CN110276588B - Electronic signature authentication method and device and computer readable storage medium - Google Patents

Abstract

The invention relates to the technical field of security mechanisms, and discloses an electronic signature authentication method, which comprises the following steps: the identity of the user is confirmed, and after the identity is confirmed, the electronic signing and checking system is started, and a document signing flow is initiated; when needing to sign on the electronic signing and checking system, further carrying out identity verification on the signing personnel and receiving a CA certificate which is made by a third-party signature platform by using the identity information of the signing personnel; receiving the handwritten signature of the signer, generating a checking result signed document, summarizing the abstract of the signature information, and performing CA synthesis by a third-party signature platform; receiving a handwritten signature of a user, generating a check result and signing a document, summarizing the summary of signature information, and performing CA synthesis by a third-party signature platform; the signed document is archived. The invention also provides an electronic signature authentication device and a computer readable storage medium. The invention can realize high efficiency and transparentization of signature confirmation in the law enforcement process.

Description

Electronic signature authentication method and device and computer readable storage medium

Technical Field

The present invention relates to the field of security mechanisms, and in particular, to a method and an apparatus for authenticating an electronic signature, and a computer-readable storage medium.

Background

In recent years, the food quality safety tracking and tracing has greater and greater significance for preventing food pollution and food poisoning and terminal law enforcement, and how to establish a complete, rapid and efficient food quality safety tracking and tracing system is crucial to terminal law enforcement. At present, in the process of terminal law enforcement, food safety signs and confirms inspection results through on-site paper files, subsequent law enforcement personnel need to input results into the system again, on-site signing information cannot be inquired in the system, and the paper files need to be searched for to store root links, so that the following defects exist: firstly, in the terminal law enforcement process, law enforcement personnel are required to input the inspection result again, so that the defects of huge and redundant data volume, low manual operation efficiency, environmental pollution and the like exist, and great challenges are caused to the law enforcement efficiency; secondly, the food safety related data is not transparent, which is not beneficial to information confirmation, search and follow-up, and brings great inconvenience to the local law enforcement agency for food quality safety management. Thirdly, in the law enforcement process, the artificial subjective factors are too many, and no relevant measures are provided for preventing the personnel from cheating the inspection work (others sign instead), so that the food safety has more relevant troubles in the terminal law enforcement process.

Disclosure of Invention

The invention provides an electronic signature authentication method, an electronic signature authentication device and a computer readable storage medium, and mainly aims to provide the effects of high efficiency and transparentization of signature confirmation in a law enforcement process.

In order to achieve the above object, the present invention provides an electronic signature authentication method, which is applied in a mobile terminal, and includes:

when electronic signature is needed, the mobile terminal confirms the identity of a user, and after the identity is confirmed, the electronic signing system is started, and a document signing flow is initiated to receive signature authentication of a signing personnel and/or the user;

when needing to sign on the electronic signing and checking system, further carrying out identity verification on the signing personnel and receiving a CA certificate which is made by a third-party signature platform by using the identity information of the signing personnel;

receiving the handwritten signature of the signer, generating a checking result signed document, summarizing the abstract of the signature information, and performing CA (certificate Authority) synthesis by a third-party signature platform;

receiving the handwritten signature of the user, generating a signature document of a confirmation check result, summarizing the signature information, and performing CA (certificate Authority) synthesis by a third-party signature platform;

the validated result signing document is archived.

Optionally, the identity confirmation mode includes one or a combination of a face recognition mode and a short message verification mode.

Optionally, the face recognition method includes:

acquiring a face video image of a user or a signer;

extracting the face information and the posture action information of the user or the signer in the face video image;

comparing the acquired face information of the user with face identification information prestored in a database, and executing primary identity authentication;

if the first authentication is successful, comparing the acquired gesture action information with gesture identification information prestored in a database, and executing second authentication;

and if the second authentication is successful, confirming that the authentication is passed.

Optionally, the short message verification method includes:

prompting a user or a signer to input a mobile phone number and acquire a verification code in the mobile terminal according to requirements;

generating a short message verification code according to rules, and sending the mobile phone number and the verification code content of a user or a signing person to a verification code short message platform through a short message verification interface;

the verification code short message platform submits the mobile phone number and the verification code content to a server of a corresponding operator after judging;

the server of the operator sends the short message content to the mobile terminal of the user or the signer, so that the received verification code is input into the mobile terminal, and if the verification code is input correctly, the identity verification is displayed to be successful.

Optionally, when the third party signature platform performs CA synthesis, the method further includes:

and carrying out transparentization processing on the acquired handwritten signature by utilizing an image processing technology.

Further, in order to achieve the above object, the present invention provides an electronic signature authentication apparatus including a memory and a processor, the memory storing therein an electronic signature authentication program executable on the processor, the electronic signature authentication program implementing the steps of:

when electronic signature is needed, identity confirmation is carried out on a user, after the identity confirmation, an electronic signing and checking system is started, and a document signing flow is initiated to receive signature authentication of a signing person and/or the user;

when needing to sign on the electronic signing and checking system, further carrying out identity verification on the signing personnel and receiving a CA certificate which is made by a third-party signature platform by using the identity information of the signing personnel;

receiving the handwritten signature of the signer, generating a checking result signed document, summarizing the abstract of the signature information, and performing CA (certificate Authority) synthesis by a third-party signature platform;

receiving the handwritten signature of the user, generating a signature document of a confirmation check result, summarizing the signature information, and performing CA (certificate Authority) synthesis by a third-party signature platform;

and archiving the confirmation checking result signed document.

Optionally, the identity confirmation mode includes one or a combination of a face recognition mode and a short message verification mode.

Optionally, the face recognition method includes:

acquiring a face video image of a user or a signer;

extracting the face information and the posture action information of the user or the signer in the face video image;

comparing the acquired face information of the user with face identification information prestored in a database, and executing first authentication;

if the first authentication is successful, comparing the obtained gesture action information with gesture recognition information pre-stored in a database, and executing second authentication;

and if the second authentication is successful, confirming that the authentication is passed.

Optionally, the short message verification method includes:

prompting a user or a signer to input a mobile phone number and acquire a verification code in the electronic signature authentication device according to requirements;

generating a short message verification code according to rules, and sending the mobile phone number and the verification code content of a user or a signer to a verification code short message platform through a short message verification interface;

the short message platform of the identifying code submits the mobile phone number and the content of the identifying code to a server of a corresponding operator after judging;

the server of the operator issues the short message content to the mobile terminal of the user or the signer so as to input the received verification code into the electronic signature authentication device, and if the verification code is input correctly, the identity verification is displayed to be successful.

Furthermore, to achieve the above object, the present invention also provides a computer readable storage medium having stored thereon an electronic signature authentication program executable by one or more processors to implement the steps of the electronic signature authentication method as described above.

The electronic signature authentication method, the electronic signature authentication device and the computer readable storage medium provided by the invention are used for confirming the identity of a user, and after the identity is confirmed, an electronic signing and checking system is started to initiate a document signing flow; when needing to sign on the electronic signing and checking system, further carrying out identity verification on the signing personnel and receiving a CA certificate which is made by a third-party signature platform by using the identity information of the signing personnel; receiving the handwritten signature of the signer, generating a checking result signed document, summarizing the abstract of the signature information, and performing CA synthesis by a third-party signature platform; receiving a handwritten signature of a user, generating a check result and signing a document, summarizing the summary of signature information, and performing CA synthesis by a third-party signature platform; the signed document is archived. Therefore, the invention can realize the high efficiency and the transparence of signature confirmation in the law enforcement process.

Drawings

Fig. 1 is a schematic flowchart of an electronic signature authentication method according to an embodiment of the present invention;

fig. 2 is a schematic diagram of an internal structure of an electronic signature authentication apparatus according to an embodiment of the present invention;

fig. 3 is a block diagram illustrating an electronic signature authentication procedure in an electronic signature authentication apparatus according to an embodiment of the present invention.

The implementation, functional features and advantages of the present invention will be further described with reference to the accompanying drawings.

Detailed Description

It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

The invention provides an electronic signature authentication method. Fig. 1 is a schematic flow chart of an electronic signature authentication method according to an embodiment of the present invention. The method may be performed by an apparatus, which may be implemented by software and/or hardware.

In this embodiment, the electronic signature authentication method includes:

s1, when electronic signature is needed, the mobile terminal confirms the identity of a user, and after the identity is confirmed, the electronic signing and checking system is started, and a document signing flow is initiated to receive signature authentication of a signing person and/or the user.

The preferred embodiment of the invention can confirm the identity of the user by face recognition, short message verification and other modes.

When the identity is confirmed by adopting a face recognition mode, the preferred embodiment of the invention mainly comprises the following steps: firstly, a mobile terminal acquires a face video image of a user, such as a law enforcement officer; secondly, the mobile terminal extracts information, and extracts face information, gesture action information, head action information, limb action information, eye action and other posture action information of the user in the face video image; thirdly, comparing the obtained face information of the user with face identification information of the user stored in a database in advance, and if the identity verification is successful, further executing a gesture action comparison step; fourthly, the acquired gesture action information is compared with gesture identification information stored in a database in advance, if the comparison is successful, an identity verification passing step is executed, and the accuracy of the system is effectively improved through double verification of the face and the gesture.

When the identity is confirmed by short message verification, the preferred embodiment of the invention mainly comprises the following steps: firstly, a mobile terminal prompts a user, such as a law enforcement officer, inputs a mobile phone number according to requirements, and clicks a button for acquiring a verification code; secondly, the mobile terminal background system generates a short message verification code according to rules and sends the mobile phone number and the verification code content of the user to a verification code short message platform through a short message verification interface; thirdly, after the short message platform of the verification code is subjected to a series of judgments and passes (whether the content is in compliance, whether the mobile phone number is in compliance, and the operator to which the mobile phone number belongs), the short message platform of the verification code submits information to a server of a corresponding operator; fourthly, the server of the operator sends the short message content to the mobile terminal of the user; fifthly, the law enforcement officer inputs the received verification code into the mobile terminal, and if the input is correct, the authentication is displayed to be successful.

And S2, when the signer signs in the electronic signing and checking system, further performing identity verification on the signer, and receiving a CA certificate which is made by a third-party signature platform by using the identity information of the signer.

The preferred embodiment of the invention can also carry out identity verification on the signer through single or multi-factor verification modes such as short message verification, face recognition and the like.

After the interface of the document signing process is initiated in the step S1, the document signer needs to perform identity verification again in single or multi-factor verification modes such as short message verification, face recognition and the like, that is, identity verification is performed in single or multi-factor verification modes such as short message verification, face recognition and the like in both the login and document signing links of the electronic signing and checking system in the mobile terminal, and the document signing of the inspection result can be performed only after double verification is passed, so that the safety of the related document is effectively ensured by the double verification mode.

After the identity of the signer is verified, the preferred embodiment of the invention uses the identity information of the signer to make a CA certificate through a third party signature platform. The CA certificate is mainly responsible for processing signer information, handwritten signature information, signature document information and signature video information, packaging the information into a special extension item of the digital certificate, and completing packaging of PKCS10 certificate application according to the extension item. And the mobile terminal sends the package to a digital certificate issuing organization for issuing, and analyzes the digital certificate issuing organization to return the issued digital certificate chain.

And S3, receiving the handwritten signature of the signer, generating a checking result signature document, summarizing the summary of the signature information, and performing CA synthesis by a third-party signature platform.

After the CA certificate is manufactured, when the mobile terminal needs to sign the inspection document result, whether the mobile terminal is allowed to load the signature of the inspection document result or not is judged according to the preset CA certificate. If the verification is successful, the signer can confirm the document of the inspection result in the mobile terminal, and if the verification is correct, the signer needs to perform hand-written signature to generate the signed document of the inspection result, summarize the signature information, and perform CA synthesis by a third-party signature platform.

When the third party signature platform carries out CA synthesis, the acquired handwritten signature image can be subjected to transparentization processing by utilizing an image processing technology. In an electronic signature system, in order to make the addition of the handwritten data of a signer to a layout document more realistic, a transparency process is generally performed on a handwritten image. In common image formats, the GIF and PNG formats can better support the transparentization processing operation, and the PNG format picture is used as a handwriting signature handwriting image in the design.

In the invention, in the process of generating the certificate, the fingerprint and the identity card information of the user do not need to be acquired, and the part of private information is not transmitted to a third party, so the private information of the user is not leaked. The handwritten signature of the user is stored in the digital certificate in an encryption mode, and verification is also performed in a ciphertext comparison mode, so that the safety of private signature information of the user is effectively guaranteed.

And S4, receiving the handwritten signature of the user, generating a signature document of a confirmation check result, summarizing the summary of the signature information, and performing CA (certificate Authority) synthesis by a third-party signature platform.

And performing handwritten signature by a signer, generating an inspection result signature document, performing handwritten signature by a user, such as a law enforcement officer, generating a check result signature document, further performing summary of signature information, and performing CA synthesis by a third party signature platform.

Because the signer has the possibility of being intercepted by an attacker when applying for the certificate to the CA, the preferred embodiment of the invention can use the hash value of the handwritten handwriting image of the signer to replace the plaintext of the handwritten signature picture for applying for the certificate. Since an attacker cannot recover the handwritten signature picture of the signer from the application data, the attacker cannot be directly used for forging the signature.

Furthermore, considering that an attacker can only need the signature value of the handwriting image to apply for a certificate, and after normal document signing is finished, the handwriting image of the user is acquired from the signed document, so that illegal signature documents are packaged and forged. In this case, the public key of the signer is used to encrypt the hash value of the handwriting image to obtain the secret value of the handwriting image, and the encrypted value is used to apply for the certificate. The design can lead the authentication of the CA to be obtained after the handwriting image information is bound with the key pair used by the signature. Before the signature activity is completed, an attacker cannot acquire the handwriting image information of the user, related handwriting information cannot be forged for certificate application, and the attacker cannot implement similar attack in the signature process. And because the handwriting image is uniquely bound with the public key used by the signature, the uniqueness of the handwriting image is further confirmed.

And S5, archiving the signed document of the confirmation and inspection result, and facilitating later-stage query and management.

After the checking result document is signed to generate a signature document according to the steps, corresponding archiving operation can be carried out so as to facilitate inquiry and related management work in the later law enforcement process.

The invention also provides an electronic signature authentication device. Fig. 2 is a schematic diagram of an internal structure of an electronic signature authentication apparatus according to an embodiment of the present invention.

In the present embodiment, the electronic signature authentication apparatus 1 may be a PC (Personal Computer), or may be a terminal device such as a smartphone, a tablet Computer, or a mobile Computer. The electronic signature authentication apparatus 1 includes at least amemory 11, aprocessor 12, acommunication bus 13, and anetwork interface 14.

Thememory 11 includes at least one type of readable storage medium, which includes a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a magnetic memory, a magnetic disk, an optical disk, and the like. Thememory 11 may be an internal storage unit of the electronic signature authentication apparatus 1 in some embodiments, such as a hard disk of the electronic signature authentication apparatus 1. Thememory 11 may also be an external storage device of the electronic signature authentication apparatus 1 in other embodiments, such as a plug-in hard disk provided on the electronic signature authentication apparatus 1, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like. Further, thememory 11 may also include both an internal storage unit and an external storage device of the electronic signature authentication apparatus 1. Thememory 11 may be used not only to store application software installed in the electronic signature authentication apparatus 1 and various types of data, such as a code of the electronicsignature authentication program 01, but also to temporarily store data that has been output or is to be output.

Processor 12, which in some embodiments may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor or other data Processing chip, is configured to execute program codes or process data stored inmemory 11, such as executing electronicsignature authentication program 01.

Thecommunication bus 13 is used to realize connection communication between these components.

Thenetwork interface 14 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface), typically used to establish a communication link between the apparatus 1 and other electronic devices.

Optionally, the apparatus 1 may further comprise a user interface, which may comprise a Display (Display), an input unit such as a Keyboard (Keyboard), and an optional user interface which may also comprise a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display may also be referred to as a display screen or a display unit as appropriate, among others, for displaying information processed in the electronic signature authentication apparatus 1 and for displaying a visualized user interface.

Fig. 2 shows only the electronic signature authentication apparatus 1 having thecomponents 11 to 14 and the electronicsignature authentication program 01, and those skilled in the art will appreciate that the structure shown in fig. 1 does not constitute a limitation of the electronic signature authentication apparatus 1, and may include fewer or more components than those shown, or some components may be combined, or a different arrangement of components.

In the embodiment of the apparatus 1 shown in fig. 2, an electronicsignature authentication program 01 is stored in thememory 11; theprocessor 12 implements the following steps when executing the electronicsignature authentication program 01 stored in the memory 11:

step one, when electronic signature is needed, the electronic signature authentication device confirms the identity of a user, and after the identity is confirmed, the electronic signature and check system is started, and a document signing flow is initiated to receive signature authentication of a signer and/or the user.

The preferred embodiment of the invention can confirm the identity of the user by face recognition, short message verification and other modes.

When the identity is confirmed by adopting a face recognition mode, the preferred embodiment of the invention mainly comprises the following steps: firstly, an electronic signature authentication device acquires a face video image of a user, such as a law enforcement officer; secondly, the electronic signature authentication device extracts information, and extracts face information, gesture action information, head action information, limb action information, eye action and other posture action information of a user in the face video image; thirdly, a face comparison step, in which the obtained face information of the user is compared with face identification information of the user stored in a database in advance, and if the identity verification is successful, a gesture action comparison step is further executed; fourthly, the acquired gesture action information is compared with gesture identification information stored in a database in advance, if the comparison is successful, an identity verification passing step is executed, and the accuracy of the system is effectively improved through double verification of the face and the gesture.

When the short message verification mode is adopted for identity confirmation, the preferred embodiment of the invention mainly comprises the following steps: firstly, the electronic signature authentication device prompts a user, such as law enforcement personnel, to input a mobile phone number in the electronic signature authentication device according to requirements, and clicks a button for acquiring a verification code; secondly, the background system of the electronic signature authentication device generates a short message verification code according to rules and sends the mobile phone number and the verification code content of the user to a verification code short message platform through a short message verification interface; thirdly, after a series of judgment and passing of the verification code short message platform (whether the content is in compliance, whether the mobile phone number is in compliance, and the operator to which the mobile phone number belongs), the verification code short message platform submits the information to a server of a corresponding operator; fourthly, the server of the operator sends the short message content to the mobile terminal of the user; fifthly, the law enforcement officer inputs the received verification code into the electronic signature authentication device, and if the verification code is correctly input, the identity verification is successful.

And step two, when the signer needs to sign in the electronic signing and checking system, further performing identity verification on the signer, and receiving a CA certificate which is made by a third-party signature platform by using the identity information of the signer.

The preferred embodiment of the invention can also carry out identity verification on the signer through single or multi-factor verification modes such as short message verification, face recognition and the like.

After the interface of the document signing flow is initiated in the first step, the document signing personnel needs to perform identity verification again through single or multi-factor verification modes such as short message verification, face recognition and the like, namely, the single or multi-factor verification modes such as short message verification, face recognition and the like are needed to perform identity verification in both the login and document signing links of the electronic signature verification system in the electronic signature authentication device, the signature of the check result document can be performed after the double verification is passed, and the safety of the related document is effectively ensured through the double verification mode.

After the identity of the signer is verified, the preferred embodiment of the invention uses the identity information of the signer to make a CA certificate through a third party signature platform. The CA certificate is mainly responsible for processing signer information, handwritten signature information, signature document information and signature video information, packaging the information into a special extension item of the digital certificate, and completing packaging of PKCS10 certificate application according to the extension item. And the electronic signature authentication device sends the package to a digital certificate issuing organization for issuing, and analyzes the digital certificate issuing organization to return the issued digital certificate chain.

And step three, receiving the handwritten signature of the signer, generating a checking result signature document, summarizing the signature information, and performing CA synthesis by a third-party signature platform.

After the CA certificate is manufactured, when the electronic signature authentication device needs to sign the inspection document result, whether the electronic signature authentication device is allowed to load the signature of the inspection document result or not is judged according to a preset CA certificate. If the verification is successful, the signer can confirm the checking result document in the electronic signature authentication device, and if the verification is correct, the signer needs to perform hand-written signature to generate the checking result signed document, summarize the signature information, and perform CA synthesis by a third-party signature platform.

When the third party signature platform carries out CA synthesis, the acquired handwritten signature image can be subjected to transparentization processing by utilizing an image processing technology. In an electronic signature system, in order to make the addition of the handwritten data of a signer to a layout document more realistic, a transparency process is generally performed on a handwritten image. In common image formats, the GIF and PNG formats can better support the transparentization processing operation, and in the design, the picture in the PNG format is used as a handwriting image of the handwritten signature.

In the invention, in the process of generating the certificate, the fingerprint and the identity card information of the user do not need to be acquired, and the part of private information is not transmitted to a third party, so the private information of the user is not leaked. The handwritten signature of the user is stored in the digital certificate in an encryption mode, and verification is also performed in a ciphertext comparison mode, so that the safety of private signature information of the user is effectively guaranteed.

And step four, receiving the handwritten signature of the user, generating a signature document of the checking result, summarizing the abstract of the signature information, and carrying out CA synthesis by a third-party signature platform.

And after the signer performs handwritten signature, generates a check result signature document, the user, such as a law enforcement officer performs handwritten signature, generates a check result signature document, further performs summary collection on the signature information, and performs CA synthesis on a third-party signature platform.

Because the signer has the possibility of being intercepted by an attacker when applying for the certificate to the CA, the preferred embodiment of the invention can use the hash value of the handwritten handwriting image of the signer to replace the plaintext of the handwritten signature image for applying for the certificate. Since an attacker cannot recover the handwritten signature picture of the signer from the application data, the attacker cannot be directly used for forging the signature.

Furthermore, considering that an attacker can only need the signature value of the handwriting image to apply for a certificate, and after normal document signing is finished, the handwriting image of the user is acquired from the signed document, so that illegal signature documents are packaged and forged. In this case, the public key of the signer is used to encrypt the hash value of the handwriting image to obtain the secret value of the handwriting image, and the encrypted value is used to apply for the certificate. The design can ensure that the authentication of the CA is obtained after the handwriting image information and the key pair used by the signature are bound. Before the signing activity is finished, an attacker cannot acquire handwriting image information of a user, related handwriting information cannot be forged for certificate application, and the attacker cannot implement similar attack in the signing process. And because the handwriting image is uniquely bound with the public key used by the signature, the uniqueness of the handwriting image is further confirmed.

And fifthly, archiving the signed document of the confirmation and inspection result, and facilitating later-stage query and management.

After the checking result document is signed to generate a signature document according to the steps, corresponding archiving operation can be carried out so as to facilitate inquiry and related management work in the later law enforcement process.

Alternatively, in other embodiments, the electronic signature authentication program may be further divided into one or more modules, and the one or more modules are stored in thememory 11 and executed by one or more processors (in this embodiment, the processor 12) to implement the present invention.

For example, referring to fig. 3, a schematic diagram of program modules of an electronic signature authentication program in an embodiment of the electronic signature authentication apparatus of the present invention is shown, in which the electronic signature authentication program may be divided into a firstidentity verification module 10, a secondidentity verification module 20, an inspectionresult generation module 30, a verification inspectionresult generation module 40, and anarchive module 50, and exemplarily:

the firstidentity confirmation module 10 is configured to: when electronic signature is needed, the electronic signature authentication device confirms the identity of the user, and after the identity is confirmed, the electronic signing and checking system is started, and a document signing flow is initiated.

The secondidentity confirmation module 20 is configured to: when needing the signer to sign in the electronic signing and checking system, further carrying out identity verification on the signer and receiving a CA certificate which is made by a third party signature platform by using the identity information of the signer.

Optionally, the identity confirmation mode includes a face recognition mode and a short message verification mode.

Optionally, the face recognition method includes:

acquiring a face video image of a user or a signer;

extracting the face information and the posture action information of the user or the signer in the face video image;

comparing the acquired face information of the user with face identification information prestored in a database, and executing primary identity authentication;

if the first authentication is successful, comparing the acquired gesture action information with gesture identification information prestored in a database, and executing second authentication;

and if the second authentication is successful, confirming that the authentication is passed.

Optionally, the short message verification method includes:

prompting a user or a signer to input a mobile phone number and acquire a verification code in the electronic signature authentication device according to requirements;

generating a short message verification code according to rules, and sending the mobile phone number and the verification code content of a user or a signing person to a verification code short message platform through a short message verification interface;

the short message platform of the identifying code submits the mobile phone number and the content of the identifying code to a server of a corresponding operator after judging;

the server of the operator issues the short message content to the mobile terminal of the user or the signer so as to input the received verification code into the electronic signature authentication device, and if the verification code is input correctly, the identity verification is displayed to be successful.

Optionally, the gesture motion information comprises gesture motion information, head motion information, limb motion information and eye motion.

The inspectionresult generation module 30 is configured to: receiving the handwritten signature of the signer, generating a checking result signed document, summarizing the summary of the signature information, and carrying out CA synthesis by a third party signature platform.

The confirmation checkresult generation module 40 is configured to: receiving the handwritten signature of the user, generating a signature document of a confirmation check result, summarizing the summary of the signature information, and carrying out CA synthesis by a third-party signature platform.

Optionally, when the third party signature platform performs CA synthesis, the method further includes: and carrying out transparentization processing on the acquired handwritten signature by utilizing an image processing technology.

Thearchive module 50 is configured to: and the signed document is archived, so that later inquiry and management are facilitated.

The functions or operation steps of the firstidentity confirmation module 10, the secondidentity confirmation module 20, the inspectionresult generation module 30, the confirmation inspectionresult generation module 40, and thearchive module 50 when executed are substantially the same as those of the above embodiments, and are not described herein again.

Furthermore, an embodiment of the present invention further provides a computer-readable storage medium, where an electronic signature authentication program is stored on the computer-readable storage medium, where the electronic signature authentication program is executable by one or more processors to implement the following operations:

when electronic signature is needed, the mobile terminal confirms the identity of a user, and after the identity is confirmed, the electronic signing system is started, and a document signing flow is initiated to receive signature authentication of a signing personnel and/or the user;

when needing to sign a signature in the electronic signing and checking system, further carrying out identity verification on a signer, and receiving a CA certificate which is made by a third-party signature platform by using the identity information of the signer;

receiving the handwritten signature of the signer, generating a checking result signed document, summarizing the abstract of the signature information, and performing CA (certificate Authority) synthesis by a third-party signature platform;

receiving the handwritten signature of the user, generating a check result and signature document, summarizing the summary of the signature information, and performing CA synthesis by a third-party signature platform;

and archiving the confirmation checking result signed document.

The embodiment of the computer-readable storage medium of the present invention is substantially the same as the embodiments of the electronic signature authentication apparatus and method, and will not be described in detail herein.

It should be noted that, the above numbers of the embodiments of the present invention are only for description, and do not represent the advantages and disadvantages of the embodiments. And the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, apparatus, article, or method that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, apparatus, article, or method. Without further limitation, an element defined by the phrase "comprising one of 8230, and" comprising 8230does not exclude the presence of additional like elements in a process, apparatus, article, or method comprising the element.

Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.

The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (9)

1. An electronic signature authentication method, applied to a mobile terminal, includes:

when electronic signature is needed, the mobile terminal confirms the identity of a user, and after the identity is confirmed, the electronic signing system is started, and a document signing flow is initiated to receive signature authentication of a signing personnel and/or the user;

when needing to sign on the electronic signing and checking system, further carrying out identity verification on the signing personnel and receiving a CA certificate which is made by a third-party signature platform by using the identity information of the signing personnel;

when a document result is signed, judging whether to load and check the signature of the document result according to the CA certificate, if the loading and checking are successful, receiving the handwritten signature of a signer, generating a signed document of the check result, summarizing the signature information, carrying out CA synthesis by a third-party signature platform, carrying out transparentization processing on the acquired handwritten signature by using an image processing technology, and adding handwriting data of the handwritten signature to the signed document;

receiving the handwritten signature of the user, generating a signed document of a confirmation check result, summarizing signature information, performing CA (certification authority) synthesis by a third-party signature platform, performing transparentization processing on the acquired handwritten signature by using an image processing technology, and adding handwriting data of the handwritten signature to the signed document;

and archiving the confirmation checking result signed document.

2. The electronic signature authentication method as claimed in claim 1, wherein the identity confirmation mode comprises one or a combination of a face recognition mode and a short message verification mode.

3. The electronic signature authentication method of claim 2, wherein the face recognition mode comprises:

acquiring a face video image of a user or a signer;

extracting the face information and the posture action information of the user or the signer in the face video image;

comparing the acquired face information of the user with face identification information prestored in a database, and executing primary identity authentication;

if the first authentication is successful, comparing the acquired gesture action information with gesture identification information prestored in a database, and executing second authentication;

and if the second authentication is successful, confirming that the authentication is passed.

4. The electronic signature authentication method of claim 2, wherein the short message verification means comprises:

prompting a user or a signer to input a mobile phone number and acquire a verification code in the mobile terminal according to requirements;

generating a short message verification code according to rules, and sending the mobile phone number and the verification code content of a user or a signing person to a verification code short message platform through a short message verification interface;

the verification code short message platform submits the mobile phone number and the verification code content to a server of a corresponding operator after judging;

the server of the operator sends the short message content to the mobile terminal of the user or the signer, so that the received verification code is input into the mobile terminal, and if the verification code is input correctly, the identity verification is displayed to be successful.

5. An electronic signature authentication apparatus, comprising a memory and a processor, the memory having stored thereon an electronic signature authentication program operable on the processor, the electronic signature authentication program when executed by the processor implementing the steps of:

when electronic signature is needed, the identity of a user is confirmed, and after the identity is confirmed, an electronic signing system is started, and a document signing flow is initiated to receive signature authentication of a signing personnel and/or the user;

when needing to sign on the electronic signing and checking system, further carrying out identity verification on the signing personnel and receiving a CA certificate which is made by a third-party signature platform by using the identity information of the signing personnel;

when a document result is signed, judging whether to load and check the signature of the document result according to the CA certificate, if the loading and checking are successful, receiving the handwritten signature of a signer, generating a signed document of the check result, summarizing the signature information, carrying out CA synthesis by a third-party signature platform, carrying out transparentization processing on the acquired handwritten signature by using an image processing technology, and adding handwriting data of the handwritten signature to the signed document;

receiving the handwritten signature of the user, generating a signed document of a confirmation check result, summarizing signature information, performing CA (certification authority) synthesis by a third-party signature platform, performing transparentization processing on the acquired handwritten signature by using an image processing technology, and adding handwriting data of the handwritten signature to the signed document;

and archiving the confirmation checking result signed document.

6. The electronic signature authentication device as claimed in claim 5, wherein the identity confirmation mode comprises one or a combination of a face recognition mode and a short message verification mode.

7. The electronic signature authentication device as claimed in claim 6, wherein said face recognition means comprises:

acquiring a face video image of a user or a signer;

extracting the face information and the posture action information of the user or the signer in the face video image;

comparing the acquired face information of the user with face identification information prestored in a database, and executing primary identity authentication;

if the first authentication is successful, comparing the obtained gesture action information with gesture recognition information pre-stored in a database, and executing second authentication;

and if the second authentication is successful, confirming that the authentication is passed.

8. The electronic signature authentication device as claimed in claim 6, wherein the short message verification means comprises:

prompting a user or a signer to fill in a mobile phone number in the electronic signature authentication device according to requirements and obtain a verification code;

generating a short message verification code according to rules, and sending the mobile phone number and the verification code content of a user or a signing person to a verification code short message platform through a short message verification interface;

the short message platform of the identifying code submits the mobile phone number and the content of the identifying code to a server of a corresponding operator after judging;

the server of the operator issues the short message content to the mobile terminal of the user or the signer so as to input the received verification code into the electronic signature authentication device, and if the verification code is input correctly, the identity verification is displayed to be successful.

9. A computer-readable storage medium having stored thereon an electronic signature authentication program executable by one or more processors to perform the steps of the electronic signature authentication method as claimed in any one of claims 1 to 4.

Images