CN108900479A - Short message verification code acquisition methods and device - Google Patents

Short message verification code acquisition methods and device Download PDF

Info

Publication number
CN108900479A
CN108900479A CN201810599608.9A CN201810599608A CN108900479A CN 108900479 A CN108900479 A CN 108900479A CN 201810599608 A CN201810599608 A CN 201810599608A CN 108900479 A CN108900479 A CN 108900479A
Authority
CN
China
Prior art keywords
terminal
identification information
service request
short message
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810599608.9A
Other languages
Chinese (zh)
Inventor
程战战
王琰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Taikang Insurance Group Co Ltd
Taikang Online Property Insurance Co Ltd
Original Assignee
Taikang Insurance Group Co Ltd
Taikang Online Property Insurance Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taikang Insurance Group Co Ltd, Taikang Online Property Insurance Co Ltd filed Critical Taikang Insurance Group Co Ltd
Priority to CN201810599608.9A priority Critical patent/CN108900479A/en
Publication of CN108900479A publication Critical patent/CN108900479A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/067Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1073Registration or de-registration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Multimedia (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention provides a kind of short message verification code acquisition methods and device, the service request that terminal is sent is obtained by server, it include the identification information of terminal in service request, service request is for obtaining dynamic short message verification code, server judges whether the identification information for the terminal for including in service request is information after encryption, if meeting, then server parses the identification information for obtaining the terminal for including in service request according to predetermined encryption algorithm, and sends dynamic short message verification code to terminal according to the identification information of terminal.Whether server end is legal service request by judge terminal traffic request, determines that meeting the service request of condition can just be performed, and is able to solve through the picture validation code lower problem of method security that tool calls that prevents short message interface to be automated.

Description

Short message verification code acquisition methods and device
Technical field
The present invention relates to field of computer technology more particularly to a kind of short message verification code acquisition methods and device.
Background technique
Internet technology is fast-developing, and people can be completed a lot by the simple operations on webpage or application program Thing, it is greatly convenient to bring for life.Present website and mobile applications require greatly user and are carried out by phone number Registration, or data is modified by using phone number, it, generally can be by the hand in order to ensure being that user operates The form that machine number sends verifying short message verification code is confirmed.But malicious attacker can use automation tools, utilize receipts The phone number of the dynamic short message verification code transmission interface and user that collect carries out the transmission of dynamic short message verification code, make user by Short message harassing and wrecking.
The prior art generally prevents automation tools from calling short message interface by using picture validation code, specifically, when User will pop up picture validation code, the content in picture validation code is random life before progress " obtaining dynamic short message " operation At, user inputs after picture validation code, and dynamic short message verification code is sent to user mobile phone after server end successful match On.
But in the prior art by picture validation code prevent short message interface be automated tool calling method security It is lower.
Summary of the invention
The present invention provides a kind of short message verification code acquisition methods and device, to solve to prevent short message from connecing by picture validation code Mouth is automated the lower problem of method security of tool calling.
In a first aspect, the present invention provides a kind of short message verification code acquisition methods, this method includes:
Server obtains the service request that terminal is sent, and the service request includes the identification information of the terminal, described Service request is for obtaining dynamic short message verification code;
After the server judges whether the identification information for the terminal for including in the service request is encryption Information;
If satisfied, then the server is according to the end for including in the predetermined encryption algorithm parsing acquisition service request The identification information at end, and the dynamic short message is sent to the terminal according to the identification information of the terminal.
Further, the identification information of predetermined encryption algorithm is also carried in institute's service request;
The server obtains the mark for the terminal for including in the service request according to predetermined encryption algorithm parsing Information, including:
The server is obtained from algorithm data-base according to the identification information of the predetermined encryption algorithm and predetermined encryption The corresponding decipherment algorithm of algorithm, and according to the mark for the terminal for including in the decipherment algorithm parsing acquisition service request Know information.
Further, the identification information of the terminal is phone number.
Further, the method also includes:
Encryption Algorithm described in the server update obtains new Encryption Algorithm;
The server sends a notification message to the terminal, and the notification message is used to indicate the new encryption and calculates Method.
Second aspect, the present invention also provides a kind of short message verification code acquisition methods, this method includes:
Terminal is encrypted the identification information of the terminal using predetermined encryption algorithm, after obtaining encryption Identification information;
Terminal to server send service request, the service request include the terminal encryption treated mark letter Breath, the service request is for obtaining dynamic short message verification code;
The terminal receives the dynamic short message verification code, and the dynamic short message verification code is the server determining The identification information for the terminal for including in service request is stated to send after the information after encryption.
Further, the terminal is encrypted the identification information of the terminal using predetermined encryption algorithm, wraps It includes:
The terminal randomly chooses Encryption Algorithm from algorithm data-base and carries out encryption place with the identification information of the terminal Reason, the identification information after obtaining encryption;
The terminal generates the service request according to the identification information after the encryption, wherein the business is asked The identification information of the Encryption Algorithm is also carried in asking.
Further, the identification information of the terminal is phone number.
Further, the terminal receives the notification message that the server is sent, and the notification message is used to indicate newly Encryption Algorithm.
The third aspect, the present invention also provides a kind of short message verification code acquisition device, which includes:
Module is obtained, for obtaining the service request of terminal transmission, the service request includes that the mark of the terminal is believed Breath, the service request is for obtaining dynamic short message verification code;
Judgment module, for judging whether the identification information for the terminal for including in the service request is encryption Information afterwards;
Processing module, described in being obtained in the service request if meeting according to predetermined encryption algorithm parsing and including The identification information of terminal, and the dynamic short message verification code is sent to the terminal according to the identification information of the terminal.
Further, described device further includes:Update module and sending module;
Wherein, the update module obtains new Encryption Algorithm for updating the Encryption Algorithm;
The sending module, for sending a notification message to the terminal, the notification message is used to indicate described new Encryption Algorithm.
Fourth aspect, the present invention also provides a kind of short message verification code acquisition device, which includes:
Encrypting module is added for the identification information of the terminal to be encrypted using predetermined encryption algorithm Close treated identification information;
Sending module, for sending service request to server, the service request includes the identification information of the terminal, The service request is for obtaining dynamic short message verification code;
Receiving module, for receiving the dynamic short message verification code, the dynamic short message verification code is that the server exists The identification information for the terminal for including in the service request is determined to send after the information after encryption.
Further, which further includes:Generation module;
The encrypting module, for from algorithm data-base randomly choose Encryption Algorithm with the terminal identification information into Row encryption, the identification information after obtaining encryption;
The generation module, for generating the service request according to the identification information after the encryption, wherein The identification information of the Encryption Algorithm is also carried in the service request.
Further, described device further includes:Update module;
The update module, the notification message sent for receiving the server, the notification message are used to indicate newly Encryption Algorithm.
5th aspect, the present invention also provides a kind of computer readable storage mediums, which is characterized in that described including program Program is when being executed by processor for executing method described in first aspect.
6th aspect, the present invention also provides a kind of computer readable storage mediums, which is characterized in that described including program Program is when being executed by processor for executing method described in second aspect.
7th aspect, the present invention also provides a kind of servers, including:Processor and memory;
The memory stores computer executed instructions;
The processor executes the computer executed instructions of the memory storage, to execute side described in first aspect Method.
Eighth aspect, the present invention also provides a kind of terminals, including:Processor and memory;
The memory stores computer executed instructions;
The processor executes the computer executed instructions of the memory storage, to execute side described in second aspect Method.
The present invention provides a kind of short message verification code acquisition methods and device, obtains the business that terminal is sent by server and asks It asks, includes the identification information of terminal in service request, for service request for obtaining dynamic short message verification code, server judges business Whether the identification information for the terminal for including in request is information after encryption, if satisfied, then server is according to predetermined encryption Arithmetic analysis obtains the identification information for the terminal for including in the service request, and according to the identification information of terminal to terminal Send dynamic short message.Whether server end is legal service request by judging terminal traffic request, and determination meets condition Service request can be just performed, be able to solve by picture validation code prevent short message interface be automated tool calling method, The lower problem of safety.In addition, using the method in the present invention, the mark for the terminal that server includes in judging service request After knowing information for the information after encryption, so that it may directly dynamic short message verification code is sent to terminal, without user in terminal The movements such as picture validation code input are operated, operation difficulty is reduced, improves verification efficiency, also improve user experience.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair Bright some embodiments for those of ordinary skill in the art without any creative labor, can be with It obtains other drawings based on these drawings.
Fig. 1 is the flow diagram of short message verification code acquisition methods embodiment one provided by the invention;
Fig. 2 is the flow diagram of short message verification code acquisition methods embodiment two provided by the invention;
Fig. 3 is the flow diagram of short message verification code acquisition methods embodiment three provided by the invention;
Fig. 4 is the flow diagram of short message verification code acquisition methods example IV provided by the invention;
Fig. 5 is the structural schematic diagram of short message verification code acquisition device embodiment one provided by the invention;
Fig. 6 is the structural schematic diagram of short message verification code acquisition device embodiment two provided by the invention;
Fig. 7 is the structural schematic diagram of server example one provided by the invention;
Fig. 8 is the structural schematic diagram of terminal embodiment one provided by the invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.
Fig. 1 is the flow diagram that the present invention is short message verification code acquisition methods embodiment one provided by the invention, this reality The method for applying example can be applied to server end, be illustrated in the present embodiment by server of executing subject, as shown in Figure 1, this The method of embodiment may include:
S101, server obtain the service request that terminal is sent, and the service request includes the identification information of the terminal, The service request is for obtaining dynamic short message verification code.
User can carry out operation in the application software of terminal or webpage and send service request, server receiving terminal hair The service request sent, wherein it include the identification information of terminal in the service request that terminal is sent, and service request is for obtaining Dynamic short message verification code.It should be noted that short message verification code acquisition methods provided by the present invention are suitable for several scenes, such as Account Registration, Account Logon, bank transfer, good friend's invitation, the binding of application software phone number etc..
For example, needing to obtain dynamic short-message verification when carrying out Account Registration in the application program that user installs at the terminal Code verifies the user of using terminal.So, the Account Registration service request that server receiving terminal is sent, account note It include the identification information of terminal in volume service request.
The identification information of above-mentioned terminal can be phone number, and the identification code or application assigned of mobile phone are to terminal Unique identification etc..For example, the identification information of terminal can be phone number when user is registered using phone number.
S102, the server judge whether the identification information for the terminal for including in the service request is at encryption Information after reason.
After server receives the service request of terminal transmission, server needs judge the service request, determine It whether is legal service request, to ensure the safety of user information.Specifically, as server judges to wrap in service request Whether the identification information of the terminal contained is information after encryption, if the information after encryption, then terminal is sent industry Business request is legitimate request, and server can further execute step S103.If the mark of terminal included in service request is believed Breath is not the information after encryption, then the service request that terminal is sent is illegal request, then terminates, that is to say, that if not being Information after encryption, then server does not send dynamic short message verification code to terminal.
S103, if satisfied, then the server obtains in the service request according to predetermined encryption algorithm parsing and includes The identification information of the terminal, and the dynamic short message verification code is sent to the terminal according to the identification information of the terminal.
Specifically, as server judge terminal included in service request identification information whether be encryption after Information, if the information after encryption, then terminal send service request be legitimate request, further server can according to The corresponding decipherment algorithm of predetermined encryption algorithm parses the identification information of the terminal, includes to obtain in service request The identification information of terminal.Optionally in a kind of implementation, it can preset in the Encryption Algorithm and server that terminal uses Used corresponding decipherment algorithm.
It is illustrated so that above-mentioned user carries out Account Registration as an example, if including in the Account Registration service request that terminal is sent Phone number be phone number after encryption, then server judges that the account registers service request as legitimate request, into One step parses encrypted phone number according to the corresponding decipherment algorithm of preset Encryption Algorithm, to obtain plaintext mobile phone Number.Then, dynamic short message verification code needed for login account is sent to the corresponding terminal of plaintext phone number by server, It allows the user to complete Account Registration.
In the present embodiment, the service request that terminal is sent is obtained by server, includes the mark of terminal in service request Information, for service request for obtaining dynamic short message verification code, server judges the identification information for the terminal for including in service request It whether is information after encryption, if satisfied, then server obtains in the service request according to predetermined encryption algorithm parsing The identification information for the terminal for including, and dynamic short message verification code is sent to terminal according to the identification information of terminal.Server Whether end is legal service request by judging terminal traffic request, determines that the service request for the condition that meets can be just performed, Be able to solve prevents short message interface to be automated the lower problem of the full property of method of tool calling by picture validation code.In addition, Using the method for the present embodiment, the identification information for the terminal that server includes in judging service request is the mark after encryption After knowing information, so that it may directly send dynamic short message verification code to terminal, be inputted without user in terminal operation picture validation code Deng movement, operation difficulty is reduced, verification efficiency is improved, also improves user experience.
A specific embodiment is used below, it can also be by following to the S103 step in embodiment of the method shown in Fig. 1 Mode is realized.
Fig. 2 is the flow diagram of short message verification code acquisition methods embodiment two provided by the invention, as shown in Fig. 2, this The method of embodiment may include:
S201, server obtain the service request that terminal is sent, and the service request includes the identification information of the terminal, The service request is for obtaining dynamic short message verification code.
S202, the server judge whether the identification information for the terminal for including in the service request is at encryption Information after reason.
S201, S202 are similar with S101, S102 in embodiment illustrated in fig. 1, and details are not described herein again for the present embodiment.
S203, if satisfied, then server is obtained from algorithm data-base according to the identification information of the predetermined encryption algorithm Decipherment algorithm corresponding with predetermined encryption algorithm, and the institute for including in the service request is obtained according to decipherment algorithm parsing State the identification information of terminal.
Wherein, the identification information of predetermined encryption algorithm is also carried in the service request.
In the present embodiment, terminal when being encrypted to the identification information of terminal used Encryption Algorithm be not fix, But a kind of Encryption Algorithm is randomly choosed from algorithm data-base, the identification information of terminal is encrypted.Correspondingly, terminal will The identification information of used Encryption Algorithm is sent to server together with service request, and server is according to the mark of Encryption Algorithm Information obtains decipherment algorithm corresponding with Encryption Algorithm, the encryption sent according to the decipherment algorithm to terminal from algorithm data-base Information that treated is parsed to obtain the identification information of terminal.
It is illustrated so that above-mentioned user carries out Account Registration as an example, if including in the Account Registration service request that terminal is sent Phone number be phone number after encryption, then server judges that the account registers service request as legitimate request, into One step parses encrypted phone number according to the corresponding decipherment algorithm of preset Encryption Algorithm, to obtain plaintext mobile phone Number.Then, dynamic short message verification code needed for login account is sent to the corresponding terminal of plaintext phone number by server, It allows the user to complete Account Registration.
S204, server send the dynamic short message verification code to the terminal according to the identification information of the terminal.
In the present embodiment, by server obtain terminal send service request, judge include in the service request Whether the identification information of the terminal is information after encryption, if satisfied, then server is according to the predetermined encryption algorithm Identification information decipherment algorithm corresponding with predetermined encryption algorithm is obtained from algorithm data-base, and according to the decipherment algorithm solution Analysis obtains the identification information for the terminal for including in the service request, and further, server is according to the identification information of terminal The dynamic verification code is sent to terminal.Solve by picture validation code prevent short message interface be automated tool calling side The lower problem of method safety.In addition, using the method for the present embodiment, terminal that server includes in judging service request Identification information is the information after encryption, so that it may directly dynamic short message is sent to terminal, without user in terminal operation figure The movements such as piece identifying code input, reduce operation difficulty, improve verification efficiency, also improve user experience.
Optionally, after above-mentioned steps, server can also update Encryption Algorithm, to obtain new Encryption Algorithm, and to end End sends a notification message, and the notification message is used to indicate the new Encryption Algorithm.
Optionally, server is configured with algorithm data-base, includes multiple Encryption Algorithm, each encryption in algorithm data-base Algorithm is provided with corresponding decipherment algorithm, and corresponds.Server can select new Encryption Algorithm from algorithm data-base It as the Encryption Algorithm of update, and will send a notification message to terminal, prompt terminal updates Encryption Algorithm.Meanwhile server is more Newly decipherment algorithm corresponding with Encryption Algorithm.
Optionally, server can regularly update Encryption Algorithm, for example, updating once at interval of 30 days, be updated periodically and add Close algorithm can effectively prevent user to bomb by short message, and promote the safety of user information.
Fig. 3 is the flow diagram of short message verification code acquisition methods embodiment three provided by the invention, the side of the present embodiment Method can be applied to terminal side, and the present embodiment is illustrated by terminal of executing subject, as shown in figure 3, the method for the present embodiment May include:
S301, terminal are encrypted the identification information of the terminal using predetermined encryption algorithm, obtain at encryption Identification information after reason.
Specifically, terminal is pre-configured with Encryption Algorithm, and when operated by the user, terminal can use preset Encryption Algorithm The identification information of terminal is encrypted.Account is carried out in the application program that the present embodiment is also installed with user at the terminal Registration to be illustrated, terminal be configured with Encryption Algorithm, when user carry out Account Registration when, if user be using phone number into Row registration, then the identification information of terminal be phone number, application program using preconfigured Encryption Algorithm to phone number into Row encryption.For example, it is later " QSDG that phone number before encrypting, which is " 12345678910 " encryption,!@# $ %Q* ", encryption Phone number afterwards can not be identified by short message instrument of bombardment, so as to improve the safety of user information.
Optionally, further comprising the steps of after S301:Terminal generates institute according to the identification information after the encryption State service request.
S302, terminal to server send service request, after the service request is comprising the encryption of the terminal Identification information, the service request is for obtaining dynamic short message verification code.
User can operate in the application software of terminal or webpage, and terminal can then generate phase depending on the user's operation The service request answered, later, service request is sent to server by terminal, wherein service request includes the mark of the terminal Information, and the identification information of the terminal is the identification information carried out after encryption, the service request is dynamic for obtaining State short message verification code.
The identification information of above-mentioned terminal can be phone number, and the identification code or application assigned of mobile phone are to terminal Unique identification etc..
For example, needing to obtain dynamic short message when user carries out Account Registration in mounted application program at the terminal and testing Card code verifies the user of using terminal.So, Account Registration service request can be sent to server by terminal, wherein When user is registered using phone number, the identification information of terminal can be phone number.That is, terminal is to cell-phone number Code is encrypted, and then generates Account Registration service request, and Account Registration service request is further sent to service Device, server receive after include phone number service request after execute corresponding processing.
It should be noted that short message verification code acquisition methods provided by the present invention are suitable for several scenes, as account is infused Volume, Account Logon, bank transfer, good friend's invitation, the binding of application software phone number etc..
S303, terminal receive the dynamic short message verification code, and the dynamic short message verification code is the server in determination The identification information for the terminal for including in the service request be encryption after information after send.
That is, determining whether the identification information for the terminal for including in service request is encryption first by server first Information that treated, it is ensured that the legitimacy of service request is sent dynamic after the service request for judging that terminal is sent is legitimate request State short message verification code is to terminal, and terminal receives the dynamic short message verification code that server is sent, to execute subsequent operation.
In the present embodiment, the identification information of the terminal is encrypted using predetermined encryption algorithm by terminal, Identification information after obtaining encryption, and service request is sent to server, it include the identification information of terminal in service request, Service request is for obtaining dynamic short message verification code, and further, terminal receives dynamic short message verification code, the dynamic short-message verification Code be the terminal that server includes in determining service request identification information be encryption after information after send.It can Solve the problems, such as that the method security for preventing short message interface to be automated tool calling by picture verification information is lower, and can It effectively prevent user to harass by short message.In addition, using the method for the present embodiment, server includes in judging service request The identification information of terminal be encryption after information, so that it may directly to terminal send dynamic short message verification code, without with Family reduces operation difficulty, improves verification efficiency, also improve user's body in movements such as terminal operation picture validation code inputs It tests.
Fig. 4 is the flow diagram of short message verification code acquisition methods example IV provided by the invention, embodiment illustrated in fig. 3 Middle S301 step also may be accomplished by, and shown referring to figure 4., the method for the present embodiment includes:
S401, the terminal randomly choose Encryption Algorithm from algorithm data-base and are added with the identification information of the terminal Close processing, the identification information after obtaining encryption.
S402, the terminal generate the service request, wherein described according to the identification information after the encryption The identification information of the Encryption Algorithm is also carried in service request.
In a kind of possible implementation, can in terminal and server all placement algorithm databases, wherein algorithm data Encryption Algorithm and decipherment algorithm in library correspond, each Encryption Algorithm setting identification information, and corresponding decipherment algorithm Identification information can be identical with the identification information of Encryption Algorithm.Terminal is random to select when the identification information to terminal encrypts It selects any one Encryption Algorithm in algorithm data-base and executes cryptographic operation, the identification information of the terminal after obtaining encryption.Into One step, terminal generate corresponding service request according to the identification information after encryption, wherein further include having to add in service request The identification information of close algorithm.
S403, terminal to server send service request, and the service request includes the identification information of the terminal, described Service request is for obtaining dynamic short message verification code.
S404, terminal receive the dynamic short message verification code, and the dynamic short message verification code is the server in determination The identification information for the terminal for including in the service request be encryption after information after send.
Wherein, after the service request of the information after including encryption is sent to server by terminal, server is needed The legitimacy for the service request to send to the terminal received judges.If the terminal for including in the service request received Identification information be encryption after information, then terminal send service request be legitimate request, then, server according to add The identification information of close algorithm selects corresponding decipherment algorithm to parse service request from algorithm data-base, described in obtaining The identification information for including in service request, wherein the identification information of decipherment algorithm is calculated with the encryption for including in service request is encrypted Identification information matches.Further, server sends dynamic short message verification code to terminal according to the identification information of terminal, and terminal connects Receive the dynamic short message verification code that server is sent.
If the identification information for the terminal for including in the service request received is not the information after encryption, server End operation is executed, it is, server does not send dynamic short message verification code to terminal.
Wherein, Encryption Algorithm can be some coding rules in the prior art such as BASE64, BASE24, GB2312, certainly, Encryption Algorithm is not limited to aforementioned several in the present invention, it is possible to use the mathematical algorithm of some complexity is encrypted, the present invention It does not limit this.
In the present embodiment, the identification information of the terminal is encrypted using predetermined encryption algorithm by terminal, Identification information after obtaining encryption, the terminal use the identification information after the encryption, generate the business and ask It asks, wherein also carrying the identification information of the Encryption Algorithm in the service request.Further, terminal to server sends business Request, terminal receive dynamic short message verification code, and the dynamic short message verification code is that the server is determining the service request In include the terminal identification information be encryption after information after send.By using Encryption Algorithm pair in terminal The identification information of terminal is encrypted, and automation tools can be effectively prevent to carry out short message to user according to the identification information of terminal Harassing and wrecking, be able to solve prevents the be automated method security of tool calling of short message interface from lower asking by picture validation code Topic.In addition, using the method for the present embodiment, the identification information for the terminal that server includes in judging service request for encryption at Information after reason, so that it may directly send dynamic short message verification code to terminal, terminal then receives the dynamic short message of server transmission Identifying code reduces operation difficulty without user in movements such as terminal operation picture validation code inputs, improves verifying effect Rate also improves user experience.
Optionally, the notification message that terminal is sent according to server, the notification message are used to indicate new Encryption Algorithm, So that terminal updates Encryption Algorithm.
In a kind of possible implementation, the update that Encryption Algorithm can also be updated by terminal active transmission is requested, server End receives the update request that terminal is sent, and obtains new Encryption Algorithm, and sends a notification message to terminal, and notification message is for referring to Show that new Encryption Algorithm, terminal update Encryption Algorithm according to notification message.Wherein, terminal can also periodically send update Encryption Algorithm Update request.
Fig. 5 is the structural schematic diagram of short message verification code acquisition device embodiment one provided by the invention, which can be clothes Business device or the chip for being integrated in server, referring to Figure 5, which includes:Obtain module 51, judgment module 52, processing Module 53.
Wherein, module 51 is obtained, for obtaining the service request of terminal transmission, the service request includes the terminal Identification information, the service request is for obtaining dynamic short message verification code.
Judgment module 52 is used to judge whether the identification information for the terminal for including in the service request to be at encryption Information after reason.
Processing module 53, for if satisfied, then including according in the predetermined encryption algorithm parsing acquisition service request The identification information of the terminal, and the dynamic short message verification code is sent to the terminal according to the identification information of the terminal.
In a kind of possible implementation, on the basis of Installation practice shown in Fig. 5, which may also include:It updates Module 54 and sending module 55.
Wherein, the update module 54 obtains new Encryption Algorithm for updating the Encryption Algorithm.
The sending module 55, for sending a notification message to the terminal, the notification message is used to indicate described new Encryption Algorithm.
The device is used to execute the content that server executes in preceding method embodiment, implementing principle and technical effect class Seemingly, details are not described herein.
Fig. 6 is the structural schematic diagram of short message verification code acquisition device embodiment two provided by the invention, which can be Above-mentioned terminal or the chip for being integrated in above-mentioned terminal.As shown in fig. 6, the device of the present embodiment includes:Encrypting module 61 is sent Module 62, receiving module 63.
Wherein, encrypting module 61, for the identification information of the terminal to be encrypted using predetermined encryption algorithm, Identification information after obtaining encryption.
Sending module 62, for sending service request to server, the service request includes that the mark of the terminal is believed Breath, the service request is for obtaining dynamic short message verification code.
Receiving module 63, for receiving the dynamic short message verification code, the dynamic short message verification code is the server The identification information for the terminal for including in determining the service request be encryption after information after send.
In a kind of possible implementation, on the basis of Installation practice shown in Fig. 6, which further includes:Generate mould Block 64.
Wherein, the encrypting module 61, for randomly choosing Encryption Algorithm from algorithm data-base with the mark of the terminal Know information to be encrypted, the identification information after obtaining encryption.
Generation module 64, for generating the service request according to the identification information after the encryption, wherein institute State the identification information that the Encryption Algorithm is also carried in service request.
Optionally, which may also include:Update module 65, the update module 65, for receiving the server hair The notification message sent, the notification message are used to indicate new Encryption Algorithm.
The device is used to execute the content that terminal executes in preceding method embodiment, implementing principle and technical effect class Seemingly, details are not described herein.
The present invention also provides a kind of computer readable storage mediums, including program, and described program is when being executed by processor The content executed for executing the server.
The present invention also provides a kind of computer readable storage mediums, including program, and described program is when being executed by processor The content executed for executing the terminal.
As shown in fig. 7, the present invention also provides a kind of servers 70, including:Processor 72 and memory 71;
The memory 71 stores computer executed instructions;
At least one described processor 72 executes the computer executed instructions that the memory 71 stores, so that the service Device 70 executes the content that server executes in preceding method embodiment.
Server in the present embodiment is used to execute the content that server executes in preceding method embodiment, realization principle Similar with technical effect, details are not described herein.
As shown in figure 8, the present invention also provides a kind of terminals 80, including:At least one processor 82 and memory 81;
The memory 81 stores computer executed instructions;
At least one described processor 82 executes the computer executed instructions that the memory 81 stores, so that the terminal 80 execute the content that terminal executes in preceding method embodiment.
Terminal in the present embodiment is used to execute the content that terminal executes in preceding method embodiment, realization principle and skill Art effect is similar, and details are not described herein.
Those of ordinary skill in the art will appreciate that:Realize that all or part of the steps of above-mentioned each method embodiment can lead to The relevant hardware of program instruction is crossed to complete.Program above-mentioned can be stored in a computer readable storage medium.The journey When being executed, execution includes the steps that above-mentioned each method embodiment to sequence;And storage medium above-mentioned includes:ROM, RAM, magnetic disk or The various media that can store program code such as person's CD.
Finally it should be noted that:The above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent Present invention has been described in detail with reference to the aforementioned embodiments for pipe, those skilled in the art should understand that:Its according to So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution The range of scheme.

Claims (12)

1. a kind of short message verification code acquisition methods, which is characterized in that including:
Server obtains the service request that terminal is sent, and the service request includes the identification information of the terminal, the business Request is for obtaining dynamic short message verification code;
The server judges whether the identification information for the terminal for including in the service request is letter after encryption Breath;
If satisfied, then the server is according to the terminal for including in the predetermined encryption algorithm parsing acquisition service request Identification information, and the dynamic short message verification code is sent to the terminal according to the identification information of the terminal.
2. the method according to claim 1, wherein also carrying predetermined encryption algorithm in the service request Identification information;
The server obtains the identification information for the terminal for including in the service request according to predetermined encryption algorithm parsing, Including:
The server is obtained from algorithm data-base according to the identification information of the predetermined encryption algorithm and predetermined encryption algorithm Corresponding decipherment algorithm, and believed according to the mark that decipherment algorithm parsing obtains the terminal for including in the service request Breath.
3. according to the method described in claim 2, it is characterized in that, the identification information of the terminal is phone number.
4. according to the method described in claim 3, it is characterized in that, the method also includes:
Encryption Algorithm described in the server update obtains new Encryption Algorithm;
The server sends a notification message to the terminal, and the notification message is used to indicate the new Encryption Algorithm.
5. a kind of short message verification code acquisition methods, which is characterized in that including:
Terminal is encrypted the identification information of the terminal using predetermined encryption algorithm, the mark after obtaining encryption Information;
Terminal to server sends service request, and the service request includes the identification information after the encryption of the terminal, The service request is for obtaining dynamic short message verification code;
The terminal receives the dynamic short message verification code, and the dynamic short message verification code is that the server is determining the industry Business request in include the terminal identification information be encryption after information after send.
6. according to the method described in claim 5, it is characterized in that, the terminal is using predetermined encryption algorithm to the terminal Identification information is encrypted, including:
The terminal randomly chooses Encryption Algorithm from algorithm data-base and the identification information of the terminal is encrypted, and obtains Identification information after to encryption;
The terminal generates the service request according to the identification information after the encryption, wherein in the service request Also carry the identification information of the Encryption Algorithm.
7. according to the method described in claim 6, it is characterized in that, the identification information of the terminal is phone number.
8. the method according to the description of claim 7 is characterized in that further including:
The terminal receives the notification message that the server is sent, and the notification message is used to indicate new Encryption Algorithm.
9. a kind of short message verification code acquisition device, which is characterized in that including:
Module is obtained, for obtaining the service request of terminal transmission, the service request includes the identification information of the terminal, institute Service request is stated for obtaining dynamic short message verification code;
Judgment module, after judging whether the identification information for the terminal for including in the service request is encryption Information;
Processing module, for obtaining the terminal for including in the service request according to predetermined encryption algorithm parsing if meeting Identification information, and the dynamic short message verification code is sent to the terminal according to the identification information of the terminal.
10. a kind of short message verification code acquisition device, which is characterized in that including:
Encrypting module is obtained at encryption for the identification information of the terminal to be encrypted using predetermined encryption algorithm Identification information after reason;
Sending module, for sending service request to server, the service request includes the identification information of the terminal, described Service request is for obtaining dynamic short message verification code;
Receiving module, for receiving the dynamic short message verification code, the dynamic short message verification code is the server in determination The identification information for the terminal for including in the service request be encryption after information after send.
11. a kind of computer readable storage medium, which is characterized in that including program, described program is used when being executed by processor The described in any item methods of 1~4 or 5-8 are required in perform claim.
12. a kind of electronic equipment, which is characterized in that including:Processor and memory;
The memory stores program instruction;
The processor executes the program instruction of the memory storage, is required described in any one of 1~4 or 5-8 with perform claim Method.
CN201810599608.9A 2018-06-12 2018-06-12 Short message verification code acquisition methods and device Pending CN108900479A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810599608.9A CN108900479A (en) 2018-06-12 2018-06-12 Short message verification code acquisition methods and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810599608.9A CN108900479A (en) 2018-06-12 2018-06-12 Short message verification code acquisition methods and device

Publications (1)

Publication Number Publication Date
CN108900479A true CN108900479A (en) 2018-11-27

Family

ID=64344594

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810599608.9A Pending CN108900479A (en) 2018-06-12 2018-06-12 Short message verification code acquisition methods and device

Country Status (1)

Country Link
CN (1) CN108900479A (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109684819A (en) * 2018-12-26 2019-04-26 北京字节跳动网络技术有限公司 Data verification method and device
CN109995774A (en) * 2019-03-22 2019-07-09 泰康保险集团股份有限公司 Cipher key authentication method, system, equipment and storage medium based on part decryption
CN110176990A (en) * 2019-05-15 2019-08-27 百度在线网络技术(北京)有限公司 Vehicle assembly replaces recognition methods, device, computer equipment and storage medium
CN110677431A (en) * 2019-10-14 2020-01-10 云深互联(北京)科技有限公司 Bidirectional verification method and device
CN110944300A (en) * 2019-12-23 2020-03-31 四川虹美智能科技有限公司 Short message service system, forwarding interface device and defense server
CN111246404A (en) * 2018-11-28 2020-06-05 ***通信集团浙江有限公司 Method and device for processing verification code short message
CN111417122A (en) * 2020-03-25 2020-07-14 杭州迪普科技股份有限公司 Attack prevention method and device
CN112019504A (en) * 2020-07-22 2020-12-01 大箴(杭州)科技有限公司 Method and device for acquiring wifi dynamic verification code
CN112566121A (en) * 2020-12-09 2021-03-26 北京深思数盾科技股份有限公司 Method for preventing attack, server, electronic equipment and storage medium
CN113423076A (en) * 2021-05-20 2021-09-21 北京达佳互联信息技术有限公司 Method and device for acquiring verification code short message, electronic equipment and storage medium
CN115884110A (en) * 2022-12-01 2023-03-31 南京鼎山信息科技有限公司 Method and system for judging short message verification code

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101192926A (en) * 2006-11-28 2008-06-04 北京握奇数据***有限公司 Account protection method and system
US20110170689A1 (en) * 2010-01-14 2011-07-14 Pantech Co., Ltd. Terminal and method for processing encrypted message
CN104917718A (en) * 2014-03-11 2015-09-16 杭州雾隐美地传媒有限公司 Method and terminal for fast authentication of mobile terminal user and application server
CN106326763A (en) * 2015-06-15 2017-01-11 阿里巴巴集团控股有限公司 Method and device for obtaining electronic file
CN107086984A (en) * 2017-03-17 2017-08-22 深圳市金立通信设备有限公司 A kind of method, terminal and server for obtaining and generating identifying code
CN107645381A (en) * 2016-07-21 2018-01-30 阿里巴巴集团控股有限公司 Safety verification implementation method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101192926A (en) * 2006-11-28 2008-06-04 北京握奇数据***有限公司 Account protection method and system
US20110170689A1 (en) * 2010-01-14 2011-07-14 Pantech Co., Ltd. Terminal and method for processing encrypted message
CN104917718A (en) * 2014-03-11 2015-09-16 杭州雾隐美地传媒有限公司 Method and terminal for fast authentication of mobile terminal user and application server
CN106326763A (en) * 2015-06-15 2017-01-11 阿里巴巴集团控股有限公司 Method and device for obtaining electronic file
CN107645381A (en) * 2016-07-21 2018-01-30 阿里巴巴集团控股有限公司 Safety verification implementation method and device
CN107086984A (en) * 2017-03-17 2017-08-22 深圳市金立通信设备有限公司 A kind of method, terminal and server for obtaining and generating identifying code

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111246404A (en) * 2018-11-28 2020-06-05 ***通信集团浙江有限公司 Method and device for processing verification code short message
CN109684819A (en) * 2018-12-26 2019-04-26 北京字节跳动网络技术有限公司 Data verification method and device
CN109995774B (en) * 2019-03-22 2021-10-08 泰康保险集团股份有限公司 Key authentication method, system, device and storage medium based on partial decryption
CN109995774A (en) * 2019-03-22 2019-07-09 泰康保险集团股份有限公司 Cipher key authentication method, system, equipment and storage medium based on part decryption
CN110176990A (en) * 2019-05-15 2019-08-27 百度在线网络技术(北京)有限公司 Vehicle assembly replaces recognition methods, device, computer equipment and storage medium
CN110677431A (en) * 2019-10-14 2020-01-10 云深互联(北京)科技有限公司 Bidirectional verification method and device
CN110944300A (en) * 2019-12-23 2020-03-31 四川虹美智能科技有限公司 Short message service system, forwarding interface device and defense server
CN110944300B (en) * 2019-12-23 2022-06-24 四川虹美智能科技有限公司 Short message service system, forwarding interface device and defense server
CN111417122A (en) * 2020-03-25 2020-07-14 杭州迪普科技股份有限公司 Attack prevention method and device
CN111417122B (en) * 2020-03-25 2024-03-01 杭州迪普科技股份有限公司 Attack prevention method and device
CN112019504B (en) * 2020-07-22 2022-08-26 大箴(杭州)科技有限公司 Method and device for acquiring wifi dynamic verification code
CN112019504A (en) * 2020-07-22 2020-12-01 大箴(杭州)科技有限公司 Method and device for acquiring wifi dynamic verification code
CN112566121A (en) * 2020-12-09 2021-03-26 北京深思数盾科技股份有限公司 Method for preventing attack, server, electronic equipment and storage medium
CN113423076A (en) * 2021-05-20 2021-09-21 北京达佳互联信息技术有限公司 Method and device for acquiring verification code short message, electronic equipment and storage medium
CN113423076B (en) * 2021-05-20 2022-10-04 北京达佳互联信息技术有限公司 Method and device for acquiring verification code short message, electronic equipment and storage medium
CN115884110A (en) * 2022-12-01 2023-03-31 南京鼎山信息科技有限公司 Method and system for judging short message verification code
CN115884110B (en) * 2022-12-01 2023-11-28 南京鼎山信息科技有限公司 Method and system for judging short message verification code

Similar Documents

Publication Publication Date Title
CN108900479A (en) Short message verification code acquisition methods and device
US9705893B2 (en) Mobile human challenge-response test
CN105207774B (en) The cryptographic key negotiation method and device of verification information
CN108551443A (en) A kind of application login method, device, terminal device and storage medium
CN104283841B (en) The method, apparatus and system of service access control are carried out to third-party application
CN105306534B (en) Information verification method based on open platform and open platform
CN103916244B (en) Verification method and device
EP2385679A1 (en) Locally stored phishing countermeasure
US20160241536A1 (en) System and methods for user authentication across multiple domains
CN104199657B (en) The call method and device of open platform
CN111355723B (en) Single sign-on method, device, equipment and readable storage medium
US20210241270A1 (en) System and method of blockchain transaction verification
CN105847000A (en) Token generation method and communication system based on same
CN111130798A (en) Request authentication method and related equipment
CN111597537B (en) Block chain network-based certificate issuing method, related equipment and medium
CN113569263A (en) Secure processing method and device for cross-private-domain data and electronic equipment
CN113329004B (en) Authentication method, system and device
US20190164154A1 (en) System and method for facilitating secure transactions
CN109889344A (en) The transmission method and computer readable storage medium of terminal, data
CN105141586B (en) A kind of method and system verified to user
CN104917763B (en) A kind of PIN cache method
CN108574658A (en) A kind of application login method and its equipment
CN109743338A (en) A kind of verification method logged in automatically, system, server and readable storage medium storing program for executing
CN108830050A (en) Register method, device and the storage medium of computer program
CN107566422A (en) A kind of verification method of third party user

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20181127

RJ01 Rejection of invention patent application after publication