WO2020164268A1 - Verification code generation method and apparatus, and storage medium and computer device - Google Patents

Verification code generation method and apparatus, and storage medium and computer device Download PDF

Info

Publication number
WO2020164268A1
WO2020164268A1 PCT/CN2019/117236 CN2019117236W WO2020164268A1 WO 2020164268 A1 WO2020164268 A1 WO 2020164268A1 CN 2019117236 W CN2019117236 W CN 2019117236W WO 2020164268 A1 WO2020164268 A1 WO 2020164268A1
Authority
WO
WIPO (PCT)
Prior art keywords
pixel point
risk level
browser
terminal device
product value
Prior art date
Application number
PCT/CN2019/117236
Other languages
French (fr)
Chinese (zh)
Inventor
黎立桂
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2020164268A1 publication Critical patent/WO2020164268A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Definitions

  • This application relates to the technical field of online verification. Specifically, this application relates to a method, device, storage medium, and computer equipment for generating a verification code based on a terminal device.
  • verification codes are currently used to verify users who access the platform.
  • the verification code can be graphics, text, or English letters.
  • the inventor of this application found in research that the graphic verification codes on the market all display the same graphic verification codes compared to users and are easy to crack. Even if distortion and background interference are increased, with the development of deep learning technology, cracking is still It is getting simpler and simpler, on the other hand, the user experience is poor.
  • This application proposes a verification code generation method, device, storage medium, and computer equipment based on terminal equipment to automatically analyze the risk level of terminal equipment accessing the network, and generate different verification codes according to different risk levels, thereby enhancing the security of system verification Sex.
  • a method for generating a verification code based on a terminal device includes: acquiring the browser characteristics of the terminal device; generating device fingerprint information according to the browser characteristics; inputting the device fingerprint information into a classification model to obtain the risk of the terminal device Level; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level; a verification code corresponding to the degree of difficulty is generated according to the risk level.
  • a verification code generation device based on terminal equipment including:
  • the first obtaining module is used to obtain the browser characteristics of the terminal device
  • the first generating module is configured to generate device fingerprint information according to the browser feature
  • the second acquisition module is configured to input the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
  • the second generation module generates a verification code corresponding to the degree of difficulty value according to the risk level.
  • a computer-readable storage medium having a computer program stored thereon; the computer program is suitable for being loaded by a processor and executing a terminal device-based verification code generation method, wherein the steps of the terminal device-based verification code generation method ,include:
  • the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
  • a verification code corresponding to the degree of difficulty is generated.
  • a computer device includes: one or more processors; a memory; one or more application programs, wherein the one or more application programs are stored in the memory and configured to be operated by the one or more The one or more application programs are configured to execute a method for generating a verification code based on a terminal device, wherein the steps of the method for generating a verification code based on a terminal device include:
  • the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
  • a verification code corresponding to the degree of difficulty is generated.
  • the device fingerprint information is generated from the front-end browser feature, and then the device fingerprint information is input into the classification model.
  • the classification model judges the device fingerprint information, and according to the device fingerprint information
  • the association relationship with the risk level, the risk level of the terminal device corresponding to the fingerprint information of the device is output.
  • the system generates a corresponding verification code according to the risk level of the terminal device. Therefore, the above method automatically analyzes the risk level of terminal equipment accessing the network, and generates different verification codes according to different risk levels, thereby enhancing the security of system verification.
  • FIG. 1 is a schematic diagram of interaction between a server and a terminal device in an embodiment provided by this application;
  • FIG. 2 is a method flowchart in an embodiment of a method for generating a verification code based on a terminal device provided by this application;
  • FIG. 3 is a diagram of interaction signaling in an embodiment of a terminal device and a server provided by this application;
  • FIG. 4 is a flowchart of a method in an embodiment of step S100 provided by this application.
  • FIG. 5 is a flowchart of part of the method in an embodiment of a method for generating a verification code based on a terminal device provided by this application;
  • FIG. 6 is a structural block diagram of an embodiment of an apparatus for generating a verification code based on a terminal device provided by this application;
  • FIG. 7 is a schematic structural diagram in an embodiment of a computer device provided by this application.
  • This application provides a method for generating a verification code based on a terminal device, which is used on the server side. It is suitable for the server to display verification codes of different difficulty levels according to the risk level after the network request initiated by the terminal device.
  • the method for generating a verification code based on a terminal device is applied in the application environment as shown in FIG. 1.
  • the server 100 and the terminal device 300 are located in the same network 200 environment, and the server 100 and the terminal device 300 exchange data and information through the network 200.
  • the terminal device 300 performs network communication with the server 100.
  • the number of the server 100 and the terminal device 300 is not limited, and what is shown in FIG. 1 is only for illustration.
  • the terminal device 300 is installed with a client for network access to the server 100.
  • the user can interact with the corresponding server 100 through the client of the terminal device 300.
  • the client and the server correspond to each other and follow the same set of data protocols, so that the server 100 can parse out the relevant data of the client (such as a browser) in the terminal device 300, thereby determining the network access risk level of the terminal device 300 .
  • the server 100 may be, but is not limited to, a web server, a management server, an application server, a database server, a cloud server, and so on.
  • the terminal device 300 may be, but is not limited to, a smart phone, a personal computer (PC), a tablet computer, a personal digital assistant (PDA), a mobile Internet device (MID), etc.
  • the operating system of the terminal device 300 may be, but is not limited to, an Android (Android) system, an IOS (IPhone operating system) system, a Windows phone system, a Windows system, etc.
  • This application provides a method for generating a verification code based on a terminal device.
  • the method for generating a verification code based on a terminal device includes the following steps:
  • the server when the server receives the network access request initiated by the terminal device through the browser through the front end, the server acquires the browser feature of the terminal device through the front end. Specifically, the server uses the front end to collect the browser characteristics of the terminal device, including browser language, pixel ratio, color depth, device screen resolution x, device screen resolution y, device available screen resolution x, device available screen resolution y, The number of points that can be touched by the device, whether the device supports touch, the number of points that can be touched by the device is consistent with the operating system, the verification result of whether the number of touchable points on the device is consistent with the support for touch, and the CPU Whether the class is unknown, whether the browser plug-in is missing, whether the font list detected by JS/CSS is missing, whether the operating system is unknown, whether the WebGL supplier is missing, whether the browser manufacturer is other, whether the operating system manufacturer is other, Whether the browser type is robot, browser plug-ins, total number of browser plug-ins, total number of fonts detected using
  • the browser feature information may also include a feature of the degree of lack of device information of the terminal device.
  • the lack of device information corresponds to the abnormality of the user's use of the device.
  • user effectiveness judgment and classification evaluation can be performed. For example, lack of high, medium and low corresponds to low, medium and high user effectiveness.
  • S200 Generate device fingerprint information according to the browser feature.
  • the server generates device fingerprint information of the terminal device according to the browser feature.
  • the device fingerprint information can be composed of any one or more of numbers and letters.
  • the device fingerprint information uses a 32-bit string composed of numbers and lowercase letters.
  • S300 Input the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level.
  • the server inputs device fingerprint information into the classification model, and the classification model analyzes the device fingerprint information.
  • the classification model outputs the risk level of the terminal device corresponding to the device fingerprint information according to the relationship between the device fingerprint information and the risk level.
  • the classification model includes a naive Bayes classification model based on Gaussian distribution.
  • the acquiring the browser characteristics of the terminal device, generating device fingerprint information according to the browser characteristics, and inputting the device fingerprint information into a classification model to obtain the risk level of the terminal device includes: acquiring The browser characteristics of the terminal device at multiple verification time points within a preset time period; the corresponding device fingerprint information is generated according to the browser characteristics of each verification time point; and each verification time point is combined with The fingerprint information of the device corresponding to the verification time point is input into the classification model to obtain the risk level corresponding to each verification time point; the risk level corresponding to each verification time point is calculated to obtain the terminal device's risk level within the preset time period. Risk level.
  • browser characteristics in different time periods represent the risk level of the terminal device. For example, determine the mining characteristics of the 24-hour system (for example, the terminal equipment is likely to be abnormal from 2 AM to 5 AM), the mining characteristics of the 12 months, whether it is a holiday (Spring Festival, November holiday, etc.), whether it is a working day, Is it a weekend.
  • the verification time of the preset time period reflects whether the user behavior is abnormal. At the same time, user behavior can be monitored according to the verification time and number of times. Therefore, the time in the preset time period is divided into multiple verification time points here, and the device fingerprint information obtained at each verification time point and the verification time point are input into the classification model together.
  • the classification model classifies the device fingerprint information according to different verification time points, to output the risk level corresponding to the verification time point. Further, the risk level of each verification time point can be counted to determine the risk level of the terminal device within a preset time period, so that the risk level of the terminal within the time period can be determined according to different preset time periods.
  • S400 Generate a verification code corresponding to the degree of difficulty value according to the risk level.
  • the server determines the risk level of the terminal device accessing the network through the classification model, it generates a verification code corresponding to the degree of difficulty value according to the determined risk level. Specifically, the server classifies the risks of terminal devices accessing the network, and different levels of risks correspond to verification codes with different difficulty levels. According to the risk level output by the classification module, the verification code corresponding to the risk level can be matched from the system, and the corresponding verification code can be sent to the terminal device.
  • the risk level includes a first risk level, a second risk level, a third risk level, and a fourth risk level arranged in descending order of risk levels.
  • Step S400 includes: if the risk level is the first risk level, generating a verification code for the click operation; if the risk level is the second risk level, generating a slider type verification code; if the risk is If the level is the third risk level, a verification code for the click operation is generated; if the risk level is the fourth risk level, a verification code of the voiceprint type is generated.
  • the server sends verification codes of different risk levels to the front end.
  • the front end displays verification codes of different difficulty levels according to the risk level. For example, LEV1 without wind test displays “click verification code”, low risk level LEV2 displays “slider verification code”, medium risk level LEV3 displays “click verification code”, and high risk level LEV4 displays "voiceprint verification code” .
  • the device fingerprint information is generated from the front-end browser feature, and then the device fingerprint information is input into the classification model.
  • the classification model judges the device fingerprint information, and according to the device fingerprint information The association relationship with the risk level, output the risk level of the terminal device corresponding to the device fingerprint information.
  • the system generates a corresponding verification code according to the risk level of the terminal device. Therefore, the above method automatically analyzes the risk level of terminal equipment accessing the network, and generates different verification codes according to different risk levels, thereby enhancing the security of system verification.
  • step S100 includes the following steps:
  • S120 Calculate a first product value of the product of the pixel point x1 and the pixel point y1, and a second product value of the product of the pixel point x2 and the pixel point y2.
  • the screen resolution of the terminal device includes the screen resolution of the device itself and the maximum screen resolution available in practical applications.
  • the screen resolution can be determined by the horizontal and vertical pixels of the screen.
  • the horizontal pixel point x1 of the device screen resolution and the vertical pixel point y1 are multiplied to obtain the first product value
  • the horizontal pixel point x2 of the maximum available screen resolution is compared with the vertical pixel point
  • the second product value is obtained. Further, the difference between the first product value and the second product value is made to obtain the difference.
  • the horizontal pixel point x1 of the device screen resolution of the terminal device the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, the vertical pixel point y2, and the first product value ,
  • the second product value and the difference value are used as the browser feature.
  • "generating device fingerprint information according to the browser feature" in step S200 includes: according to the pixel point x1, pixel point y1, pixel point x2, pixel point y2, The first product value, the second product value, and the resolution nonlinear combination feature generated by the difference; according to the resolution nonlinear combination feature, the first product value, and the second product value Generate device fingerprint information.
  • the product value of the pixel point x1 and the pixel point y1 is resolution_multi.
  • the product value of pixel x2 and pixel y2 is available_resolution_multi.
  • the difference between the above two product values is D-value.
  • the non-linear combination feature and the product resolution_multi and the product available_resolution_multi generate device fingerprint information, and input the generated device fingerprint information into the classification model.
  • the browser feature also includes the number of touchable points of the device, whether it supports touch control, verifying whether the touchable points of the device are consistent with the operating system, and verifying that the device can be touched. Whether the number of touch points is consistent with whether it supports touch control, and one or more of the characteristics of the lack of device information.
  • the acquiring the browser characteristics of the terminal device, and generating device fingerprint information according to the browser characteristics may further include the following steps:
  • S103 Determine whether the system generates the verification code for the first time within a set time period.
  • the server when the server obtains the browser feature of the terminal device, it first determines whether the verification code is currently generated by the system for the first time within a set time period. If yes, obtain the number of touchable points of the device in the browser feature, whether it supports touch control, verify whether the touchable points of the device are consistent with the operating system, verify the touchable points of the device and whether it supports touch
  • the device fingerprint information is generated according to at least three characteristics among the characteristics of whether the control is consistent and the degree of lack of device information.
  • the server receives a network access request from a terminal device, if the verification code is generated for the first time through this embodiment, the device fingerprint information of the terminal device can be generated according to multiple hardware conditions of the terminal device to ensure the verification code generated for the first time It can accurately identify the nature of the terminal equipment and enhance the security verification of the system.
  • the device fingerprint information of the terminal device can be generated through the screen resolution of the terminal device, so that when the verification code is generated again, the time for generating the verification code is shortened, and the efficiency of generating the verification code is improved.
  • the application also provides a verification code generation device based on terminal equipment.
  • the terminal device-based verification code generation apparatus includes a first acquisition module 10, a first generation module 20, a second acquisition module 30, and a second generation module 40.
  • the first obtaining module 10 is used to obtain the browser feature of the terminal device.
  • the server when the server receives the network access request initiated by the terminal device through the browser through the front end, the server obtains the browser feature of the terminal device through the front end.
  • the server uses the front end to collect the browser characteristics of the terminal device, including browser language, pixel ratio, color depth, device screen resolution x, device screen resolution y, device available screen resolution x, device available screen resolution y, The number of points that can be touched by the device, whether the device supports touch, the number of points that can be touched by the device is consistent with the operating system, the verification result of whether the number of touchable points on the device is consistent with the support for touch, and the CPU Whether the class is unknown, whether the browser plug-in is missing, whether the font list detected by JS/CSS is missing, whether the operating system is unknown, whether the WebGL supplier is missing, whether the browser manufacturer is other, whether the operating system manufacturer is other, Whether the browser type is robot, browser plug-ins, total number of browser plug-ins, total number of fonts detected using JS/CSS, whether the operating system and system platform are consistent, whether the audio stack fingerprint is provided, the parameter information of the audio stack fingerprint, and the system to the user The total number of logical processors available
  • the browser feature information may also include a feature of the degree of lack of device information of the terminal device.
  • the lack of device information corresponds to the abnormality of the user's use of the device.
  • user effectiveness judgment and classification evaluation can be performed. For example, lack of high, medium and low corresponds to low, medium and high user effectiveness.
  • the first generating module 20 is configured to generate device fingerprint information according to the browser feature.
  • the server generates device fingerprint information of the terminal device according to the browser feature.
  • the device fingerprint information can be composed of any one or more of numbers and letters.
  • the device fingerprint information uses a 32-bit string composed of numbers and lowercase letters.
  • the second acquisition module 30 is configured to input the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level.
  • the server inputs device fingerprint information into the classification model, and the classification model analyzes the device fingerprint information.
  • the classification model outputs the risk level of the terminal device corresponding to the device fingerprint information according to the relationship between the device fingerprint information and the risk level.
  • the classification model includes a naive Bayes classification model based on Gaussian distribution.
  • the second generation module 40 generates a verification code corresponding to the degree of difficulty value according to the risk level.
  • the server determines the risk level of the terminal device accessing the network through the classification model, it generates a verification code corresponding to the degree of difficulty value according to the determined risk level.
  • the server classifies the risks of terminal devices accessing the network, and different levels of risks correspond to verification codes with different difficulty levels.
  • the verification code corresponding to the risk level can be matched from the system, and the corresponding verification code can be sent to the terminal device.
  • each module in the terminal device-based verification code generation apparatus provided in this application is also used to perform the operations performed corresponding to each step in the terminal device-based verification code generation method described in this application. No more detailed instructions.
  • the application also provides a computer-readable storage medium.
  • the storage medium stores a computer program; when the computer program is executed by the processor, the terminal device-based verification code generation method described in any of the above embodiments is implemented.
  • the storage medium may be a memory.
  • the internal memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), flash memory, or random access memory.
  • External storage can include hard disks, floppy disks, ZIP disks, U disks, tapes, etc.
  • the computer-readable storage medium disclosed in this application includes but is not limited to these types of memories.
  • the memory disclosed in this application is only an example and not a limitation.
  • a computer device includes: one or more processors; memory; and one or more application programs. Wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, and the one or more application programs are configured to execute the one described in any of the above embodiments A method of generating verification codes based on terminal equipment.
  • FIG. 7 is a schematic structural diagram of a computer device in an embodiment of the application.
  • the computer device described in this embodiment may be a server, a personal computer, and a network device.
  • the device includes a processor 703, a memory 705, an input unit 707, a display unit 709 and other devices.
  • the memory 705 may be used to store an application program 701 and various functional modules, and the processor 703 runs the application program 701 stored in the memory 705 to execute various functional applications and data processing of the device.
  • the memory may be internal memory or external memory, or include both internal memory and external memory.
  • the internal memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), flash memory, or random access memory.
  • ROM read only memory
  • PROM programmable ROM
  • EPROM electrically programmable ROM
  • EEPROM electrically erasable programmable ROM
  • flash memory or random access memory.
  • External storage can include hard disks, floppy disks, ZIP disks, U disks, tapes, etc.
  • the memory disclosed in this application includes but is not limited to these types of memory.
  • the memory disclosed in this application is only an example and not a limitation.
  • the input unit 707 is used to receive input of signals and keywords input by the user.
  • the input unit 707 may include a touch panel and other input devices.
  • the touch panel can collect the user's touch operations on or near it (for example, the user uses any suitable objects or accessories such as fingers, stylus, etc., to operate on the touch panel or near the touch panel), and according to preset
  • the program drives the corresponding connection device; other input devices may include, but are not limited to, one or more of a physical keyboard, function keys (such as playback control buttons, switch buttons, etc.), trackball, mouse, and joystick.
  • the display unit 709 can be used to display information input by the user or information provided to the user and various menus of the computer device.
  • the display unit 709 can take the form of a liquid crystal display, an organic light emitting diode, or the like.
  • the processor 703 is the control center of the computer equipment. It uses various interfaces and lines to connect the various parts of the entire computer. By running or executing the software programs and/or modules stored in the memory 705, and calling the data stored in the memory, execute Various functions and processing data.
  • the device includes one or more processors 703, one or more memories 705, and one or more application programs 701.
  • the one or more application programs 701 are stored in the memory 705 and are configured to be executed by the one or more processors 703, and the one or more application programs 701 are configured to execute the foregoing embodiments.
  • the functional units in the various embodiments of the present application may be integrated into one processing module, or each unit may exist alone physically, or two or more units may be integrated into one module.
  • the above-mentioned integrated modules can be implemented in the form of hardware or software functional modules. If the integrated module is implemented in the form of a software function module and sold or used as an independent product, it can also be stored in a computer readable storage medium.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Collating Specific Patterns (AREA)

Abstract

A verification code generation method and apparatus, and a storage medium and a computer device. The method comprises: obtaining browser features of a terminal device (S100); generating device fingerprint information according to the browser features (S200); inputting the device fingerprint information into a classification model to obtain the risk level of the terminal device, wherein the classification model is used for representing an association relationship between the device fingerprint information and the risk level (S300); and generating a verification code corresponding to the difficulty degree value according to the risk level (S400). The method can automatically analyze the risk level of the terminal device accessing the network, and generates different verification codes according to different risk levels, thereby enhancing the security of system verification.

Description

验证码生成方法、装置及存储介质、计算机设备Verification code generation method, device, storage medium, and computer equipment
本申请要求于2019年2月13日提交中国专利局、申请号为201910112933.2,发明名称为“验证码生成方法、装置及存储介质、计算机设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office on February 13, 2019 with the application number 201910112933.2 and the invention title of "Verification Code Generation Method, Device and Storage Medium, and Computer Equipment", the entire content of which is incorporated by reference Incorporated in this application.
技术领域Technical field
本申请涉及上网验证技术领域,具体而言,本申请涉及一种基于终端设备的验证码生成方法、装置及存储介质、计算机设备。This application relates to the technical field of online verification. Specifically, this application relates to a method, device, storage medium, and computer equipment for generating a verification code based on a terminal device.
背景技术Background technique
随着互联网技术的发展,黑客通过软件程序对某些运营平台采用自动化攻击,如恶意刷票、论坛灌水等。或者,竞争对手可采用软件程序对对手的产品平台进行不断地自动化访问,造成对手的产品运营平台的崩塌。为了避免机器自动化攻击,目前采用验证码对访问平台的用户进行验证。验证码可以是图形、文字或者英文字母等。With the development of Internet technology, hackers use software programs to automate attacks on certain operating platforms, such as malicious swiping of votes and forum irrigation. Or, competitors can use software programs to continuously and automatically access the opponent's product platform, causing the collapse of the opponent's product operation platform. In order to avoid machine automation attacks, verification codes are currently used to verify users who access the platform. The verification code can be graphics, text, or English letters.
本申请的发明人在研究中发现,市面上的图型验证码,相对于用户都是显示相同的图形验证码,且容易破解,即使增加扭曲和背景干扰,随着深度学习技术发展,破解也变得越来越简单,另一方面用户体验较差。The inventor of this application found in research that the graphic verification codes on the market all display the same graphic verification codes compared to users and are easy to crack. Even if distortion and background interference are increased, with the development of deep learning technology, cracking is still It is getting simpler and simpler, on the other hand, the user experience is poor.
发明内容Summary of the invention
本申请提出一种基于终端设备的验证码生成方法、装置及存储介质、计算机设备,以自动化分析终端设备访问网络的风险等级,根据不同的风险等级生成不同的验证码,从而增强***验证的安全性。This application proposes a verification code generation method, device, storage medium, and computer equipment based on terminal equipment to automatically analyze the risk level of terminal equipment accessing the network, and generate different verification codes according to different risk levels, thereby enhancing the security of system verification Sex.
本申请提供以下方案:This application provides the following solutions:
一种基于终端设备的验证码生成方法,包括:获取终端设备的浏览器特征;根据所述浏览器特征生成设备指纹信息;将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系;根据所述风险等级生成对应难 度程度值的验证码。A method for generating a verification code based on a terminal device includes: acquiring the browser characteristics of the terminal device; generating device fingerprint information according to the browser characteristics; inputting the device fingerprint information into a classification model to obtain the risk of the terminal device Level; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level; a verification code corresponding to the degree of difficulty is generated according to the risk level.
一种基于终端设备的验证码生成装置,包括:A verification code generation device based on terminal equipment, including:
第一获取模块,用于获取终端设备的浏览器特征;The first obtaining module is used to obtain the browser characteristics of the terminal device;
第一生成模块,用于根据所述浏览器特征生成设备指纹信息;The first generating module is configured to generate device fingerprint information according to the browser feature;
第二获取模块,用于将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系;The second acquisition module is configured to input the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
第二生成模块,根据所述风险等级生成对应难度程度值的验证码。The second generation module generates a verification code corresponding to the degree of difficulty value according to the risk level.
一种计算机可读存储介质,其上存储有计算机程序;所述计算机程序适于由处理器加载并执行基于终端设备的验证码生成方法,其中,所述基于终端设备的验证码生成方法的步骤,包括:A computer-readable storage medium having a computer program stored thereon; the computer program is suitable for being loaded by a processor and executing a terminal device-based verification code generation method, wherein the steps of the terminal device-based verification code generation method ,include:
获取终端设备的浏览器特征;Obtain the browser characteristics of the terminal device;
根据所述浏览器特征生成设备指纹信息;Generating device fingerprint information according to the browser characteristics;
将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系;Inputting the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
根据所述风险等级生成对应难度程度值的验证码。According to the risk level, a verification code corresponding to the degree of difficulty is generated.
一种计算机设备,其包括:一个或多个处理器;存储器;一个或多个应用程序,其中所述一个或多个应用程序被存储在所述存储器中并被配置为由所述一个或多个处理器执行,所述一个或多个应用程序配置用于执行基于终端设备的验证码生成方法,其中,所述基于终端设备的验证码生成方法的步骤,包括:A computer device includes: one or more processors; a memory; one or more application programs, wherein the one or more application programs are stored in the memory and configured to be operated by the one or more The one or more application programs are configured to execute a method for generating a verification code based on a terminal device, wherein the steps of the method for generating a verification code based on a terminal device include:
获取终端设备的浏览器特征;Obtain the browser characteristics of the terminal device;
根据所述浏览器特征生成设备指纹信息;Generating device fingerprint information according to the browser characteristics;
将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系;Inputting the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
根据所述风险等级生成对应难度程度值的验证码。According to the risk level, a verification code corresponding to the degree of difficulty is generated.
上述实施例提供的基于终端设备的验证码生成方法,将前端的浏览器特征生成设备指纹信息后,将设备指纹信息输入到分类模型中,由分类模型对设备指纹信息进行判别,根据设备指纹信息与风险等级的关联关系, 输出该设备指纹信息对应的终端设备的风险等级。最终,***根据终端设备的风险等级生成对应的验证码。因此,上述方法自动化分析终端设备访问网络的风险等级,根据不同的风险等级生成不同的验证码,从而增强***验证的安全性。According to the terminal device-based verification code generation method provided in the above embodiment, the device fingerprint information is generated from the front-end browser feature, and then the device fingerprint information is input into the classification model. The classification model judges the device fingerprint information, and according to the device fingerprint information The association relationship with the risk level, the risk level of the terminal device corresponding to the fingerprint information of the device is output. Finally, the system generates a corresponding verification code according to the risk level of the terminal device. Therefore, the above method automatically analyzes the risk level of terminal equipment accessing the network, and generates different verification codes according to different risk levels, thereby enhancing the security of system verification.
本申请附加的方面和优点将在下面的描述中部分给出,这些将从下面的描述中变得明显,或通过本申请的实践了解到。The additional aspects and advantages of this application will be partly given in the following description, which will become obvious from the following description, or be understood through the practice of this application.
附图说明Description of the drawings
本申请上述的和/或附加的方面和优点从下面结合附图对实施例的描述中将变得明显和容易理解,其中:The above and/or additional aspects and advantages of the present application will become obvious and easy to understand from the following description of the embodiments in conjunction with the accompanying drawings, in which:
图1为本申请提供的服务器与终端设备之间的一实施例中的交互示意图;FIG. 1 is a schematic diagram of interaction between a server and a terminal device in an embodiment provided by this application;
图2为本申请提供的一种基于终端设备的验证码生成方法的一实施例中的方法流程图;2 is a method flowchart in an embodiment of a method for generating a verification code based on a terminal device provided by this application;
图3为本申请提供的终端设备与服务器的一实施例中的交互信令图;FIG. 3 is a diagram of interaction signaling in an embodiment of a terminal device and a server provided by this application;
图4为本申请提供的步骤S100的一实施例中的方法流程图;FIG. 4 is a flowchart of a method in an embodiment of step S100 provided by this application;
图5为本申请提供的一种基于终端设备的验证码生成方法的一实施例中的部分方法流程图;FIG. 5 is a flowchart of part of the method in an embodiment of a method for generating a verification code based on a terminal device provided by this application;
图6为本申请提供的一种基于终端设备的验证码生成装置的一实施例中的结构框图;FIG. 6 is a structural block diagram of an embodiment of an apparatus for generating a verification code based on a terminal device provided by this application;
图7为本申请提供的一种计算机设备的一实施例中的结构示意图。FIG. 7 is a schematic structural diagram in an embodiment of a computer device provided by this application.
具体实施方式detailed description
下面详细描述本申请的实施例,所述实施例的示例在附图中示出,其中自始至终相同或类似的标号表示相同或类似的元件或具有相同或类似功能的元件。下面通过参考附图描述的实施例是示例性的,仅用于解释本申请,而不能解释为对本申请的限制。The embodiments of the present application are described in detail below. Examples of the embodiments are shown in the accompanying drawings, wherein the same or similar reference numerals indicate the same or similar elements or elements with the same or similar functions. The embodiments described below with reference to the drawings are exemplary, and are only used to explain the present application, and cannot be construed as a limitation to the present application.
本技术领域技术人员可以理解,除非特意声明,这里使用的单数形式“一”、“一个”、“所述”和“该”也可包括复数形式,这里使用的“第一”、“第 二”仅用于区别同一技术特征,并不对该技术特征的顺序和数量等加以限定。应该进一步理解的是,本申请的说明书中使用的措辞“包括”是指存在所述特征、整数、步骤、操作、元件和/或组件,但是并不排除存在或添加一个或多个其他特征、整数、步骤、操作、元件、组件和/或它们的组。Those skilled in the art can understand that, unless specifically stated otherwise, the singular forms "a", "an", "the" and "the" used herein may also include plural forms. The "first" and "second" used herein "It is only used to distinguish the same technical feature, and does not limit the order and quantity of the technical feature. It should be further understood that the term "comprising" used in the specification of this application refers to the presence of the described features, integers, steps, operations, elements, and/or components, but does not exclude the presence or addition of one or more other features, Integers, steps, operations, elements, components, and/or groups thereof.
本申请提供的一种基于终端设备的验证码生成方法,用于服务器端。适用于服务器根据终端设备发起的网络请求后,根据风险等级再前端显示不同难易程度的验证码。在一实施例中,该基于终端设备的验证码生成方法应用于如图1所示的应用环境中。This application provides a method for generating a verification code based on a terminal device, which is used on the server side. It is suitable for the server to display verification codes of different difficulty levels according to the risk level after the network request initiated by the terminal device. In an embodiment, the method for generating a verification code based on a terminal device is applied in the application environment as shown in FIG. 1.
如图1所示,服务器100与终端设备300位于同一个网络200环境中,服务器100与终端设备300通过网络200进行数据信息的交互。在本实施例中,终端设备300与服务器100进行网络通信。服务器100与终端设备300的数量不作限定,图1所示只作为示例说明。终端设备300安装有客户端,用于对服务器100进行网络访问。用户可以通过终端设备300的客户端与对应的服务器100进行信息交互。客户端与服务器(Server)端相对应,共同遵循同一套数据协议,使得服务器100能够解析出终端设备300中客户端(如浏览器)的相关数据,从而确定出终端设备300的网络访问风险等级。As shown in FIG. 1, the server 100 and the terminal device 300 are located in the same network 200 environment, and the server 100 and the terminal device 300 exchange data and information through the network 200. In this embodiment, the terminal device 300 performs network communication with the server 100. The number of the server 100 and the terminal device 300 is not limited, and what is shown in FIG. 1 is only for illustration. The terminal device 300 is installed with a client for network access to the server 100. The user can interact with the corresponding server 100 through the client of the terminal device 300. The client and the server (Server) correspond to each other and follow the same set of data protocols, so that the server 100 can parse out the relevant data of the client (such as a browser) in the terminal device 300, thereby determining the network access risk level of the terminal device 300 .
服务器100可以是,但不限于,网络服务器、管理服务器、应用程序服务器、数据库服务器、云端服务器等等。终端设备300可以是,但不限于智能手机、个人电脑(personal computer,PC)、平板电脑、个人数字助理(personal digital assistant,PDA)、移动上网设备(mobile Internet device,MID)等。终端设备300的操作***可以是,但不限于,安卓(Android)***、IOS(IPhone operating system)***、Windows phone***、Windows***等。The server 100 may be, but is not limited to, a web server, a management server, an application server, a database server, a cloud server, and so on. The terminal device 300 may be, but is not limited to, a smart phone, a personal computer (PC), a tablet computer, a personal digital assistant (PDA), a mobile Internet device (MID), etc. The operating system of the terminal device 300 may be, but is not limited to, an Android (Android) system, an IOS (IPhone operating system) system, a Windows phone system, a Windows system, etc.
本申请提供一种基于终端设备的验证码生成方法。在一实施例中,如图2所示,该基于终端设备的验证码生成方法,包括以下步骤:This application provides a method for generating a verification code based on a terminal device. In an embodiment, as shown in FIG. 2, the method for generating a verification code based on a terminal device includes the following steps:
S100,获取终端设备的浏览器特征。S100. Obtain the browser feature of the terminal device.
在本实施例中,如图3所示,服务器通过前端接收到终端设备通过浏览器发起的网络访问请求时,通过前端获取终端设备的浏览器特征。具体 地,服务器利用前端收集终端设备的浏览器特征包括浏览器语言、像素比、颜色深度、设备屏幕分辨率x、设备屏幕分辨率y、设备可用屏幕分辨率x、设备可用屏幕分辨率y、设备可触控的点的个数、设备是否支持可触控、设备可触控的点数与操作***是否一致的验证结果、设备可触控的点数与支持可触控是否一致的验证结果、cpu类是否未知、浏览器插件是否缺失、使用JS/CSS检测到的字体列表是否缺失、操作***是否为unknown、WebGL供应商是否缺失、浏览器生产厂商是否为other、操作***生产厂商是否为other、浏览器类型是否为robot、浏览器插件、浏览器插件总数、使用JS/CSS检测到的字体总数、操作***和***平台是否一致、音频堆栈指纹是否提供、音频堆栈指纹的参数信息、***对用户代理可用的逻辑处理器总数、是否安装AdBlock、用户是否篡改了语言、用户是否篡改了屏幕分辨率、用户是否篡改了操作***、浏览器生产厂商、操作***生产厂商、访问设备类型、操作***家族及结合上述特征,计算数据的极差、四分位数、四分位数极差、五数概括(按次序最小值、上四分位、中位数、下四分位数、最大值)等。In this embodiment, as shown in FIG. 3, when the server receives the network access request initiated by the terminal device through the browser through the front end, the server acquires the browser feature of the terminal device through the front end. Specifically, the server uses the front end to collect the browser characteristics of the terminal device, including browser language, pixel ratio, color depth, device screen resolution x, device screen resolution y, device available screen resolution x, device available screen resolution y, The number of points that can be touched by the device, whether the device supports touch, the number of points that can be touched by the device is consistent with the operating system, the verification result of whether the number of touchable points on the device is consistent with the support for touch, and the CPU Whether the class is unknown, whether the browser plug-in is missing, whether the font list detected by JS/CSS is missing, whether the operating system is unknown, whether the WebGL supplier is missing, whether the browser manufacturer is other, whether the operating system manufacturer is other, Whether the browser type is robot, browser plug-ins, total number of browser plug-ins, total number of fonts detected using JS/CSS, whether the operating system and system platform are consistent, whether the audio stack fingerprint is provided, the parameter information of the audio stack fingerprint, and the system to the user The total number of logical processors available to the agent, whether AdBlock is installed, whether the user has tampered with the language, whether the user has tampered with the screen resolution, whether the user has tampered with the operating system, browser manufacturer, operating system manufacturer, access device type, operating system family And combined with the above characteristics, calculate the data range, quartile, quartile range, quintile summary (in order of minimum, upper quartile, median, lower quartile, maximum) Wait.
此外,所述浏览器特征信息还可包括所述终端设备的设备信息缺失程度特征。具体地,设备信息缺失对应用户使用设备异常。根据设备信息缺失程度可进行用户有效性判断和分级评判等。例如缺失高中低,对应用户有效性低中高。In addition, the browser feature information may also include a feature of the degree of lack of device information of the terminal device. Specifically, the lack of device information corresponds to the abnormality of the user's use of the device. According to the degree of lack of equipment information, user effectiveness judgment and classification evaluation can be performed. For example, lack of high, medium and low corresponds to low, medium and high user effectiveness.
S200,根据所述浏览器特征生成设备指纹信息。S200: Generate device fingerprint information according to the browser feature.
在本实施例中,如图3所示,服务器根据该浏览器特征生成终端设备的设备指纹信息。其中,设备指纹信息可以是由数字、字母中任意一项或多项组成。在一具体实施方式中,设备指纹信息采用数字和小写字母组成的32位字符串。In this embodiment, as shown in FIG. 3, the server generates device fingerprint information of the terminal device according to the browser feature. Among them, the device fingerprint information can be composed of any one or more of numbers and letters. In a specific embodiment, the device fingerprint information uses a 32-bit string composed of numbers and lowercase letters.
S300,将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系。S300. Input the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level.
在本实施例中,如图3所示,服务器将设备指纹信息输入到分类模型中,由分类模型对设备指纹信息进行分析。分类模型根据设备指纹信息与 风险等级的关联关系,输出该设备指纹信息对应的终端设备的风险等级。其中,分类模型包括基于高斯分布的朴素贝叶斯分类模型。In this embodiment, as shown in Figure 3, the server inputs device fingerprint information into the classification model, and the classification model analyzes the device fingerprint information. The classification model outputs the risk level of the terminal device corresponding to the device fingerprint information according to the relationship between the device fingerprint information and the risk level. Among them, the classification model includes a naive Bayes classification model based on Gaussian distribution.
在一实施例中,所述获取终端设备的浏览器特征,根据所述浏览器特征生成设备指纹信息,将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级,包括:获取预设时间段内多个验证时间点的所述终端设备的浏览器特征;根据每个所述验证时间点的所述浏览器特征生成对应的设备指纹信息;将每个所述验证时间点和验证时间点对应的设备指纹信息输入到所述分类模型,得到每个验证时间点对应的风险等级;统计每个验证时间点对应的风险等级,得到所述预设时间段内所述终端设备的风险等级。In an embodiment, the acquiring the browser characteristics of the terminal device, generating device fingerprint information according to the browser characteristics, and inputting the device fingerprint information into a classification model to obtain the risk level of the terminal device includes: acquiring The browser characteristics of the terminal device at multiple verification time points within a preset time period; the corresponding device fingerprint information is generated according to the browser characteristics of each verification time point; and each verification time point is combined with The fingerprint information of the device corresponding to the verification time point is input into the classification model to obtain the risk level corresponding to each verification time point; the risk level corresponding to each verification time point is calculated to obtain the terminal device's risk level within the preset time period. Risk level.
在该实施例中,不同时间段的浏览器特征表征了终端设备的风险等级。如,确定出24小时制的挖掘特征(比如凌晨2点-5点终端设备很有可能异常)、月份12个月挖掘特征、是否为节假日(春节、十一节假日等)、是否为工作日、是否为周末。预设时间段的验证时间体现出用户行为是否异常。同时,根据验证时间和次数可监控用户行为。因此,此处将预设时间段内的时长划分为多个验证时间点,将每个验证时间点得到的设备指纹信息和验证时间点一起输入到分类模型中。分类模型根据不同的验证时间点,对设备指纹信息进行风险分类,以输出该验证时间点对应的风险等级。进一步,统计各个验证时间点的风险等级,可确定出预设时间段内的终端设备的风险等级,从而可根据不同预设时间段确定出终端在该时间段内风险等级。In this embodiment, browser characteristics in different time periods represent the risk level of the terminal device. For example, determine the mining characteristics of the 24-hour system (for example, the terminal equipment is likely to be abnormal from 2 AM to 5 AM), the mining characteristics of the 12 months, whether it is a holiday (Spring Festival, November holiday, etc.), whether it is a working day, Is it a weekend. The verification time of the preset time period reflects whether the user behavior is abnormal. At the same time, user behavior can be monitored according to the verification time and number of times. Therefore, the time in the preset time period is divided into multiple verification time points here, and the device fingerprint information obtained at each verification time point and the verification time point are input into the classification model together. The classification model classifies the device fingerprint information according to different verification time points, to output the risk level corresponding to the verification time point. Further, the risk level of each verification time point can be counted to determine the risk level of the terminal device within a preset time period, so that the risk level of the terminal within the time period can be determined according to different preset time periods.
S400,根据所述风险等级生成对应难度程度值的验证码。S400: Generate a verification code corresponding to the degree of difficulty value according to the risk level.
在本实施例中,如图3所示,服务器通过分类模型确定出终端设备访问网络的风险等级之后,根据确定的风险等级生成对应难度程度值的验证码。具体地,服务器将终端设备访问网络的风险进行等级划分,不同等级的风险对应不同难度程度值的验证码。根据分类模块输出的风险等级,可从***中匹配出该风险等级对应的验证码,并向终端设备发送该对应的验证码。In this embodiment, as shown in FIG. 3, after the server determines the risk level of the terminal device accessing the network through the classification model, it generates a verification code corresponding to the degree of difficulty value according to the determined risk level. Specifically, the server classifies the risks of terminal devices accessing the network, and different levels of risks correspond to verification codes with different difficulty levels. According to the risk level output by the classification module, the verification code corresponding to the risk level can be matched from the system, and the corresponding verification code can be sent to the terminal device.
在一实施例中,所述风险等级包括按照风险等级从低到高排列的第一 风险等级、第二风险等级、第三风险等级以及第四风险等级。步骤S400,包括:若所述风险等级为所述第一风险等级,生成点击操作的验证码;若所述风险等级为所述第二风险等级,生成滑块类型的验证码;若所述风险等级为所述第三风险等级,生成点选操作的验证码;若所述风险等级为所述第四风险等级,生成语音声纹类型的验证码。In an embodiment, the risk level includes a first risk level, a second risk level, a third risk level, and a fourth risk level arranged in descending order of risk levels. Step S400 includes: if the risk level is the first risk level, generating a verification code for the click operation; if the risk level is the second risk level, generating a slider type verification code; if the risk is If the level is the third risk level, a verification code for the click operation is generated; if the risk level is the fourth risk level, a verification code of the voiceprint type is generated.
在具体的实施方式中,服务器向前端发送不同风险等级的验证码。前端根据风险等级显示不同难易程度的验证码。例如,无风验等级LEV1显示“点击验证码”,低风险等级LEV2显示“滑块验证码”,中风险等级LEV3显示“点选验证码”,高风险等级LEV4显示“语音声纹验证码”。通过对发送请求的上网设备进行风险预判,把友好可信设备和恶意访问区别对待,从而提升用户体验。In a specific implementation, the server sends verification codes of different risk levels to the front end. The front end displays verification codes of different difficulty levels according to the risk level. For example, LEV1 without wind test displays "click verification code", low risk level LEV2 displays "slider verification code", medium risk level LEV3 displays "click verification code", and high risk level LEV4 displays "voiceprint verification code" . By pre-judging the risk of the Internet device that sends the request, it distinguishes between friendly and trusted devices and malicious visits, thereby improving user experience.
上述实施例提供的基于终端设备的验证码生成方法,将前端的浏览器特征生成设备指纹信息后,将设备指纹信息输入到分类模型中,由分类模型对设备指纹信息进行判别,根据设备指纹信息与风险等级的关联关系,输出该设备指纹信息对应的终端设备的风险等级。最终,***根据终端设备的风险等级生成对应的验证码。因此,上述方法自动化分析终端设备访问网络的风险等级,根据不同的风险等级生成不同的验证码,从而增强***验证的安全性。According to the terminal device-based verification code generation method provided in the above embodiment, the device fingerprint information is generated from the front-end browser feature, and then the device fingerprint information is input into the classification model. The classification model judges the device fingerprint information, and according to the device fingerprint information The association relationship with the risk level, output the risk level of the terminal device corresponding to the device fingerprint information. Finally, the system generates a corresponding verification code according to the risk level of the terminal device. Therefore, the above method automatically analyzes the risk level of terminal equipment accessing the network, and generates different verification codes according to different risk levels, thereby enhancing the security of system verification.
在一实施例中,如图4所示,步骤S100,包括以下步骤:In one embodiment, as shown in FIG. 4, step S100 includes the following steps:
S110,获取终端设备的设备屏幕分辨率的水平方向的像素点x1、垂直方向的像素点y1、可用最大屏幕分辨率的水平方向的像素点x2、垂直方向的像素点y2。S110: Obtain the horizontal pixel point x1 of the device screen resolution of the terminal device, the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, and the vertical pixel point y2.
S120,计算所述像素点x1与所述像素点y1乘积后的第一乘积值,所述像素点x2与所述像素点y2乘积后的第二乘积值。S120: Calculate a first product value of the product of the pixel point x1 and the pixel point y1, and a second product value of the product of the pixel point x2 and the pixel point y2.
S130,获取所述第一乘积值和所述第二乘积值的差值。S130. Obtain a difference between the first product value and the second product value.
S140,将所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值作为所述浏览器特征。S140. Use the pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value as the browser feature.
在该实施例中,终端设备的屏幕分辨率包括设备本身具备的屏幕分辨率以及实际应用中可用最大屏幕分辨率。通过屏幕水平方向的像素点和垂 直方向的像素点可确定出屏幕分辨率。该实施例将设备屏幕分辨率的水平方向的像素点x1与垂直方向的像素点y1相乘后得到第一乘积值,将可用最大屏幕分辨率的水平方向的像素点x2与垂直方向的像素点y2相乘后得到第二乘积值。进一步,将第一乘积值与第二乘积值做差,得到差值。最后,将终端设备的设备屏幕分辨率的水平方向的像素点x1、垂直方向的像素点y1、可用最大屏幕分辨率的水平方向的像素点x2、垂直方向的像素点y2,以及第一乘积值、第二乘积值和差值作为所述浏览器特征。In this embodiment, the screen resolution of the terminal device includes the screen resolution of the device itself and the maximum screen resolution available in practical applications. The screen resolution can be determined by the horizontal and vertical pixels of the screen. In this embodiment, the horizontal pixel point x1 of the device screen resolution and the vertical pixel point y1 are multiplied to obtain the first product value, and the horizontal pixel point x2 of the maximum available screen resolution is compared with the vertical pixel point After y2 is multiplied, the second product value is obtained. Further, the difference between the first product value and the second product value is made to obtain the difference. Finally, the horizontal pixel point x1 of the device screen resolution of the terminal device, the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, the vertical pixel point y2, and the first product value , The second product value and the difference value are used as the browser feature.
进一步地,在该实施例的一个实施方式中,步骤S200中“根据所述浏览器特征生成设备指纹信息”,包括:根据所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值生成的分辨率非线性组合特征;根据所述分辨率非线性组合特征、所述第一乘积值和所述第二乘积值生成设备指纹信息。Further, in an implementation of this embodiment, "generating device fingerprint information according to the browser feature" in step S200 includes: according to the pixel point x1, pixel point y1, pixel point x2, pixel point y2, The first product value, the second product value, and the resolution nonlinear combination feature generated by the difference; according to the resolution nonlinear combination feature, the first product value, and the second product value Generate device fingerprint information.
具体地,像素点x1和像素点y1的乘积值为resolution_multi。像素点x2和像素点y2乘积值为available_resolution_multi。上述两个乘积值的差值为D-value。将像素点x1、像素点y1、像素点x2、像素点y2、resolution_multi、available_resolution_multi以及D-value这些特征作为浏览器特征,根据这些特征生成基于分辨率的非线性组合特征,并将基于分辨率的非线性组合特征和乘积resolution_multi、乘积available_resolution_multi生成设备指纹信息,在将生成的设备指纹信息输入分类模型中。Specifically, the product value of the pixel point x1 and the pixel point y1 is resolution_multi. The product value of pixel x2 and pixel y2 is available_resolution_multi. The difference between the above two product values is D-value. Use pixel point x1, pixel point y1, pixel point x2, pixel point y2, resolution_multi, available_resolution_multi, and D-value as browser features, and generate resolution-based nonlinear combination features based on these features. The non-linear combination feature and the product resolution_multi and the product available_resolution_multi generate device fingerprint information, and input the generated device fingerprint information into the classification model.
此外,在该实施的一个实施方式中,所述浏览器特征还包括设备可触控的点的个数、是否支持可触控、验证设备可触控的点数与操作***是否一致、验证设备可触控的点数与是否支持可触控是否一致、设备信息缺失程度特征中的一个或者多个。此时,如图5所示,“所述获取终端设备的浏览器特征,根据所述浏览器特征生成设备指纹信息”还可包括以下步骤:In addition, in one embodiment of this implementation, the browser feature also includes the number of touchable points of the device, whether it supports touch control, verifying whether the touchable points of the device are consistent with the operating system, and verifying that the device can be touched. Whether the number of touch points is consistent with whether it supports touch control, and one or more of the characteristics of the lack of device information. At this time, as shown in Figure 5, "the acquiring the browser characteristics of the terminal device, and generating device fingerprint information according to the browser characteristics" may further include the following steps:
S101,获取所述终端设备的浏览器特征。S101. Obtain the browser feature of the terminal device.
S103,判断***是否为设定时间段内的首次生成验证码。S103: Determine whether the system generates the verification code for the first time within a set time period.
S201,若是,获取所述浏览器特征中的设备可触控的点的个数、是否支持可触控、验证设备可触控的点数与操作***是否一致、验证设备可触 控的点数与是否支持可触控是否一致、设备信息缺失程度特征中的至少3个特征,根据该至少3个特征生成所述设备指纹信息。S201. If yes, obtain the number of touchable points of the device in the browser feature, whether it supports touch control, verify whether the touchable points of the device are consistent with the operating system, and verify whether the touchable points of the device are consistent with the operating system. It supports at least three features of whether the touch is consistent or not and the degree of device information is missing, and generates the device fingerprint information according to the at least three features.
S203,否则,获取终端设备的设备屏幕分辨率的水平方向的像素点x1、垂直方向的像素点y1、可用最大屏幕分辨率的水平方向的像素点x2、垂直方向的像素点y2;计算所述像素点x1与所述像素点y1乘积后的第一乘积值,所述像素点x2与所述像素点y2乘积后的第二乘积值;获取所述第一乘积值和所述第二乘积值的差值;将所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值作为所述浏览器特征。S203. Otherwise, obtain the horizontal pixel point x1 of the device screen resolution of the terminal device, the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, and the vertical pixel point y2; calculate the The first product value after the product of the pixel point x1 and the pixel point y1, and the second product value after the product of the pixel point x2 and the pixel point y2; obtaining the first product value and the second product value Take the pixel point x1, pixel point y1, pixel point x2, pixel point y2, the first product value, the second product value, and the difference value as the browser feature.
在该实施方式中,当服务器获取到终端设备的浏览器特征时,首先判断当前是否为***在设定时间段内的首次生成验证码。若是,则获取浏览器特征中的设备可触控的点的个数、是否支持可触控、验证设备可触控的点数与操作***是否一致、验证设备可触控的点数与是否支持可触控是否一致、设备信息缺失程度特征中的至少3个特征,根据该至少3个特征生成所述设备指纹信息。若否,则如上述实施例所述,根据所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值生成的分辨率非线性组合特征;根据所述分辨率非线性组合特征、所述第一乘积值和所述第二乘积值生成设备指纹信息。因此,服务器通过该实施方式,在接收到终端设备的网络访问请求时,若为首次生成验证码,可根据终端设备的多个硬件条件生成该终端设备的设备指纹信息,保证首次生成的验证码可准确识别出终端设备的性质,增强***的安全验证。若为非首次生成的验证码,可通过终端设备的屏幕分辨率生成终端设备的设备指纹信息,从而再次生成验证码时,缩短生成验证码的时间,提高生成验证码的效率。In this implementation manner, when the server obtains the browser feature of the terminal device, it first determines whether the verification code is currently generated by the system for the first time within a set time period. If yes, obtain the number of touchable points of the device in the browser feature, whether it supports touch control, verify whether the touchable points of the device are consistent with the operating system, verify the touchable points of the device and whether it supports touch The device fingerprint information is generated according to at least three characteristics among the characteristics of whether the control is consistent and the degree of lack of device information. If not, then, as described in the above embodiment, according to the pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value generated Resolution nonlinear combination feature; generating device fingerprint information according to the resolution nonlinear combination feature, the first product value and the second product value. Therefore, when the server receives a network access request from a terminal device, if the verification code is generated for the first time through this embodiment, the device fingerprint information of the terminal device can be generated according to multiple hardware conditions of the terminal device to ensure the verification code generated for the first time It can accurately identify the nature of the terminal equipment and enhance the security verification of the system. If the verification code is not generated for the first time, the device fingerprint information of the terminal device can be generated through the screen resolution of the terminal device, so that when the verification code is generated again, the time for generating the verification code is shortened, and the efficiency of generating the verification code is improved.
本申请还提供一种基于终端设备的验证码生成装置。在一实施例中,如图6所示,该基于终端设备的验证码生成装置包括第一获取模块10、第一生成模块20、第二获取模块30以及第二生成模块40。The application also provides a verification code generation device based on terminal equipment. In an embodiment, as shown in FIG. 6, the terminal device-based verification code generation apparatus includes a first acquisition module 10, a first generation module 20, a second acquisition module 30, and a second generation module 40.
第一获取模块10用于获取终端设备的浏览器特征。在本实施例中,如图3所示,服务器通过前端接收到终端设备通过浏览器发起的网络访问 请求时,通过前端获取终端设备的浏览器特征。具体地,服务器利用前端收集终端设备的浏览器特征包括浏览器语言、像素比、颜色深度、设备屏幕分辨率x、设备屏幕分辨率y、设备可用屏幕分辨率x、设备可用屏幕分辨率y、设备可触控的点的个数、设备是否支持可触控、设备可触控的点数与操作***是否一致的验证结果、设备可触控的点数与支持可触控是否一致的验证结果、cpu类是否未知、浏览器插件是否缺失、使用JS/CSS检测到的字体列表是否缺失、操作***是否为unknown、WebGL供应商是否缺失、浏览器生产厂商是否为other、操作***生产厂商是否为other、浏览器类型是否为robot、浏览器插件、浏览器插件总数、使用JS/CSS检测到的字体总数、操作***和***平台是否一致、音频堆栈指纹是否提供、音频堆栈指纹的参数信息、***对用户代理可用的逻辑处理器总数、是否安装AdBlock、用户是否篡改了语言、用户是否篡改了屏幕分辨率、用户是否篡改了操作***、浏览器生产厂商、操作***生产厂商、访问设备类型、操作***家族及结合上述特征,计算数据的极差、四分位数、四分位数极差、五数概括(按次序最小值、上四分位、中位数、下四分位数、最大值)等。此外,所述浏览器特征信息还可包括所述终端设备的设备信息缺失程度特征。具体地,设备信息缺失对应用户使用设备异常。根据设备信息缺失程度可进行用户有效性判断和分级评判等。例如缺失高中低,对应用户有效性低中高。The first obtaining module 10 is used to obtain the browser feature of the terminal device. In this embodiment, as shown in FIG. 3, when the server receives the network access request initiated by the terminal device through the browser through the front end, the server obtains the browser feature of the terminal device through the front end. Specifically, the server uses the front end to collect the browser characteristics of the terminal device, including browser language, pixel ratio, color depth, device screen resolution x, device screen resolution y, device available screen resolution x, device available screen resolution y, The number of points that can be touched by the device, whether the device supports touch, the number of points that can be touched by the device is consistent with the operating system, the verification result of whether the number of touchable points on the device is consistent with the support for touch, and the CPU Whether the class is unknown, whether the browser plug-in is missing, whether the font list detected by JS/CSS is missing, whether the operating system is unknown, whether the WebGL supplier is missing, whether the browser manufacturer is other, whether the operating system manufacturer is other, Whether the browser type is robot, browser plug-ins, total number of browser plug-ins, total number of fonts detected using JS/CSS, whether the operating system and system platform are consistent, whether the audio stack fingerprint is provided, the parameter information of the audio stack fingerprint, and the system to the user The total number of logical processors available to the agent, whether AdBlock is installed, whether the user has tampered with the language, whether the user has tampered with the screen resolution, whether the user has tampered with the operating system, browser manufacturer, operating system manufacturer, access device type, operating system family And combined with the above characteristics, calculate the data range, quartile, quartile range, quintile summary (in order of minimum, upper quartile, median, lower quartile, maximum) Wait. In addition, the browser feature information may also include a feature of the degree of lack of device information of the terminal device. Specifically, the lack of device information corresponds to the abnormality of the user's use of the device. According to the degree of lack of equipment information, user effectiveness judgment and classification evaluation can be performed. For example, lack of high, medium and low corresponds to low, medium and high user effectiveness.
第一生成模块20用于根据所述浏览器特征生成设备指纹信息。在本实施例中,如图3所示,服务器根据该浏览器特征生成终端设备的设备指纹信息。其中,设备指纹信息可以是由数字、字母中任意一项或多项组成。在一具体实施方式中,设备指纹信息采用数字和小写字母组成的32位字符串。The first generating module 20 is configured to generate device fingerprint information according to the browser feature. In this embodiment, as shown in FIG. 3, the server generates device fingerprint information of the terminal device according to the browser feature. Among them, the device fingerprint information can be composed of any one or more of numbers and letters. In a specific embodiment, the device fingerprint information uses a 32-bit string composed of numbers and lowercase letters.
第二获取模块30用于将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系。在本实施例中,如图3所示,服务器将设备指纹信息输入到分类模型中,由分类模型对设备指纹信息进行分析。分类模型根据设备指纹信息与风险等级的关联关系,输出该设备指纹信息对应的终端 设备的风险等级。其中,分类模型包括基于高斯分布的朴素贝叶斯分类模型。The second acquisition module 30 is configured to input the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level. In this embodiment, as shown in Figure 3, the server inputs device fingerprint information into the classification model, and the classification model analyzes the device fingerprint information. The classification model outputs the risk level of the terminal device corresponding to the device fingerprint information according to the relationship between the device fingerprint information and the risk level. Among them, the classification model includes a naive Bayes classification model based on Gaussian distribution.
第二生成模块40根据所述风险等级生成对应难度程度值的验证码。在本实施例中,如图3所示,服务器通过分类模型确定出终端设备访问网络的风险等级之后,根据确定的风险等级生成对应难度程度值的验证码。具体地,服务器将终端设备访问网络的风险进行等级划分,不同等级的风险对应不同难度程度值的验证码。根据分类模块输出的风险等级,可从***中匹配出该风险等级对应的验证码,并向终端设备发送该对应的验证码。The second generation module 40 generates a verification code corresponding to the degree of difficulty value according to the risk level. In this embodiment, as shown in FIG. 3, after the server determines the risk level of the terminal device accessing the network through the classification model, it generates a verification code corresponding to the degree of difficulty value according to the determined risk level. Specifically, the server classifies the risks of terminal devices accessing the network, and different levels of risks correspond to verification codes with different difficulty levels. According to the risk level output by the classification module, the verification code corresponding to the risk level can be matched from the system, and the corresponding verification code can be sent to the terminal device.
在其他实施例中,本申请提供的基于终端设备的验证码生成装置中的各个模块还用于执行本申请所述的基于终端设备的验证码生成方法中,对应各个步骤执行的操作,在此不再做详细的说明。In other embodiments, each module in the terminal device-based verification code generation apparatus provided in this application is also used to perform the operations performed corresponding to each step in the terminal device-based verification code generation method described in this application. No more detailed instructions.
本申请还提供一种计算机可读存储介质。该存储介质上存储有计算机程序;所述计算机程序被处理器执行时,实现上述任一实施例所述的基于终端设备的验证码生成方法。该存储介质可以是存储器。例如,内存储器或外存储器,或者包括内存储器和外存储器两者。内存储器可以包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦写可编程ROM(EEPROM)、快闪存储器、或者随机存储器。外存储器可以包括硬盘、软盘、ZIP盘、U盘、磁带等。本申请所公开的计算机可读存储介质包括但不限于这些类型的存储器。本申请所公开的存储器只作为例子而非作为限定。The application also provides a computer-readable storage medium. The storage medium stores a computer program; when the computer program is executed by the processor, the terminal device-based verification code generation method described in any of the above embodiments is implemented. The storage medium may be a memory. For example, internal memory or external memory, or both internal memory and external memory. The internal memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), flash memory, or random access memory. External storage can include hard disks, floppy disks, ZIP disks, U disks, tapes, etc. The computer-readable storage medium disclosed in this application includes but is not limited to these types of memories. The memory disclosed in this application is only an example and not a limitation.
本申请还提供一种计算机设备。一种计算机设备包括:一个或多个处理器;存储器;一个或多个应用程序。其中所述一个或多个应用程序被存储在所述存储器中并被配置为由所述一个或多个处理器执行,所述一个或多个应用程序配置用于执行上述任一实施例所述的基于终端设备的验证码生成方法。This application also provides a computer device. A computer device includes: one or more processors; memory; and one or more application programs. Wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, and the one or more application programs are configured to execute the one described in any of the above embodiments A method of generating verification codes based on terminal equipment.
图7为本申请一实施例中的计算机设备的结构示意图。本实施例所述计算机设备可以是服务器、个人计算机以及网络设备。如图7所示,设备包括处理器703、存储器705、输入单元707以及显示单元709等器件。本领域技术人员可以理解,图7示出的设备结构器件并不构成对所有设备 的限定,可以包括比图示更多或更少的部件,或者组合某些部件。存储器705可用于存储应用程序701以及各功能模块,处理器703运行存储在存储器705的应用程序701,从而执行设备的各种功能应用以及数据处理。存储器可以是内存储器或外存储器,或者包括内存储器和外存储器两者。内存储器可以包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦写可编程ROM(EEPROM)、快闪存储器、或者随机存储器。外存储器可以包括硬盘、软盘、ZIP盘、U盘、磁带等。本申请所公开的存储器包括但不限于这些类型的存储器。本申请所公开的存储器只作为例子而非作为限定。FIG. 7 is a schematic structural diagram of a computer device in an embodiment of the application. The computer device described in this embodiment may be a server, a personal computer, and a network device. As shown in FIG. 7, the device includes a processor 703, a memory 705, an input unit 707, a display unit 709 and other devices. Those skilled in the art can understand that the device structure shown in FIG. 7 does not constitute a limitation on all devices, and may include more or less components than those shown in the figure, or combine certain components. The memory 705 may be used to store an application program 701 and various functional modules, and the processor 703 runs the application program 701 stored in the memory 705 to execute various functional applications and data processing of the device. The memory may be internal memory or external memory, or include both internal memory and external memory. The internal memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), flash memory, or random access memory. External storage can include hard disks, floppy disks, ZIP disks, U disks, tapes, etc. The memory disclosed in this application includes but is not limited to these types of memory. The memory disclosed in this application is only an example and not a limitation.
输入单元707用于接收信号的输入,以及接收用户输入的关键字。输入单元707可包括触控面板以及其它输入设备。触控面板可收集用户在其上或附近的触摸操作(比如用户使用手指、触笔等任何适合的物体或附件在触控面板上或在触控面板附近的操作),并根据预先设定的程序驱动相应的连接装置;其它输入设备可以包括但不限于物理键盘、功能键(比如播放控制按键、开关按键等)、轨迹球、鼠标、操作杆等中的一种或多种。显示单元709可用于显示用户输入的信息或提供给用户的信息以及计算机设备的各种菜单。显示单元709可采用液晶显示器、有机发光二极管等形式。处理器703是计算机设备的控制中心,利用各种接口和线路连接整个电脑的各个部分,通过运行或执行存储在存储器705内的软件程序和/或模块,以及调用存储在存储器内的数据,执行各种功能和处理数据。The input unit 707 is used to receive input of signals and keywords input by the user. The input unit 707 may include a touch panel and other input devices. The touch panel can collect the user's touch operations on or near it (for example, the user uses any suitable objects or accessories such as fingers, stylus, etc., to operate on the touch panel or near the touch panel), and according to preset The program drives the corresponding connection device; other input devices may include, but are not limited to, one or more of a physical keyboard, function keys (such as playback control buttons, switch buttons, etc.), trackball, mouse, and joystick. The display unit 709 can be used to display information input by the user or information provided to the user and various menus of the computer device. The display unit 709 can take the form of a liquid crystal display, an organic light emitting diode, or the like. The processor 703 is the control center of the computer equipment. It uses various interfaces and lines to connect the various parts of the entire computer. By running or executing the software programs and/or modules stored in the memory 705, and calling the data stored in the memory, execute Various functions and processing data.
在一实施方式中,设备包括一个或多个处理器703,以及一个或多个存储器705,一个或多个应用程序701。其中所述一个或多个应用程序701被存储在存储器705中并被配置为由所述一个或多个处理器703执行,所述一个或多个应用程序701配置用于执行以上实施例所述的基于终端设备的验证码生成方法。In an embodiment, the device includes one or more processors 703, one or more memories 705, and one or more application programs 701. The one or more application programs 701 are stored in the memory 705 and are configured to be executed by the one or more processors 703, and the one or more application programs 701 are configured to execute the foregoing embodiments. A method of generating verification codes based on terminal equipment.
此外,在本申请各个实施例中的各功能单元可以集成在一个处理模块中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。所述集成的模块如果以软件功能模块的形式实现 并作为独立的产品销售或使用时,也可以存储在一个计算机可读取存储介质中。In addition, the functional units in the various embodiments of the present application may be integrated into one processing module, or each unit may exist alone physically, or two or more units may be integrated into one module. The above-mentioned integrated modules can be implemented in the form of hardware or software functional modules. If the integrated module is implemented in the form of a software function module and sold or used as an independent product, it can also be stored in a computer readable storage medium.
本领域普通技术人员可以理解实现上述实施例的全部或部分步骤可以通过硬件来完成,也可以通过程序来指令相关的硬件完成,该程序可以存储于一计算机可读存储介质中,存储介质可以包括存储器、磁盘或光盘等。Those of ordinary skill in the art can understand that all or part of the steps in the above-mentioned embodiments can be completed by hardware, or by a program instructing related hardware. The program can be stored in a computer-readable storage medium, and the storage medium can include Storage, magnetic disk or optical disc, etc.
以上所述仅是本申请的部分实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本申请原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也应视为本申请的保护范围。The above are only part of the implementation of this application. It should be pointed out that for those of ordinary skill in the art, without departing from the principle of this application, several improvements and modifications can be made, and these improvements and modifications are also Should be regarded as the scope of protection of this application.
应该理解的是,在本申请各实施例中的各功能单元可集成在一个处理模块中,也可以各个单元单独物理存在,也可以两个或两个以上单元集成于一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。It should be understood that the functional units in the embodiments of the present application may be integrated into one processing module, or each unit may exist alone physically, or two or more units may be integrated into one module. The above-mentioned integrated modules can be implemented in the form of hardware or software functional modules.
以上所述仅是本申请的部分实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本申请原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也应视为本申请的保护范围。The above are only part of the implementation of this application. It should be pointed out that for those of ordinary skill in the art, without departing from the principle of this application, several improvements and modifications can be made, and these improvements and modifications are also Should be regarded as the scope of protection of this application.

Claims (20)

  1. 一种基于终端设备的验证码生成方法,包括:A method for generating verification codes based on terminal equipment includes:
    获取终端设备的浏览器特征;Obtain the browser characteristics of the terminal device;
    根据所述浏览器特征生成设备指纹信息;Generating device fingerprint information according to the browser characteristics;
    将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系;Inputting the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
    根据所述风险等级生成对应难度程度值的验证码。According to the risk level, a verification code corresponding to the degree of difficulty is generated.
  2. 根据权利要求1所述的方法,所述获取终端设备的浏览器特征,包括:The method according to claim 1, wherein said obtaining the browser characteristics of the terminal device comprises:
    获取终端设备的设备屏幕分辨率的水平方向的像素点x1、垂直方向的像素点y1、可用最大屏幕分辨率的水平方向的像素点x2、垂直方向的像素点y2;Obtain the horizontal pixel point x1 of the device screen resolution of the terminal device, the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, and the vertical pixel point y2;
    计算所述像素点x1与所述像素点y1乘积后的第一乘积值,所述像素点x2与所述像素点y2乘积后的第二乘积值;Calculating a first product value obtained by multiplying the pixel point x1 and the pixel point y1, and a second product value obtained by multiplying the pixel point x2 and the pixel point y2;
    获取所述第一乘积值和所述第二乘积值的差值;Obtaining the difference between the first product value and the second product value;
    将所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值作为所述浏览器特征。The pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value are used as the browser feature.
  3. 根据权利要求2所述的方法,所述根据所述浏览器特征生成设备指纹信息,包括:The method according to claim 2, wherein said generating device fingerprint information according to the characteristics of the browser comprises:
    根据所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值生成的分辨率非线性组合特征;A resolution nonlinear combination feature generated according to the pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value;
    根据所述分辨率非线性组合特征、所述第一乘积值和所述第二乘积值生成设备指纹信息。The device fingerprint information is generated according to the resolution nonlinear combination feature, the first product value and the second product value.
  4. 根据权利要求2所述的方法,所述浏览器特征还包括设备可触控的点的个数、是否支持可触控、验证设备可触控的点数与操作***是否一致、验证设备可触控的点数与是否支持可触控是否一致、设备信息缺失程度特征中的一个或者多个。The method of claim 2, wherein the browser feature further includes the number of touchable points of the device, whether it supports touch control, verifying whether the touchable points of the device are consistent with the operating system, and verifying that the device can be touched. One or more of the characteristics of whether the number of points is consistent with whether it supports touch control, and the degree of missing device information.
  5. 根据权利要求4所述的方法,所述获取终端设备的浏览器特征,根据所述浏览器特征生成设备指纹信息,包括:The method according to claim 4, said acquiring the browser characteristics of the terminal device, and generating device fingerprint information according to the browser characteristics, comprises:
    获取所述终端设备的浏览器特征;Acquiring the browser feature of the terminal device;
    判断***是否为设定时间段内的首次生成验证码;Determine whether the system generates the verification code for the first time within the set time period;
    若是,获取所述浏览器特征中的设备可触控的点的个数、是否支持可触控、验证设备可触控的点数与操作***是否一致、验证设备可触控的点数与是否支持可触控是否一致、设备信息缺失程度特征中的至少3个特征,根据该至少3个特征生成所述设备指纹信息;If yes, obtain the number of touchable points of the device in the browser feature, whether it supports touch control, verify whether the touchable points of the device are consistent with the operating system, verify the touchable points of the device and whether it supports At least three features among the features of whether the touch is consistent and the degree of missing device information, and generating the device fingerprint information according to the at least three features;
    否则,获取终端设备的设备屏幕分辨率的水平方向的像素点x1、垂直方向的像素点y1、可用最大屏幕分辨率的水平方向的像素点x2、垂直方向的像素点y2;计算所述像素点x1与所述像素点y1乘积后的第一乘积值,所述像素点x2与所述像素点y2乘积后的第二乘积值;获取所述第一乘积值和所述第二乘积值的差值;将所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值作为所述浏览器特征。Otherwise, obtain the horizontal pixel point x1 of the device screen resolution of the terminal device, the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, and the vertical pixel point y2; calculate the pixel point The first product value after the product of x1 and the pixel point y1, the second product value after the product of the pixel point x2 and the pixel point y2; obtaining the difference between the first product value and the second product value Value; the pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value are used as the browser feature.
  6. 根据权利要求1所述的方法,所述获取终端设备的浏览器特征,根据所述浏览器特征生成设备指纹信息,将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级,包括:The method according to claim 1, wherein the acquiring the browser characteristics of the terminal device, generating device fingerprint information according to the browser characteristics, inputting the device fingerprint information into a classification model, and obtaining the risk level of the terminal device, include:
    获取预设时间段内多个验证时间点的所述终端设备的浏览器特征;Acquiring browser features of the terminal device at multiple verification time points within a preset time period;
    根据每个所述验证时间点的所述浏览器特征生成对应的设备指纹信息;Generating corresponding device fingerprint information according to the browser feature at each verification time point;
    将每个所述验证时间点和验证时间点对应的设备指纹信息输入到所述分类模型,得到每个验证时间点对应的风险等级;Inputting each verification time point and device fingerprint information corresponding to the verification time point into the classification model to obtain the risk level corresponding to each verification time point;
    统计每个验证时间点对应的风险等级,得到所述预设时间段内所述终端设备的风险等级。The risk level corresponding to each verification time point is calculated to obtain the risk level of the terminal device within the preset time period.
  7. 根据权利要求1所述的方法,所述风险等级包括按照风险等级从低到高排列的第一风险等级、第二风险等级、第三风险等级以及第四风险等级;The method according to claim 1, wherein the risk level comprises a first risk level, a second risk level, a third risk level, and a fourth risk level in descending order of risk levels;
    所述根据所述风险等级生成对应难度程度值的验证码,包括:The generating a verification code corresponding to the degree of difficulty value according to the risk level includes:
    若所述风险等级为所述第一风险等级,生成点击操作的验证码;If the risk level is the first risk level, generate a verification code for the click operation;
    若所述风险等级为所述第二风险等级,生成滑块类型的验证码;If the risk level is the second risk level, generate a slider type verification code;
    若所述风险等级为所述第三风险等级,生成点选操作的验证码;If the risk level is the third risk level, generate a verification code for the click operation;
    若所述风险等级为所述第四风险等级,生成语音声纹类型的验证码。If the risk level is the fourth risk level, a verification code of the voiceprint type is generated.
  8. 一种基于终端设备的验证码生成装置,包括:A verification code generation device based on terminal equipment, including:
    第一获取模块,用于获取终端设备的浏览器特征;The first obtaining module is used to obtain the browser characteristics of the terminal device;
    第一生成模块,用于根据所述浏览器特征生成设备指纹信息;The first generating module is configured to generate device fingerprint information according to the browser feature;
    第二获取模块,用于将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系;The second acquisition module is configured to input the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
    第二生成模块,根据所述风险等级生成对应难度程度值的验证码。The second generation module generates a verification code corresponding to the degree of difficulty value according to the risk level.
  9. 一种计算机可读存储介质,其上存储有计算机程序;所述计算机程序适于由处理器加载并执行基于终端设备的验证码生成方法,其中,所述基于终端设备的验证码生成方法的步骤,包括:A computer-readable storage medium having a computer program stored thereon; the computer program is suitable for being loaded by a processor and executing a terminal device-based verification code generation method, wherein the steps of the terminal device-based verification code generation method ,include:
    获取终端设备的浏览器特征;Obtain the browser characteristics of the terminal device;
    根据所述浏览器特征生成设备指纹信息;Generating device fingerprint information according to the browser characteristics;
    将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系;Inputting the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
    根据所述风险等级生成对应难度程度值的验证码。According to the risk level, a verification code corresponding to the degree of difficulty is generated.
  10. 根据权利要求9所述的计算机可读存储介质,所述获取终端设备的浏览器特征,包括:The computer-readable storage medium according to claim 9, wherein said acquiring the browser characteristics of the terminal device comprises:
    获取终端设备的设备屏幕分辨率的水平方向的像素点x1、垂直方向的像素点y1、可用最大屏幕分辨率的水平方向的像素点x2、垂直方向的像素点y2;Obtain the horizontal pixel point x1 of the device screen resolution of the terminal device, the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, and the vertical pixel point y2;
    计算所述像素点x1与所述像素点y1乘积后的第一乘积值,所述像素点x2与所述像素点y2乘积后的第二乘积值;Calculating a first product value obtained by multiplying the pixel point x1 and the pixel point y1, and a second product value obtained by multiplying the pixel point x2 and the pixel point y2;
    获取所述第一乘积值和所述第二乘积值的差值;Obtaining the difference between the first product value and the second product value;
    将所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值作为所述浏览器特征。The pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value are used as the browser feature.
  11. 根据权利要求10所述的计算机可读存储介质,所述根据所述浏览器特征生成设备指纹信息,包括:11. The computer-readable storage medium according to claim 10, wherein the generating device fingerprint information according to the browser feature comprises:
    根据所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值生成的分辨率非线性组合特征;A resolution nonlinear combination feature generated according to the pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value;
    根据所述分辨率非线性组合特征、所述第一乘积值和所述第二乘积值生成设备指纹信息。The device fingerprint information is generated according to the resolution nonlinear combination feature, the first product value and the second product value.
  12. 根据权利要求10所述的计算机可读存储介质,所述浏览器特征还包括设备可触控的点的个数、是否支持可触控、验证设备可触控的点数与操作***是否一致、验证设备可触控的点数与是否支持可触控是否一致、设备信息缺失程度特征中的一个或者多个。The computer-readable storage medium according to claim 10, wherein the browser feature further includes the number of touchable points of the device, whether it supports touch control, verifying whether the touchable points of the device are consistent with the operating system, and verifying Whether the number of touchable points of the device is consistent with whether it supports touch control, and one or more of the characteristics of the lack of device information.
  13. 根据权利要求12所述的计算机可读存储介质,所述获取终端设备的浏览器特征,根据所述浏览器特征生成设备指纹信息,包括:The computer-readable storage medium according to claim 12, said acquiring the browser characteristics of the terminal device, and generating device fingerprint information according to the browser characteristics, comprises:
    获取所述终端设备的浏览器特征;Acquiring the browser feature of the terminal device;
    判断***是否为设定时间段内的首次生成验证码;Determine whether the system generates the verification code for the first time within the set time period;
    若是,获取所述浏览器特征中的设备可触控的点的个数、是否支持可触控、验证设备可触控的点数与操作***是否一致、验证设备可触控的点数与是否支持可触控是否一致、设备信息缺失程度特征中的至少3个特征,根据该至少3个特征生成所述设备指纹信息;If yes, obtain the number of touchable points of the device in the browser feature, whether it supports touch control, verify whether the touchable points of the device are consistent with the operating system, verify the touchable points of the device and whether it supports At least three features among the features of whether the touch is consistent and the degree of missing device information, and generating the device fingerprint information according to the at least three features;
    否则,获取终端设备的设备屏幕分辨率的水平方向的像素点x1、垂直方向的像素点y1、可用最大屏幕分辨率的水平方向的像素点x2、垂直方向的像素点y2;计算所述像素点x1与所述像素点y1乘积后的第一乘积值,所述像素点x2与所述像素点y2乘积后的第二乘积值;获取所述第一乘积值和所述第二乘积值的差值;将所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值作为所述浏览器特征。Otherwise, obtain the horizontal pixel point x1 of the device screen resolution of the terminal device, the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, and the vertical pixel point y2; calculate the pixel point The first product value after the product of x1 and the pixel point y1, the second product value after the product of the pixel point x2 and the pixel point y2; obtaining the difference between the first product value and the second product value Value; the pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value are used as the browser feature.
  14. 根据权利要求9所述的计算机可读存储介质,所述获取终端设备的浏览器特征,根据所述浏览器特征生成设备指纹信息,将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级,包括:The computer-readable storage medium according to claim 9, wherein said acquiring a browser feature of a terminal device, generating device fingerprint information according to said browser feature, and inputting said device fingerprint information into a classification model to obtain said terminal device The level of risk includes:
    获取预设时间段内多个验证时间点的所述终端设备的浏览器特征;Acquiring browser features of the terminal device at multiple verification time points within a preset time period;
    根据每个所述验证时间点的所述浏览器特征生成对应的设备指纹信息;Generating corresponding device fingerprint information according to the browser feature at each verification time point;
    将每个所述验证时间点和验证时间点对应的设备指纹信息输入到所述分类模型,得到每个验证时间点对应的风险等级;Inputting each verification time point and device fingerprint information corresponding to the verification time point into the classification model to obtain the risk level corresponding to each verification time point;
    统计每个验证时间点对应的风险等级,得到所述预设时间段内所述终端设备的风险等级。The risk level corresponding to each verification time point is calculated to obtain the risk level of the terminal device within the preset time period.
  15. 一种计算机设备,其包括:A computer equipment including:
    一个或多个处理器;One or more processors;
    存储器;Memory
    一个或多个应用程序,其中所述一个或多个应用程序被存储在所述存储器中并被配置为由所述一个或多个处理器执行,所述一个或多个应用程序配置用于执行基于终端设备的验证码生成方法,其中,所述基于终端设备的验证码生成方法的步骤,包括:One or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, and the one or more application programs are configured to execute A method for generating a verification code based on a terminal device, wherein the steps of the method for generating a verification code based on a terminal device include:
    获取终端设备的浏览器特征;Obtain the browser characteristics of the terminal device;
    根据所述浏览器特征生成设备指纹信息;Generating device fingerprint information according to the browser characteristics;
    将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级;所述分类模型用于表征所述设备指纹信息与所述风险等级的关联关系;Inputting the device fingerprint information into a classification model to obtain the risk level of the terminal device; the classification model is used to characterize the association relationship between the device fingerprint information and the risk level;
    根据所述风险等级生成对应难度程度值的验证码。According to the risk level, a verification code corresponding to the degree of difficulty is generated.
  16. 根据权利要求15所述的计算机设备,所述获取终端设备的浏览器特征,包括:The computer device according to claim 15, wherein said acquiring the browser characteristics of the terminal device comprises:
    获取终端设备的设备屏幕分辨率的水平方向的像素点x1、垂直方向的像素点y1、可用最大屏幕分辨率的水平方向的像素点x2、垂直方向的像素点y2;Obtain the horizontal pixel point x1 of the device screen resolution of the terminal device, the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, and the vertical pixel point y2;
    计算所述像素点x1与所述像素点y1乘积后的第一乘积值,所述像素点x2与所述像素点y2乘积后的第二乘积值;Calculating a first product value obtained by multiplying the pixel point x1 and the pixel point y1, and a second product value obtained by multiplying the pixel point x2 and the pixel point y2;
    获取所述第一乘积值和所述第二乘积值的差值;Obtaining the difference between the first product value and the second product value;
    将所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值作为所述浏览器特征。The pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value are used as the browser feature.
  17. 根据权利要求16所述的计算机设备,所述根据所述浏览器特征生成设备指纹信息,包括:The computer device according to claim 16, wherein said generating device fingerprint information according to the characteristics of the browser comprises:
    根据所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘 积值、所述第二乘积值以及所述差值生成的分辨率非线性组合特征;A resolution nonlinear combination feature generated according to the pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value;
    根据所述分辨率非线性组合特征、所述第一乘积值和所述第二乘积值生成设备指纹信息。The device fingerprint information is generated according to the resolution nonlinear combination feature, the first product value and the second product value.
  18. 根据权利要求16所述的计算机设备,所述浏览器特征还包括设备可触控的点的个数、是否支持可触控、验证设备可触控的点数与操作***是否一致、验证设备可触控的点数与是否支持可触控是否一致、设备信息缺失程度特征中的一个或者多个。The computer device according to claim 16, wherein the browser feature further includes the number of touchable points of the device, whether it supports touch control, verifying whether the touchable points of the device are consistent with the operating system, and verifying that the device is touchable. Whether the number of control points is consistent with whether it supports touch control, and one or more of the characteristics of the lack of device information.
  19. 根据权利要求18所述的计算机设备,所述获取终端设备的浏览器特征,根据所述浏览器特征生成设备指纹信息,包括:The computer device according to claim 18, wherein said acquiring the browser characteristics of the terminal device and generating device fingerprint information according to the browser characteristics comprises:
    获取所述终端设备的浏览器特征;Acquiring the browser feature of the terminal device;
    判断***是否为设定时间段内的首次生成验证码;Determine whether the system generates the verification code for the first time within the set time period;
    若是,获取所述浏览器特征中的设备可触控的点的个数、是否支持可触控、验证设备可触控的点数与操作***是否一致、验证设备可触控的点数与是否支持可触控是否一致、设备信息缺失程度特征中的至少3个特征,根据该至少3个特征生成所述设备指纹信息;If yes, obtain the number of touchable points of the device in the browser feature, whether it supports touch control, verify whether the touchable points of the device are consistent with the operating system, verify the touchable points of the device and whether it supports At least three features among the features of whether the touch is consistent and the degree of missing device information, and generating the device fingerprint information according to the at least three features;
    否则,获取终端设备的设备屏幕分辨率的水平方向的像素点x1、垂直方向的像素点y1、可用最大屏幕分辨率的水平方向的像素点x2、垂直方向的像素点y2;计算所述像素点x1与所述像素点y1乘积后的第一乘积值,所述像素点x2与所述像素点y2乘积后的第二乘积值;获取所述第一乘积值和所述第二乘积值的差值;将所述像素点x1、像素点y1、像素点x2、像素点y2、所述第一乘积值、所述第二乘积值以及所述差值作为所述浏览器特征。Otherwise, obtain the horizontal pixel point x1 of the device screen resolution of the terminal device, the vertical pixel point y1, the horizontal pixel point x2 of the maximum available screen resolution, and the vertical pixel point y2; calculate the pixel point The first product value after the product of x1 and the pixel point y1, the second product value after the product of the pixel point x2 and the pixel point y2; obtaining the difference between the first product value and the second product value Value; the pixel point x1, the pixel point y1, the pixel point x2, the pixel point y2, the first product value, the second product value, and the difference value are used as the browser feature.
  20. 根据权利要求15所述的计算机设备,所述获取终端设备的浏览器特征,根据所述浏览器特征生成设备指纹信息,将所述设备指纹信息输入到分类模型,得到所述终端设备的风险等级,包括:The computer device according to claim 15, said acquiring the browser characteristics of the terminal device, generating device fingerprint information according to the browser characteristics, and inputting the device fingerprint information into a classification model to obtain the risk level of the terminal device ,include:
    获取预设时间段内多个验证时间点的所述终端设备的浏览器特征;Acquiring browser features of the terminal device at multiple verification time points within a preset time period;
    根据每个所述验证时间点的所述浏览器特征生成对应的设备指纹信息;Generating corresponding device fingerprint information according to the browser feature at each verification time point;
    将每个所述验证时间点和验证时间点对应的设备指纹信息输入到所 述分类模型,得到每个验证时间点对应的风险等级;Inputting each verification time point and the device fingerprint information corresponding to the verification time point into the classification model to obtain the risk level corresponding to each verification time point;
    统计每个验证时间点对应的风险等级,得到所述预设时间段内所述终端设备的风险等级。The risk level corresponding to each verification time point is calculated to obtain the risk level of the terminal device within the preset time period.
PCT/CN2019/117236 2019-02-13 2019-11-11 Verification code generation method and apparatus, and storage medium and computer device WO2020164268A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910112933.2A CN109918892B (en) 2019-02-13 2019-02-13 Verification code generation method and device, storage medium and computer equipment
CN201910112933.2 2019-02-13

Publications (1)

Publication Number Publication Date
WO2020164268A1 true WO2020164268A1 (en) 2020-08-20

Family

ID=66961571

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/117236 WO2020164268A1 (en) 2019-02-13 2019-11-11 Verification code generation method and apparatus, and storage medium and computer device

Country Status (2)

Country Link
CN (1) CN109918892B (en)
WO (1) WO2020164268A1 (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109918892B (en) * 2019-02-13 2023-11-21 平安科技(深圳)有限公司 Verification code generation method and device, storage medium and computer equipment
CN112187702A (en) * 2019-07-02 2021-01-05 北京京东尚科信息技术有限公司 Method and device for verifying client
CN110362985A (en) * 2019-07-16 2019-10-22 北京天融信网络安全技术有限公司 A kind of verification method and device
CN110472407A (en) * 2019-08-21 2019-11-19 广州大学 A kind of access authentication method and system based on gesture identifying code
CN110460993A (en) * 2019-08-21 2019-11-15 广州大学 A kind of authentication method and system based on gesture verifying
CN112422488A (en) * 2019-08-23 2021-02-26 钉钉控股(开曼)有限公司 Screen projection method and device
CN110598392A (en) * 2019-09-12 2019-12-20 同盾控股有限公司 Man-machine verification method and device, storage medium and electronic equipment
CN110572700B (en) * 2019-09-19 2021-06-11 湖南快乐阳光互动娱乐传媒有限公司 Client risk identification method and system
CN112131551A (en) * 2020-09-25 2020-12-25 平安国际智慧城市科技股份有限公司 Verification code verification method and device, computer equipment and readable storage medium
CN112818340A (en) * 2021-01-20 2021-05-18 北京顶象技术有限公司 Control method and device of prevention and control system and electronic equipment
CN112948812B (en) * 2021-03-29 2022-07-08 天津车之家数据信息技术有限公司 Verification code distribution method, computing device and storage medium
CN114048449B (en) * 2022-01-11 2022-05-13 北京顶象技术有限公司 Method and device for improving security of verification code by combining cache information

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105323227A (en) * 2014-07-30 2016-02-10 腾讯科技(深圳)有限公司 Verification code image generation method and device and electronic equipment
CN107046516A (en) * 2016-02-05 2017-08-15 上海行邑信息科技有限公司 A kind of air control control method and device for recognizing mobile terminal identity
WO2018152301A1 (en) * 2017-02-20 2018-08-23 Alibaba Group Holding Limited Verification method and device
CN108513267A (en) * 2017-02-27 2018-09-07 ***通信集团浙江有限公司 Safe verification method, authentication server and the service terminal of communication service
CN109918892A (en) * 2019-02-13 2019-06-21 平安科技(深圳)有限公司 Verification code generation method, device and storage medium, computer equipment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106446202A (en) * 2016-09-30 2017-02-22 福建北卡科技有限公司 Anti-interference browser fingerprint generation method based on implicit characteristic acquisition
CN107066974B (en) * 2017-04-17 2020-11-27 东南大学 Browser fingerprint change resistant terminal equipment identification method
CN107749844A (en) * 2017-10-16 2018-03-02 维沃移动通信有限公司 Auth method and mobile terminal
CN109104456A (en) * 2018-06-07 2018-12-28 北京本邦科技股份有限公司 A kind of user tracking based on browser fingerprint and propagating statistics analysis method
CN109165840B (en) * 2018-08-20 2022-06-21 平安科技(深圳)有限公司 Risk prediction processing method, risk prediction processing device, computer equipment and medium
CN109255230A (en) * 2018-09-29 2019-01-22 武汉极意网络科技有限公司 Recognition methods, system, user equipment and the storage medium of abnormal verifying behavior

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105323227A (en) * 2014-07-30 2016-02-10 腾讯科技(深圳)有限公司 Verification code image generation method and device and electronic equipment
CN107046516A (en) * 2016-02-05 2017-08-15 上海行邑信息科技有限公司 A kind of air control control method and device for recognizing mobile terminal identity
WO2018152301A1 (en) * 2017-02-20 2018-08-23 Alibaba Group Holding Limited Verification method and device
CN108513267A (en) * 2017-02-27 2018-09-07 ***通信集团浙江有限公司 Safe verification method, authentication server and the service terminal of communication service
CN109918892A (en) * 2019-02-13 2019-06-21 平安科技(深圳)有限公司 Verification code generation method, device and storage medium, computer equipment

Also Published As

Publication number Publication date
CN109918892B (en) 2023-11-21
CN109918892A (en) 2019-06-21

Similar Documents

Publication Publication Date Title
WO2020164268A1 (en) Verification code generation method and apparatus, and storage medium and computer device
US9870461B2 (en) CAPTCHA techniques utilizing traceable images
WO2019153604A1 (en) Device and method for creating human/machine identification model, and computer readable storage medium
US10515212B1 (en) Tracking sensitive data in a distributed computing environment
Degott et al. Learning user interface element interactions
CN109376078B (en) Mobile application testing method, terminal equipment and medium
US20120204257A1 (en) Detecting fraud using touchscreen interaction behavior
WO2020164274A1 (en) Network verification data sending method and apparatus, and storage medium and server
US20180232515A1 (en) Client login method and apparatus and storage medium
US20140089824A1 (en) Systems And Methods For Dynamically Altering A User Interface Based On User Interface Actions
US10447723B2 (en) Creating notes on lock screen
CN104954131B (en) The verification method and system of identifying code
US20150007330A1 (en) Scoring security risks of web browser extensions
US20130073945A1 (en) Dynamic reorganization of page elements of a web application
WO2020164272A1 (en) Network access device identifying method and apparatus, storage medium and computer device
KR102513334B1 (en) Image verification method and apparatus, electronic device and computer-readable storage medium
US9035745B2 (en) Biometric authentication
CN111767982A (en) Training method and device for user conversion prediction model, storage medium and electronic equipment
US9477399B1 (en) Automated interaction for mobile applications
Yang et al. Eavesdropping user credentials via GPU side channels on smartphones
CN111898126B (en) Android repackaging application detection method based on dynamically acquired user interface
US11201888B2 (en) Methods and systems for discovering network security gaps
CN110276183B (en) Reverse Turing verification method and device, storage medium and electronic equipment
US9009628B2 (en) Method and system for processing information fed via an inputting means
US11347842B2 (en) Systems and methods for protecting a remotely hosted application from malicious attacks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19915372

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 01/12/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 19915372

Country of ref document: EP

Kind code of ref document: A1