CN108055238B - Account verification method and system - Google Patents

Account verification method and system Download PDF

Info

Publication number
CN108055238B
CN108055238B CN201711106729.7A CN201711106729A CN108055238B CN 108055238 B CN108055238 B CN 108055238B CN 201711106729 A CN201711106729 A CN 201711106729A CN 108055238 B CN108055238 B CN 108055238B
Authority
CN
China
Prior art keywords
server
mobile terminal
verification code
code
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711106729.7A
Other languages
Chinese (zh)
Other versions
CN108055238A (en
Inventor
林晓然
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Puhui Enterprise Management Co Ltd
Original Assignee
Ping An Puhui Enterprise Management Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Puhui Enterprise Management Co Ltd filed Critical Ping An Puhui Enterprise Management Co Ltd
Priority to CN201711106729.7A priority Critical patent/CN108055238B/en
Publication of CN108055238A publication Critical patent/CN108055238A/en
Application granted granted Critical
Publication of CN108055238B publication Critical patent/CN108055238B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

The invention is suitable for the technical field of Internet, and provides an account verification method and an account verification system, wherein the method comprises the following steps: according to the received verification code acquisition request, the first server returns the generated verification code to the second server; the first server sends the timestamp of the current moment to the mobile terminal; the mobile terminal acquires a key in the first server based on the Sim Applet, and processes the key and the timestamp through a consistency check algorithm to obtain a verification code generated by the key; the mobile terminal displays the verification code obtained by the mobile terminal based on the Sim Applet so as to upload the verification code to a second server after the user inputs the verification code into a verification code input box; and the second server verifies the legality of the login account according to the verification code uploaded by the mobile terminal and the verification code returned by the first server. The invention ensures that an illegal user cannot remotely control the smart phone to automatically log in the mobile application in a mobile phone number mode, thereby improving the account verification safety based on the mobile phone verification code.

Description

Account verification method and system
Technical Field
The invention belongs to the technical field of internet, and particularly relates to an account verification method and system.
Background
With the development of smart phones, users can implement various functions, such as online shopping, games, social contact, and news information, through mobile applications installed on the smart phones. At present, in order to enable a background server of a mobile application to accurately record data resources accessed by different users, most mobile applications require users to perform login operation through their own application accounts.
In order to facilitate a user to remember a user account of the user, many mobile applications allow the user to log in a mobile phone number mode, and in order to prevent the application account based on the mobile phone number from being stolen, the mobile applications often require the user to input an authentication code received by the mobile phone number in real time, so that after the correctness of the authentication code is verified, the user is confirmed to log in safely.
However, since there are too many mobile applications in the smart phone, when the mobile application a is actually controlled by a hacker, the hacker can perform a login operation on another mobile application B in the smart phone in a remote control manner, and obtain the verification code by calling the short message application interface of the smart phone, so as to successfully log in the mobile application B to perform a subsequent illegal operation. Therefore, in the prior art, the account verification method based on the mobile phone verification code still has the problem of low security.
Disclosure of Invention
In view of this, embodiments of the present invention provide an account verification method and system, so as to solve the problem that an account verification method based on a mobile phone verification code in the prior art is low in security.
A first aspect of an embodiment of the present invention provides an account verification method, including:
when a user identity identification card built in a mobile terminal is activated, the mobile terminal synchronizes a clock signal of a first server, wherein the first server is an authentication server provided by an operator corresponding to the user identity identification card;
according to the received verification code acquisition request, the first server processes the timestamp of the current moment and a pre-stored secret key through a preset consistency check algorithm so as to return the obtained verification code to a second server, wherein the second server is a background server associated with a mobile application running on the mobile terminal;
the verification code obtaining request carries a login account input by a user in the mobile application, wherein the login account is a mobile phone number corresponding to the user identification card;
the first server establishes a signaling channel with the mobile terminal according to the mobile phone number carried by the verification code acquisition request, so as to send the feature code acquired at the current moment to the mobile terminal through the signaling channel, wherein the feature code is the verification code or the timestamp;
when the feature code is the timestamp, the mobile terminal acquires the key in the first server based on a preset user identification application development tool Sim Applet, and processes the key and the timestamp through a preset consistency check algorithm to obtain a verification code generated by the mobile terminal;
the mobile terminal displays the verification code obtained by the mobile terminal on a terminal interface based on the Sim Applet, so that the verification code is uploaded to the second server after the user inputs the verification code into a verification code input box of the mobile application;
and the second server verifies the legality of the login account according to the verification code uploaded by the mobile terminal and the verification code returned by the first server.
A second aspect of the embodiments of the present invention provides an account verification system, including a mobile terminal, a first server and a second server,
when a user identification card built in the mobile terminal is activated, the mobile terminal is used for synchronizing a clock signal of the first server, and the first server is an authentication server provided by an operator corresponding to the user identification card;
according to the received verification code acquisition request, the first server is used for processing the timestamp of the current moment and a pre-stored secret key through a preset consistency check algorithm so as to return the obtained verification code to a second server, and the second server is a background server associated with a mobile application running on the mobile terminal;
the verification code obtaining request carries a login account input by a user in the mobile application, wherein the login account is a mobile phone number corresponding to the user identification card;
the first server is further configured to establish a signaling channel with the mobile terminal according to the mobile phone number carried by the verification code acquisition request, so as to send a feature code acquired at the current moment to the mobile terminal through the signaling channel, where the feature code is the verification code or the timestamp;
when the feature code is the timestamp, the mobile terminal is further configured to obtain the key in the first server based on a preset Sim Applet (Sim) which is a user identification application development tool, and process the key and the timestamp through a preset consistency check algorithm to obtain a verification code generated by the mobile terminal;
the mobile terminal is also used for displaying the verification code obtained by the Sim Applet on a terminal interface based on the Sim Applet, so that the verification code is uploaded to the second server after the user inputs the verification code into a verification code input box of the mobile application;
and the second server is used for verifying the legality of the login account according to the verification code uploaded by the mobile terminal and the verification code returned by the first server.
In the embodiment of the invention, the mobile terminal synchronizes the clock signal of the first server, so that the mobile terminal can accurately determine the input parameter used by the first server when calculating the verification code based on the timestamp issued by the first server after sending the verification code acquisition request, so that the input parameter is processed by the same consistency check algorithm to generate the verification code same with the input parameter, and the mobile application background server can successfully confirm the normal login of a mobile phone user in the mobile application when receiving the verification code uploaded by the mobile terminal and the verification code returned by the first server; because the mobile terminal displays the obtained verification code based on the Sim Applet, and the Sim Applet does not provide a calling interface for other mobile applications in the smart phone, a mobile phone user can only manually input the verification code displayed by the Sim Applet to execute the login operation of the mobile application; moreover, the verification code obtained by the mobile terminal is generated by the local Sim Applet, so that the verification code does not need to be transmitted by an sdk (software Development kit), the transmission times of the verification code are reduced, and the condition that the verification code cannot be intercepted by a trojan program from a short message application is ensured, so that an illegal user cannot remotely control the smart phone to automatically log in the mobile application in a mobile phone number mode, and the safety of the account verification method based on the mobile phone verification code is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
FIG. 1 is a flow chart of an implementation of an account verification method provided by an embodiment of the present invention;
FIG. 2 is a flowchart of an implementation of an account verification method according to another embodiment of the present invention;
FIG. 3 is a flowchart of an implementation of an account verification method according to another embodiment of the present invention;
fig. 4 is a block diagram of an account verification system according to an embodiment of the present invention.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.
In order to explain the technical means of the present invention, the following description will be given by way of specific examples.
Fig. 1 shows an implementation flow of an account verification method provided by an embodiment of the present invention, where the method flow includes steps S101 to S106. The specific realization principle of each step is as follows:
s101: when a user identification card built in a mobile terminal is activated, the mobile terminal synchronizes a clock signal of a first server, and the first server is an authentication server provided by an operator corresponding to the user identification card.
The Subscriber identity Module card, i.e. SIM card (Subscriber identity Module), is a chip with a microprocessor, and is used to store the information of the digital mobile phone Subscriber, the encrypted key, the contents of the Subscriber's phone book, etc., and also to provide the Identification for the Subscriber identity in the GSM network, and to encrypt the voice information when the Subscriber is talking.
In the embodiment of the invention, the SIM card is arranged in the mobile terminal. When the SIM card is registered to access the network, the operator mobile station corresponding to the SIM card needs to perform an authentication operation on the mobile terminal in order to determine whether the user identity is legal. The authentication process is performed between the network and the SIM card. And if the authentication is passed, activating the built-in SIM card of the mobile terminal. For example, if the mobile terminal is powered on or switched from the airplane mode to the normal call mode, it is determined that the SIM card embedded in the mobile terminal is activated after the authentication is completed.
In the embodiment of the invention, each SIM card has a unique corresponding mobile phone number, so that after the SIM card is activated, the mobile terminal can realize the calling/calling function of mobile communication based on the mobile phone number.
When the SIM card built in the mobile terminal is activated, the mobile terminal establishes a signaling channel with an authentication server provided by its operator to request synchronization of the clock signal of the authentication server. Since the clock signal has a fixed clock frequency, the mobile terminal can maintain clock synchronization with the authentication server based on the same clock signal.
S102: according to the received verification code acquisition request, the first server processes the timestamp of the current moment and a pre-stored secret key through a preset consistency check algorithm so as to return the obtained verification code to a second server, wherein the second server is a background server associated with a mobile application running on the mobile terminal; the verification code obtaining request carries a login account input by a user in the mobile application, and the login account is a mobile phone number corresponding to the user identification card.
S103: the first server establishes a signaling channel with the mobile terminal according to the mobile phone number carried by the verification code acquisition request, so as to send the feature code acquired at the current moment to the mobile terminal through the signaling channel, wherein the feature code is the verification code or the timestamp.
In the embodiment of the invention, the mobile terminal acquires the login account number input by the user in the mobile application, wherein the login account number is a mobile phone number corresponding to an SIM card arranged in the mobile terminal. When a user inputs a mobile phone number in a mobile application of the mobile terminal and clicks the verification code sending key, the mobile terminal detects a verification code obtaining instruction. And sending an identifying code obtaining request to a background server associated with the mobile application by the mobile terminal according to the received identifying code obtaining instruction, wherein the identifying code obtaining request carries the mobile phone number.
It should be noted that, in the embodiment of the present invention, in order to facilitate distinguishing between the authentication server of the operator and the background server associated with the mobile application, the authentication server is referred to as a first server, and the background server is referred to as a second server.
And the second server analyzes the received verification code acquisition request to extract the mobile phone number. And according to a preset mobile phone number identification algorithm, the second server determines an operator matched with the mobile phone number, so that the verification code acquisition request is forwarded to the first server according to a prestored communication address of the first server provided by the operator.
When receiving the verification code acquisition request, the first server detects the system time of the current moment and generates a timestamp corresponding to the system time. And the first server takes the system time and a preset secret key as input parameters, processes the input parameters through a pre-stored consistency check algorithm, and then calculates to obtain the verification code generated at the current moment. The consistency check algorithm is an algorithm which causes a large change of a calculated result even if source data only modifies one byte, and has unidirectionality and irreversibility. For example, algorithms such as MD5(Message-Digest Algorithm 5), SHA (Secure Hash Algorithm), and CRC (Cyclic Redundancy Check) are used.
And the first server returns the generated verification code to the second server, and meanwhile, the first server acquires the mobile phone number carried by the request according to the verification code, and sends the timestamp or the verification code to the mobile terminal matched with the mobile phone number through a signaling channel.
In the embodiment of the present invention, the timestamp or the verification code is collectively referred to as a feature code.
S104: and when the feature code is the timestamp, the mobile terminal acquires the key in the first server based on a preset user identification application development tool Sim Applet, and processes the key and the timestamp through a preset consistency check algorithm to obtain a verification code generated by the mobile terminal.
The Sim Applet, which is a built-in application program of the Sim card, can be used to carry tasks such as exchange with a user, implementation of a part of wireless functions, service customization and application, and can receive and send short message data of GSM (global system for Mobile communication), thereby implementing a service based on the Sim card.
In the embodiment of the invention, the mobile terminal acquires the feature code issued by the first server through the Sim Applet, and identifies the feature code to determine whether the feature code is the verification code or the timestamp. Illustratively, the Sim Applet stores coding rules with a timestamp and a verification code respectively, and if the received feature code meets the coding rule of the timestamp, the feature code is determined to be the timestamp; and if the received feature code meets the encoding rule of the verification code, determining the feature code as the verification code.
When the mobile terminal receives the time stamp issued by the first server, the system time of the first server corresponding to the time stamp when the verification code is generated is determined according to the clock signal synchronized in advance.
And the mobile terminal calculates the system time and a pre-stored key through a consistency check algorithm preset in the Sim Applet to generate a verification code of the local terminal. The consistency verification algorithm and the key pre-stored by the mobile terminal are the same as those used by the first server. In the embodiment of the invention, the consistency check algorithm is preset in the first server and the Sim Applet by developers.
As an embodiment of the present invention, the key used by the mobile terminal in generating the verification code may be obtained by: when the SIM built in the mobile terminal is activated, the mobile terminal and the first server establish a signaling channel so as to download the key in the first server while synchronizing the clock signal of the first server through the signaling channel.
As another embodiment of the present invention, as shown in fig. 2, the key used by the mobile terminal in generating the verification code may also be obtained by:
s201: and the first server generates two-dimensional code data corresponding to the key and sends the two-dimensional code data to the second server.
S202: and the second server returns the two-dimensional code data to the mobile terminal so that the mobile terminal renders a two-dimensional code graph based on the two-dimensional code data in the mobile application.
S203: and the mobile terminal analyzes the two-dimension code graph according to the received two-dimension code identification instruction so as to obtain the key corresponding to the two-dimension code graph.
In the embodiment of the invention, the first server randomly generates a key and stores the key. Through the two-dimensional code generation tool, the first server converts the secret key into corresponding two-dimensional code data, and then sends the two-dimensional code data to the second server.
The second server returns the two-dimensional code data to the mobile terminal which sends the verification code obtaining request, and displays the two-dimensional code graph corresponding to the two-dimensional code data in the mobile application associated with the second server. When a two-dimensional code identification instruction sent by a mobile terminal user on a two-dimensional code graph is detected, the two-dimensional code graph is scanned through a preset two-dimensional code identification tool matched with mobile application so as to analyze a key corresponding to the two-dimensional code graph, and then the key is stored.
In the embodiment of the invention, the secret key stored in the first server is obtained by the mobile terminal in a two-dimensional code scanning mode, and the corresponding secret key can be analyzed only after the two-dimensional code pattern is scanned by the two-dimensional code recognition tool matched with the mobile application, so that the first server does not need to directly send the secret key to the mobile terminal, and the situation that a lawbreaker can calculate a real verification code through the same preset algorithm after intercepting the secret key is avoided, therefore, the embodiment of the invention further improves the account verification safety based on the mobile phone verification code.
S105: and the mobile terminal displays the verification code obtained by the mobile terminal on a terminal interface based on the Sim Applet so as to upload the verification code to the second server after the user inputs the verification code into a verification code input box of the mobile application.
After the mobile terminal generates a local verification code, the verification code is displayed on a terminal interface based on a message prompt mode of a Sim Applet, so that a user can check the verification code in a dialog box popped up by the mobile terminal and input the verification code into a verification code input box of the mobile terminal.
S106: and the second server verifies the legality of the login account according to the verification code uploaded by the mobile terminal and the verification code returned by the first server.
And when detecting a verification code confirmation instruction sent by the user in the mobile application, the mobile terminal sends the verification code in the verification code input box to the second server.
And the second server judges whether the verification code uploaded by the mobile terminal is the same as the verification code returned by the first server. If the verification code uploaded by the mobile terminal is the same as the verification code returned by the first server, the second server confirms that the login account of the user is legal and returns prompt information of successful account verification to the mobile terminal; and if the verification code uploaded by the mobile terminal is different from the verification code returned by the first server, the second server confirms that the login account number of the user is illegal, and returns account verification failure prompt information to the mobile terminal.
In the embodiment of the invention, the mobile terminal synchronizes the clock signal of the first server, so that the mobile terminal can accurately determine the input parameter used by the first server when calculating the verification code based on the timestamp issued by the first server after sending the verification code acquisition request, so that the input parameter is processed by the same consistency check algorithm to generate the verification code same with the input parameter, and the mobile application background server can successfully confirm the normal login of a mobile phone user in the mobile application when receiving the verification code uploaded by the mobile terminal and the verification code returned by the first server; because the mobile terminal displays the obtained verification code based on the Sim Applet, and the Sim Applet does not provide a calling interface for other mobile applications in the smart phone, a mobile phone user can only manually input the verification code displayed by the Sim Applet to execute the login operation of the mobile application; moreover, the verification code obtained by the mobile terminal is generated by the local Sim Applet, so that the verification code does not need to be transmitted by an sdk (software Development kit), the transmission times of the verification code are reduced, and the condition that the verification code cannot be intercepted by a trojan program from a short message application is ensured, so that an illegal user cannot remotely control the smart phone to automatically log in the mobile application in a mobile phone number mode, and the safety of the account verification method based on the mobile phone verification code is improved.
As another embodiment of the present invention, as shown in fig. 3, before S106, the method further includes:
s107: and when the feature code is the verification code generated by the first server, the mobile terminal displays the verification code obtained by the Sim Applet on a terminal interface based on the Sim Applet, so that the user uploads the verification code to the second server after inputting the verification code into a verification code input box of the mobile application.
In the embodiment of the invention, when the mobile terminal detects that the feature code issued by the first server meets the verification code coding rule, the feature code is determined to be the verification code generated by the first server. At this time, the mobile terminal displays the verification code on a terminal interface based on a message prompt mode of the Sim Applet, so that a user can check the verification code in a dialog box popped up by the mobile terminal and input the verification code into a verification code input box of the mobile terminal according to an input instruction sent by the user.
In the embodiment of the invention, because the mobile terminal displays the verification code obtained by the mobile terminal based on the Sim Applet, and the Sim Applet can not provide a calling interface for other mobile applications in the smart phone, a mobile phone user can only manually input the verification code displayed by the Sim Applet to execute the login operation of the mobile application, so that an illegal user cannot remotely control the smart phone to automatically log in the mobile application in a mobile phone number mode, and the safety of the account verification method based on the mobile phone verification code is improved; the verification code is directly generated by the first server and then sent to the mobile terminal, so that the mobile terminal does not need to perform the calculation operation of the verification code, the acquisition efficiency of the verification code is improved, and the login efficiency of a legal user in the mobile application is improved.
As another embodiment of the present invention, as shown in fig. 4, after the mobile terminal displays the obtained verification code on the terminal interface based on the Sim Applet, the method further includes:
the mobile terminal controls a counter to start counting and continuously reads the count value of the counter; before the count value reaches a preset threshold value, if the mobile terminal has not received a verification code input instruction in the mobile application, the mobile terminal re-sends the verification code acquisition request to return to execute the received verification code acquisition request, and the first server processes the timestamp and the pre-stored secret key at the current moment through a preset consistency check algorithm.
In the embodiment of the invention, when the mobile terminal is based on the Sim Applet and the display operation of the verification code obtained by the mobile terminal is triggered on the terminal interface, the counter preset in the mobile terminal is controlled to reset, and then the counter is controlled to start counting at a fixed counting frequency. And in the process of continuously counting by the counter, the mobile terminal acquires the count value in real time. The counting is stopped when it is detected that the prompt window containing the verification code, which is exposed by the SimApplet, is closed, or when it is detected that a character exists in the verification code input box of the mobile application.
As time goes on, the real-time count value obtained by the mobile terminal will get larger and larger before the counter stops counting. And if the real-time count value is detected to reach the preset threshold value and the verification code input instruction sent by the user in the mobile application is still not received before the real-time count value reaches the preset threshold value, the mobile terminal closes the prompt window of the Sim Applet and sends the verification code acquisition request to the second server again. At this time, the above S102 is executed again, so that after the mobile terminal acquires the verification code at the current time again, the verification code is presented based on the Sim Applet again.
In the embodiment of the invention, when the mobile terminal displays the verification code obtained by the mobile terminal, the counter is controlled to start counting, the count value of the counter is continuously read, and before the count value reaches the preset threshold value, if the verification code input instruction is not received in the mobile application all the time, the mobile terminal is enabled to resend the verification code obtaining request, so that the verification code obtained at the current moment can only be valid within the valid duration, and the verification code at the current moment can not be used for carrying out repeated login operation for many times by using the same verification code even if being intercepted or checked illegally by a third party, thereby improving the login safety of the mobile application to a certain extent.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
Fig. 4 shows a structural block diagram of an account verification system provided in the embodiment of the present invention, which corresponds to the account verification method described in the above embodiment, and for convenience of explanation, only the parts related to the embodiment of the present invention are shown.
Referring to fig. 4, the account authentication system includes a mobile terminal 41, a first server 42, and a second server 43;
when the subscriber identity card built in the mobile terminal 41 is activated, the mobile terminal 41 is configured to synchronize a clock signal of the first server 42, and the first server 42 is an authentication server provided by an operator corresponding to the subscriber identity card.
According to the received verification code obtaining request, the first server 42 is configured to process the timestamp of the current time and the pre-stored key through a preset consistency check algorithm, so as to return the obtained verification code to the second server 43, where the second server 43 is a background server associated with the mobile application running on the mobile terminal 41.
The verification code obtaining request carries a login account input by a user in the mobile application, and the login account is a mobile phone number corresponding to the user identification card.
The first server 42 is further configured to establish a signaling channel with the mobile terminal 41 according to the mobile phone number carried by the verification code acquisition request, so as to send the feature code acquired at the current time to the mobile terminal 41 through the signaling channel, where the feature code is the verification code or the timestamp.
When the feature code is the timestamp, the mobile terminal 41 is further configured to obtain the key in the first server 42 based on a preset Sim Applet, and process the key and the timestamp through the preset consistency check algorithm to obtain the verification code generated by the mobile terminal 41.
The mobile terminal 41 is further configured to display the verification code obtained by the Sim Applet on a terminal interface based on the Sim Applet, so that the verification code is uploaded to the second server 43 after the user inputs the verification code into a verification code input box of the mobile application.
The second server 43 is configured to verify the validity of the login account according to the verification code uploaded by the mobile terminal 41 and the verification code returned by the first server 42.
Optionally, when the feature code is the verification code generated by the first server 42, the mobile terminal 41 is further configured to display the verification code obtained by the Sim Applet on a terminal interface based on the feature code, so as to upload the verification code to the second server 43 after the user inputs the verification code into a verification code input box of the mobile application.
Optionally, the first server 42 is further configured to generate two-dimensional code data corresponding to the key, and send the two-dimensional code data to the second server 43.
The second server 43 is further configured to return the two-dimensional code data to the mobile terminal 41, so that the mobile terminal 41 renders a two-dimensional code graph based on the two-dimensional code data in the mobile application.
The mobile terminal 41 is further configured to perform analysis processing on the two-dimensional code graph according to the received two-dimensional code identification instruction, so as to obtain the key corresponding to the two-dimensional code graph.
Optionally, when the user id card built in the mobile terminal 41 is activated, the mobile terminal 41 is further configured to establish a signaling channel with the first server 42, so as to synchronize the clock signal of the first server 42 and the secret key preset in the first server 42 through the signaling channel.
Optionally, the mobile terminal 41 is further configured to control a counter to start counting, and continuously read a count value of the counter.
Before the count value reaches the preset threshold, if the mobile terminal 41 has not received the verification code input instruction in the mobile application, the mobile terminal 41 is further configured to re-send the verification code acquisition request to return to execute the received verification code acquisition request, and the first server 42 processes the timestamp at the current time and the pre-stored secret key through a preset consistency check algorithm.
In the embodiment of the invention, the mobile terminal synchronizes the clock signal of the first server, so that the mobile terminal can accurately determine the input parameter used by the first server when calculating the verification code based on the timestamp issued by the first server after sending the verification code acquisition request, so that the input parameter is processed by the same consistency check algorithm to generate the verification code same with the input parameter, and the mobile application background server can successfully confirm the normal login of a mobile phone user in the mobile application when receiving the verification code uploaded by the mobile terminal and the verification code returned by the first server; because the mobile terminal displays the obtained verification code based on the Sim Applet, and the Sim Applet does not provide a calling interface for other mobile applications in the smart phone, a mobile phone user can only manually input the verification code displayed by the Sim Applet to execute the login operation of the mobile application; moreover, the verification code obtained by the mobile terminal is generated by the local Sim Applet, so that the verification code does not need to be transmitted by an sdk (software Development kit), the transmission times of the verification code are reduced, and the condition that the verification code cannot be intercepted by a trojan program from a short message application is ensured, so that an illegal user cannot remotely control the smart phone to automatically log in the mobile application in a mobile phone number mode, and the safety of the account verification method based on the mobile phone verification code is improved.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
The integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the flow of the method according to the embodiments of the present invention may also be implemented by a computer program, which may be stored in a computer-readable storage medium, and when the computer program is executed by a processor, the steps of the method embodiments may be implemented. . Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.

Claims (8)

1. An account verification method, comprising:
when a user identity identification card built in a mobile terminal is activated, the mobile terminal synchronizes a clock signal of a first server, wherein the first server is an authentication server provided by an operator corresponding to the user identity identification card;
according to the received verification code acquisition request, the first server processes the timestamp of the current moment and a pre-stored secret key through a preset consistency check algorithm so as to return the obtained verification code to a second server, wherein the second server is a background server associated with a mobile application running on the mobile terminal;
the verification code obtaining request carries a login account input by a user in the mobile application, wherein the login account is a mobile phone number corresponding to the user identification card;
the first server establishes a signaling channel with the mobile terminal according to the mobile phone number carried by the verification code acquisition request, so as to send the feature code acquired at the current moment to the mobile terminal through the signaling channel, wherein the feature code is the verification code or the timestamp;
when the feature code is the timestamp, the mobile terminal acquires the key in the first server based on a preset user identification application development tool (SimApplet), and processes the key and the timestamp through a preset consistency check algorithm to obtain a verification code generated by the mobile terminal;
the mobile terminal displays the verification code obtained by the mobile terminal on a terminal interface based on the Sim Applet, so that the verification code is uploaded to the second server after the user inputs the verification code into a verification code input box of the mobile application;
the second server verifies the validity of the login account according to the verification code uploaded by the mobile terminal and the verification code returned by the first server;
before the second server verifies the validity of the login account according to the verification code uploaded by the mobile terminal and the verification code returned by the first server, the method further includes:
and when the feature code is the verification code generated by the first server, the mobile terminal displays the verification code obtained by the mobile terminal on a terminal interface based on the SimApplet so as to upload the verification code to the second server after the user inputs the verification code into a verification code input box of the mobile application.
2. The account verification method according to claim 1, wherein before the first server establishes a signaling channel with the mobile terminal according to the mobile phone number carried in the verification code acquisition request, so as to send the feature code acquired at the current time to the mobile terminal through the signaling channel, the method further comprises:
the first server generates two-dimensional code data corresponding to the secret key and sends the two-dimensional code data to the second server;
the second server returns the two-dimensional code data to the mobile terminal so that the mobile terminal renders a two-dimensional code graph based on the two-dimensional code data in the mobile application;
and the mobile terminal analyzes the two-dimension code graph according to the received two-dimension code identification instruction so as to obtain the key corresponding to the two-dimension code graph.
3. The account verification method of claim 1, wherein the mobile terminal synchronizing a clock signal of the first server when the subscriber identity card built in the mobile terminal is activated comprises:
when the user identification card built in the mobile terminal is activated, the mobile terminal establishes a signaling channel with the first server so as to synchronize a clock signal of the first server and the secret key preset in the first server through the signaling channel.
4. The account verification method of claim 1, wherein after the mobile terminal presents its obtained verification code at a terminal interface based on the SimApplet, further comprising:
the mobile terminal controls a counter to start counting and continuously reads the count value of the counter;
before the count value reaches a preset threshold value, if the mobile terminal has not received a verification code input instruction in the mobile application, the mobile terminal re-sends the verification code acquisition request to return to execute the received verification code acquisition request, and the first server processes the timestamp and the pre-stored secret key at the current moment through a preset consistency check algorithm.
5. An account verification system is characterized by comprising a mobile terminal, a first server and a second server,
when a user identification card built in the mobile terminal is activated, the mobile terminal is used for synchronizing a clock signal of the first server, and the first server is an authentication server provided by an operator corresponding to the user identification card;
according to the received verification code acquisition request, the first server is used for processing the timestamp of the current moment and a pre-stored secret key through a preset consistency check algorithm so as to return the obtained verification code to a second server, and the second server is a background server associated with a mobile application running on the mobile terminal;
the verification code obtaining request carries a login account input by a user in the mobile application, wherein the login account is a mobile phone number corresponding to the user identification card;
the first server is further configured to establish a signaling channel with the mobile terminal according to the mobile phone number carried by the verification code acquisition request, so as to send a feature code acquired at the current moment to the mobile terminal through the signaling channel, where the feature code is the verification code or the timestamp;
when the feature code is the timestamp, the mobile terminal is further configured to obtain the key in the first server based on a preset Sim Applet (Sim) which is a user identification application development tool, and process the key and the timestamp through a preset consistency check algorithm to obtain a verification code generated by the mobile terminal;
the mobile terminal is also used for displaying the verification code obtained by the Sim Applet on a terminal interface based on the Sim Applet, so that the verification code is uploaded to the second server after the user inputs the verification code into a verification code input box of the mobile application;
the second server is used for verifying the legality of the login account according to the verification code uploaded by the mobile terminal and the verification code returned by the first server;
and when the feature code is the verification code generated by the first server, the mobile terminal is further used for displaying the verification code obtained by the SimApplet on a terminal interface based on the SimApplet so as to upload the verification code to the second server after the user inputs the verification code into a verification code input box of the mobile application.
6. The account verification system of claim 5, wherein the first server is further configured to generate two-dimensional code data corresponding to the key and send the two-dimensional code data to the second server;
the second server is further used for returning the two-dimensional code data to the mobile terminal so that the mobile terminal can render a two-dimensional code graph based on the two-dimensional code data in the mobile application;
the mobile terminal is further used for analyzing the two-dimension code graph according to the received two-dimension code identification instruction so as to obtain the secret key corresponding to the two-dimension code graph.
7. The account verification system of claim 5, wherein the mobile terminal is further configured to establish a signaling channel with the first server when the subscriber identity card built in the mobile terminal is activated, so as to synchronize a clock signal of the first server and the secret key preset in the first server through the signaling channel.
8. The account verification system of claim 5, wherein the mobile terminal is further configured to control a counter to start counting and continuously read a count value of the counter;
before the count value reaches a preset threshold value, if the mobile terminal has not received an authentication code input instruction in the mobile application, the mobile terminal is further configured to re-send the authentication code acquisition request to return to execute the authentication code acquisition request, and the first server processes the timestamp at the current moment and a pre-stored secret key through a preset consistency check algorithm.
CN201711106729.7A 2017-11-10 2017-11-10 Account verification method and system Active CN108055238B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711106729.7A CN108055238B (en) 2017-11-10 2017-11-10 Account verification method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711106729.7A CN108055238B (en) 2017-11-10 2017-11-10 Account verification method and system

Publications (2)

Publication Number Publication Date
CN108055238A CN108055238A (en) 2018-05-18
CN108055238B true CN108055238B (en) 2020-10-23

Family

ID=62119080

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711106729.7A Active CN108055238B (en) 2017-11-10 2017-11-10 Account verification method and system

Country Status (1)

Country Link
CN (1) CN108055238B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108650276A (en) * 2018-05-21 2018-10-12 北京五八信息技术有限公司 A kind of login method, device, electronic equipment and storage medium
JP6756905B2 (en) * 2018-06-29 2020-09-16 アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited Management of services associated with URL-based 2D codes
CN109359448B (en) * 2018-10-16 2021-05-07 广州伊的家网络科技有限公司 Internet mobile terminal safety office system
CN111768217A (en) * 2019-04-02 2020-10-13 华为技术有限公司 Coupon processing method, server, terminal and system
CN111585844B (en) * 2020-05-09 2021-12-07 深圳市卡数科技有限公司 Test method, system, server and storage medium based on verification code
CN111935710B (en) * 2020-09-24 2021-02-05 广州市玄武无线科技股份有限公司 Application program login method and device of mobile terminal and electronic equipment
CN112802475A (en) * 2020-12-30 2021-05-14 厦门市美亚柏科信息股份有限公司 Automatic application login method based on voice recognition and computer readable storage medium
CN114172714A (en) * 2021-12-02 2022-03-11 北京金山云网络技术有限公司 Account access authority control method and device and electronic equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101615322A (en) * 2008-06-25 2009-12-30 上海富友网络技术有限公司 Realization has the mobile terminal payment method and system of magnetic payment function
CN103095457A (en) * 2013-01-11 2013-05-08 广东欧珀移动通信有限公司 Login and verification method for application program
CN103916249A (en) * 2014-04-25 2014-07-09 长沙市梦马软件有限公司 Dynamic password generating method and system
CN103929310A (en) * 2014-04-25 2014-07-16 长沙市梦马软件有限公司 Mobile phone client side password unified authentication method and system
CN105338000A (en) * 2015-12-02 2016-02-17 中国联合网络通信集团有限公司 Verification method and verification system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101615322A (en) * 2008-06-25 2009-12-30 上海富友网络技术有限公司 Realization has the mobile terminal payment method and system of magnetic payment function
CN103095457A (en) * 2013-01-11 2013-05-08 广东欧珀移动通信有限公司 Login and verification method for application program
CN103916249A (en) * 2014-04-25 2014-07-09 长沙市梦马软件有限公司 Dynamic password generating method and system
CN103929310A (en) * 2014-04-25 2014-07-16 长沙市梦马软件有限公司 Mobile phone client side password unified authentication method and system
CN105338000A (en) * 2015-12-02 2016-02-17 中国联合网络通信集团有限公司 Verification method and verification system

Also Published As

Publication number Publication date
CN108055238A (en) 2018-05-18

Similar Documents

Publication Publication Date Title
CN108055238B (en) Account verification method and system
CN106487511B (en) Identity authentication method and device
CN107395614B (en) Single sign-on method and system
CN106487762B (en) user identity recognition method, identity recognition application client and server
CN107249004B (en) Identity authentication method, device and client
CN104618315B (en) A kind of method, apparatus and system of verification information push and Information Authentication
JP2013524314A (en) Authentication method and system using portable terminal
US9124571B1 (en) Network authentication method for secure user identity verification
CN106464502B (en) Method and system for authentication of a communication device
CN108322416B (en) Security authentication implementation method, device and system
CN106897874B (en) Mobile payment method, device and system
CN105656850B (en) Data processing method, related device and system
WO2017206524A1 (en) Electronic device control method, terminal and control system
CN104660589A (en) Method and system for controlling encryption of information and analyzing information as well as terminal
KR20150023230A (en) Transferring an account between devices
CN112559993A (en) Identity authentication method, device and system and electronic equipment
US9882719B2 (en) Methods and systems for multi-factor authentication
CN107733838A (en) A kind of mobile terminal client terminal identity identifying method, device and system
US11838421B2 (en) Systems and methods for enhanced mobile device authentication
CN105577619B (en) Client login method, client and system
JP7104259B1 (en) Information processing equipment, information processing methods, and programs
US9680814B2 (en) Method, device, and system for registering terminal application
CN106203021B (en) A kind of more certification modes are integrated to apply login method and system
JP2017515320A (en) Identity verification and anti-theft system and method using a one-time random key
CN107679383B (en) Identity verification method and device based on geographic position and touch area

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant