CN108075893A - A kind of safety-type verification code system - Google Patents
A kind of safety-type verification code system Download PDFInfo
- Publication number
- CN108075893A CN108075893A CN201610996126.8A CN201610996126A CN108075893A CN 108075893 A CN108075893 A CN 108075893A CN 201610996126 A CN201610996126 A CN 201610996126A CN 108075893 A CN108075893 A CN 108075893A
- Authority
- CN
- China
- Prior art keywords
- dynamic password
- user
- phone number
- app
- identifying code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3228—One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
A kind of safety-type verification code system; belong to prevent internet-relevant violence from cracking, malicious registration, malice log in or malice vote the effects that identifying code protection technique field; including dynamic password service unit and identifying code generating means; its object is to allow user being capable of light input validation code without barrier; rather than remove identification identifying code; this identifying code is from the ripe dynamic password of technology; it is safe and stable and reliable; for the identifying code of this dynamic password form, various identifying code malice recognizers lose effect;The security of identifying code by dynamic password safety.
Description
Technical field
The invention belongs to prevent internet-relevant violence from cracking, malicious registration, malice log in or malice vote the effects that verification
The protection technique field of code, specifically, is related to a kind of safety-type verification code system.
Background technology
Identifying code is preventing Brute Force, malicious registration and login attempt and is preventing that network brush ticket etc. performance is more next
Bigger effect, exactly because the significant effect of this special role of identifying code, some illegal businessmans or hacker have opened
Issue some programs, i.e., so-called robot program, identifying code that can be in automatic identification picture.Therefore, in order to more preferably send out
Wave the specifically functional of identifying code, present verification code technology, it is intended to increase the difficulty of human eye identification, then robot is known
It is just more not difficult, so as to achieve the purpose that carry out network security protection using identifying code is specifically functional;If however, identifying code
It is designed more the mankind to be made it difficult for recognize, during people's input validation code, the chance of error just greatly increases, and malfunctions every time, verification
Code refreshes again, and the page is submitted again, and significant wastage people are registered, are logged in or the time of network voting etc., serious to drop
Low user experience.Even some people abandon relevant operation(Such as network voting).
Ox robs ticket in order to prevent for 12306 websites, continuously improves identifying code, but at full speed due to artificial intelligence in recent years
Development, the continuous progress of big data technology, image recognition technology is increasingly advanced, and the identifying code of 12306 websites allows user to be difficult to
Identify picture, user experience is excessively poor, and intelligent program really easily identifies, it is major rob ticket software developer upgrading rob ticket software,
It represents to have cracked these identifying codes mostly, 360 Internet companies rob that ticket browser is even more leading, the identification to identifying code
Rate is very high.
In recent years in identifying code field, it is keen to using sliding block identifying code, user drags sliding block and just completes verification, greatly
The operating experience of user is improved, but this identifying code is still cracked, and there are automated procedures that can simulate the mankind's
Operation behavior drags sliding block, so that this identifying code fails.
The content of the invention
It is an object of the invention to allow user can easily without barrier input validation code rather than go identification identifying code,
This identifying code derives from the ripe dynamic password of technology, safe and stable and reliable, for this dynamic password form
Identifying code, various identifying code malice recognizers lose effect;The security of identifying code by dynamic password safety.
In order to achieve the above objectives, the present invention provides a kind of safety-type verification code system, including dynamic password service unit 1,
Identifying code generating means 2, it is characterised in that:The two two is two interconnected, has service interface in the dynamic password service unit 1
Provider 1a, dynamic password app erectors 1b;There are system category identifier 2a, phone number input in identifying code generating means 2
Device 2b, identity authentication 2c, identifying code loader 2d and identifying code determining device 2e;Service interface provider 1a generates identifying code
Device 2 opens dynamic password using interface m, and system category identifier 2a judges that the equipment that user uses is mobile phone or computer,
And the device type used for user is divided to two kinds of situations to be handled as follows:
A. the device type that user uses is if mobile phone, then phone number loader 2b hides, and identity authentication 2c is obtained automatically
The phone number that mobile phone is held at family is taken, particularly, if user mobile phone has two mobile phone cards, first mobile phone card of acquisition
Phone number;
Identity authentication 2c judges whether the phone number of user is dynamic password using one of interface m phone numbers bound,
If it is, think the user downloaded dynamic password app erectors (1b) offer dynamic password app and and oneself
The phone number binding, user inputted in identifying code loader 2d this operation need dynamic password, and this dynamic it is close
It is obtained in the dynamic password app that code can be installed from user mobile phone, identifying code determining device 2e judges dynamic input by user
Whether password is effective dynamic password, if it is, by verification, license user carries out next step operation, otherwise authentication failed,
Operating process terminates;
Identity authentication 2c judges whether the phone number of user is dynamic password using one of interface m phone numbers bound,
If it is not, then think the phone number of the user not with the dynamic password app that dynamic password app erectors (1b) provide into
Row binding, identity authentication 2c remind user installation dynamic password app erectors (1b) provide dynamic password app and with from
Oneself phone number binding, and the download address of the dynamic password app of dynamic password app erectors (1b) offer is provided, together
When identifying code loader 2d hide, authentication failed, operating process terminates;
B. the device type that user uses if computer, then phone number loader 2b as it can be seen that user for the first time in phone number
The phone number of oneself is inputted in loader 2b, the hardware that system category identifier 2a obtains current computer used in user automatically is special
Code is levied, this feature code and phone number input by user are bound, when next user uses the computer, phone number input
Device 2b hides, user's no longer input handset number;
Identity authentication 2c judges whether the phone number of user is dynamic password using one of interface m phone numbers bound,
If it is, think the user downloaded dynamic password app erectors (1b) offer dynamic password app and and oneself
The phone number binding, user inputted in identifying code loader 2d this operation need dynamic password, and this dynamic it is close
It is obtained in the dynamic password app that code can be installed from user mobile phone, identifying code determining device 2e judges dynamic input by user
Whether password is effective dynamic password, if it is, by verification, license user carries out next step operation, otherwise authentication failed,
Operating process terminates;
Identity authentication 2c judges whether the phone number of user is dynamic password using one of interface m phone numbers bound,
If it is not, then think the phone number of the user not with the dynamic password app that dynamic password app erectors (1b) provide into
Row binding, identity authentication 2c remind user installation dynamic password app erectors (1b) provide dynamic password app and with from
Oneself phone number binding, and the download address of the dynamic password app of dynamic password app erectors (1b) offer is provided, together
When identifying code loader 2d hide, authentication failed, operating process terminates.
The remarkable result of the present invention is:(1)Easy to operate, system automatic identification user holds hardware and sets type, to the greatest extent
Streamline operation is measured, allows user for the first time in use, not having to input handset number or only merely entering a phone number;Such as
Fruit user is fitted without dynamic password app and is not bound with phone number, and system can guide user to download installation.(2)Dynamically
Password it is safe in SMS, and other expenditure will not be generated.By the safety identifying code of dynamic password
The security of input forecloses all kinds of identifying code malice recognizers, safeguards that network voting, net purchase train ticket etc. are a series of
Affairs it is fair, just.(3)User's input validation code is easily accessible.
Description of the drawings
Fig. 1 is the structure principle chart of heretofore described safety-type verification code system.
Specific embodiment
The present invention is further illustrated with reference to the accompanying drawings and detailed description.
Embodiment 1, as shown in Figure 1:A kind of safety-type verification code system is given birth to including dynamic password service unit 1, identifying code
Into device 2, it is characterised in that:The two two is two interconnected, has service interface provider in the dynamic password service unit 1
1a, dynamic password app erectors 1b;Have in identifying code generating means 2 system category identifier 2a, phone number loader 2b,
Identity authentication 2c, identifying code loader 2d and identifying code determining device 2e;Service interface provider 1a is to identifying code generating means 2
For open dynamic password using interface m, system category identifier 2a judges that the equipment that user uses is mobile phone or computer, and is directed to
The device type that user uses is divided to two kinds of situations to be handled as follows:
A. the device type that user uses is if mobile phone, then phone number loader 2b hides, and identity authentication 2c is obtained automatically
The phone number that mobile phone is held at family is taken, particularly, if user mobile phone has two mobile phone cards, first mobile phone card of acquisition
Phone number;
Identity authentication 2c judges whether the phone number of user is dynamic password using one of interface m phone numbers bound,
If it is, think the user downloaded dynamic password app erectors (1b) offer dynamic password app and and oneself
The phone number binding, user inputted in identifying code loader 2d this operation need dynamic password, and this dynamic it is close
It is obtained in the dynamic password app that code can be installed from user mobile phone, identifying code determining device 2e judges dynamic input by user
Whether password is effective dynamic password, if it is, by verification, license user carries out next step operation, otherwise authentication failed,
Operating process terminates;
Identity authentication 2c judges whether the phone number of user is dynamic password using one of interface m phone numbers bound,
If it is not, then think the phone number of the user not with the dynamic password app that dynamic password app erectors (1b) provide into
Row binding, identity authentication 2c remind user installation dynamic password app erectors (1b) provide dynamic password app and with from
Oneself phone number binding, and the download address of the dynamic password app of dynamic password app erectors (1b) offer is provided, together
When identifying code loader 2d hide, authentication failed, operating process terminates;
B. the device type that user uses if computer, then phone number loader 2b as it can be seen that user for the first time in phone number
The phone number of oneself is inputted in loader 2b, the hardware that system category identifier 2a obtains current computer used in user automatically is special
Code is levied, this feature code and phone number input by user are bound, when next user uses the computer, phone number input
Device 2b hides, user's no longer input handset number;
Identity authentication 2c judges whether the phone number of user is dynamic password using one of interface m phone numbers bound,
If it is, think the user downloaded dynamic password app erectors (1b) offer dynamic password app and and oneself
The phone number binding, user inputted in identifying code loader 2d this operation need dynamic password, and this dynamic it is close
It is obtained in the dynamic password app that code can be installed from user mobile phone, identifying code determining device 2e judges dynamic input by user
Whether password is effective dynamic password, if it is, by verification, license user carries out next step operation, otherwise authentication failed,
Operating process terminates;
Identity authentication 2c judges whether the phone number of user is dynamic password using one of interface m phone numbers bound,
If it is not, then think the phone number of the user not with the dynamic password app that dynamic password app erectors (1b) provide into
Row binding, identity authentication 2c remind user installation dynamic password app erectors (1b) provide dynamic password app and with from
Oneself phone number binding, and the download address of the dynamic password app of dynamic password app erectors (1b) offer is provided, together
When identifying code loader 2d hide, authentication failed, operating process terminates.
It is discussed below with specific example:
Imagining user Zhang San, there are one phone numbers:12345678901, prepare ballot, system category identifier just on mobile phone
2a judges that Zhang San votes with mobile phone, therefore phone number loader 2b hides, and does not require input handset number, and system classification is known
Other device 2a carries out information communication with service interface provider 1a and is connected, if identity authentication 2c has had found the phone number of Zhang San
Through being bundled with the dynamic password app of dynamic password app erectors 1b offers, then identifying code loader 2d is shown, it is desirable that Zhang San is defeated
Enter dynamic password, and Zhang San opens the dynamic password app in mobile phone, obtains dynamic password, then inputs dynamic password, entire mistake
Journey does not exceed generally one minute.
Above-mentioned specific example is one of special case of safety-type verification code system of the present invention, other special cases, such as user
Mobile phone does not bind the situation of the dynamic password app of dynamic password app erectors 1b offers, is also provided in specification complete
Solution, such case, installation dynamic password app are simultaneously bound with phone number, recently enter dynamic password, whole process,
It does not exceed 5 minutes generally.
Cooperate if most of identifying code provides commercial city with some dynamic password service provider, then on the mobile phone of user
The dynamic password app for being mounted with the dynamic password service provider is substantially all, user's input validation code is with regard to very convenient.
The validity of present identifying code has faced huge challenge, if automated procedures can crack identifying code, that
Network voting, the fairness of net purchase panic buying train ticket are not just known where to begin.Some and its important network voting at present, for public affairs
It is flat just, it is desirable that user's registration also requires short message certification in registration process, then logs in and throws ticket after entering, operate very
Trouble has been lost completely to currently having the trust of verification code technology.
Certainly, the present invention can also have other various embodiments, without deviating from the spirit and substance of the present invention, ripe
Various corresponding changes and deformation, but these corresponding changes and deformation can be made according to the present invention by knowing those skilled in the art
The protection domain of appended claims of the invention should all be belonged to.
Claims (1)
1. a kind of safety-type verification code system, including dynamic password service unit(1), identifying code generating means(2), feature exists
In:The two two is two interconnected, the dynamic password service unit(1)Inside there is service interface provider(1a), dynamic password app
Erector (1b);Identifying code generating means(2)Inside there is system category identifier(2a), phone number loader(2b), identity recognizes
Demonstrate,prove device(2c), identifying code loader(2d)With identifying code determining device(2e);Service interface provider(1a)Identifying code is generated and is filled
It puts(2)Open dynamic password uses interface m, system category identifier(2a)Judge that the equipment that user uses is mobile phone or electricity
Brain, and the device type used for user is divided to two kinds of situations to be handled as follows:
A. the device type that user uses is if mobile phone, then phone number loader(2b)It hides, identity authentication(2c)From
The dynamic phone number for obtaining user and holding mobile phone particularly, if user mobile phone has two mobile phone cards, obtains first mobile phone
The phone number of card;
Identity authentication(2c)The phone number that whether phone number for judging user, which is dynamic password, is bound using interface m it
One, if it is, think the user downloaded dynamic password app erectors (1b) offer dynamic password app and with
The phone number binding of oneself, user is in identifying code loader(2d)The dynamic password that this operation of middle input needs, and this
It is obtained in the dynamic password app that dynamic password can be installed from user mobile phone, identifying code determining device(2e)Judge that user is defeated
Whether the dynamic password entered is effective dynamic password, if it is, by verification, license user carries out next step operation, otherwise
Authentication failed, operating process terminate;
Identity authentication(2c)The phone number that whether phone number for judging user, which is dynamic password, is bound using interface m it
One, if it is not, then thinking the dynamic password that the phone number of the user is not provided with dynamic password app erectors (1b)
App is bound, identity authentication(2c)The dynamic password app that user installation dynamic password app erectors (1b) is reminded to provide
And it is bound with the phone number of oneself, and the download of the dynamic password app of dynamic password app erectors (1b) offer is provided
Address, while identifying code loader(2d)It hides, authentication failed, operating process terminates;
B. the device type that user uses is if computer, then phone number loader(2b)As it can be seen that user is for the first time in cell-phone number
Code loader(2b)The middle input phone number of oneself, system category identifier(2a)It is automatic to obtain current computer used in user
Hardware characteristics code binds this feature code and phone number input by user, when next user uses the computer, cell-phone number
Code loader(2b)It hides, user's no longer input handset number;
Identity authentication(2c)The phone number that whether phone number for judging user, which is dynamic password, is bound using interface m it
One, if it is, think the user downloaded dynamic password app erectors (1b) offer dynamic password app and with
The phone number binding of oneself, user is in identifying code loader(2d)The dynamic password that this operation of middle input needs, and this
It is obtained in the dynamic password app that dynamic password can be installed from user mobile phone, identifying code determining device(2e)Judge that user is defeated
Whether the dynamic password entered is effective dynamic password, if it is, by verification, license user carries out next step operation, otherwise
Authentication failed, operating process terminate;
Identity authentication(2c)The phone number that whether phone number for judging user, which is dynamic password, is bound using interface m it
One, if it is not, then thinking the dynamic password that the phone number of the user is not provided with dynamic password app erectors (1b)
App is bound, identity authentication(2c)The dynamic password app that user installation dynamic password app erectors (1b) is reminded to provide
And it is bound with the phone number of oneself, and the download of the dynamic password app of dynamic password app erectors (1b) offer is provided
Address, while identifying code loader(2d)It hides, authentication failed, operating process terminates.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610996126.8A CN108075893A (en) | 2016-11-12 | 2016-11-12 | A kind of safety-type verification code system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610996126.8A CN108075893A (en) | 2016-11-12 | 2016-11-12 | A kind of safety-type verification code system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108075893A true CN108075893A (en) | 2018-05-25 |
Family
ID=62153726
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610996126.8A Pending CN108075893A (en) | 2016-11-12 | 2016-11-12 | A kind of safety-type verification code system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108075893A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109299617A (en) * | 2018-09-19 | 2019-02-01 | 中国农业银行股份有限公司贵州省分行 | A kind of file encryption and decryption system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1694555A (en) * | 2005-05-24 | 2005-11-09 | 北京易诚世纪科技有限公司 | Dynamic cipher system and method based on mobile communication terminal |
| CN1855810A (en) * | 2005-04-26 | 2006-11-01 | 上海盛大网络发展有限公司 | Dynamic code verificating system, method and use |
| CN101163011A (en) * | 2007-11-15 | 2008-04-16 | 北京农村商业银行股份有限公司 | Safety authentication method of internet bank system |
| CN103281186A (en) * | 2013-05-08 | 2013-09-04 | 上海众人网络安全技术有限公司 | Dynamic token based on Android system as well as transaction system and method |
| CN104348613A (en) * | 2013-07-24 | 2015-02-11 | 深圳市腾讯计算机***有限公司 | User verification method, apparatus and system |
| CN104468534A (en) * | 2014-11-21 | 2015-03-25 | 小米科技有限责任公司 | Account protection method and device |
-
2016
- 2016-11-12 CN CN201610996126.8A patent/CN108075893A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1855810A (en) * | 2005-04-26 | 2006-11-01 | 上海盛大网络发展有限公司 | Dynamic code verificating system, method and use |
| CN1694555A (en) * | 2005-05-24 | 2005-11-09 | 北京易诚世纪科技有限公司 | Dynamic cipher system and method based on mobile communication terminal |
| CN101163011A (en) * | 2007-11-15 | 2008-04-16 | 北京农村商业银行股份有限公司 | Safety authentication method of internet bank system |
| CN103281186A (en) * | 2013-05-08 | 2013-09-04 | 上海众人网络安全技术有限公司 | Dynamic token based on Android system as well as transaction system and method |
| CN104348613A (en) * | 2013-07-24 | 2015-02-11 | 深圳市腾讯计算机***有限公司 | User verification method, apparatus and system |
| CN104468534A (en) * | 2014-11-21 | 2015-03-25 | 小米科技有限责任公司 | Account protection method and device |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109299617A (en) * | 2018-09-19 | 2019-02-01 | 中国农业银行股份有限公司贵州省分行 | A kind of file encryption and decryption system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108650212A (en) | A kind of Internet of Things certification and access control method and Internet of Things security gateway system | |
| CN103401957B (en) | A kind of unique method identifying client machine under web environment | |
| CN104394531A (en) | Wireless network connecting method of a terminal device | |
| CN105246073B (en) | The access authentication method and server of wireless network | |
| AU2023223007A1 (en) | Secure online access control to prevent identification information misuse | |
| CN107872433A (en) | A kind of auth method and its equipment | |
| CN102281286A (en) | Flexible end-point compliance and strong authentication for distributed hybrid enterprises | |
| CN101662364A (en) | Method and system for safe login | |
| CN106453422B (en) | Dynamic authentication method and system based on mobile terminal | |
| CN102073822A (en) | Method and system for preventing user information from leaking | |
| CN106295290B (en) | Method, device and system for generating authentication information based on fingerprint information | |
| CN111931144A (en) | Unified safe login authentication method and device for operating system and service application | |
| CN108900561A (en) | The method, apparatus and system of single-sign-on | |
| CN104158664A (en) | Identity authentication method and system | |
| CN103024706A (en) | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication | |
| CN107113613A (en) | Server, mobile terminal, real-name network authentication system and method | |
| EP3835980A1 (en) | Adaptive user authentication | |
| CN105184567A (en) | Information processing method, processing device and mobile terminal | |
| CN111274046A (en) | Service call validity detection method and device, computer equipment and computer storage medium | |
| CN102456102A (en) | Method for carrying out identity recertification on particular operation of information system by using Usb key technology | |
| CN109246133A (en) | A kind of network access verifying method based on bio-identification | |
| CN105337739B (en) | Safe login method, device, server and terminal | |
| CN107241362B (en) | Method and device for identifying identity of verification code input user | |
| CN107517180A (en) | Login method and device | |
| CN102413146A (en) | Client authorized logon method based on dynamic codes |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180525 |
|
| RJ01 | Rejection of invention patent application after publication |