerprint verification result is sent to the second transit server by a first transit server in the transit server cluster based on a load balancing policy, and the first transit server and the second transit server use different IP addresses.
9. The apparatus of claim 8, further comprising:
the judging unit is used for judging whether a source IP address sending the fingerprint verification result is recorded in a preset credible IP address list or not after receiving the fingerprint verification result;
and the execution unit is used for discarding the fingerprint verification result when the judgment result is negative.
10. The apparatus according to claim 9, wherein the apparatus further comprises a recording unit;
the receiving unit is also used for receiving the session identifier of the session;
the recording unit is used for recording the result discarding times corresponding to the session identifier after discarding the fingerprint verification result;
and the execution unit is used for terminating the fingerprint verification process when the result discarding times exceeds a preset threshold value.
11. An apparatus for page verification, the apparatus comprising:
a transceiver configured to obtain a page returned by a site server;
a processor configured to:
searching a verification tag in the source code of the page;
when the verification tag is found, calling a fingerprint verification interface to perform fingerprint verification to obtain a fingerprint verification result, wherein the fingerprint verification result is mark information for marking whether the fingerprint verification is successful, and the fingerprint verification method comprises the following steps:
calling a pre-configured fingerprint verification interface to inform a fingerprint acquisition module to acquire fingerprint characteristic information pressed by a user, and comparing the fingerprint characteristic information with pre-stored standard fingerprint characteristic information to obtain the fingerprint verification result returned by the fingerprint acquisition module;
the transceiver is configured to send the fingerprint verification result to the site server, so that the site server returns page information of verification success or verification failure according to the fingerprint verification result;
the transceiver is specifically configured to send the fingerprint verification result to a third transit server in a transit server cluster, so that the third transit server encrypts the fingerprint verification result and sends the encrypted fingerprint verification result to the site server;
a memory configured to store executable instructions of the processor;
a bus configured to couple the transceiver, the processor, and the memory.
12. The apparatus of claim 11, wherein the transceiver is configured to send the fingerprint verification result to a first transit server in a transit server cluster, so that the first transit server forwards the fingerprint verification result to a second transit server based on a load balancing policy, and the second transit server sends the fingerprint verification result to the site server, wherein the first transit server and the second transit server use different IP addresses.
13. An apparatus for page verification, the apparatus comprising:
a transceiver configured to receive a fingerprint verification result sent by a terminal after the terminal invokes a fingerprint verification interface to perform fingerprint verification, the fingerprint verification result being flag information for marking whether fingerprint verification is successful or not,
the transceiver is specifically configured to call a preconfigured fingerprint verification interface, notify a fingerprint acquisition module in the terminal to acquire fingerprint feature information pressed by a user, compare the fingerprint feature information with standard fingerprint feature information prestored in the terminal, and receive the fingerprint verification result sent by the terminal after the terminal obtains the fingerprint verification result returned by the fingerprint acquisition module;
the transceiver is specifically configured to:
receiving an encrypted fingerprint verification result sent by a third transit server in the transit server cluster;
the processor is configured to return page information of successful verification or failed verification to the terminal according to the fingerprint verification result;
a memory configured to store executable instructions of the processor;
a bus configured to couple the transceiver, the processor, and the memory.
14. The apparatus of claim 13, wherein the transceiver is configured to receive a fingerprint verification result sent by a second transit server in the transit server cluster, and wherein the fingerprint verification result is sent by a first transit server in the transit server cluster to the second transit server based on a load balancing policy, and wherein the first transit server and the second transit server use different IP addresses.
15. The apparatus of claim 14, wherein the processor is configured to:
after receiving the fingerprint verification result, judging whether a source IP address sending the fingerprint verification result is recorded in a preset credible IP address list or not;
and when the judgment result is negative, discarding the fingerprint verification result.
16. The apparatus of claim 15, wherein the transceiver is configured to receive a session identifier of the current session;
the processor is configured to:
after the fingerprint verification result is discarded, recording the discarding times of the result corresponding to the session identification;
and when the result discarding times exceeds a preset threshold, terminating the fingerprint verification process.
17. A system for page verification, the system comprising: a terminal and a site server; wherein the content of the first and second substances,
the terminal comprises the apparatus of claim 5 or 6;
the site server comprising an apparatus according to any one of claims 7 to 10.
18. A system for page verification, the system comprising: a terminal and a site server; wherein the content of the first and second substances,
the terminal comprises an apparatus according to claim 11 or 12;
the site server comprising an apparatus according to any one of claims 13 to 16.
CN201610387546.6A 2016-06-02 2016-06-02 Page verification method, device and system Active CN107463851B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610387546.6A CN107463851B (en) 2016-06-02 2016-06-02 Page verification method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610387546.6A CN107463851B (en) 2016-06-02 2016-06-02 Page verification method, device and system

Publications (2)

Publication Number Publication Date
CN107463851A CN107463851A (en) 2017-12-12
CN107463851B true CN107463851B (en) 2020-11-27

Family

ID=60545470

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610387546.6A Active CN107463851B (en) 2016-06-02 2016-06-02 Page verification method, device and system

Country Status (1)

Country Link
CN (1) CN107463851B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7368184B2 (en) * 2019-10-31 2023-10-24 株式会社野村総合研究所 Risk management support device

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150407A (en) * 2007-10-25 2008-03-26 王松 Network identity verification method based on fingerprint
CN104426961A (en) * 2013-08-29 2015-03-18 腾讯科技(深圳)有限公司 Browse content sharing method and terminal
CN104584025A (en) * 2012-09-28 2015-04-29 英特尔公司 Device, method, and system for controlling access to web objects of a webpage or web-brower application
CN104660614A (en) * 2015-03-16 2015-05-27 联想(北京)有限公司 Authentication method, electronic equipment and server
CN104700012A (en) * 2013-12-06 2015-06-10 神盾股份有限公司 Biometric data recognition apparatus, method thereof, and computer-readable medium
CN105264537A (en) * 2013-05-30 2016-01-20 诺克诺克实验公司 System and method for biometric authentication with device attestation
CN105337940A (en) * 2014-08-04 2016-02-17 优视科技有限公司 Page verification method, client, server and system
CN205121635U (en) * 2013-01-05 2016-03-30 成都倍特科技有限责任公司 Product anti -forge system
CN105656851A (en) * 2014-11-13 2016-06-08 腾讯数码(深圳)有限公司 Information verification method, user terminal, server and system

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150407A (en) * 2007-10-25 2008-03-26 王松 Network identity verification method based on fingerprint
CN104584025A (en) * 2012-09-28 2015-04-29 英特尔公司 Device, method, and system for controlling access to web objects of a webpage or web-brower application
CN205121635U (en) * 2013-01-05 2016-03-30 成都倍特科技有限责任公司 Product anti -forge system
CN105264537A (en) * 2013-05-30 2016-01-20 诺克诺克实验公司 System and method for biometric authentication with device attestation
CN104426961A (en) * 2013-08-29 2015-03-18 腾讯科技(深圳)有限公司 Browse content sharing method and terminal
CN104700012A (en) * 2013-12-06 2015-06-10 神盾股份有限公司 Biometric data recognition apparatus, method thereof, and computer-readable medium
CN105337940A (en) * 2014-08-04 2016-02-17 优视科技有限公司 Page verification method, client, server and system
CN105656851A (en) * 2014-11-13 2016-06-08 腾讯数码(深圳)有限公司 Information verification method, user terminal, server and system
CN104660614A (en) * 2015-03-16 2015-05-27 联想(北京)有限公司 Authentication method, electronic equipment and server

Also Published As

Publication number Publication date
CN107463851A (en) 2017-12-12

Similar Documents

Publication Publication Date Title
CN107294900B (en) Identity registration method and device based on biological characteristics
CN106779716B (en) Authentication method, device and system based on block chain account address
CN109862043B (en) Terminal authentication method and device
CN106657010B (en) Method, device and system for accessing data
US10419431B2 (en) Preventing cross-site request forgery using environment fingerprints of a client device
CN104811462B (en) A kind of access gateway reorientation method and access gateway
CN109413076B (en) Domain name resolution method and device
CN104144163B (en) Auth method, apparatus and system
CN107046544B (en) Method and device for identifying illegal access request to website
US9787678B2 (en) Multifactor authentication for mail server access
CN108243176B (en) Data transmission method and device
CN104917727A (en) Account authentication method, system and apparatus
DK2924944T3 (en) Presence authentication
CN105873055B (en) Wireless network access authentication method and device
CN107241292B (en) Vulnerability detection method and device
WO2016188335A1 (en) Access control method, apparatus and system for user data
CN106209727B (en) Session access method and device
CN111683370B (en) Access authentication method, device and system of wireless network equipment
CN106330968B (en) Identity authentication method and device for access equipment
WO2018076675A1 (en) Network access method, routing device and terminal, and computer storage medium
CN111182537A (en) Network access method, device and system for mobile application
CN106790036B (en) A kind of information tamper resistant method, device, server and terminal
JP2006113624A (en) Access control system, authentication server, application server, and packet transfer device
CN104349318A (en) Automatic authentication method, apparatus and system of wireless local area network (WLAN)
CN107463851B (en) Page verification method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20200527

Address after: 310052 room 508, floor 5, building 4, No. 699, Wangshang Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province

Applicant after: Alibaba (China) Co.,Ltd.

Address before: 510640 Guangdong city of Guangzhou province Whampoa Tianhe District Road No. 163 Xiping Yun Lu Yun Ping B radio square 14 storey tower

Applicant before: Guangzhou Dongjing Computer Technology Co.,Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20220615

Address after: 510520 Room 303, Room 305, room 307, Room 308, No. 38, Gaopu Road, Tianhe District, Guangzhou City, Guangdong Province

Patentee after: Guangzhou Dongjing Computer Technology Co.,Ltd.

Address before: 310052 room 508, 5th floor, building 4, No. 699 Wangshang Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province

Patentee before: Alibaba (China) Co.,Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220822

Address after: 310052 room 508, 5th floor, building 4, No. 699 Wangshang Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province

Patentee after: Alibaba (China) Co.,Ltd.

Address before: 510520 Room 303, Room 305, room 307, Room 308, No. 38, Gaopu Road, Tianhe District, Guangzhou City, Guangdong Province

Patentee before: Guangzhou Dongjing Computer Technology Co.,Ltd.

TR01 Transfer of patent right