CN109087166B - Identity authentication method, device and system - Google Patents

Identity authentication method, device and system Download PDF

Info

Publication number
CN109087166B
CN109087166B CN201810814118.6A CN201810814118A CN109087166B CN 109087166 B CN109087166 B CN 109087166B CN 201810814118 A CN201810814118 A CN 201810814118A CN 109087166 B CN109087166 B CN 109087166B
Authority
CN
China
Prior art keywords
template
biological characteristic
service
information
service provider
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810814118.6A
Other languages
Chinese (zh)
Other versions
CN109087166A (en
Inventor
夏青
张德强
史超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Yibo Software Technology Co.,Ltd.
Original Assignee
Shenzhen Huitong Business Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Huitong Business Co Ltd filed Critical Shenzhen Huitong Business Co Ltd
Priority to CN201810814118.6A priority Critical patent/CN109087166B/en
Publication of CN109087166A publication Critical patent/CN109087166A/en
Application granted granted Critical
Publication of CN109087166B publication Critical patent/CN109087166B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]
    • G06Q30/0633Lists, e.g. purchase orders, compilation or processing
    • G06Q30/0635Processing of requisition or of purchase orders
    • G06Q30/0637Approvals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/12Hotels or restaurants
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Tourism & Hospitality (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Finance (AREA)
  • Economics (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • General Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • General Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Human Resources & Organizations (AREA)
  • Health & Medical Sciences (AREA)
  • Development Economics (AREA)
  • Human Computer Interaction (AREA)
  • Multimedia (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application discloses an identity authentication method, equipment and a system. Wherein the method comprises the following steps: acquiring biological characteristic information of a target person; acquiring a biological characteristic template to be selected from a blockchain or an authentication terminal according to an order, wherein the order is associated with the biological characteristic template to be selected, and the order is used for ordering services provided by a service provider for personnel of a service demander; matching the biological characteristic information of the target person with a biological characteristic template to be selected; in case the matching is successful, a message is issued allowing the targeted persona to use the service provided by the service provider. The scheme can effectively improve the matching speed.

Description

Identity authentication method, device and system
Technical Field
The present application relates to the field of authentication, and in particular, to a method, an apparatus, and a system for identity authentication.
Background
Biometric identification technology is a technology for identifying an individual by using physiological characteristics (fingerprint, iris, facial phase) or behavior characteristics (gait, keystroke habit, etc.) inherent to a human body. The technology has the characteristics of high accuracy, difficulty in counterfeiting, convenience in use and the like, and is widely applied.
However, the existing biometric identification technology performs matching in a large amount of biometric templates, which results in low matching speed.
Disclosure of Invention
The application provides an identity authentication method, device and system, which can effectively improve the matching speed and reduce the possibility of misjudgment.
In a first aspect, a method for identity authentication is provided. And the service demand side or the intermediate side sends the order to the service providing side. Accordingly, the service provider receives the order sent by the service demander. The order is associated with the biological characteristic template to be selected, and the order is used for ordering the service provided by the service provider for the personnel of the service demander. And the service provider acquires the biological feature template to be selected from the block chain according to the order. The service providing end collects the biological characteristic information of the target person and then matches the biological characteristic information of the target person with the biological characteristic template to be selected. And in case of successful matching, the service provider sends out a message allowing the targeted character to use the service provided by the service provider.
The service providing terminal can obtain the biological feature templates to be selected related to the order from the identity authentication area chain according to the order to screen the biological feature templates to be selected related to the order from the massive biological feature templates, so that the number of the biological feature templates to be matched during matching is reduced, the matching speed is effectively improved, and the matching misjudgment rate is reduced.
With reference to the first aspect, in a first implementation manner, the uploading of the candidate biometric template into the blockchain includes two or more of the following:
In the first mode, the service requirement side uploads the block chain index and the to-be-selected biometric template included in the order to the block chain. And then, the service provider downloads the biometric template to be selected from the blockchain according to the blockchain index included in the order.
In the second way, the intermediate terminal uploads the block chain index and the biometric template to be selected to the block chain. And then, the service provider downloads the biometric template to be selected from the block chain according to the block chain index.
In practical application, the service demand end or the intermediary end can upload the biological feature template to be selected to the block chain according to the requirement, so that the freedom degree of operation is increased.
With reference to the first aspect, in a second implementation manner, the order further associates transaction data, where the transaction data includes target identity authentication data and enterprise information, the target identity authentication data is identity data obtained by authenticating biometric information and certificate information of a person of the service demander, and the enterprise information is information of an enterprise in which the person of the service demander is located. Wherein the enterprise information is provided by the service demander. The target identity authentication data acquisition mode comprises two or more than two of the following modes:
In the first mode, a service demand side collects the biological characteristic information and the certificate information of the personnel of the service demand side and sends the biological characteristic information and the certificate information of the personnel of the service demand side to a legal institution side. Wherein the legal organization can be a public security system or an organization approved by the public security system, and the like. And the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data. And the legal institution end sends the target identity authentication data to the service demand end.
In the second mode, the intermediary terminal collects the biological characteristic information and the certificate information of the personnel of the service demander and sends the biological characteristic information and the certificate information of the personnel of the service demander to the legal institution terminal. Wherein the legal organization can be a public security system or an organization approved by the public security system, and the like. And the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data. And the legal mechanism end sends the target identity authentication data to the intermediary end.
In a second implementation manner of the first aspect, the uploading of the biometric template to be selected and the transaction data to the blockchain includes two or more of the following:
In the first way, the service requirement end uploads the block chain index, the biometric template to be selected and the transaction data to the block chain. And then, the service provider downloads the biometric template to be selected and the transaction data from the blockchain according to the blockchain index.
In a second manner, the intermediary uploads the blockchain index, the biometric template to be selected, and the transaction data to the blockchain. And then, the service provider downloads the biometric template to be selected and the transaction data from the blockchain according to the blockchain index.
In practical application, the service demand end or the intermediate end can be selected to upload the biological characteristic template to be selected and the transaction data to the block chain according to requirements, so that the degree of freedom of operation is increased.
With reference to the second implementation manner of the first aspect, a query record of the transaction data is further stored in the blockchain. The query record may include one or more of identity information of the querier, the time of occurrence of the query, the network address of the query, and the like.
And recording the query record of the transaction data in a block chain, and tracing a leakage source when the transaction data leaks.
With reference to any one of the foregoing aspects of the first aspect, the candidate biometric template is valid within a preset time period, where a time point at which the candidate biometric template is expected to be matched is located within the preset time period. Here, the existence mode of the candidate biometric template includes two or more of the following:
In the first mode, the biometric template to be selected is downloaded to a memory of the service provider before the start time of the preset time period. And at the starting time of a preset time period, the biological characteristic template to be selected takes effect. And at the end time of the preset time period, the biological characteristic template to be selected is invalid. And deleting the to-be-selected biological characteristic template from the memory of the service provider after the end time of the preset time period.
In a second mode, the biometric template to be selected is downloaded to a memory of the service provider at the starting time of the preset time and takes effect; and the biometric template to be selected is invalid at the end time of the preset time and is deleted from the memory of the service provider.
by the scheme, the biological characteristic templates are screened in the preset time period, the number of the biological characteristic templates needing to be matched in the matching process is further reduced, and the matching speed is effectively improved.
With reference to the first aspect, the creation mode of the order received by the service provider includes two or more of the following:
In the first method, the service demander creates an order by itself and sends the order to the service provider.
In the second way, the service request end sends an order creation request to the broker end, and accordingly, the broker end receives the order creation request sent by the service request end. And the intermediate terminal creates an order according to the order creation request and sends the order to the service providing terminal.
with reference to the first aspect, the manner of obtaining the biometric information of the target person by the service provider includes two or more of the following:
In the first mode, the service provider receives biometric information of the target person transmitted from the terminal device.
In the second mode, the service provider collects the biological characteristic information of the target person through the biological characteristic collector.
With reference to the first aspect, the service provider sends a target biometric template to the intelligent door lock, so that the intelligent door lock determines whether to open the door according to the target biometric template, where the target biometric template is a candidate biometric template successfully matched with the target person.
With reference to the first aspect, the service provider queries discount information of the target character from a contract management system according to enterprise information and a first mapping relationship, where the first mapping relationship is a mapping relationship between the enterprise information and the discount information; and determining the consumption price of the target person according to the discount information.
in a second aspect, a method of identity authentication is provided. And the service demand side or the intermediate side sends the order to the service providing side. Accordingly, the service provider receives the order sent by the service demander. The order is associated with the biological characteristic template to be selected, and the order is used for ordering the service provided by the service provider for the personnel of the service demander. The service providing terminal collects the biological characteristic information of the target person. The service provider sends the block chain index included in the order to the block chain. Accordingly, the blockchain receives a blockchain index provided by the service provider. And the block chain searches the template index of the biological feature template to be selected according to the block chain index. And the block chain sends the template index of the biological feature template to be selected to the service providing terminal. Accordingly, the service provider receives the template index of the biometric template to be selected sent by the blockchain. And the service providing terminal downloads the template of the to-be-selected biology to be characterized from the authentication terminal according to the received template index of the to-be-selected biology to be characterized. And the service provider matches the biological characteristic information of the target person with the biological characteristic template to be selected. And in case of successful matching, the service provider sends out a message allowing the targeted character to use the service provided by the service provider.
The service providing end can quickly match the to-be-selected biological characteristic template related to the order according to the block chain index included in the order, the time required by retrieval in matching is reduced, and the matching speed is effectively improved.
with reference to the second aspect, the order is further associated with transaction data, where the transaction data includes target identity authentication data and enterprise information, the target identity authentication data is identity data obtained by authenticating biometric information and certificate information of the person of the service demander, and the enterprise information is information of an enterprise in which the person of the service demander is located. The target identity authentication data acquisition mode comprises two or more than two of the following modes:
In the first mode, a service demand side collects the biological characteristic information and the certificate information of the personnel of the service demand side and sends the biological characteristic information and the certificate information of the personnel of the service demand side to a legal institution side. Wherein the legal organization can be a public security system or an organization approved by the public security system, and the like. And the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data. And the legal institution end sends the target identity authentication data to the service demand end.
In the second mode, the intermediary terminal collects the biological characteristic information and the certificate information of the personnel of the service demander and sends the biological characteristic information and the certificate information of the personnel of the service demander to the legal institution terminal. Wherein the legal organization can be a public security system or an organization approved by the public security system, and the like. And the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data. And the legal mechanism end sends the target identity authentication data to the intermediary end.
with reference to the second aspect, in a first possible implementation manner, the order includes a blockchain index, where the blockchain index is used to query a template index and the transaction data from the blockchain, and the template index is used to query the biometric template to be selected from the authentication end.
The to-be-selected biological characteristic template and the transaction data are uploaded to an authentication terminal in the following two or more modes:
in a first mode, the biometric template to be selected is uploaded to the authentication end by the service requirement end. And then, the service provider downloads the biometric template to be selected and the transaction data from the authentication end according to the template index.
In a second mode, the biometric template to be selected is uploaded to the authentication end by the intermediary end. And then, the service provider downloads the biometric template to be selected and the transaction data from the authentication end according to the template index.
The uploading mode of the template index to the block chain comprises the following two or more modes:
In the first mode, the service demander uploads the template index and the transaction data to a blockchain. Then, the service provider downloads the template index from the block chain according to the block chain index.
In the second way, the intermediary uploads the template index and transaction data into a blockchain. Wherein the intermediary is a third party other than the service demander and the service provider. Then, the service provider downloads the template index from the block chain according to the block chain index.
With reference to the first possible implementation manner of the second aspect, the service provider sends a target template index to the smart door lock, so that the smart door lock determines whether to open the door according to the target biometric template, where the target template index is an index of a biometric template to be selected, which is successfully matched with the target person.
With reference to the second implementation manner of the second aspect, a query record of the transaction data is further stored in the blockchain. The query record may include one or more of identity information of the querier, the time of occurrence of the query, the network address of the query, and the like.
With reference to any one of the foregoing aspects of the second aspect, the candidate biometric template is valid within a preset time period, where a time point at which the candidate biometric template is expected to be matched is located within the preset time period. Here, the existence mode of the candidate biometric template includes two or more of the following:
in the first mode, the biometric template to be selected is downloaded to a memory of the service provider before the start time of the preset time period. And at the starting time of a preset time period, the biological characteristic template to be selected takes effect. And at the end time of the preset time period, the biological characteristic template to be selected is invalid. And deleting the to-be-selected biological characteristic template from the memory of the service provider after the end time of the preset time period.
In a second mode, the biometric template to be selected is downloaded to a memory of the service provider at the starting time of the preset time and takes effect; and the biometric template to be selected is invalid at the end time of the preset time and is deleted from the memory of the service provider.
With reference to the second aspect, the order received by the service provider may be created in two or more ways:
In the first method, the service demander creates an order by itself and sends the order to the service provider.
In the second way, the service request end sends an order creation request to the broker end, and accordingly, the broker end receives the order creation request sent by the service request end. And the intermediate terminal creates an order according to the order creation request and sends the order to the service providing terminal.
With reference to the second aspect, the manner of obtaining the biometric information of the target person by the service provider includes two or more of the following:
In the first mode, the service provider receives biometric information of the target person transmitted from the terminal device.
In the second mode, the service provider collects the biological characteristic information of the target person through the biological characteristic collector.
with reference to the second aspect, the service provider sends a target biometric template to the intelligent door lock, so that the intelligent door lock determines whether to open the door according to the target biometric template, wherein the target biometric template is a biometric template to be selected, which is successfully matched with the target person.
With reference to the second aspect, the service provider queries discount information of the target character from a contract management system according to enterprise information and a first mapping relationship, where the first mapping relationship is a mapping relationship between the enterprise information and the discount information; and determining the consumption price of the target person according to the discount information.
In a third aspect, an identity authentication device is provided, which is used to execute each module of the steps executed by the service provider in the first aspect or the second aspect.
In a fourth aspect, an order creating apparatus is provided, which is configured to execute the modules of the steps executed by the broker in the first aspect or the second aspect.
In a fifth aspect, an identity authentication device is provided, which includes: a memory, and a processor, a communication module coupled with the memory, wherein: the communication module is configured to send or receive data sent from the outside, the memory is configured to store program codes, and the processor is configured to call the program codes stored in the memory to execute the steps executed by the service provider in the first aspect or the second aspect.
In a sixth aspect, there is provided an order creating apparatus comprising: a memory, and a processor, a communication module coupled with the memory, wherein: the communication module is used for sending or receiving data sent from the outside, the memory is used for storing program codes, and the processor is used for calling the program codes stored in the memory to execute the steps executed by the intermediary terminal in the first aspect or the second aspect.
In a seventh aspect, a computer-non-transitory storage medium is provided, which includes instructions that, when executed on a device, cause the device to perform the steps performed by the service provider in the first aspect or the second aspect.
In an eighth aspect, there is provided a computer non-transitory storage medium comprising instructions that, when executed on a device, cause the device to perform the steps performed at the intermediary end in the first or second aspect.
Drawings
FIGS. 1A-1B are schematic diagrams of some possible network architectures to which the present application relates;
fig. 2A to 2D are schematic flow charts of several identity authentication methods provided in the present application;
3A-3B are schematic diagrams of some possible network architectures of the present application in the context of travel management;
Fig. 4A to 4E are schematic flow diagrams illustrating a plurality of processes of travel management performed under the network architecture shown in fig. 3A according to the present application;
Fig. 5A to 5G are schematic flow diagrams illustrating a plurality of processes of travel management performed under the network architecture shown in fig. 3B according to the present application;
Fig. 6 is a schematic structural diagram of an identity authentication device according to the present application;
FIG. 7 is a schematic diagram of an order creation device according to the present application;
Fig. 8 is a schematic diagram of a device according to the present application.
DETAILED DESCRIPTION OF EMBODIMENT (S) OF INVENTION
For ease of understanding, some network architectures to which the aspects of the embodiments of the present application may be applied are first described below by way of example with reference to the accompanying drawings.
As shown in fig. 1A, one possible network architecture mainly involves a service demander that generates an order, a service provider that receives the order, and a blockchain that connects the service demander and the service provider, respectively. The service demand side can be deployed in one or more application servers, and the service provider side can be deployed in one or more application servers. In other words, different components of the service demander may be deployed in the same or different application servers, and different components of the service provider may be deployed in the same or different application servers.
As shown in fig. 1B, one possible network architecture mainly involves a service demander that makes an order creation request, an intermediary that generates an order, a service provider that receives the order, and a blockchain that connects the service demander, the intermediary, and the service provider, respectively. The service demand side can be deployed in one or more application servers, the intermediate side can be deployed in one or more application servers, and the service providing side can be deployed in one or more application servers. In other words, different components of the service demander may be deployed in the same or different application servers, different components of the broker may be deployed in the same or different application servers, and different components of the service provider may be deployed in the same or different application servers.
it should be understood that the above network architecture is only an example, and in some possible embodiments, the above network architecture may further include a legal institution side, an authentication side, and the like, and is not limited herein.
And the service demand side sends the order to the service provider side, so that the service provided by the service provider is ordered for the personnel of the service demand side. Or, the service demand side puts forward an order creating request to the intermediate side, the intermediate side creates an order according to the order creating request of the service demand side, and then the intermediate side sends the order to the service providing side, so that the service provided by the service providing side is ordered for the personnel of the service demand side. The service demander is a device placed on a service demander, the mediator is a device placed on a mediator, and the service provider is a device placed on a service provider. The service demander may be an individual, a family or an organization, etc. The service provider may be a restaurant, hotel, beauty shop, gym, and the like. The mediator may act as an intermediate bridge between the service demander and the service provider, e.g., a group buying organization, a business trip management enterprise, etc. The service may be a food service, a lodging service, a beauty service, a fitness service, and the like. It should be understood that the above examples of the service demander, the service provider, the mediator, and the service are only examples, and should not be construed as being particularly limited.
The service provider needs to determine whether the targeted persona is a person of the service demander, and if so, allow the targeted persona to use the service provided by the service provider, and if not, disallow the targeted persona to use the service provided by the service provider. The target person is a person who requests the service provider to provide the service ordered by the order, and the target person may be one person or a plurality of persons, which is not limited herein. The person of the service demander refers to a person who ordered the service of the service provider by order.
the person who determines whether the target person is the service demander may employ biometric identification techniques. Specifically, the biological characteristic information of the target person is collected, the biological characteristic information of the target person is matched with the biological characteristic templates to be selected respectively, if the matching is successful, the target person is determined to be a person of a service demand party, and if the matching is unsuccessful, the target person is determined not to be the person of the service demand party. The biometric technology includes, but is not limited to, face recognition technology, fingerprint recognition technology, iris recognition technology, and voiceprint recognition technology. The acquisition device of the biological characteristic information of the target person can be a camera, a fingerprint acquisition device, an iris acquisition device, a recording device and the like. The matching means may be feature vector distance based matching means such as euclidean distance, manhattan distance, chebyshev distance, minkowski distance, hamming distance, and the like. It should be understood that the above examples of biometric techniques, acquisition devices, and matching methods are merely illustrative and should not be construed as limiting.
to reduce the number of biometric templates to be selected, the order may be associated with the biometric templates to be selected. The association between the order and the biometric template to be selected may include, but is not limited to: the order includes the biometric template to be selected, the order includes an index for searching the biometric template to be selected, and the like. It should be understood that the above-mentioned manner of associating the order with the biometric template to be selected is merely an example, and should not be construed as a specific limitation.
The order is also associated with transaction data, wherein the transaction data comprises target identity authentication data and enterprise information, the target identity authentication data is identity data obtained by authenticating biological characteristic information and certificate information of the personnel of the service demander, and the target identity authentication data can be used for representing personal information of the personnel of the service demander, such as whether a case bottom is left, whether wanted escaped personnel are left, and the like. The enterprise information is information of an enterprise where the staff of the service demander is located. The document may be an identification card, residence permit, passport, or the like, which may prove identity. The manner in which the order is associated with the transaction data may include, but is not limited to: the order includes the transaction data, the order includes an index for searching the transaction data, and so on. It should be understood that the above-described manner of associating orders with transaction data is merely an example, and should not be construed as being particularly limiting.
The target identity authentication data acquisition mode comprises two or more than two of the following modes:
In the first mode, a service demand side collects the biological characteristic information and the certificate information of the personnel of the service demand side and sends the biological characteristic information and the certificate information of the personnel of the service demand side to a legal institution side. Wherein the legal organization can be a public security system or an organization approved by the public security system, and the like. And the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data. And the legal institution end sends the target identity authentication data to the service demand end. At this time, the service demander uploads the order (or the index included in the order) and the target identity authentication data to the blockchain. The service provider then downloads the target authentication data from the blockchain according to the order (or an index included with the order).
In the second mode, the intermediary terminal collects the biological characteristic information and the certificate information of the personnel of the service demander and sends the biological characteristic information and the certificate information of the personnel of the service demander to the legal institution terminal. Wherein the legal organization can be a public security system or an organization approved by the public security system, and the like. And the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data. And the legal mechanism end sends the target identity authentication data to the intermediary end. The broker uploads the order (or an index included in the order) and the target identity authentication data to the blockchain. The service provider then downloads the target authentication data from the blockchain according to the order (or an index included with the order).
The biometric template to be selected and the transaction data may be stored in a blockchain or in an authentication end, which is not limited in this respect.
(1) The biometric template to be selected and the transaction data may be stored in a blockchain. Wherein the block chain comprises a plurality of blocks, wherein each block stores one or more biometric templates and comprises the hash value of the previous block. The biometric templates in the blockchain may be encrypted in a particular way. The specific manner may be a manner that can not only use the biometric template for identity authentication, but also ensure that privacy related to the biometric template is not leaked, for example, homomorphic encryption and the like. Biometric templates in the chain of authentication zones are expirable. That is, if the biometric template in the blockchain expires, the blockchain will require the re-acquisition authentication and upload the re-acquired and authenticated biometric template to the blockchain again. The timeliness of the biometric template may ensure that the biometric template does not fail over time.
The mode of uploading the biometric template to be selected and the transaction data to the block chain comprises two or more than two of the following modes:
In the first mode, the service requirement end uploads the blockchain index, the biometric template to be selected and the transaction data to the blockchain. And then, the service provider downloads the biometric template to be selected and the transaction data from the blockchain according to the blockchain index.
In a second mode, the intermediary uploads the blockchain index, the biometric template to be selected and the transaction data to the blockchain. And then, the service provider downloads the biometric template to be selected and the transaction data from the blockchain according to the blockchain index.
it should be understood that the above-mentioned uploading manner of the candidate biometric templates into the blockchain is merely an example, and should not be construed as a specific limitation.
(2) The biometric template to be selected and the transaction data may be stored in an authentication peer. The authentication end is a device arranged in the security gateway. The security authority may be a national authority, or an authority authorized by a national authority, etc. The biometric template in the authentication end can be encrypted in a specific way. The specific manner may be a manner that can not only use the biometric template for identity authentication, but also ensure that privacy related to the biometric template is not leaked, for example, homomorphic encryption and the like. The biometric template in the authentication peer is expirable. That is, if the biometric template in the authentication terminal is expired, the authentication terminal will require to perform the collection authentication again, and upload the biometric template after the collection and authentication again to the authentication terminal. The timeliness of the biometric template may ensure that the biometric template does not fail over time.
The uploading mode of the biometric template to be selected and the transaction data comprises two or more than two of the following modes:
In a first mode, the biometric template to be selected, the transaction data and the template index are uploaded to an authentication end by the service requirement end. And then, the service provider downloads the biometric template to be selected and the transaction data from the authentication end according to the template index.
In a second mode, the biometric template to be selected, the transaction data and the template index are uploaded to an authentication end by the intermediary end. And then, the service provider downloads the biometric template to be selected and the transaction data from the authentication end according to the template index.
the template index uploading mode comprises two or more than two of the following modes:
In the first way, the service demander uploads the blockchain index and the template index to a blockchain. Then, the service provider downloads the template index from the block chain according to the block chain index.
In the second way, the intermediate terminal uploads the blockchain index and the template index into a blockchain. Wherein the intermediary is a third party other than the service demander and the service provider. Then, the service provider downloads the template index from the block chain according to the block chain index.
The method comprises the steps that a to-be-selected biological characteristic template downloaded to a service providing end is effective in a preset time period, wherein the time point of the to-be-selected biological characteristic template expected to be matched is located in the preset time period. Here, the existence mode of the candidate biometric template includes two or more of the following:
In the first mode, the biometric template to be selected is downloaded to a memory of the service provider before the start time of the preset time period. And at the starting time of a preset time period, the biological characteristic template to be selected takes effect. And at the end time of the preset time period, the biological characteristic template to be selected is invalid. And deleting the to-be-selected biological characteristic template from the memory of the service provider after the end time of the preset time period.
In a second mode, the biometric template to be selected is downloaded to a memory of the service provider at the starting time of the preset time and takes effect; and the biometric template to be selected is invalid at the end time of the preset time and is deleted from the memory of the service provider.
and the block chain or the authentication terminal also stores a query record of the target identity authentication data. The query record may include one or more of identity information of the querier, the query occurrence time, the IP address of the query, and the like. And recording the query record of the target identity authentication data in a block chain or an authentication end, and tracing a leakage source when the target identity authentication data is leaked.
The biometric template to be selected and the transaction data may be stored in the same blockchain, or may be stored in different blockchains, which is not limited herein. When the biometric template to be selected and the transaction data are stored in the same blockchain, they may be stored in association with the same index.
the following further describes embodiments of the present invention with a plurality of embodiments according to different storage locations of the main body of the transmitted order and the biometric template to be selected. Embodiments of the present invention are not limited to the specific embodiments of fig. 2A-2D below.
The present invention can be modified and combined as appropriate within the scope of the main claims.
Referring to fig. 2A, fig. 2A is a schematic flowchart of a first identity authentication method provided in the present application. As shown in fig. 2A, based on the network structure shown in fig. 2A, the identity authentication method of the present application includes the following steps:
S101: the service demand side collects the biological characteristic information of the personnel of the service demand side, and determines a biological characteristic template to be selected according to the biological characteristic information of the personnel of the service demand side.
S102: and the service demand side collects certificate information of personnel of the service demand side.
S103: and the service demand end sends the biological characteristic information and the certificate information of the personnel of the service demand party to a legal institution end. Accordingly, the legal institution end receives the biological characteristic information and the certificate information of the personnel of the service demander, which are sent by the service demander.
s104: and the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data.
S105: and the legal institution end sends the target identity authentication data to the service demand end. Correspondingly, the service demand end receives the target identity authentication data sent by the legal mechanism end.
S106: and the service demand side sends the biological characteristic template of the personnel of the service demand side and the transaction data to the block chain. Accordingly, the block link receives the biometric template of the person of the service demander and the transaction data sent by the service demander. The transaction data includes target authentication data, enterprise information, and the like. The enterprise information may be provided by a service provider.
S107: and the service demand side sends the order to the service providing side. Accordingly, the service provider receives the order sent by the service provider. The order is used for ordering the services provided by the service provider for the personnel of the service demander.
S108: and the service provider acquires the biological feature template to be selected and the transaction data from the block chain according to the order.
S109: the service providing terminal collects the biological characteristic information of the target person.
S110: and the service provider matches the biological characteristic information of the target person with the biological characteristic template to be selected.
S111: and in case of successful matching, the service provider sends out a message allowing the targeted character to use the service provided by the service provider.
S112: the service provider sends the identity information and the like to the public security bureau terminal. Accordingly, the public security organization receives the identity information and the like sent by the service provider.
Referring to fig. 2B, fig. 2B is a schematic flowchart of a second identity authentication method provided in the present application. As shown in fig. 2B, based on the network structure shown in fig. 1B, the identity authentication method of the present application includes the following steps:
S201: the service demand side puts forward an order creation request to the intermediate side. Accordingly, the intermediate terminal receives the order creation request sent by the service demand terminal.
S202: the intermediary terminal collects the biological characteristic information of the personnel of the service demander and determines a biological characteristic template to be selected according to the biological characteristic information of the personnel of the service demander.
S203: the intermediary terminal collects the certificate information of the personnel of the service demander.
S204: the intermediary end sends the biological characteristic information and the certificate information of the personnel of the service demand party to the legal institution end. Correspondingly, the legal institution end receives the biological characteristic information and the certificate information of the personnel of the service demander, which are sent by the intermediary end.
s205: and the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data.
s206: and the legal mechanism end sends the target identity authentication data to the intermediary end. Correspondingly, the intermediate end receives the target identity authentication data sent by the legal mechanism end.
S207: and the intermediate terminal sends the biological characteristic template of the personnel of the service demander and the transaction data to the blockchain. Accordingly, the block chain receives the biological characteristic template of the personnel of the service demander and the transaction data sent by the intermediary terminal.
S208: the intermediate terminal creates an order according to the order creation request. The order is used for ordering the services provided by the service provider for the personnel of the service demander.
S209: the intermediate side sends the order to the service providing side. Accordingly, the service provider receives the order sent by the broker.
S210: and the service provider acquires the biological feature template to be selected and the target identity authentication information from the block chain according to the order.
S211: the service providing terminal collects the biological characteristic information of the target person.
S212: and the service provider matches the biological characteristic information of the target person with the biological characteristic template to be selected.
s213: and in case of successful matching, the service provider sends out a message allowing the targeted character to use the service provided by the service provider.
s214: the service provider sends the identity information and the like to the public security bureau terminal. Accordingly, the public security organization receives the identity information and the like sent by the service provider.
it should be understood that the biometric information of the employee need not be collected every time an order is created, and if a biometric template for the biometric information of the employee is already stored in the blockchain, the biometric information of the employee need not be collected again when the order is created.
Referring to fig. 2C, fig. 2C is a schematic flowchart of a third identity authentication method provided in the present application. As shown in fig. 2C, based on the network structure shown in fig. 1A, the identity authentication method of the present application includes the following steps:
S301: the service demand side collects the biological characteristic information of the personnel of the service demand side, and determines a biological characteristic template to be selected according to the biological characteristic information of the personnel of the service demand side.
S302: and the service demand side collects certificate information of personnel of the service demand side.
S303: and the service demand end sends the biological characteristic information and the certificate information of the personnel of the service demand party to a legal institution end. Accordingly, the legal institution end receives the biological characteristic information and the certificate information of the personnel of the service demander, which are sent by the service demander.
S304: and the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data.
S305: and the legal institution end sends the target identity authentication data to the service demand end. Correspondingly, the service demand end receives the target identity authentication data sent by the legal mechanism end.
S306: and the service demand side sends the biological characteristic template of the personnel of the service demand side to the authentication side. Correspondingly, the authentication end receives the biological characteristic template of the personnel of the service demander, which is sent by the service demander.
S307: and the authentication end sends the template index of the biological characteristic template of the personnel of the service demander to the service demander. Correspondingly, the service demand side receives the template index of the biological feature template of the personnel of the service demand side, which is sent by the authentication side.
s308: and the service demand side sends the template index of the biological characteristic template of the personnel of the service demand side and the transaction data to the block chain. Accordingly, the block link receives the template index of the biological characteristic template of the personnel of the service demander and the transaction data sent by the service demander. The transaction data includes target authentication data, identity information, enterprise information, and the like.
S309: and the block chain sends a block chain index to the service demand end. Accordingly, the service requirement end receives the block chain index sent by the block chain.
S310: and the service demand side sends the order to the service providing side. Accordingly, the service provider receives the order sent by the service provider. The order comprises a blockchain index, and the order is used for ordering the service provided by the service provider for the personnel of the service demander.
S311: the service providing terminal collects the biological characteristic information of the target person.
s312: the service provider sends the block chain index to the block chain. Accordingly, the blockchain receives the blockchain index sent by the service provider.
S313: and the block chain obtains the template index of the biological feature template to be selected from the block chain according to the block chain index.
S314: and the block chain sends the template index to a service provider. Accordingly, the service provider receives the template index sent by the blockchain.
S315: and the service provider sends the template index to the authentication end. Correspondingly, the authentication end receives the template index sent by the service providing end.
S316: and the authentication end finds the corresponding biological characteristic template to be selected and the transaction data according to the template index.
S317: and the authentication end sends the biometric template to be selected and the transaction data to a service providing end. Correspondingly, the service provider receives the biometric template to be selected and the transaction data sent by the service provider.
S318: and the service provider matches the biological characteristic information of the target person with the biological characteristic template to be selected.
S319: and in case of successful matching, the service provider sends out a message allowing the targeted character to use the service provided by the service provider.
S320: the service provider sends the identity information of the target person and the like to the public security bureau terminal. Accordingly, the public security administration end receives the identity information of the target person and the like sent by the service providing end.
Referring to fig. 2D, fig. 2D is a schematic flowchart of a fourth identity authentication method provided in the present application. As shown in fig. 2D, based on the network architecture of fig. 1B, the identity authentication method of the present application includes the following steps:
S401: the service demand side puts forward an order creation request to the intermediate side. Accordingly, the intermediate terminal receives the order creation request sent by the service demand terminal.
S402: the intermediary terminal collects the biological characteristic information of the personnel of the service demander and determines a biological characteristic template to be selected according to the biological characteristic information of the personnel of the service demander.
S403: the intermediary terminal collects the certificate information of the personnel of the service demander.
S404: the intermediary end sends the biological characteristic information and the certificate information of the personnel of the service demand party to the legal institution end. Correspondingly, the legal institution end receives the biological characteristic information and the certificate information of the personnel of the service demander, which are sent by the intermediary end.
s405: and the legal institution authenticates the biological characteristic information and the certificate information of the personnel of the service demander to obtain target identity authentication data.
s406: and the legal mechanism end sends the target identity authentication data to the intermediary end. Correspondingly, the intermediate end receives the target identity authentication data sent by the legal mechanism end.
S407: and the intermediary end sends the biological characteristic template of the personnel of the service demander to the authentication end. Correspondingly, the authentication end receives the biological characteristic template of the personnel of the service demander, which is sent by the intermediary end.
s408: the authentication end sends the template index of the biological feature template of the personnel of the service demander to the intermediary end. Correspondingly, the intermediary end receives the template index of the biological feature template of the personnel of the service demander, which is sent by the authentication end.
S409: and the intermediary end sends the template index of the biological characteristic template of the personnel of the service demander and the transaction data to the block chain. Accordingly, the block chain receives the template index of the biological characteristic template of the personnel of the service demander and the transaction data which are sent by the intermediary terminal. The transaction data includes target authentication data, identity information, enterprise information, and the like.
S410: and the block chain sends a block chain index to the intermediate terminal. Accordingly, the broker receives the blockchain index sent by the blockchain.
S411: the intermediate terminal creates an order according to the order creation request. The order comprises a blockchain index, and the order is used for ordering the service provided by the service provider for the personnel of the service demander.
S412: the intermediate side sends the order to the service providing side. Accordingly, the service provider receives the order sent by the broker.
S413: the service providing terminal collects the biological characteristic information of the target person.
S414: the service provider sends the block chain index to the block chain. Accordingly, the blockchain receives the blockchain index sent by the service provider.
S415: and the block chain obtains the template index of the biological feature template to be selected from the block chain according to the block chain index.
S416: and the block chain sends the template index and the transaction data to a service provider. Accordingly, the service provider receives the template index and the transaction data sent by the blockchain.
S417: and the service provider sends the template index to the authentication end. Correspondingly, the authentication end receives the template index sent by the service providing end.
S418: and the authentication end finds the corresponding biological characteristic template to be selected and the transaction data according to the template index.
S419: and the authentication end sends the biometric template to be selected and the transaction data to a service providing end. Correspondingly, the service provider receives the biometric template to be selected and the transaction data sent by the service provider.
s420: and the service provider matches the biological characteristic information of the target person with the biological characteristic template to be selected.
S421: and in case of successful matching, the service provider sends out a message allowing the targeted character to use the service provided by the service provider.
S422: the service provider sends the identity information of the target person and the like to the public security bureau terminal. Accordingly, the public security administration end receives the identity information of the target person and the like sent by the service providing end.
For ease of understanding, the following detailed description will be made in conjunction with a specific travel management application scenario. In the application scenario of Travel Management, an enterprise orders Travel services to a hotel with the assistance of Travel Management Corporation (TMC) to reduce Travel service costs and improve Travel efficiency. The enterprise entrusts the travel management to the travel management company, and the enterprise staff is responsible for hotel reservation during work and travel. The travel management company collects the room type room volume and the room price released by the hotel and releases the room type room volume and the room price to the enterprise; travel orders for the enterprise are processed. The hotel issues a room type quantity and room price to the travel management company, confirms the travel order of the travel management company and processes the check-in and check-out of the enterprise staff.
In conjunction with the application scenario of travel management, the network architecture shown in fig. 1B may be specifically as shown in fig. 3A or fig. 3B, which will be described in detail below.
As shown in fig. 3A, the network architecture shown in fig. 1B specifically includes: a service demander 110 (located in an enterprise) that issues an order creation request, a broker 120 (located in a travel management company) that generates an order, a service provider 130 (located in a hotel) that receives the order, a legal entity 140, and a blockchain 150 that connects the service provider 110, the broker 120, and the service provider 130, respectively. The service provider 110 that makes the order creation request may include the following elements: the system comprises an enterprise business system, an enterprise block chain client and an enterprise block chain processing node device. The agent 120 that generates the order may include the following elements: the system comprises a TMC biological feature calculation device, a TMC service system, a TMC block-chain client and a TMC block-chain processing node device. The service provider 130 receiving the order may include: the system comprises a biometric matching device, an intelligent door lock, a hotel biometric calculation device, a hotel business system, a contract management system, a hotel block chain client, a hotel block chain processing node device and the like.
As shown in fig. 3B, the network architecture shown in fig. 1B specifically includes: a service demander 210 (located in an enterprise) that issues an order creation request, a broker 220 (located in a travel management company) that generates an order, a service provider 230 (located in a hotel) that receives the order, an authenticator 240, and a blockchain 250 respectively connected to the service provider 210, the broker 220, and the service provider 230. The service provider 210 that makes the order creation request may include the following elements: the system comprises an enterprise business system, an enterprise block chain client and an enterprise block chain processing node device. The agent side 220 that generates the order may include the following elements: the system comprises a TMC service system, a TMC block chain client and a TMC block chain processing node device. The service provider 230 receiving the order may include: the system comprises an intelligent door lock, a biological characteristic processing device, a hotel business system, a contract management system, a hotel block chain client, a hotel block chain processing node device and the like.
The network structure shown in fig. 3A and 3B described above is merely an example, and should not be construed as being particularly limited.
Based on the network structure shown in fig. 3A, the application scenario of travel management mainly includes flows (1) to (5) shown below. Each will be described in detail below.
Scheme (1): identity authentication information creation flow
As shown in fig. 4A, fig. 4A is a schematic diagram of an identity authentication information creation flow in an application scenario of travel management of the present application. The identity authentication information creating process comprises the following steps:
S501: the TMC service system collects the biological characteristic information and certificate information of the personnel at the service demand side.
S502: and the TMC service system sends the biological characteristic information and the certificate information of the personnel at the service demand end to a legal institution end. Accordingly, the legal institution end receives the biological characteristic information and the certificate information of the personnel at the service demand end.
S503: and the legal institution terminal authenticates according to the biological characteristic information and the certificate information of the personnel at the service demand terminal, thereby obtaining the identity authentication data.
S504: and the legal institution end sends the identity authentication data to the TMC service system. Correspondingly, the TMC service system receives the identity authentication data sent by the legal mechanism end. Wherein the authentication data may be signed using a first electronic signature.
S505: the TMC service system sends the biometric information of the person at the service demand side to the TMC biometric calculation device. Accordingly, the TMC biometric calculation means receives the biometric information of the person on the service demand side transmitted by the TMC service system.
S506: the TMC biometric calculation device calculates a biometric template of the person on the service demand side according to the biometric information of the person on the service demand side.
S507: and the TMC biological characteristic calculation device sends the biological characteristic template of the service demand end to the TMC service system. Accordingly, the TMC service system receives the biometric template of the service demand side transmitted by the TMC biometric calculation device.
S508: the TMC service system sends the biological feature template of the personnel at the service demand side, the certificate information of the personnel at the service demand side, the enterprise information and the name of the personnel at the service demand side to the TMC block chain client. Correspondingly, the TMC blockchain client receives the biometric template of the personnel at the demand side, the certificate information of the personnel at the service demand side, the enterprise information and the name of the personnel at the service demand side, which are sent by the TMC service system. The information may be signed by using a second electronic signature. The biometric template, the authentication data, etc. may be encrypted in a particular manner.
s509: the TMC blockchain client constructs an identity authentication creation transaction request according to the biological feature template of the personnel at the service demand side, the certificate information of the personnel at the service demand side, the enterprise information and the name of the personnel at the service demand side.
S510: the TMC blockchain client sends the identity authentication creation transaction request to the TMC blockchain processing node device. Accordingly, the TMC blockchain processing node apparatus receives the identity authentication creation transaction request sent by the TMC blockchain client.
S511: the TMC blockchain processing node apparatus uploads an authentication create transaction request to the blockchain. Accordingly, the block chain receives the identity authentication creation transaction request sent by the TMC block chain processing node apparatus.
S512: the blockchain returns a blockchain index to the TMC blockchain processing node device. Accordingly, the TMC blockchain processing node apparatus receives the blockchain index returned by the blockchain.
S513: the TMC blockchain processing node means sends the index to the TMC blockchain client. Accordingly, the TMC blockchain client receives the blockchain index sent by the TMC blockchain processing node apparatus.
S514: and the TMC block chain client sends the trigger to the TMC service system. Accordingly, the TMC service system receives the blockchain index sent by the TMC blockchain client.
s515: the TMC service system stores the names of the employees and the block chain indexes in a related mode.
Scheme (2): identity information synchronization process
As shown in fig. 4B, fig. 4B is a schematic diagram of an identity information synchronization process in an application scenario of travel management of the present application. The identity information synchronization process comprises the following steps:
S601: the enterprise service system sends an order creation request to the TMC service system. Accordingly, the TMC service system receives an order creation request issued by the enterprise service system.
S602: and the TMC service system acquires the order information from the order creating request and acquires the corresponding index from the local according to the identification of the staff in the order information. The order information comprises a hotel name and an identification of an employee.
S603: and the TMC service system sends the order information and the block chain index to the TMC block chain client. Correspondingly, the TMC blockchain client receives the order information and the blockchain index sent by the TMC service system.
s604: and the TMC blockchain client constructs an order creation transaction according to the order information and the blockchain index.
S605: the TMC blockchain client sends the order creation transaction to the TMC blockchain processing node device. Accordingly, the TMC blockchain processing node apparatus receives the order creation transaction sent by the TMC blockchain client.
S606: the TMC blockchain processing node device creates an order according to the order creation transaction.
S607: and the TMC blockchain processing node device sends the order to the hotel blockchain client. Accordingly, the hotel block chain client receives the order sent by the hotel block chain processing node device.
S608: and the hotel block chain client judges whether the hotel name is related or not according to the hotel name in the order.
S609: and under the relevant condition, the hotel block chain client sends the order to a hotel business system. Correspondingly, the hotel business system receives the order sent by the hotel blockchain client.
S610: the hotel business system determines whether a room exists according to the order.
S611: and if the hotel business system has a room, the hotel business system sends the block chain index in the order to the hotel block chain client. Accordingly, the hotel blockchain client receives the blockchain index sent by the hotel service system.
s612: the hotel blockchain client constructs a query request according to the blockchain index.
S613: and the hotel block chain client sends the query request to the hotel block chain processing node device. Correspondingly, the hotel block chain processing node device receives the query request sent by the hotel block chain client.
S614: and the hotel block chain processing node device downloads the biological characteristic template and the identity authentication data from the block chain according to the query request.
S615: the hotel blockchain processing node device sends the biological characteristic template and the identity authentication data to the hotel blockchain client. Accordingly, the hotel block chain client receives the biometric template and the identity authentication data sent by the hotel block chain processing node device.
S616: the hotel block chain client sends the biological characteristic template and the identity authentication data to the hotel business system. Correspondingly, the hotel business system receives the biological characteristic template and the identity authentication data sent by the hotel blockchain client.
S617: the hotel business system sends the biological characteristic template to the characteristic matching device. Accordingly, the characteristic matching device receives the biological characteristic template sent by the hotel business system.
Scheme (3): hotel check-in identity authentication process
as shown in fig. 4C, fig. 4C is a schematic diagram of a hotel stay identity authentication process in an application scenario of travel management according to the present application. The hotel check-in identity authentication process comprises the following steps:
S701: the hotel business system obtains the biological characteristic information of the staff. Wherein the biometric information is acquired using a biopsy technique to ensure accuracy of the biometric information.
S702: the hotel business system sends the biological characteristic information of the employee to the hotel biological characteristic computing device. Accordingly, the hotel biometric calculation device receives the biometric information sent by the hotel business system.
S703: the hotel biological characteristic calculating device determines a target biological characteristic template according to the biological characteristic information of the employee.
S704: the hotel biological characteristic calculating device sends the target biological characteristic template to the hotel business system. Accordingly, the hotel business system receives the target biometric template sent by the hotel biometric calculation device.
s705: and the hotel business system sends the target biological characteristic template to the biological characteristic matching device. Accordingly, the biometric matching device receives the target biometric template sent by the hotel business system.
S706: and the biological characteristic matching device matches the target biological characteristic target with the biological characteristic template to be selected to obtain a matching result.
S707: and the biological characteristic matching device sends the matching result to the hotel business system. Accordingly, the hotel business system receives the matching result sent by the biometric matching device.
S708: and when the matching result is that the matching is successful, the hotel business system distributes rooms according to the order information.
S709: and the hotel business system sends the biological characteristic template to be selected corresponding to the room to the intelligent door lock of the room. Correspondingly, the intelligent door lock of the room receives the biological feature template to be selected, which is sent by the hotel business system and corresponds to the room.
Scheme (4): hotel room door opening identity authentication process
As shown in fig. 4D, fig. 4D is a schematic diagram of a hotel room opening identity authentication process in an application scenario of travel management according to the present application. The hotel room door opening identity authentication process comprises the following steps:
S801: the intelligent door lock acquires the biological characteristic information of the employee.
S802: the intelligent door lock sends the biological characteristic information of the employee to the hotel biological characteristic calculating device. Accordingly, the hotel biometric calculation device receives the biometric information of the employee sent by the intelligent door lock.
s803: the hotel biological characteristic calculating device determines a target biological characteristic template according to the biological characteristic information of the employee.
s804: the hotel biometric calculation device sends the target biometric template to the biometric matching device. Accordingly, the biometric matching device receives the target biometric template sent by the hotel biometric calculation device.
s805: and the biological characteristic matching device matches the target biological characteristic template with the biological characteristic template to be selected corresponding to the room to obtain a matching result.
S806: and the biological characteristic matching device sends the matching result to the intelligent door lock. Accordingly, the intelligent door lock receives the matching result sent by the biological characteristic matching device.
S807: and when the matching result is that the matching is successful, the intelligent door lock is opened.
Scheme (5): hotel consumption process
As shown in fig. 4E, fig. 4E is a schematic diagram of a hotel consumption flow in an application scenario of the travel management of the present application. The hotel consumption process comprises the following steps:
S901: the hotel business system obtains the biological characteristic information of the staff.
s902: the hotel business system sends the biological characteristic information of the employee to the hotel biological characteristic computing device. Accordingly, the hotel biometric calculation device receives the biometric information of the employee sent by the hotel business system.
S903: the hotel biological characteristic calculating device determines a target biological characteristic template according to the biological characteristic information of the employee.
S904: the hotel biometric calculation device sends the target biometric template to the biometric matching device. Accordingly, the biometric matching device receives the target biometric template sent by the hotel biometric calculation device.
S905: and the biological characteristic matching device matches the target biological characteristic template with a biological characteristic template to be selected in the hotel biological characteristic computing device to obtain a matching result.
S906: and the biological characteristic matching device sends the matching result to the hotel business system. Accordingly, the hotel business system receives the matching result sent by the biometric matching device.
S907: and when the matching result is that the matching is successful, the hotel business system sends an enterprise information query request of the staff to the hotel block chain client. Correspondingly, the hotel block chain client receives an enterprise information query request sent by the hotel business system. Wherein, the enterprise information inquiry request comprises an index.
s908: and the hotel block chain client sends the enterprise information query request to the hotel block chain processing node device. Correspondingly, the hotel blockchain processing node device receives an enterprise information query request sent by the hotel blockchain client.
S909: and the hotel block chain processing node device acquires the enterprise information from the intelligent contract of the block chain according to the enterprise information query request.
S910: and the hotel block chain processing node device sends the enterprise information to a hotel block chain client. Accordingly, the hotel block chain client receives the enterprise information sent by the hotel block chain processing node device.
S911: and the hotel block chain client sends the enterprise information to the hotel business system. Accordingly, the hotel business system receives the enterprise information sent by the hotel blockchain client.
S912: the hotel business system sends a discount inquiry request to the contract management system. Accordingly, the contract management system receives the discount inquiry request sent by the hotel business system. Wherein the rebate query request includes business information.
S913: and the contract management system inquires corresponding consumption discount according to the enterprise information and the first mapping relation. Wherein the first mapping relationship is a corresponding relationship between the business information and the consumption discount.
S914: and the contract management system sends the consumption discount to the hotel business system. Accordingly, the hotel business system receives the consumption discount sent by the contract management system.
S915: and the hotel business system calculates the consumption amount of the staff according to the consumption discount.
based on the network structure shown in fig. 3B, the application scenario of travel management mainly includes the flow (1) to the flow (5) shown below. Each will be described in detail below.
Scheme (1): identity authentication information creation flow
As shown in fig. 5A, fig. 5A is a schematic diagram of an identity authentication information creation flow in an application scenario of travel management of the present application. The identity authentication information creating process comprises the following steps:
S1001: the TMC service system collects the biological characteristic information and certificate information of the personnel at the service demand side.
s1002: and the TMC service system sends the biological characteristic information and the certificate information of the personnel at the service demand end to a legal institution end. Accordingly, the legal institution end receives the biological characteristic information and the certificate information of the personnel at the service demand end.
S1003: and the legal institution terminal authenticates according to the biological characteristic information and the certificate information of the personnel at the service demand terminal, thereby obtaining the identity authentication data.
S1004: and the legal institution end sends the identity authentication data to the TMC service system. Correspondingly, the TMC service system receives the identity authentication data sent by the legal mechanism end. Wherein the authentication data may be signed using a first electronic signature.
S1005: the TMC service system sends the biometric information of the person at the service demand side to the TMC biometric calculation device. Accordingly, the TMC biometric calculation means receives the biometric information of the person on the service demand side transmitted by the TMC service system.
S1006: the TMC biometric calculation device calculates a biometric template of the person on the service demand side according to the biometric information of the person on the service demand side.
S1007: and the TMC biological characteristic calculation device sends the biological characteristic template of the service demand end to the TMC service system. Accordingly, the TMC service system receives the biometric template of the service demand side transmitted by the TMC biometric calculation device.
S1008: the TMC service system sends the biological characteristic template of the personnel of the service demander and the transaction data to the authentication end. Correspondingly, the authentication end receives the biometric template of the personnel of the service demander and the transaction data sent by the TMC service system. The transaction data includes target authentication data, identity information, enterprise information, and the like.
S1009: and the authentication end sends the template index of the biological feature template of the personnel of the service demander to the TMC service system. Correspondingly, the TMC service system receives the template index of the biometric template of the person of the service demander, which is sent by the authentication end.
s1010: and the TMC service system triggers the template index of the biological feature template to be selected and sends the template index to the TMC block chain client. Correspondingly, the TMC block chain client receives the template index of the biometric template to be selected, which is sent by the TMC service system.
S1011: the TMC blockchain client constructs an identity authentication creation transaction request according to the template index of the biological feature template of the personnel at the service demand side, the certificate information of the personnel at the service demand side, the enterprise information and the name of the personnel at the service demand side.
s1012: the TMC blockchain client sends the identity authentication creation transaction request to the TMC blockchain processing node device. Accordingly, the TMC blockchain processing node apparatus receives the identity authentication creation transaction request sent by the TMC blockchain client.
S1013: the TMC blockchain processing node apparatus uploads an authentication create transaction request to the blockchain. Accordingly, the block chain receives the identity authentication creation transaction request sent by the TMC block chain processing node apparatus.
S1014: the blockchain returns a blockchain index to the TMC blockchain processing node device. Accordingly, the TMC blockchain processing node apparatus receives the blockchain index returned by the blockchain.
S1015: the TMC blockchain processing node means sends a blockchain index to the TMC blockchain client. Accordingly, the TMC blockchain client receives the blockchain index sent by the TMC blockchain processing node apparatus.
S1016: and the TMC block chain client triggers the block chain to be sent to the TMC service system. Accordingly, the TMC service system receives the blockchain index sent by the TMC blockchain client.
S1017: the TMC service system stores the names of the employees and the block chain indexes in a related mode.
Scheme (2): identity information synchronization process
As shown in fig. 5B, fig. 5B is a schematic diagram of an identity information synchronization process in an application scenario of travel management of the present application. The identity information synchronization process comprises the following steps:
S1101: the enterprise service system sends an order creation request to the TMC service system. Accordingly, the TMC service system receives an order creation request issued by the enterprise service system.
S1102: and the TMC service system acquires the order information from the order creation request and acquires the corresponding block chain index from the local according to the identification of the staff in the order information. The order information comprises a hotel name and an identification of an employee.
S1103: and the TMC service system sends the order information and the block chain index to the TMC block chain client. Correspondingly, the TMC blockchain client receives the order information and the blockchain index sent by the TMC service system.
S1104: and the TMC blockchain client constructs an order creation transaction according to the order information and the blockchain index.
S1105: the TMC blockchain client sends the order creation transaction to the TMC blockchain processing node device. Accordingly, the TMC blockchain processing node apparatus receives the order creation transaction sent by the TMC blockchain client.
s1106: the TMC blockchain processing node means uploads the order creation transaction to the blockchain. Accordingly, the block chain receives the order creation transaction sent by the TMC block chain processing node apparatus.
S1107: the blockchain sends the order creation transaction to the hotel blockchain processing node device. Accordingly, the hotel blockchain processing node device receives the order creation transaction sent by the blockchain.
S1108: and the hotel blockchain processing node device sends the order creation transaction to the hotel blockchain client. Accordingly, the hotel block chain client receives the order creation transaction sent by the hotel block chain processing node device.
S1109: and the hotel blockchain client judges whether the hotel name is related or not according to the hotel name in the order information.
S1110: and under the relevant condition, the hotel block chain client sends the order information to a hotel business system. Correspondingly, the hotel business system receives order information sent by the hotel block chain client.
S1111: and the hotel business system determines whether a room exists according to the order information.
S1112: if the hotel business system has a room, the hotel business system sends the blockchain index included in the order to the hotel blockchain client. Accordingly, the hotel blockchain client receives the blockchain index sent by the hotel service system.
S1113: the hotel blockchain client constructs a query request according to the blockchain index.
S1114: and the hotel block chain client sends the query request to the hotel block chain processing node device. Correspondingly, the hotel block chain processing node device receives the query request sent by the hotel block chain client.
S1115: and the hotel block chain processing node device downloads the template index and the object data of the biological feature template to be selected from the block chain according to the query request.
S1116: and the hotel block chain processing node device sends the template index and the object data of the to-be-selected biological characteristic template to the hotel block chain client. Correspondingly, the hotel block chain client receives the template index and the transaction data of the to-be-selected biological characteristic template sent by the hotel block chain processing node device.
s1117: and the hotel block chain client sends the template index and the transaction data of the biological characteristic template to be selected to the hotel business system. Correspondingly, the hotel business system receives the template index and the transaction data of the to-be-selected biological characteristic template sent by the hotel block chain client.
S1118: the hotel business system extracts the certificate information and sends the template index of the biological characteristic template to be selected to the biological characteristic processing device. Accordingly, the biometric processing device receives the template index sent by the hotel business system.
S1119: the biological characteristic processing device sends the template index to the authentication end to request to download the biological characteristic template to be selected. Accordingly, the authentication terminal receives the template index transmitted by the biometric processing device.
S1120: and the authentication end sends the biological characteristic template to the biological characteristic processing device according to the received template index. Correspondingly, the biological characteristic processing device receives the biological characteristic template to be selected sent by the authentication end.
Scheme (3): hotel check-in identity authentication process
As shown in fig. 5C, fig. 5C is a schematic diagram of a hotel stay identity authentication process in an application scenario of travel management according to the present application. The hotel check-in identity authentication process comprises the following steps:
S1201: the hotel business system obtains the biological characteristic information of the staff. Wherein the biometric information is acquired using a biopsy technique to ensure accuracy of the biometric information.
s1202: the hotel business system sends the biological characteristic information of the employee to the biological characteristic processing device. Accordingly, the biological characteristic processing device receives the biological characteristic information sent by the hotel business system.
S1203: the biological characteristic processing device determines a target biological characteristic template according to the biological characteristic information of the employee.
s1204: and the biological characteristic processing device matches the target biological characteristic target with the biological characteristic template to be selected to obtain a matching result.
S1205: and the biological characteristic processing device sends the matching result to the hotel business system. Accordingly, the hotel business system receives the matching result sent by the biometric matching device.
S1206: and when the matching result is that the matching is successful, the hotel business system distributes rooms according to the order information.
s1207: the hotel business system sends the template index of the biological characteristic template corresponding to the room to the intelligent door lock of the room. Accordingly, the intelligent door lock of the room receives the template index of the biometric template corresponding to the room sent by the hotel business system.
Scheme (4): hotel room door opening identity authentication process
as shown in fig. 5D, fig. 5D is a schematic diagram of a hotel room opening identity authentication process in an application scenario of travel management according to the present application. The hotel room door opening identity authentication process comprises the following steps:
S1301: the intelligent door lock acquires the biological characteristic information of the employee.
S1302: the intelligent door lock sends the biological characteristic information of the employee and the template index of the biological characteristic template to be selected corresponding to the room to the biological characteristic processing device. Accordingly, the biometric processing device receives the biometric information sent by the intelligent door lock and the template index of the biometric template corresponding to the room.
S1303: and the biological characteristic processing device determines a target biological characteristic template according to the biological characteristic information of the employee.
S1304: the biological characteristic processing device searches the corresponding biological characteristic template according to the template index of the biological characteristic template corresponding to the room.
s1305: and the biological characteristic processing device matches the target biological characteristic template with the searched biological characteristic template to obtain a matching result.
S1306: the biometric processing device returns a matching result to the intelligent door lock. Accordingly, the intelligent door lock receives the matching result sent by the biological characteristic processing device.
S1307: and if the matching result is that the matching is successful, the door lock is opened.
Scheme (5): hotel consumption process
As shown in fig. 5E, fig. 5E is a schematic diagram of a hotel consumption flow in an application scenario of travel management of the present application. The hotel consumption process comprises the following steps:
S1401: the hotel business system obtains the biological characteristic information of the staff.
S1402: the hotel business system sends the biological characteristic information of the employee to the biological characteristic processing device. Accordingly, the biological characteristic processing device receives the biological characteristic information of the employee sent by the hotel business system.
S1403: the biological characteristic processing device determines a target biological characteristic template according to the biological characteristic information of the employee.
S1404: and the biological characteristic processing device matches the target biological characteristic template with the biological characteristic template to be selected to obtain a matching result.
S1405: and the biological characteristic processing device sends the matching result to the hotel business system. Correspondingly, the hotel business system receives the matching result sent by the biological characteristic processing device.
S1406: and when the matching result is that the matching is successful, the hotel business system sends an enterprise information query request of the staff to the hotel block chain client. Correspondingly, the hotel block chain client receives an enterprise information query request sent by the hotel business system. Wherein, the enterprise information inquiry request comprises an index.
S1407: and the hotel block chain client sends the enterprise information query request to the hotel block chain processing node device. Correspondingly, the hotel blockchain processing node device receives an enterprise information query request sent by the hotel blockchain client.
S1408: and the hotel block chain processing node device acquires the enterprise information from the intelligent contract of the block chain according to the enterprise information query request.
S1409: and the hotel block chain processing node device sends the enterprise information to a hotel block chain client. Accordingly, the hotel block chain client receives the enterprise information sent by the hotel block chain processing node device.
S1410: and the hotel block chain client sends the enterprise information to the hotel business system. Accordingly, the hotel business system receives the enterprise information sent by the hotel blockchain client.
S1411: the hotel business system sends a discount inquiry request to the contract management system. Accordingly, the contract management system receives the discount inquiry request sent by the hotel business system. Wherein the rebate query request includes business information.
S1412: and the contract management system inquires corresponding consumption discount according to the enterprise information and the first mapping relation. Wherein the first mapping relationship is a corresponding relationship between the business information and the consumption discount.
S1413: and the contract management system sends the consumption discount to the hotel business system. Accordingly, the hotel business system receives the consumption discount sent by the contract management system.
S1414: and the hotel business system calculates the consumption amount of the staff according to the consumption discount.
Based on the network structure shown in fig. 3B, the flow (3) and the flow (4) in the application scenario of travel management can also be as shown in fig. 5F and 5G. Each will be described in detail below.
As shown in fig. 5F, fig. 5F is a schematic diagram of a hotel stay identity authentication process in an application scenario of travel management according to the present application. The hotel check-in identity authentication process comprises the following steps:
S1501: the terminal equipment acquires the biological characteristic information of the employee. The terminal equipment is equipment carried by staff. Such as a mobile phone of an employee, a mobile notebook, a tablet computer, etc.
S1502: and the terminal equipment determines a target biological characteristic template according to the biological characteristic information of the employee.
S1503: and the terminal equipment sends the target biological characteristic template to the biological characteristic matching device. Accordingly, the biometric matching device receives the target biometric template transmitted by the terminal device.
S1504: and the biological characteristic matching device matches the target biological characteristic target with the biological characteristic template to be selected to obtain a matching result.
S1505: and the biological characteristic matching device sends the matching result and the hash value of the matched biological characteristic template to the hotel business system. Accordingly, the hotel business system receives the matching result sent by the biometric matching device and the hash value of the matched biometric template.
S1506: and when the matching result is that the matching is successful, the hotel business system distributes rooms according to the order information.
S1507: and the hotel business system sends the hash value of the biological characteristic template corresponding to the room and the identity information of the mobile terminal to the intelligent door lock of the room. Correspondingly, the intelligent door lock of the room receives the hash value of the biological characteristic template corresponding to the room and the identity information of the mobile terminal, which are sent by the hotel business system.
As shown in fig. 5G, fig. 5G is a schematic diagram of a hotel room opening identity authentication process in an application scenario of travel management in the present application. The hotel room door opening identity authentication process comprises the following steps:
s1601: the mobile terminal acquires the biological characteristic information of the employee.
S1602: and the mobile terminal determines a target biological characteristic template according to the biological characteristic information of the employee.
S1603: and the mobile terminal sends the target biological characteristic template and the identity information of the mobile terminal to the intelligent door lock. Correspondingly, the intelligent door lock receives the target biological characteristic template sent by the mobile terminal and the identity information of the mobile terminal.
1604: and the intelligent door lock calculates according to the target biological characteristic template so as to obtain the hash value of the target biological characteristic template.
1605: and the intelligent door lock matches the hash value of the target biological characteristic template with the identity information of the mobile terminal and matches the hash value of the biological characteristic template received by the intelligent door lock with the identity information of the mobile terminal to obtain a matching result.
1606: and under the condition that the matching result is that the matching is successful, the intelligent door lock is opened.
The following also provides a related apparatus for implementing the above-described scheme.
Referring to fig. 6, fig. 6 is a schematic structural diagram of an identity authentication device provided in the present application. As shown in fig. 6, the identity authentication apparatus of the present application includes: a feature acquisition module 410, a template acquisition module 420, a matching module 430, and a sending module 440.
The feature obtaining module 410 is configured to obtain biometric information of the target person.
The template obtaining module 420 is configured to obtain a biometric template to be selected from a blockchain or an authentication end according to an order, where the order is associated with the biometric template to be selected, and the order is used for ordering a service provided by a service provider for a person of a service demander.
The matching module 430 is configured to match the biometric information of the target person with a biometric template to be selected.
The sending module 440 is configured to send a message allowing the targeted persona to use the service provided by the service provider if the matching is successful.
Optionally, the order is further associated with transaction data, where the transaction data includes target identity authentication data and enterprise information, the target identity authentication data is identity data obtained by authenticating biometric information and certificate information of the person of the service demander, and the enterprise information is information of an enterprise in which the person of the service demander is located.
Optionally, the order includes a blockchain index, where the blockchain index is used to query the biometric template to be selected and the transaction data from the blockchain.
Optionally, the biometric template to be selected and the transaction data are uploaded to a block chain by the service requirement side; the biometric template to be selected and the transaction data are downloaded from the block chain by the service provider; or the biometric template to be selected and the transaction data are uploaded to a block chain by an intermediary, wherein the intermediary is a third party except the service demander and the service provider; the biometric template to be selected and the transaction data are downloaded from the block chain by the service provider.
Optionally, the device further includes a sending module, where the sending module is configured to send a target biometric template to the smart door lock, so that the smart door lock determines whether to open the door according to the target biometric template, where the target biometric template is a biometric template to be selected, and the biometric template is successfully matched with the target person.
Optionally, the order includes a blockchain index, where the blockchain index is used to query a template index and the transaction data from the blockchain, and the template index is used to query the biometric template to be selected from the authentication end.
Optionally, the biometric template to be selected is uploaded to an authentication end by the service requirement end; or the biometric template to be selected is uploaded to the authentication end by the intermediary end.
Optionally, the template index and the transaction data are uploaded into a block chain by the service requirement side; the template index and the transaction data are downloaded by the service provider from the block chain; or the template index and the transaction data are uploaded into the blockchain by an intermediary, wherein the intermediary is a third party except the service demander and the service provider; the template index and the transaction data are downloaded by the service provider from the blockchain.
Optionally, the device further includes a sending module, where the sending module is further configured to send a target template index to the intelligent door lock, so that the intelligent door lock determines whether to open the door according to the target biometric template, where the target template index is an index of a biometric template to be selected, which is successfully matched with the target person.
Optionally, a query record of the transaction data is further stored in the blockchain, where the query record may include one or more of identity information of a querier, a query occurrence time, a network address of a query, and the like.
Optionally, the candidate biometric template is valid within a preset time period, where a time point at which the candidate biometric template is expected to be matched is located within the preset time period.
Optionally, the biometric template to be selected is downloaded to a memory of the service provider at the starting time of the preset time; deleting the to-be-selected biological characteristic template from the memory of the service provider at the end time of the preset time; or, the biometric template to be selected is downloaded to a memory of the service provider before the starting time of the preset time; and deleting the to-be-selected biological characteristic template from the memory of the service provider after the end time of the preset time.
Optionally, the apparatus further includes a query module and a determination module, where the query module is configured to query, to a contract management system, discount information of the target person according to enterprise information and a first mapping relationship, where the first mapping relationship is a mapping relationship between the enterprise information and the discount information; the determining module is used for determining the consumption price of the target person according to the discount information.
Optionally, the obtaining module is specifically configured to: receiving biological characteristic information of a target person sent by terminal equipment; or, the biological characteristic information of the target person is acquired through the biological characteristic collector.
The identity authentication device may perform the steps performed by any one of the service provider and the authentication provider in fig. 2A to 2D, specifically refer to the flows shown in fig. 2A to 2D, which is not limited herein.
Referring to fig. 7, fig. 7 is a schematic structural diagram of an order creating apparatus provided in the present application. As shown in fig. 7, the order creation apparatus of the present application includes: a receiving module 510, a creating module 520, and a sending module 530.
The receiving module 510 is configured to receive an order creating request sent by a service demand end;
The creating module 520 is configured to create an order according to the order creating request, where the order is associated with a biometric template to be selected, the biometric template to be selected is stored in a block chain, and the order is used to order a service provided by a service provider for a person of a service demander;
The sending module 530 is configured to send the order to a service provider.
Optionally, the order is further associated with transaction data, where the transaction data includes target identity authentication data and enterprise information, the target identity authentication data is identity data obtained by authenticating biometric information and certificate information of the person of the service demander, and the enterprise information is information of an enterprise in which the person of the service demander is located.
Optionally, the order includes a blockchain index, where the blockchain index is used to query the biometric template to be selected and the transaction data from the blockchain.
optionally, the biometric template to be selected and the transaction data are uploaded to a block chain by the service requirement side; the biometric template to be selected and the transaction data are downloaded from the block chain by the service provider; or the biometric template to be selected and the transaction data are uploaded to a block chain by an intermediary, wherein the intermediary is a third party except the service demander and the service provider; the biometric template to be selected and the transaction data are downloaded from the block chain by the service provider.
Optionally, the order includes a blockchain index, where the blockchain index is used to query a template index and the transaction data from the blockchain, and the template index is used to query the biometric template to be selected from the authentication end.
Optionally, the biometric template to be selected is uploaded to an authentication end by the service requirement end; or the biometric template to be selected is uploaded to the authentication end by the intermediary end.
Optionally, the template index and the transaction data are uploaded into a block chain by the service requirement side; the template index and the transaction data are downloaded by the service provider from the block chain; or the template index and the transaction data are uploaded into the blockchain by an intermediary, wherein the intermediary is a third party except the service demander and the service provider; the template index and the transaction data are downloaded by the service provider from the blockchain.
Optionally, a query record of the transaction data is further stored in the blockchain, where the query record may include one or more of identity information of a querier, a query occurrence time, a network address of a query, and the like.
optionally, the candidate biometric template is valid within a preset time period, where a time point at which the candidate biometric template is expected to be matched is located within the preset time period.
Optionally, the biometric template to be selected is downloaded to a memory of the service provider at the starting time of the preset time; deleting the to-be-selected biological characteristic template from the memory of the service provider at the end time of the preset time; or, the biometric template to be selected is downloaded to a memory of the service provider before the starting time of the preset time; and deleting the to-be-selected biological characteristic template from the memory of the service provider after the end time of the preset time.
the order creating device may perform the steps performed by the intermediary in fig. 2B or fig. 2D, please refer to the flow shown in fig. 2B or fig. 2D, which is not limited herein.
Referring to fig. 8, fig. 8 is a schematic structural diagram of an apparatus provided in the present application. As shown in fig. 8, the apparatus of the present application includes: including one or more processors 611, a communications interface 612, and memory 614. The processor 611, the communication interface 612, and the memory 614 may be connected via a bus 613.
The processor 611 includes one or more general-purpose processors, which may be any type of device capable of processing electronic instructions, including a Central Processing Unit (CPU), a microprocessor, a microcontroller, a main processor, a controller, and an Application Specific Integrated Circuit (ASIC), among others. The processor 611 executes various types of digitally stored instructions, such as software or firmware programs stored in the memory 614, which enable the authentication device 611 to provide a wide variety of services. For example, the processor 611 can execute programs or process data to perform some or all of the methods described herein.
the communication interface 612 may be a wired interface (e.g., an ethernet interface) or a wireless interface (e.g., a cellular network interface or using a wireless local area network interface) for communicating with other computing devices or users.
The memory 614 may include an internal memory and an external memory. The internal memory may include one or more of: volatile memory (e.g., Dynamic Random Access Memory (DRAM), static ram (sram), synchronous dynamic ram (sdram)), and non-volatile memory (e.g., one-time programmable read only memory (OTPROM), programmable ROM (prom), erasable programmable ROM (eprom), electrically erasable programmable ROM (eeprom), mask ROM, NAND (NAND) flash memory, NOR (NOR) flash memory, etc.). The internal memory may be in the form of a Solid State Drive (SSD). The external memory may also include a flash drive, such as a high density flash memory, secure digital, micro SD, mini SD, limit data (xD), memory stick, and the like. The external storage may be centralized storage or distributed storage, and is not limited in particular here.
Optionally, the identity authentication device may further include: a biometric collector 615. The biometric collector 615 may be one or more of a face collector, a fingerprint collector, an iris collector, a voiceprint collector, or the like.
Face collectors are typically implemented using high-speed detector arrays and modulation sensitive detector arrays built on a single chip using Complementary Metal Oxide Semiconductor (CMOS) and hybrid CMOS/CCD fabrication techniques. In these devices, each pixel can be processed locally by demodulation or gating at high speed so that the array can be processed to represent a face image from the camera.
the fingerprint sampler may include a sensor array, a decoder, and a multiplexer. The sensor array may include electrodes that form a plurality of columns and rows. When a user's finger (fingerprint) contacts the fingerprint sampler, the fingerprint sampler may sense a signal change in the electrodes of the sensor array and identify the user's fingerprint. The decoder may encode and output a driving input signal or a sensing input signal for sensing in electrodes constituting rows of the sensor array. The multiplexer may selectively output signals sensed by the sensor array. The multiplexer may transmit a signal according to a fingerprint input received from the sensor array to the input processor.
Iris collectors are typically implemented using high-speed detector arrays and modulation sensitive detector arrays built on a single chip using Complementary Metal Oxide Semiconductor (CMOS) and hybrid complementary metal oxide semiconductor/Charge Coupled Device (CCD) fabrication techniques. When the iris collector processes the image of the iris, algorithms such as an adaptive enhanced cascade classifier, a deep learning neural network classifier, a canny edge detection operator, hough transform and the like may be used.
The voiceprint collector comprises a microphone. The microphone converts the collected sound signals into electric signals, the electric signals are received by the audio circuit and then converted into audio data, and the audio data are output to the processor. The processor calls a preset speaker segmentation and clustering algorithm from the original audio stream stored in the memory to acquire the audio stream in the original audio stream, and matches the audio stream with the original voiceprint feature template.
When the apparatus shown in fig. 8 is an identity authentication device, the apparatus may perform the steps performed by any one of the service providing end and the authentication end in fig. 2A to 2D, specifically refer to the flows shown in fig. 2A to 2D, which is not limited herein specifically
When the apparatus shown in fig. 8 is an order creating device, the apparatus may perform the steps performed by the intermediary in fig. 2B or fig. 2D, specifically refer to the flow shown in fig. 2B or fig. 2D, which is not limited herein.
In the several embodiments provided in the present application, it should be understood that the disclosed system, terminal and method can be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment of the present invention.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention essentially or partially contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
While the invention has been described with reference to specific embodiments, the invention is not limited thereto, and various equivalent modifications and substitutions can be easily made by those skilled in the art within the technical scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (7)

1. An identity authentication method, characterized in that the method comprises the steps of:
The method comprises the steps that a service provider obtains biological characteristic information of a target person;
Acquiring a biological characteristic template to be selected from a block chain or an authentication terminal according to an order, wherein the order is associated with the biological characteristic template to be selected, the order is used for ordering services provided by a service provider for personnel of a service demander, and the block chain comprises a plurality of blocks;
Matching the biological characteristic information of the target person with a biological characteristic template to be selected;
If the matching is successful, sending a message for allowing the target person to use the service provided by the service provider;
The order is also associated with transaction data, wherein the transaction data comprises target identity authentication data and enterprise information, the target identity authentication data is identity data obtained after authenticating the biological characteristic information and the certificate information of the personnel of the service demander, and the enterprise information is information of an enterprise in which the personnel of the service demander is located;
The blockchain also stores a query record of the transaction data, wherein the query record can comprise one or more of identity information of a querier, query occurrence time and a queried network address;
The method comprises the following steps that a to-be-selected biological characteristic template is effective in a preset time period, wherein the time point of the to-be-selected biological characteristic template which is expected to be matched is located in the preset time period;
The to-be-selected biological characteristic template is downloaded to a memory of a service provider before the starting time of a preset time period, the to-be-selected biological characteristic template is effective at the starting time of the preset time period, the to-be-selected biological characteristic template is invalid at the ending time of the preset time period, and the to-be-selected biological characteristic template is deleted from the memory of the service provider after the ending time of the preset time period;
the biometric template to be selected is downloaded to a memory of the service provider at the starting time of the preset time and takes effect; and the biometric template to be selected is invalid at the end time of the preset time and is deleted from the memory of the service provider.
2. The method of claim 1, wherein the order comprises a blockchain index, and wherein the blockchain index is used for querying the biometric template to be selected and the transaction data from the blockchain.
3. The method of claim 1,
The order comprises a block chain index, wherein the block chain index is used for inquiring a template index and the transaction data from the block chain, and the template index is used for inquiring the to-be-selected biological feature template from the authentication terminal.
4. The method according to any one of claims 1 to 3, further comprising:
Inquiring discount information of the target person from a contract management system according to enterprise information and a first mapping relation, wherein the first mapping relation is the mapping relation between the enterprise information and the discount information;
and determining the consumption price of the target person according to the discount information.
5. An identity authentication device, which is characterized by comprising a characteristic acquisition module, a template acquisition module, a matching module and a sending module,
The characteristic acquisition module is used for acquiring biological characteristic information of a target person;
The template acquisition module is used for acquiring a biological characteristic template to be selected from a block chain or an authentication terminal according to an order, wherein the block chain comprises a plurality of blocks, the order is associated with the biological characteristic template to be selected, and the order is used for ordering the service provided by a service provider for the personnel of a service demand party; the order is also associated with transaction data, wherein the transaction data comprises target identity authentication data and enterprise information, the target identity authentication data is identity data obtained after authenticating the biological characteristic information and the certificate information of the personnel of the service demander, and the enterprise information is information of an enterprise in which the personnel of the service demander is located;
the matching module is used for matching the biological characteristic information of the target person with a biological characteristic template to be selected;
The sending module is used for sending a message for allowing the target person to use the service provided by the service provider under the condition of successful matching;
The blockchain also stores a query record of the transaction data, wherein the query record can comprise one or more of identity information of a querier, query occurrence time and a queried network address;
The method comprises the following steps that a to-be-selected biological characteristic template is effective in a preset time period, wherein the time point of the to-be-selected biological characteristic template which is expected to be matched is located in the preset time period;
the to-be-selected biological characteristic template is downloaded to a memory of a service provider before the starting time of a preset time period, the to-be-selected biological characteristic template is effective at the starting time of the preset time period, the to-be-selected biological characteristic template is invalid at the ending time of the preset time period, and the to-be-selected biological characteristic template is deleted from the memory of the service provider after the ending time of the preset time period;
The biometric template to be selected is downloaded to a memory of the service provider at the starting time of the preset time and takes effect; and the biometric template to be selected is invalid at the end time of the preset time and is deleted from the memory of the service provider.
6. A server, comprising: a memory, and a processor, a communication module coupled with the memory, wherein: the communication module is used for transmitting or receiving data transmitted from the outside, the memory is used for storing program codes, and the processor is used for calling the program codes stored in the memory to execute the method described in any one of claims 1-4.
7. A computer non-transitory storage medium comprising instructions that, when executed on a device, cause the device to perform the method of any one of claims 1-4.
CN201810814118.6A 2018-07-23 2018-07-23 Identity authentication method, device and system Active CN109087166B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810814118.6A CN109087166B (en) 2018-07-23 2018-07-23 Identity authentication method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810814118.6A CN109087166B (en) 2018-07-23 2018-07-23 Identity authentication method, device and system

Publications (2)

Publication Number Publication Date
CN109087166A CN109087166A (en) 2018-12-25
CN109087166B true CN109087166B (en) 2019-12-06

Family

ID=64838188

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810814118.6A Active CN109087166B (en) 2018-07-23 2018-07-23 Identity authentication method, device and system

Country Status (1)

Country Link
CN (1) CN109087166B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109753530B (en) * 2018-12-27 2021-11-26 石更箭数据科技(上海)有限公司 Data processing method and device, medium and terminal thereof
CN109858222B (en) * 2019-01-18 2020-06-26 特斯联(北京)科技有限公司 Identity verification block chain system based on human face features and verification method thereof
CN114258555A (en) * 2019-08-16 2022-03-29 日本电气株式会社 Information processing system, information processing method, and storage medium
CN110942382B (en) * 2019-10-15 2024-05-28 平安科技(深圳)有限公司 Electronic contract generation method and device, computer equipment and storage medium
CN111292448B (en) * 2020-02-20 2021-10-08 深圳市春晖信档案技术服务有限公司 File cabinet, centralized file management terminal and file management method
CN112289418A (en) * 2020-09-30 2021-01-29 音数汇元(上海)智能科技有限公司 Service order obtaining method and device for home care and home care terminal
CN112784877A (en) * 2020-12-30 2021-05-11 杭州趣链科技有限公司 Large-scale image template matching method and device based on block chain
CN112953960B (en) * 2021-03-10 2023-02-03 东软集团股份有限公司 Identity authentication method, device and equipment for block chain access

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10516538B2 (en) * 2016-11-01 2019-12-24 Netcomm Inc. System and method for digitally signing documents using biometric data in a blockchain or PKI
CN107688940A (en) * 2017-05-10 2018-02-13 平安科技(深圳)有限公司 Bio-identification transaction processing method and system
CN108234135B (en) * 2017-12-29 2021-02-26 苏州朗润创新知识产权运营有限公司 Service authentication method, system and computer readable storage medium
CN108229926B (en) * 2018-01-31 2020-02-14 深圳慧通商务有限公司 Service settlement method and related device

Also Published As

Publication number Publication date
CN109087166A (en) 2018-12-25

Similar Documents

Publication Publication Date Title
CN109087166B (en) Identity authentication method, device and system
US20210357489A1 (en) Communication network based non-fungible token creation platform with integrated creator biometric authentication
EP2854077A1 (en) Authentication method for wearable device, and wearable device
JP2020522764A (en) Biological detection method and device, system, electronic device, storage medium
CN106303599B (en) Information processing method, system and server
US20160071110A1 (en) Payment system that reduces or eliminates the need to exchange personal information
US20160071099A1 (en) Payment system that reduces or eliminates the need to exchange personal information
WO2020024714A1 (en) Medical insurance claim settlement method and device, and electronic apparatus
CN111095246B (en) Method and electronic device for authenticating user
US20160071097A1 (en) Payment system that reduces or eliminates the need to exchange personal information
JP7238902B2 (en) Information processing device, information processing method, and program
CN109118215B (en) Payment processing method and device and server
US20230084897A1 (en) Registration and payment method, device, and system using face information
US20160071071A1 (en) Payment system that reduces or eliminates the need to exchange personal information
WO2022064686A1 (en) Authentication system, authentication method, and program
CN111325556A (en) Information processing method, device, equipment and medium
TW202040454A (en) Authentication system, authentication terminal, user terminal, authentication method, and program
US20160071109A1 (en) Payment system that reduces or eliminates the need to exchange personal information
JP7358574B2 (en) Authentication system, transmitter, receiver, authentication method, and program
CN109213889B (en) Method and device for merging customer information
CN117034358A (en) Service certificate processing method and device and computer equipment
CN111178339A (en) User identity identification method, device, equipment and medium
CN112385180A (en) System and method for matching identity and readily available personal identifier information based on transaction time stamp
US20220027866A1 (en) Digital virtual currency issued by being matched with biometric authentication signal, and transaction method therefor
US11593899B2 (en) Methods, systems, apparatuses, and devices for facilitating streamlining of traveling processes for traveling

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20201222

Address after: Room n14-2-9r, 101 software Avenue, Yuhuatai District, Nanjing, Jiangsu 210000

Patentee after: Nanjing Yibo Software Technology Co.,Ltd.

Address before: 518000 Huawei Electric Research Center, Bantian Huawei base, Longgang District, Shenzhen City, Guangdong Province

Patentee before: SHENZHEN SMARTCOM BUSINESS Co.,Ltd.

TR01 Transfer of patent right