CN105868970B

Movatterモバイル変換

Info

Publication number: CN105868970B
Application number: CN201610180347.8A
Authority: CN
Inventors: 赵志扬; 刘俊峰
Original assignee: Lenovo Beijing Ltd
Current assignee: Lenovo Beijing Ltd
Priority date: 2016-03-25
Filing date: 2016-03-25
Publication date: 2020-01-31
Anticipated expiration: 2036-03-25
Also published as: CN105868970A

Abstract

The application provides authentication methods and electronic equipment, and the method is used for solving the technical problem that the safety of the electronic equipment is low in the process of payment by using an application and comprises the steps of generating a 2 th authentication request corresponding to a 1 th payment when a th application of the electronic equipment is used for conducting a 0 th payment, wherein the 3 th authentication request is a request for authenticating a current th user of the electronic equipment, obtaining electronic identity card eID information related to the th user in the electronic equipment based on the authentication request, obtaining a matching success result for representing that the eID information is successfully matched with th preset eID information in at least preset eID information, and determining that the th user passes authentication based on the matching success result, wherein each preset eID information in the at least preset eID information is legal eID information corresponding to a user eI .

Description

authentication method and electronic equipment

Technical Field

The present invention relates to the field of electronic technologies, and in particular, to authentication methods and electronic devices.

Background

With the rapid development of science and technology and the increasing market competition, the performance and appearance of electronic devices have been greatly improved, and among them, notebook computers are enjoyed by more and more people with the advantages of being small, light, portable, and highly recreational, and become an indispensable part in study and life.

For example, the user can carry out mobile payment, transfer, credit card repayment and the like through a Payment treasure application, a WeChat application, a mobile phone QQ ( instant messaging software), a Baidu wallet, a Unionpay, various commercial bank mobile phone clients and the like, so that the asset management process is very convenient.

However, in practical applications, a user usually needs to set a corresponding account and a corresponding password for each application, and then the user can authorize the operation of the application through the memorized account and the corresponding password. However, the security of the transaction only by means of the account number and the payment password is low, so that the security of the application is also low. In addition, in some cases, for example, the user forgets to pay the password or loses the mobile phone, the user may not be able to complete the related authentication, and thus the payment function of the related application may not be used.

Therefore, the electronic device in the prior art has the technical problem of low security in the process of using the application to pay.

Disclosure of Invention

The application provides authentication methods and electronic equipment, which are used for solving the technical problem that the electronic equipment is low in safety in the payment process by using an application.

, the present application provides authentication methods comprising the steps of:

generating a th authentication request corresponding to the th payment when the th payment is made through an th application of the electronic device, wherein the th authentication request is a request for authenticating a current th user of the electronic device;

obtaining electronic identity card eID information related to the user in the electronic equipment based on the authentication request;

obtaining a matching success result used for representing that the eID information is successfully matched with th preset eID information in at least preset eID information, wherein each preset eID information in at least preset eID information is legal eID information corresponding to unique to a user;

determining that the user is authenticated based on the matching success result.

Optionally, the obtaining of the electronic identity card eID information related to the user in the electronic device based on the authentication request includes:

obtaining biometric information of the user based on the authentication request;

verifying the biological characteristic information;

and if the biological characteristic information is confirmed to be verified, calling eID information related to the th user in the electronic equipment.

Optionally, the obtaining a successful matching result for representing that the eID information is successfully matched with th preset eID information of at least preset eID information includes:

sending the eID information to a cloud server connected with the electronic equipment, wherein the cloud server comprises at least pieces of preset eID information authenticated by real names;

judging whether a matching success result which is sent by the cloud server and used for representing that the eID information is successfully matched with th preset eID information in at least preset eID information is received;

and if the matching is successful, obtaining the matching success result.

obtaining at least preset eID information from a storage unit of the electronic device;

and judging whether the eID information is successfully matched with th preset eID information in at least preset eID information, and obtaining a successful matching result when the matching is successful.

Optionally, after determining that the th user is authenticated, the method further includes:

generating and feeding back an authentication result for representing that the eID information has passed the authentication to the application;

the application completes the payment based on the authentication result.

In a second aspect, the present application provides electronic devices, comprising:

the electronic equipment comprises a memory, a storage unit and a processing unit, wherein the memory is used for storing electronic identity card eID information related to a user of an application in the electronic equipment;

the processor is used for generating a 1 authentication request corresponding to a 0 th payment when a th payment is made through an th application of the electronic device, obtaining eID information related to a th user in the electronic device based on the 2 th authentication request, obtaining a matching success result for representing that the eID information is successfully matched with th preset eID information in at least preset eID information, and determining that the th user passes the authentication based on the matching success result, wherein the th authentication request is a request for authenticating a current th user of the electronic device, and each piece of preset eID information in the at least preset eID information is legal eID information corresponding to only.

Optionally, the processor is configured to:

verifying the biological characteristic information;

Optionally, the processor is configured to:

and if the matching is successful, obtaining the matching success result.

Optionally, the processor is configured to:

obtaining at least preset eID information from a memory of the electronic device;

Optionally, the processor is further configured to:

after determining that the th user is authenticated, generating and feeding back an authentication result to the th application characterizing that the eID information has been authenticated, the th application completing the th payment based on the authentication result.

In a third aspect, the present application provides electronic devices, comprising:

a generating module, configured to generate a th authentication request corresponding to the th payment when a th payment is made through an th application of an electronic device, where the th authentication request is a request for authenticating a current th user of the electronic device;

an obtaining module, configured to obtain, based on the -th authentication request, electronic identity card eID information of the electronic device related to the -th user;

the authentication module is configured to obtain a successful matching result for representing that the eID information is successfully matched with th preset eID information of at least preset eID information, where each preset eID information of the at least preset eID information is legal eID information corresponding to a unique of a user;

and the processing module is used for determining that the th user is authenticated based on the matching success result.

Through or a plurality of technical solutions in this application, or a plurality of technical effects can be achieved as follows:

in the application, when payment is performed through th application of the electronic device, a authentication request corresponding to th payment can be generated, and then the electronic device can obtain electronic identity card eID information related to th users in the electronic device, and further if the eID information is successfully matched with th preset eID information in at least preset eID information, the th users can pass authentication according to the matching success result, so that in the process that the users use th application for payment, whether the current users are legal users can be determined by matching the eID information of th users with the preset eID information, authority of the authentication process can be guaranteed, and safety of the payment process of the electronic device is higher.

Meanwhile, since the preset eID information is legal eID information corresponding to unique to the user, the eID information of the th user stored by the local computer is matched with the preset eID information in the authentication process, so that the leakage of the user information is prevented, and the confidentiality is high.

In addition, when the user authentication is carried out, the eID information related to the th user in the electronic equipment can be obtained based on the authentication request corresponding to the th payment, and then the eID information is automatically matched with the preset eID information through the electronic equipment, so that the authentication process of the user can be realized through the eID information of the user, the payment function is completed, the user does not need to memorize a large amount of data such as an account number, a password and the like, and the user experience is improved.

Drawings

FIG. 1 is a flow chart of an authentication method in an embodiment of the invention;

FIG. 2 is a schematic flow chart illustrating payment by an application according to an embodiment of the present invention;

FIG. 3 is a block diagram of an electronic device in an embodiment of the invention;

fig. 4 is a block diagram of an electronic device in an embodiment of the invention.

Detailed Description

To make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete description of the technical solutions of the embodiments of the present invention will be given below with reference to the accompanying drawings of the embodiments of the present invention, and it is obvious that the described embodiments are partial embodiments of of the present invention, rather than all embodiments.

In the embodiment of the present invention, the electronic device may be a PC (personal computer), a notebook computer, a PAD (tablet computer), a mobile phone, or other different devices, which is not limited in the present invention.

Optionally, in the embodiment of the present invention, a plurality of applications may be installed in the electronic device, for example, a wechat application, a QQ application, a paupo application, a hectogram application, and the like, and after the electronic device is connected to a network, for example, after the electronic device is connected to a Wi-Fi (wireless fidelity ), and the like, the user may use a plurality of functions provided by the applications, for example, may use the paupo application to perform payment, transfer, and the like.

The Electronic Identity card (Electronic Identity, eID) can establish different credit levels by utilizing various Identity information actively submitted by a user, and generates groups of network identifiers and digital certificates, different from the traditional resident Identity card, the Electronic Identity card is mainly used in a network, the Electronic Identity card only comprises sections of network identifiers in design principle and does not contain any user Identity information, and the establishment and management of the related Identity of the Electronic Identity card are carried out by an organization of the system in management thinking.

In addition, the term "and/or" in this document is only kinds of association relations describing the association relation of the associated objects, which means that there may be three kinds of relations, for example, a and/or B, which may mean three kinds of relations of a alone, a and B together, and B alone.

Preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings.

As shown in fig. 1, the embodiment of the present invention discloses authentication methods, and the procedures of the methods are described as follows.

And S11, when th payment is carried out through the th application of the electronic equipment, generating a th authentication request corresponding to th payment, wherein a th authentication request is a request for authenticating the current th user of the electronic equipment.

In the embodiment of the present invention, the th payment may be an application of a user in using an electronic device to make a related payment, such as a user transferring a money, making a payment by credit card, or making a red envelope using an application in a mobile phone, etc. the th application may be a third party application installed in the electronic device and having a payment function, such as a pay-for-treasure application, etc., and the present invention is not limited in particular.

In practical applications, the th application may be an application that requires the user to perform real-name authentication, such as a pay pal application, a 12306 application, and the like, and when registering, the user may complete registration of the name and related eID on the relevant website of the th application, while the real personal information is stored in the public security database or the database hosted by the public security database, and the website is invisible, so as to prevent the user information from being obtained by hackers and perhaps illegally sold by the website, which may cause privacy disclosure.

Optionally, when detecting that there is a th payment in the th application, the electronic device may generate a th authentication request corresponding to the th payment, so as to authenticate the th user, that is, authenticate the current user.

And S12, obtaining the eID information related to the th user in the electronic equipment based on the authentication request.

In the embodiment of the present invention, the obtained eID information may refer to information including an identity corresponding to the user.

Optionally, after generating the authentication request, the electronic device may obtain, based on the authentication request, the eID information corresponding to the th user, in an actual Application, the electronic device may generate, based on the th payment, the th authentication request to an eID Application Programming Interface (API) in the electronic device, and when the eID API receives the request, it needs to verify identity characteristics, such as a fingerprint, a pupil, and the like, related to the eID of the th user, that is, at this time, the electronic device needs to obtain biometric information related to the user and verify the biometric information, where the biometric information may refer to fingerprint information of the user.

For example, a user can prompt the user to input fingerprint information through an application interface of an th application in a mobile phone, after the fingerprint information of a th user is obtained, the identity of the user is verified through the fingerprint information at the mobile phone end, if the obtained fingerprint information is matched with reserved fingerprint information corresponding to a current user account in a th application, if the matching is successful, it is determined that the preliminary verification of the th user is successful, and at the moment, the eID information corresponding to the th user in the electronic device can be called through an eID API.

S13, obtaining a successful matching result used for representing successful matching between the eID information and th preset eID information in at least preset eID information, wherein each preset eID information in at least preset eID information is legal eID information corresponding to only of a user.

In the embodiment of the present invention, the th preset eID information may be a network electronic identity signed by a network identity recognition system of a public security department to a citizen built and developed by a research institute of the public security department, and generally speaking, the th preset eID information may be stored in a cloud.

Optionally, after the eID information is obtained through the eID API in the electronic device, the eID information obtained may be verified, and the verification process may include the following two ways:

the method includes the steps of sending the eID information to a cloud server connected with the electronic device, wherein the cloud server comprises at least pieces of preset eID information which pass real-name authentication, further judging whether a matching success result which is sent by the cloud server and used for representing successful matching of the eID information and th preset eID information in at least pieces of preset eID information is received, and if the matching is successful, obtaining the matching success result.

In practical applications, the cloud server may be an eID server provided by a police department, which may be used to provide user authentication for terminal applications, and the cloud server stores therein a plurality of preset eID information, each of which corresponds to unique to a user, wherein the th preset eID information may be a fingerprint corresponding to a th user

In the embodiment of the invention, after the eID API fingerprint biological characteristic verification is determined to pass, the eID information can be acquired through an eID service calling related interface and is sent to an eID server (namely a cloud server) of a public security department for identity verification, and the eID server can match the received eID information with a plurality of preset eID information stored in the eID server so as to determine whether the received eID information is the effective identity information of a user.

For example, the cloud server may match the identity in the received eID information with a preset identity in th preset eID information stored in the th user unique , and if the matching is successful, may determine that the current th user passes user verification, as shown in fig. 2, it is an authentication process when paying th for the th application.

The second mode is that at least pieces of preset eID information are obtained from a storage unit of the electronic equipment, whether the eID information is successfully matched with th preset eID information in at least pieces of preset eID information is judged, and when the matching is successful, a matching success result is obtained.

When the user pays through the third-party application, the eID information related to the user is obtained based on the authentication request, and then the eID information is matched with the preset eID information related to the user using the application in the storage unit of the electronic device, if the matching is successful, the eID information of the user is verified successfully.

Since eID is used for associating the identity of the individual with the background database through a cryptographic technique, the identity can be identified only by , and the security is high.

And S14, determining that the th user is authenticated based on the matching success result.

In practical applications, if it is determined that the eID information is successfully matched with the th preset eID information, the eID server may send the matching result to a server of a third-party application, such as a server of a third-party application, for example, a QQ application, a pay-for-use application, and the like, so that the server of the third-party application then feeds the result back to the th application, so that the th application may pay the th payment based on the authentication result.

For example, if a user pays by using a pay bank application in a mobile phone, the user is authenticated based on an authentication request, an eID API receiving the authentication request in the mobile phone needs to verify the fingerprint of the user, at this time, prompting information can be displayed through a pay bank interface to prompt the user to input the fingerprint, after the fingerprint of the user is determined to pass verification, the eID information can be called and the obtained eID information is sent to a cloud server for verification, namely, the eID information is matched with preset eID information for verification, such as being sent to a server of the pay bank application, the server of the pay bank application can also be a server of a cloud, after a successful verification result sent by the eID server is received, the operation of the user for the pay bank application in the mobile phone end can be authorized, and the result of the user operation is displayed on an application interface, such as a message of successful payment or successful transfer is displayed.

In the embodiment of the invention, because eID authentication is added in the user authentication process, the password technology is used as the basis, the intelligent security chip is used as the carrier, and the real identity of an individual is remotely verified in a network, so that the accuracy of user authentication in the applied payment process is higher, and the safety of the payment process is higher.

In the authentication process, the electronic equipment submits the acquired eID information to a public security database for inquiring, the returned result is only state information, namely whether the person really exists or not and whether the eID is effective or not, and the result does not contain any personal privacy information such as name, identity card number and the like. Therefore, the authenticity requirement of the real name is met, and the purpose of protecting the privacy of the individual is also achieved.

As shown in fig. 3, based on the same inventive concept of , the embodiment of the present invention discloses kinds of electronic devices, including a memory 10 and a processor 20.

The memory 10 may be used to store electronic identity card eID information relating to a user of an application in an electronic device;

the processor 20 may be configured to generate a 1 authentication request corresponding to a 0 th payment when a th payment is made through an th application of the electronic device, obtain, based on the 2 th authentication request, eID information related to a th user in the electronic device, obtain a matching success result representing that the eID information is successfully matched with th preset eID information of at least preset eID information, and determine that the th user passes authentication based on the matching success result, wherein the th authentication request is a request for authenticating a current th user of the electronic device, and each piece of the at least preset eID information is legal eID information corresponding to only of the user.

Optionally, the processor 20 may be configured to:

verifying the biological characteristic information;

Optionally, the processor 20 may be configured to:

and if the matching is successful, obtaining the matching success result.

Optionally, the processor 20 may be configured to:

obtaining at least preset eID information from memory 10 of the electronic device;

Optionally, the processor 20 may be further configured to:

As shown in fig. 4, based on the same inventive concept as , the embodiment of the present invention discloses kinds of electronic devices, which include ageneration module 301, ath obtaining module 302, a second obtainingmodule 303, and aprocessing module 304.

Thegenerating module 301 may be configured to generate a th authentication request corresponding to the th payment when a th payment is made through an th application of an electronic device, where the th authentication request is a request for authenticating a current th user of the electronic device;

the obtainingmodule 302 may be configured to obtain electronic identity card eID information of the electronic device related to the th user based on the authentication request;

the second obtainingmodule 303 may be configured to obtain a successful matching result for representing that the eID information is successfully matched with th preset eID information of at least preset eID information, where each preset eID information of the at least preset eID information is legal eID information corresponding to unique to the user;

theprocessing module 304 may be configured to determine that the user is authenticated based on the matching success result.

Optionally, theth obtaining module 302 may be configured to:

verifying the biological characteristic information;

Optionally, the second obtainingmodule 303 may be configured to:

and if the matching is successful, obtaining the matching success result.

Optionally, the second obtainingmodule 303 may be configured to:

Optionally, theprocessing module 304 is further configured to generate and feed back an authentication result for characterizing that the eID information has been authenticated to the application after determining that the th user is authenticated, and control the application to complete the th payment based on the authentication result.

Various modifications and specific examples of the authentication method in the embodiment of fig. 1 are also applicable to the electronic device in the embodiment, and a person skilled in the art can clearly know the implementation method of the electronic device in the embodiment through the foregoing detailed description of the authentication method, so for the brevity of the description, detailed descriptions are not provided here.

Furthermore, the present invention may take the form of a computer program product embodied on or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

It is to be understood that each flow and/or block in the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions which can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flow diagram flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

Specifically, the computer program instructions corresponding to the authentication method in the embodiment of the present application may be stored on a storage medium such as an optical disc, a hard disc, a usb disk, or the like, and when the computer program instructions corresponding to the authentication method in the storage medium are read or executed by the electronic device , the method includes the following steps:

Optionally, the computer instructions when executed further comprise the steps of obtaining electronic identity card eID information associated with the user in the electronic device based on the authentication request, the corresponding instructions when executed comprising:

verifying the biological characteristic information;

Optionally, the computer instructions, when executed, may further include the steps of obtaining a matching success result for characterizing that the eID information is successfully matched with th preset eID information of at least preset eID information, where the corresponding instructions include:

and if the matching is successful, obtaining the matching success result.

Optionally, the computer instructions are executed after the instructions corresponding to determining that the th user is authenticated are executed, and when executed, the method comprises the steps of:

the application completes the payment based on the authentication result.

It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims

1, authentication method, comprising:

verifying the biological characteristic information;

if the biological characteristic information is confirmed to pass the verification, calling electronic identity card eID information related to the th user in the electronic equipment;

2. The method of claim 1, wherein the obtaining a successful match result for characterizing the match of the eID information with th preset eID information of at least preset eID information comprises:

and if the matching is successful, obtaining the matching success result.

3. The method of claim 1, wherein the obtaining a successful match result for characterizing the match of the eID information with th preset eID information of at least preset eID information comprises:

4. The method of claim 2 or 3, wherein after determining that the th user is authenticated, the method further comprises:

the application completes the payment based on the authentication result.

An electronic device of the kind , comprising:

the processor is used for generating a 1 authentication request corresponding to a 0 th payment when a th payment is made through an th application of the electronic device, obtaining biological feature information of a 3 th user based on the 2 th authentication request, verifying the biological feature information, calling electronic identity card eID information related to a th user in the electronic device if the biological feature information is verified, obtaining a matching success result for representing that the eID information is successfully matched with th preset eID information in at least preset eID information, and determining that the th user passes the authentication based on the matching success result, wherein the th authentication request is a request for authenticating a current th user of the electronic device, and each piece of the at least preset eID information is legal eID information corresponding to a user only eID .

6. The electronic device of claim 5, wherein the processor is to:

and if the matching is successful, obtaining the matching success result.

7. The electronic device of claim 5, wherein the processor is to:

8. The electronic device of claim 6 or 7, wherein the processor is further to:

An electronic device of the type , comprising:

the acquisition module is used for acquiring the biological characteristic information of the th user based on the th authentication request, verifying the biological characteristic information, and calling electronic identity card eID information related to the th user in the electronic equipment if the biological characteristic information is verified;