[go: up one dir, main page]

CN109039990B - Behavior verification method and device based on verification code - Google Patents

Behavior verification method and device based on verification code Download PDF

Info

Publication number
CN109039990B
CN109039990B CN201710427641.9A CN201710427641A CN109039990B CN 109039990 B CN109039990 B CN 109039990B CN 201710427641 A CN201710427641 A CN 201710427641A CN 109039990 B CN109039990 B CN 109039990B
Authority
CN
China
Prior art keywords
verification code
verification
terminal
public key
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710427641.9A
Other languages
Chinese (zh)
Other versions
CN109039990A (en
Inventor
刘文清
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201710427641.9A priority Critical patent/CN109039990B/en
Publication of CN109039990A publication Critical patent/CN109039990A/en
Application granted granted Critical
Publication of CN109039990B publication Critical patent/CN109039990B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2133Verifying human interaction, e.g., Captcha

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a behavior verification method and device based on verification codes, and belongs to the technical field of the Internet. The method comprises the following steps: acquiring a verification code of the terminal, wherein the verification code is generated by the server and is sent to the terminal; acquiring a confirmation instruction of the verification code, signing the verification code based on a private key stored in a specified storage space of the electronic equipment, and generating first signature information; the first signature information, the verification code and the public key index stored corresponding to the private key are sent to the terminal, so that the terminal sends the acquired information to the server, a user does not need to identify the verification code, only needs to issue a confirmation instruction for the verification code to the electronic equipment, and the machine cannot complete a triggering process because the confirmation instruction needs manual operation of a person on the electronic equipment to trigger, therefore, the server determines that the access behavior of the terminal is manual operation as long as receiving the confirmation instruction, the condition of identification error of the verification code is avoided, the verification efficiency is improved, and the accuracy is high.

Description

Behavior verification method and device based on verification code
Technical Field
The invention relates to the technical field of internet, in particular to a method and a device for behavior verification based on verification codes.
Background
With the continuous development of internet technology, some lawbreakers may utilize malicious programs to perform some malicious accesses, such as ticket swiping, continuous login, forum watering, and the like, and therefore, in order to confirm whether a current visitor is a machine or a human, some websites may provide a verification mechanism to verify the visitor by displaying a verification code in the form of characters or pictures. For example, when a user logs in a website by using a terminal, the website displays a verification code composed of a background and characters, and the user needs to distinguish the characters in the verification code and input the characters into a corresponding input box so that the website verifies whether the current access behavior of the terminal is manual operation or machine operation. For a website, the generated verification code may be composed of several frames of images, and a dynamic effect is created visually based on the several frames of images. Because the machine has a single identification mode for the verification code, the machine has certain difficulty and is easy to generate errors when identifying the verification code with a dynamic effect, and thus, whether the current access behavior of the terminal is manual operation or machine operation can be judged by verifying the correctness of the characters input in the input box.
In the process of implementing the invention, the inventor finds that the prior art has at least the following problems:
for some websites, the generated verification codes are complex, so that the recognition difficulty of a user during recognition is high, and a high false recognition rate exists, so that the efficiency of judging whether the current access behavior of the terminal is manual operation or machine operation based on the verification codes by the website is low, and the accuracy is not high.
Disclosure of Invention
In order to solve the problems in the prior art, embodiments of the present invention provide a method and an apparatus for performing behavior verification based on a verification code. The technical scheme is as follows:
in a first aspect, a method for performing behavior verification based on a verification code is provided, where the method includes:
acquiring a verification code of a terminal, wherein the verification code is generated by a server and is sent to the terminal;
acquiring a confirmation instruction of the verification code, signing the verification code based on a private key stored in a designated storage space of the electronic equipment, and generating first signature information;
and sending the first signature information, the verification code and a public key index stored corresponding to the private key to the terminal so that the terminal sends the acquired information to the server, and the server verifies the received information based on the public key corresponding to the private key to determine whether the access behavior of the terminal is operated by a person.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
the electronic equipment generates first signature information by acquiring the verification code and a confirmation instruction of the verification code, signs the verification code based on a private key stored in a designated storage space of the electronic equipment, and sends the first signature information, the verification code and a public key index stored corresponding to the private key to the server so that the server verifies the received information and determines whether the access behavior of the terminal is operated manually or not, a user only needs to send the confirmation instruction of the verification code to the electronic equipment without identifying the verification code, and a machine cannot complete the triggering process because the confirmation instruction needs to be triggered by manual operation of the person on the electronic equipment, so that the server can determine that the current access behavior of the terminal is operated manually as long as receiving the confirmation instruction, thereby avoiding the situation of identification error of the verification code and improving the verification efficiency, the accuracy is higher.
In a second aspect, a method for performing behavior verification based on a verification code is provided, the method including:
acquiring a verification code of a server, wherein the verification code is generated by the server;
sending the verification code to electronic equipment so that the electronic equipment obtains a confirmation instruction of the verification code after receiving the verification code and signs the verification code based on a private key;
acquiring first signature information sent by the electronic equipment after signing the verification code;
and sending the first signature information, the verification code and the public key index to the server so that the server verifies the received information based on the public key and determines whether the access behavior of the terminal is operated by a person.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
the terminal obtains the verification code, sends the verification code to the electronic equipment, so that the electronic equipment signs the verification code based on the private key stored in the appointed storage space to generate first signature information, receives the first signature information of the electronic equipment, and sends the first signature information, the verification code and the public key index stored corresponding to the private key to the server, so that the server verifies the received information, determines whether the access behavior of the terminal is operated by a person or not, a user only needs to send a confirmation instruction of the verification code to the electronic equipment without identifying the verification code, and a machine cannot complete the triggering process because the confirmation instruction needs to be triggered by manual operation of the person on the electronic equipment, so that the server can determine that the current access behavior of the terminal is operated by the person as long as receiving the confirmation instruction, and the condition of false identification of the verification code is avoided, the verification efficiency is improved, and the accuracy is higher.
In a third aspect, a method for performing behavior verification based on a verification code is provided, where the method includes:
acquiring a verification challenge code request of a terminal, and generating a verification code, wherein the verification challenge code request is sent after the terminal is determined to be accessed to electronic equipment;
sending the verification code to the terminal so that the terminal sends the verification code to the electronic equipment, obtaining a confirmation instruction of the verification code by the electronic equipment after receiving the verification code, signing the verification code based on a private key, and generating first signature information;
the first signature information, the verification code and a public key index of the terminal are obtained, a public key is determined based on the public key index, the received information is verified according to the public key, and whether the access behavior of the terminal is operated by a person or not is determined.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
the server sends the generated verification code to the terminal so that the terminal sends the verification code to the electronic equipment, the electronic equipment acquires a confirmation instruction of the verification code after receiving the verification code, signs the verification code based on a private key stored in a designated storage space of the electronic equipment to generate first signature information, acquires the first signature information, the verification code and a public key index stored corresponding to the private key of the terminal, determines a public key based on the public key index, verifies the received information according to the public key to determine whether the access behavior of the terminal is operated by a person, a user does not need to identify the verification code, only needs to send the confirmation instruction of the verification code to the electronic equipment, and the confirmation instruction is triggered by manual operation of the person on the electronic equipment, but the machine cannot complete the triggering process, so the server only needs to receive the confirmation instruction, the current access behavior of the terminal can be determined to be manual operation, the condition of wrong identification of the verification code is avoided, the verification efficiency is improved, and the accuracy is high.
In a fourth aspect, an apparatus for performing behavior verification based on a verification code is provided, the apparatus comprising:
the terminal comprises an acquisition module, a verification module and a verification module, wherein the acquisition module is used for acquiring a verification code of the terminal, and the verification code is generated by a server and is sent to the terminal;
the signature module is used for acquiring a confirmation instruction of the verification code, signing the verification code based on a private key stored in a specified storage space of the electronic equipment and generating first signature information;
and the sending module is used for sending the first signature information, the verification code and a public key index stored corresponding to the private key to the terminal so that the terminal sends the acquired information to the server, the server verifies the received information based on the public key corresponding to the private key, and whether the access behavior of the terminal is operated by a person is determined.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
the electronic equipment generates first signature information by acquiring the verification code and a confirmation instruction of the verification code, signs the verification code based on a private key stored in a designated storage space of the electronic equipment, and sends the first signature information, the verification code and a public key index stored corresponding to the private key to the server so that the server verifies the received information and determines whether the access behavior of the terminal is operated manually or not, a user only needs to send the confirmation instruction of the verification code to the electronic equipment without identifying the verification code, and a machine cannot complete the triggering process because the confirmation instruction needs to be triggered by manual operation of the person on the electronic equipment, so that the server can determine that the current access behavior of the terminal is operated manually as long as receiving the confirmation instruction, thereby avoiding the situation of identification error of the verification code and improving the verification efficiency, the accuracy is higher.
In a fifth aspect, an apparatus for performing behavior verification based on a verification code is provided, the apparatus comprising:
the verification code acquisition module is used for acquiring a verification code of a server, and the verification code is generated by the server;
the first sending module is used for sending the verification code to the electronic equipment so that the electronic equipment obtains a confirmation instruction of the verification code after receiving the verification code and signs the verification code based on a private key;
the information acquisition module is used for acquiring first signature information sent by the electronic equipment after the electronic equipment signs the verification code;
and the second sending module is used for sending the first signature information, the verification code and the public key index to the server so that the server verifies the received information based on the public key and determines whether the access behavior of the terminal is operated by a person.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
the terminal obtains the verification code, sends the verification code to the electronic equipment, so that the electronic equipment signs the verification code based on the private key stored in the appointed storage space to generate first signature information, receives the first signature information of the electronic equipment, and sends the first signature information, the verification code and the public key index stored corresponding to the private key to the server, so that the server verifies the received information, determines whether the access behavior of the terminal is operated by a person or not, a user only needs to send a confirmation instruction of the verification code to the electronic equipment without identifying the verification code, and a machine cannot complete the triggering process because the confirmation instruction needs to be triggered by manual operation of the person on the electronic equipment, so that the server can determine that the current access behavior of the terminal is operated by the person as long as receiving the confirmation instruction, and the condition of false identification of the verification code is avoided, the verification efficiency is improved, and the accuracy is higher.
In a sixth aspect, an apparatus for performing behavior verification based on a verification code is provided, the apparatus comprising:
the generating module is used for acquiring a verification challenge code request of a terminal and generating a verification code, wherein the verification challenge code request is sent after the terminal is determined to be accessed to the electronic equipment;
the sending module is used for sending the verification code to the terminal so that the terminal sends the verification code to the electronic equipment, the electronic equipment obtains a confirmation instruction of the verification code after receiving the verification code, the verification code is signed based on a private key, and first signature information is generated;
the verification module is used for acquiring the first signature information, the verification code and a public key index of the terminal, determining a public key based on the public key index, verifying the received information according to the public key, and determining whether the access behavior of the terminal is operated by a person.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
the server sends the generated verification code to the terminal so that the terminal sends the verification code to the electronic equipment, the electronic equipment acquires a confirmation instruction of the verification code after receiving the verification code, signs the verification code based on a private key stored in a designated storage space of the electronic equipment to generate first signature information, acquires the first signature information, the verification code and a public key index stored corresponding to the private key of the terminal, determines a public key based on the public key index, verifies the received information according to the public key to determine whether the access behavior of the terminal is operated by a person, a user does not need to identify the verification code, only needs to send the confirmation instruction of the verification code to the electronic equipment, and the confirmation instruction is triggered by manual operation of the person on the electronic equipment, but the machine cannot complete the triggering process, so the server only needs to receive the confirmation instruction, the current access behavior of the terminal can be determined to be manual operation, the condition of wrong identification of the verification code is avoided, the verification efficiency is improved, and the accuracy is high.
In a seventh aspect, an electronic device is provided, which includes a memory and a processor, where the memory stores at least one instruction, at least one program, a code set, or a set of instructions, and the at least one instruction, the at least one program, the code set, or the set of instructions is loaded and executed by the processor to implement the above method for behavior verification based on verification codes.
In an eighth aspect, a computer-readable storage medium is provided, where at least one instruction, at least one program, a set of codes, or a set of instructions is stored in the storage medium, and the at least one instruction, the at least one program, the set of codes, or the set of instructions is loaded and executed by a processor to complete the above method for behavior verification based on verification codes.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a system framework diagram for behavior verification based on verification codes according to an embodiment of the present invention;
FIG. 2A is a flowchart of a method for performing behavior verification based on a verification code according to an embodiment of the present invention;
FIG. 2B is a flowchart of a method for performing behavior verification based on a verification code according to an embodiment of the present invention;
fig. 3A is a schematic structural diagram of an apparatus for performing behavior verification based on a verification code according to an embodiment of the present invention;
fig. 3B is a schematic structural diagram of an apparatus for performing behavior verification based on a verification code according to an embodiment of the present invention;
fig. 4A is a schematic structural diagram of an apparatus for performing behavior verification based on a verification code according to an embodiment of the present invention;
fig. 4B is a schematic structural diagram of an apparatus for performing behavior verification based on a verification code according to an embodiment of the present invention;
fig. 5A is a schematic structural diagram of an apparatus for performing behavior verification based on a verification code according to an embodiment of the present invention;
fig. 5B is a schematic structural diagram of an apparatus for performing behavior verification based on a verification code according to an embodiment of the present invention;
fig. 5C is a schematic structural diagram of an apparatus for performing behavior verification based on a verification code according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an apparatus 600 for performing behavior verification based on a verification code according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
Before explaining the present invention in detail, a framework of a system for performing behavior verification based on a verification code according to the present invention will be briefly described.
Referring to fig. 1, the system framework for performing behavior verification based on verification codes according to the present invention includes a terminal, an electronic device, and a server. The terminal may be connected to the server through a wireless or wired network, and the terminal may be an electronic device capable of accessing the server, and may transmit information to the server based on an SDK (Software Development Kit), where the electronic device may be a computer, a smart phone, a tablet computer, or other electronic devices.
The electronic device may perform data transmission with the terminal through a USB (Universal Serial Bus), a BLE (bluetooth low Energy), or an NFC (Near Field Communication), acquire the verification code sent by the terminal, and send information to the terminal. The electronic device may be a device having an authentication function, such as an authentication device, an authentication terminal, and the like, and for convenience, the electronic device is described as an authentication device in the following description. For an electronic device, on one hand, a plurality of buttons can be arranged on the electronic device, and when the user is detected to press a specified button, the verification code is signed; on the other hand, a sensor can be arranged in the device, a sensing area is provided based on the sensor, and the verification code is signed when the knocking operation of the user in the sensing area is detected. Before the behavior verification method in the embodiment of the invention is performed, the server can generate a public key and a private key, bind the public key and the private key, generate a public key index of the public key corresponding to the private key, store the public key to the specified storage space of the server, send the private key and the public key index to the verification device, and store the private key and the public key index to the specified storage space of the verification device by the verification device.
The server may be one or more web servers for providing the terminal with a behavior verification service. In this embodiment, the terminal may obtain the behavior verification service of the server by means of registering or installing the client on the server, which is not limited in the embodiment of the present invention. For the server, the server may further include at least one database for storing the verification code, the public key, and the like, so as to provide a more user-specific behavior verification service.
Based on the architecture of fig. 1, when the system for performing behavior verification based on the verification code determines whether the current access behavior is human operation or machine operation, the general flow is as follows:
1. the server generates a verification code and sends the verification code to the terminal.
2. The terminal sends the verification code to the verification device based on the communication interface.
3. The terminal prompts the user to perform a confirmation operation on the verification device.
4. The user presses a button (or clicks and other confirmation operations) on the verification device, the verification device starts a signature operation, the verification code is signed, and first signature information is generated.
5. And the verification equipment sends the first signature information, the verification code and the public key index to the terminal.
6. And the terminal sends the received information to the server.
7. The server verifies the received information based on a public key corresponding to the verification device.
In the flow, the user does not need to identify the verification code, only needs to issue a confirmation instruction of the verification code to the verification device, and the confirmation instruction needs to be triggered by manual operation of a person on the verification device, and the machine cannot complete the triggering process.
For some websites such as forums, shopping networks, etc., in order to identify some malicious visits by lawless persons using malicious programs, the websites provide a verification mechanism to verify visitors by displaying a verification code in the form of characters or pictures. Because the confirmation instruction in the embodiment of the invention needs manual operation on the verification equipment by a person for triggering, and the machine cannot complete the triggering process, in the embodiment of the invention, the access behavior of the terminal is verified based on the three-party interaction among the verification equipment, the terminal and the server, so that a user does not need to identify the verification code, and the current access behavior of the terminal can be verified by the server only by issuing the confirmation instruction for the verification code to the verification equipment, thereby avoiding the condition of identification error of the verification code, improving the verification efficiency and having higher accuracy.
In the following, details are made on the basis of a flow of three-party interaction, and fig. 2A is a flow chart illustrating a method for behavior verification based on a verification code according to an exemplary embodiment, as shown in fig. 2A, the method is applied to interaction between a terminal, a verification device and a server, and the method includes the following steps.
201. When the terminal detects the access behavior of the user, a verification challenge code request is generated and sent to the server.
In the embodiment of the invention, the terminal can operate the client and display the webpage, when a user requests to access the client and the webpage, for example, the user requests to log in the client or the user requests to download data on the webpage, the terminal can display the verification page in order to judge whether the current access behavior of the user is man-made operation or machine operation, and when the user confirms verification on the verification page, a verification challenge code request is generated so as to send the verification challenge code request to the server, so that the server returns the verification code, and the behavior verification is realized. The verification page displayed by the terminal is provided by the server, and for each client or webpage, the server corresponding to the client or webpage provides service support for the client and the webpage, so that when a user requests to access the client or webpage on the terminal, the terminal needs to request access to the server corresponding to the client or webpage, and thus when the server detects the current access behavior of the terminal, the server provides the verification page for the terminal so as to verify the current access behavior of the terminal.
The terminal displays the verification page after acquiring the verification page provided by the server, generates a verification challenge code request when detecting that the user confirms to access the verification page, and sends the verification challenge code request to the server so as to enable the server to return the verification code. For example, an input frame of a user account, an input frame of an account password, and a login confirmation button may be provided on the verification page, after the user inputs the user account and the account password into the corresponding input frames, if it is detected that the user triggers the login confirmation button, the terminal may determine that the user is currently requesting access, may generate a verification challenge code request, and send the verification challenge code request to the server, so that the server determines that the terminal has initiated a login request, that is, the terminal is currently requesting access to the server, at this time, the server may send a verification code to the terminal, so as to verify whether the current access behavior of the terminal is human operation or machine operation.
It should be noted that, before requesting the authentication code from the server, the terminal may first determine whether the authentication device is currently accessed, and send different requests to the server according to the determination result. If the terminal determines that the authentication device is not accessed currently, it indicates that the access behavior of the terminal cannot be authenticated based on the authentication device currently, that is, the following steps 202 to 207 cannot be executed, so that the terminal can display prompt information to prompt a user to access the authentication device, and display an option of whether to access the authentication device on the prompt information. If the terminal detects that the user selects to access the authentication device after prompting the user, waiting for the user to access the authentication device, and continuing to execute the following steps 202 to 207 when detecting the access of the authentication device; if the terminal detects that the user refuses to access the verification equipment after prompting the user, the terminal is required to send a conventional verification code request to the server, a conventional behavior verification process is entered, the server sends a conventional verification code to the terminal, so that the terminal displays the conventional verification code, the conventional verification code is required to be identified by naked eyes of the user and manually added to the input box, and the server can verify the current access behavior of the terminal based on the correctness of characters in the input box; if the terminal determines that the terminal has currently accessed the verification device, it indicates that the access behavior of the terminal can be verified based on the verification device, that is, the following steps 202 to 207 can be continuously performed, so that the terminal is required to send a verification challenge code request to the server, so that the verification code generated and sent by the server can be signed based on the verification device, and user identification and manual input are not required.
202. The server acquires a verification challenge code request of the terminal, generates a verification code and sends the verification code to the terminal, wherein the verification challenge code request is sent after the terminal is determined to be accessed into verification equipment.
In the embodiment of the present invention, when the server detects that the terminal currently has an access behavior, for example, the terminal sends a login request or a download request to the server, the server may send a verification code to the terminal in order to determine whether the current access behavior of the terminal is a human operation or a machine operation. The server can provide a verification page, the terminal acquires and displays the verification page, and when the terminal is detected to access based on the verification page request, the server can send a verification code to the terminal. When receiving the request of the verification challenge code of the terminal, the server can determine that the terminal is currently requesting access. It should be noted that, after acquiring the verification code request of the terminal, the server detects the verification code request; if the server detects that the verification code request is a conventional verification code request, generating a conventional verification code, returning the conventional verification code to the terminal, and verifying the behavior based on the conventional verification code, so that the following steps 203 to 207 do not need to be executed; if the server detects that the verification code request is a verification challenge code request, the verification code generated by the server and returned to the terminal may be signed based on the verification device, so that the subsequent verification device verifies the verification code, that is, the following steps 203 to 207 are performed.
After acquiring the challenge code verification request of the terminal, the server may randomly generate a verification code, where the verification code may be a random number with a length of more than 32 bits, and this is not specifically limited in this embodiment of the present invention. Furthermore, the server may record the generation time of the verification code when generating the verification code, generate a time stamp of the verification code based on the generation time, and transmit the time stamp and the verification code to the terminal together.
203. And the terminal acquires the verification code of the server and sends the verification code to the verification equipment.
In the embodiment of the invention, when the terminal acquires the verification code of the server, the verification code is sent to the verification equipment, so that the verification equipment acquires a confirmation instruction of the verification code after receiving the verification code, and signs the verification code based on the private key. Because data connection exists between the terminal and the verification device, and the connection mode can be various, when the terminal sends the verification code to the verification device, the terminal needs to send the verification code based on a communication interface connected with the verification device. Wherein, the communication interface can be any one of USB, BLE and NFC.
It should be noted that, while the terminal sends the verification code to the verification device, a prompt message may be generated and displayed, and the user is prompted based on the prompt message, so that the user may perform correct confirmation operation, and it is ensured that the verification device may obtain a confirmation instruction for the verification code. For example, the prompt message generated by the terminal may be "please press a key on the verification device", so that when the verification device detects that the key a is pressed, it is determined that the user has performed the confirmation operation, that is, a confirmation instruction for the verification code may be received, and the operation of signing the verification code may be continued.
204. The verification device obtains a verification code of the terminal and a confirmation instruction of the verification code, signs the verification code based on a private key stored in a designated storage space, and generates first signature information.
In the embodiment of the invention, after the verification device acquires the verification code of the terminal, the verification code can be displayed so as to prompt the user that the verification code is received currently, and the verification device can perform confirmation operation and sign the verification code. The server generates a public key and a private key, binds the public key and the private key, generates a public key index of the public key corresponding to the private key, stores the public key in a designated storage space of the server, sends the private key and the public key index to the verification device, and stores the private key and the public key index in the designated storage space of the verification device by the verification device. The asymmetric cryptographic algorithm may be an RAS (encryption algorithm) or an ECC (Elliptic curve Cryptography), and the embodiment of the present invention is not particularly limited thereto.
For different types of verification devices, the mode of obtaining the verification instruction of the verification code can be various, and the user can set the verification code by himself. The verification device can be provided with a confirmation instruction function for setting the acquisition verification code, when the verification device detects that the user triggers the confirmation instruction function, the mode of acquiring the confirmation instruction is displayed, and the mode determined by the user is used as the mode of acquiring the confirmation instruction next time. The method for acquiring the confirmation instruction by the verification device at least comprises the following two methods:
the first mode is that when the click of the user on the verification button is detected, a confirmation instruction of the verification code is obtained.
In the embodiment of the invention, since a plurality of buttons may be arranged on one authentication device, the authentication buttons provided by the authentication device can be set by the user. The authentication apparatus may provide a button setting entry, and list the buttons that can be set as the authentication buttons to the user, and take the target button selected by the user as the authentication button, so as to acquire the confirmation instruction when it is detected that the user clicks the authentication button next time.
And secondly, counting the knocking times of the user when the knocking operation of the user is detected, and acquiring a confirmation instruction of the verification code if the knocking times are consistent with the preset times.
In the embodiment of the invention, as the sensor can be arranged in one verification device and the sensing area is provided based on the sensor, whether the confirmation instruction is acquired or not can be judged by counting the knocking times of the user in the sensing area. The preset times are required to be set in the verification equipment, and when the counted knocking times are consistent with the preset times, the confirmation instruction can be obtained.
The verification device can provide a frequency setting function, when the frequency setting function triggered by a user is detected, a frequency setting page comprising a frequency input box is displayed, the number input by the user in the frequency input box is obtained, the number is used as the preset frequency and is stored, and therefore a confirmation instruction is obtained when the number of times of knocking of the user is counted in the sensing area next time and is consistent with the preset frequency.
On one hand, if the verification device further obtains the timestamp of the verification code, the verification device further signs the timestamp when generating the first signature information, and the generated information is also used as the first signature information; on the other hand, when the verification device generates the first signature information by signing the verification code, the verification device may further obtain the public key index in the designated storage space, sign the public key index, generate the second signature information, and subsequently send the first signature information and the second signature information together to the terminal. The method for generating the second signature information by the verification device is consistent with the method for generating the first signature information, and is not described herein again. In practical applications, if the information received by the verification device is the verification code, the timestamp and the public key index, for convenience, the verification device may sign the verification code, the timestamp and the public key index together, and combine the generated information into signature information.
205. And the verification equipment sends the first signature information, the verification code and the public key index stored corresponding to the private key to the terminal.
In the embodiment of the invention, after the first signature information is generated, the verification device acquires the public key index in the designated storage space, and sends the first signature information, the verification code and the public key index to the terminal based on a communication interface established with the terminal, so that the terminal sends the acquired information to the server, and the server verifies the received information based on the public key corresponding to the private key to determine whether the access behavior of the terminal is operated by a person.
It should be noted that, if the verification device also signs the public key index when generating the first signature information and generates the second signature information, the verification device transmits the first signature information, the verification code, and the public key index to the terminal and also transmits the second signature information to the terminal.
206. The terminal acquires first signature information, a verification code and a public key index of the verification device and sends the first signature information, the verification code and the public key index to the server.
In the embodiment of the invention, after acquiring the first signature information, the verification code and the public key index of the verification device, the terminal sends the first signature information, the verification code and the public key index to the server based on network connection with the server, so that the server verifies the received information based on the public key and determines whether the access behavior of the terminal is operated by a person.
207. The server acquires first signature information, a verification code and a public key index of the terminal, determines a public key according to the public key index, and decrypts the first signature information based on the public key; if the public key successfully decrypts the first signature information, determining that the access behavior of the terminal is manual operation; and if the decryption of the public key to the first signature information fails, determining that the access behavior of the terminal is not manual operation.
In the embodiment of the invention, after the server acquires the first signature information, the verification code and the public key index of the terminal, firstly, a public key corresponding to the public key index is searched in a specified storage space according to the public key index, and the searched public key is determined and acquired; then, the first signature information is decrypted based on the public key, and whether the first signature information is generated based on a private key corresponding to the public key is determined based on whether the decryption is successful. If the public key successfully decrypts the first signature information, determining that the first signature information is generated based on a private key corresponding to the public key, and determining that the current access behavior of the terminal is manual operation; and if the decryption of the first signature information by the public key fails, determining that the first signature information is not generated based on the private key corresponding to the public key, and determining that the current access behavior of the terminal is not manual operation.
It should be noted that, if the server further obtains the second signature information of the terminal, the server may further decrypt the second signature information based on the public key, and determine whether the access behavior of the terminal is an operation person according to a decryption result. The process of decrypting and judging the second signature information by the server based on the public key is consistent with the process of decrypting and judging the first signature information, and the process is not repeated here.
In actual application, since lawless persons are likely to modify the verification device so as to simulate human key operation and knocking operation, in order to improve the difficulty of modifying the verification device, the uncovering damage function can be designed for the verification device, so that the uncovering of the verification device is invalid, and the modification cannot be performed.
In practical applications, referring to fig. 2B, the practical operation flow is as follows: when the terminal detects a login request or an information query request on a login page or a query page, judging whether the terminal is currently accessed to a verification device; if the terminal determines that the verification equipment is not accessed currently, performing a conventional verification code verification program; if the terminal determines that the authentication device is accessed currently, the terminal requests the server to enter a device authentication flow (namely, sends an authentication challenge code request to the server); when the server receives the request of the verification challenge code, generating a verification code, sending the verification code to the terminal, and sending the verification code to verification equipment by the terminal based on the communication interface; after receiving the verification code, the verification device calls a private key to sign the verification code to generate first signature information, the verification code and the public key index are sent to the terminal, and the terminal sends the received information to the server; the server checks the received information based on a public key corresponding to the public key index, if the check is successful, the current access behavior of the terminal is determined to be manual operation, and the next normal operation flow is entered; if the signature verification fails, the current access behavior of the terminal is most likely machine operation, and the terminal is required to jump to a login or inquiry page again to verify the access behavior.
In the method provided by the embodiment of the invention, the electronic equipment signs the verification code based on the private key stored in the appointed storage space of the electronic equipment by acquiring the verification code and the confirmation instruction of the verification code to generate first signature information, and sends the first signature information, the verification code and the public key index stored corresponding to the private key to the server so that the server verifies the received information and determines whether the access behavior of the terminal is operated by a person or not, the user only needs to send the confirmation instruction of the verification code to the electronic equipment without identifying the verification code, and the machine cannot complete the triggering process because the confirmation instruction needs to be triggered by manual operation of the person on the electronic equipment, so that the server can determine that the current access behavior of the terminal is operated by the person as long as receiving the confirmation instruction, thereby avoiding the condition of wrong identification of the verification code, the verification efficiency is improved, and the accuracy is higher.
Fig. 3A is a block diagram illustrating an apparatus for behavior verification based on a verification code, according to an example embodiment. Referring to fig. 3A, the apparatus includes an acquisition module 301, a signature module 302, and a transmission module 303.
The obtaining module 301 is configured to obtain a verification code of the terminal, where the verification code is generated by the server and sent to the terminal;
the signature module 302 is configured to obtain a confirmation instruction for the verification code, sign the verification code based on a private key stored in a designated storage space of the electronic device, and generate first signature information;
the sending module 303 is configured to send the first signature information, the verification code, and the public key index stored in correspondence with the private key to the terminal, so that the terminal sends the acquired information to the server, and the server verifies the received information based on the public key corresponding to the private key, and determines whether the access behavior of the terminal is operated by a person.
In the device provided by the embodiment of the invention, the electronic equipment signs the verification code based on the private key stored in the appointed storage space of the electronic equipment by acquiring the verification code and the confirmation instruction of the verification code to generate the first signature information, and sends the first signature information, the verification code and the public key index stored corresponding to the private key to the server so that the server verifies the received information and determines whether the access behavior of the terminal is operated by a person or not, the user only needs to send the confirmation instruction of the verification code to the electronic equipment without identifying the verification code, and the machine cannot complete the triggering process because the confirmation instruction needs to be triggered by manual operation of the person on the electronic equipment, so that the server can determine that the current access behavior of the terminal is operated as long as receiving the confirmation instruction, thereby avoiding the condition of wrong identification of the verification code by the person, the verification efficiency is improved, and the accuracy is higher.
In another embodiment, the signature module 302 is configured to, when a click of a verification button by a user is detected, obtain a confirmation instruction for a verification code, sign the verification code based on a private key, and generate first signature information; or when the knocking operation of the user is detected, counting the knocking times of the user, if the knocking times are consistent with the preset times, acquiring a confirmation instruction of the verification code, and signing the verification code based on the private key to generate first signature information.
In another embodiment, the signature module 302 is further configured to sign the public key index when signing the verification code, and generate second signature information;
the sending module 303 is further configured to send the second signature information to the terminal when sending the first signature information.
In another embodiment, referring to fig. 3B, the apparatus further comprises a storage module 304.
The storage module 304 is configured to store a public key index of a private key and a public key corresponding to the private key, where the private key and the public key are generated by the server.
Fig. 4A is a block diagram illustrating an apparatus for behavior verification based on a verification code, according to an example embodiment. Referring to fig. 4A, the apparatus includes an authentication code acquisition module 401, a first transmission module 402, an information acquisition module 403, and a second transmission module 404.
The verification code obtaining module 401 is configured to obtain a verification code of a server, where the verification code is generated by the server;
the first sending module 402 is configured to send the verification code to the electronic device, so that the electronic device obtains a confirmation instruction of the verification code after receiving the verification code, and signs the verification code based on a private key;
the information obtaining module 403 is configured to obtain first signature information sent by the electronic device after signing the verification code;
the second sending module 404 is configured to send the first signature information, the verification code, and the public key index to the server, so that the server verifies the received information based on the public key, and determines whether the access behavior of the terminal is operation.
In the device provided by the embodiment of the invention, the terminal sends the verification code to the electronic equipment by obtaining the verification code, so that the electronic equipment signs the verification code based on the private key stored in the appointed storage space to generate the first signature information, receives the first signature information of the electronic equipment, and sends the first signature information, the verification code and the public key index stored corresponding to the private key to the server, so that the server verifies the received information to determine whether the access behavior of the terminal is an operation, a user only needs to send a confirmation instruction of the verification code to the electronic equipment without identifying the verification code, and the server can determine that the current access behavior of the terminal is a manual operation as long as the server receives the confirmation instruction because the confirmation instruction needs to be triggered by manual operation on the electronic equipment by a person and the machine cannot complete the triggering process, the condition of wrong identification of the verification code is avoided, the verification efficiency is improved, and the accuracy is higher.
In another embodiment, the first sending module 402 is configured to send the verification code to the electronic device based on the communication interface; the communication interface is at least Universal Serial Bus (USB), Bluetooth Low Energy (BLE) and short-distance data exchange (NFC).
In another embodiment, the first sending module 402 is further configured to generate a prompt message when the verification code is sent to the electronic device, and display the prompt message, so that the user performs a confirmation operation on the electronic device based on the prompt message.
In another embodiment, referring to fig. 4B, the apparatus further includes a determining module 405 and a third sending module 406.
The judging module 405 is configured to judge whether the electronic device is currently accessed;
the third sending module 406 is configured to send a conventional verification code request to the server if it is determined that the electronic device is not currently accessed, so as to directly display the verification code, obtain information input in the verification code input box, and determine whether an access behavior of the terminal is operated by a person;
the third sending module 406 is further configured to send a challenge code verification request to the server if it is determined that the electronic device has been currently accessed, so as to perform the above-mentioned process of determining whether the access behavior of the terminal is a manual operation.
Fig. 5A is a block diagram illustrating an apparatus for behavior verification based on a verification code, according to an example embodiment. Referring to fig. 5A, the apparatus includes a generation module 501, a transmission module 502, and a verification module 503.
The generating module 501 is configured to obtain a challenge code verification request of a terminal, generate a verification code, and send the challenge code verification request after determining that the terminal accesses the electronic device;
the sending module 502 is configured to send the verification code to the terminal, so that the terminal sends the verification code to the electronic device, and after receiving the verification code, the electronic device obtains a confirmation instruction for the verification code, signs the verification code based on a private key, and generates first signature information;
the verification module 503 is configured to obtain first signature information, a verification code, and a public key index of the terminal, determine a public key based on the public key index, verify the received information according to the public key, and determine whether an access behavior of the terminal is an operation person.
In the apparatus provided in an embodiment of the present invention, the server sends the generated verification code to the terminal, so that the terminal sends the verification code to the electronic device, the electronic device obtains a confirmation instruction for the verification code after receiving the verification code, signs the verification code based on a private key stored in a designated storage space of the electronic device, generates first signature information, obtains the first signature information, the verification code, and a public key index stored in correspondence with the private key of the terminal, determines a public key based on the public key index, verifies the received information according to the public key, determines whether an access behavior of the terminal is a person operation, and the user only needs to issue the confirmation instruction for the verification code to the electronic device without identifying the verification code, and since the confirmation instruction is triggered by a manual operation performed by a person on the electronic device and the machine cannot complete the triggering process, therefore, the server can determine that the current access behavior of the terminal is manual operation as long as receiving the confirmation instruction, so that the condition of identification error of the verification code is avoided, the verification efficiency is improved, and the accuracy is higher.
In another embodiment, referring to fig. 5B, the verification module 503 includes a decryption sub-module 5031 and a determination sub-module 5032.
The decryption submodule 5031 is configured to decrypt the first signature information based on the public key;
the determining sub-module 5032 is configured to determine that the access behavior of the terminal is a manual operation if the public key succeeds in decrypting the first signature information;
the determining sub-module 5032 is further configured to determine that the access behavior of the terminal is not artificial if the decryption of the first signature information by the public key fails.
In another embodiment, referring to fig. 5C, the verification module 503 includes a lookup sub-module 5033 and an acquisition sub-module 5034.
The searching submodule 5033 is configured to search, according to the public key index, a public key corresponding to the public key index in the specified storage space;
the obtaining sub-module 5034 is configured to determine and obtain the found public key.
It should be noted that: in the behavior verification apparatus provided in the above embodiment, only the division of the functional modules is illustrated in the example of the behavior verification, and in practical applications, the functions may be distributed by different functional modules as needed, that is, the internal structure of the device is divided into different functional modules to complete all or part of the functions described above. In addition, the apparatus for behavior verification and the method embodiment for behavior verification provided by the above embodiments belong to the same concept, and specific implementation processes thereof are detailed in the method embodiment and are not described herein again.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
Fig. 6 is a block diagram illustrating a card writing apparatus 600 according to an example embodiment. For example, the apparatus 600 may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, an exercise device, a personal digital assistant, and the like.
Referring to fig. 6, apparatus 600 may include one or more of the following components: processing component 602, memory 604, power component 606, multimedia component 608, audio component 610, interface to I/O (Input/Output) 612, sensor component 614, and communication component 616.
The processing component 602 generally controls overall operation of the device 600, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing component 602 may include one or more processors 620 to execute instructions to perform all or a portion of the steps of the methods described above. Further, the processing component 602 can include one or more modules that facilitate interaction between the processing component 602 and other components. For example, the processing component 602 can include a multimedia module to facilitate interaction between the multimedia component 608 and the processing component 602.
The memory 604 is configured to store various types of data to support operations at the apparatus 600. Examples of such data include instructions for any application or method operating on device 600, contact data, phonebook data, messages, pictures, videos, and so forth. The Memory 604 may be implemented by any type of volatile or non-volatile Memory device or combination thereof, such as an SRAM (Static Random Access Memory), an EEPROM (Electrically-Erasable Programmable Read-Only Memory), an EPROM (Erasable Programmable Read-Only Memory), a PROM (Programmable Read-Only Memory), a ROM (Read-Only Memory), a magnetic Memory, a flash Memory, a magnetic disk, or an optical disk.
Power supply component 606 provides power to the various components of device 600. The power components 606 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the apparatus 600.
The multimedia component 608 includes a screen that provides an output interface between the device 600 and a user. In some embodiments, the screen may include an LCD (Liquid Crystal Display) and a TP (touch panel). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 608 includes a front facing camera and/or a rear facing camera. The front camera and/or the rear camera may receive external multimedia data when the device 600 is in an operating mode, such as a shooting mode or a video mode. Each of the front and rear cameras may be a fixed optical lens system or have a focal length and optical zoom capability.
The audio component 610 is configured to output and/or input audio signals. For example, the audio component 610 includes a Microphone (MIC) configured to receive external audio signals when the device 600 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signal may further be stored in the memory 604 or transmitted via the communication component 616. In some embodiments, audio component 610 further includes a speaker for outputting audio signals.
The I/O interface 612 provides an interface between the processing component 602 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: a home button, a volume button, a start button, and a lock button.
The sensor component 614 includes one or more sensors for providing status assessment of various aspects of the apparatus 600. For example, the sensor component 614 may detect an open/closed state of the device 600, the relative positioning of the components, such as a display and keypad of the apparatus 600, the sensor component 614 may also detect a change in position of the apparatus 600 or a component of the apparatus 600, the presence or absence of user contact with the apparatus 600, orientation or acceleration/deceleration of the apparatus 600, and a change in temperature of the apparatus 600. The sensor assembly 614 may include a proximity sensor configured to detect the presence of a nearby object without any physical contact. The sensor assembly 614 may also include a light sensor, such as a CMOS (Complementary Metal oxide semiconductor) or CCD (Charge-coupled Device) image sensor, for use in imaging applications. In some embodiments, the sensor assembly 614 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
The communication component 616 is configured to facilitate communications between the apparatus 600 and other devices in a wired or wireless manner. The apparatus 600 may access a wireless network based on a communication standard, such as WiFi, 2G or 3G, or a combination thereof. In an exemplary embodiment, the communication component 616 receives broadcast signals or broadcast related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the Communication component 616 further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on an RFID (Radio frequency identification) technology, an IrDA (infrared-Data Association) technology, an UWB (Ultra Wideband) technology, a BT (Bluetooth) technology, and other technologies.
In an exemplary embodiment, the apparatus 600 may be implemented by one or more ASICs (Application specific integrated circuits), DSPs (Digital signal processors), DSPDs (Digital signal processing devices), PLDs (Programmable logic devices), FPGAs (Field Programmable Gate arrays), controllers, microcontrollers, microprocessors or other electronic components for performing the above-described method of behavior verification based on verification codes.
In an exemplary embodiment, a non-transitory computer readable storage medium comprising instructions, such as the memory 604 comprising instructions, executable by the processor 620 of the apparatus 600 to perform the above-described method is also provided. For example, the non-transitory computer readable storage medium may be a ROM, a RAM (Random Access Memory), a CD-ROM (Compact Disc Read-Only Memory), a magnetic tape, a floppy disk, an optical data storage device, and the like. A computer-readable storage medium, wherein instructions that, when executed by a processor of a behavior verification device, enable the behavior verification device to perform the above-described method for performing behavior verification based on verification codes.
An electronic device comprising a memory and a processor, wherein the memory stores at least one instruction, at least one program, a set of codes, or a set of instructions, and the at least one instruction, the at least one program, the set of codes, or the set of instructions is loaded and executed by the processor to implement the above method for behavior verification based on verification codes.
A computer readable storage medium having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, which is loaded and executed by a processor to perform the above method for behavior verification based on verification codes.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (15)

1. A method for behavior verification based on verification codes, the method comprising:
acquiring a verification code of a terminal, wherein the verification code is generated by a server and is sent to the terminal;
acquiring a confirmation instruction of the verification code, signing the verification code based on a private key stored in a designated storage space of the electronic equipment, and generating first signature information;
and sending the first signature information, the verification code and a public key index stored corresponding to the private key to the terminal so that the terminal sends the acquired information to the server, and the server verifies the received information based on the public key corresponding to the private key to determine whether the access behavior of the terminal is operated by a person.
2. The method of claim 1, wherein obtaining the validation instruction for the verification code, signing the verification code based on a private key stored in a designated storage space of the electronic device, and generating first signature information comprises:
when the click of a user on a verification button is detected, a confirmation instruction of the verification code is obtained, the verification code is signed based on a private key, and first signature information is generated; or the like, or, alternatively,
when the knocking operation of the user is detected, counting the knocking times of the user, if the knocking times are consistent with the preset times, acquiring a confirmation instruction of the verification code, signing the verification code based on a private key, and generating first signature information.
3. The method of claim 2, further comprising:
when the verification code is signed, signing the public key index to generate second signature information;
and when the first signature information is sent, sending the second signature information to the terminal.
4. The method according to any one of claims 1 to 3, wherein before the obtaining the authentication code of the terminal, the method further comprises:
storing a public key index of a private key and a public key corresponding to the private key, the private key and the public key being generated by the server.
5. A method for behavior verification based on verification codes, the method comprising:
acquiring a verification code of a server, wherein the verification code is generated by the server;
sending the verification code to electronic equipment so that the electronic equipment obtains a confirmation instruction of the verification code after receiving the verification code and signs the verification code based on a private key;
acquiring first signature information sent by the electronic equipment after signing the verification code;
and sending the first signature information, the verification code and the public key index to the server so that the server verifies the received information based on the public key and determines whether the access behavior of the terminal is operated by a person.
6. The method of claim 5, wherein sending the verification code to an electronic device comprises:
sending the verification code to the electronic device based on a communication interface;
the communication interface is at least Universal Serial Bus (USB), Bluetooth Low Energy (BLE) and short-distance data exchange (NFC).
7. The method of claim 6, further comprising:
and when the verification code is sent to the electronic equipment, generating a prompt message, and displaying the prompt message so that a user executes confirmation operation on the electronic equipment based on the prompt message.
8. The method according to any one of claims 5 to 7, wherein before obtaining the verification code of the server, the method further comprises:
judging whether the electronic equipment is accessed currently;
if the electronic equipment is determined not to be accessed currently, sending a conventional verification code request to the server so as to directly display the verification code, acquiring information input in a verification code input box, and determining whether the access behavior of the terminal is operation;
and if the electronic equipment is determined to be accessed currently, sending a verification challenge code request to the server so as to execute the process of determining whether the access behavior of the terminal is a manual operation.
9. A method for behavior verification based on verification codes, the method comprising:
acquiring a verification challenge code request of a terminal, and generating a verification code, wherein the verification challenge code request is sent after the terminal is determined to be accessed to electronic equipment;
sending the verification code to the terminal so that the terminal sends the verification code to the electronic equipment, obtaining a confirmation instruction of the verification code by the electronic equipment after receiving the verification code, signing the verification code based on a private key, and generating first signature information;
the first signature information, the verification code and a public key index of the terminal are obtained, a public key is determined based on the public key index, the received information is verified according to the public key, and whether the access behavior of the terminal is operated by a person or not is determined.
10. The method of claim 9, wherein the verifying the received information according to the public key and determining whether the access behavior of the terminal is human operation comprises:
decrypting the first signature information based on the public key;
if the public key is used for successfully decrypting the first signature information, determining that the access behavior of the terminal is manual operation;
and if the public key fails to decrypt the first signature information, determining that the access behavior of the terminal is not manual operation.
11. The method of claim 9 or 10, wherein the determining a public key based on the public key index comprises:
searching a public key corresponding to the public key index in a designated storage space according to the public key index;
and determining and acquiring the searched public key.
12. An apparatus for behavior verification based on a verification code, the apparatus comprising:
the terminal comprises an acquisition module, a verification module and a verification module, wherein the acquisition module is used for acquiring a verification code of the terminal, and the verification code is generated by a server and is sent to the terminal;
the signature module is used for acquiring a confirmation instruction of the verification code, signing the verification code based on a private key stored in a specified storage space of the electronic equipment and generating first signature information;
and the sending module is used for sending the first signature information, the verification code and a public key index stored corresponding to the private key to the terminal so that the terminal sends the acquired information to the server, and the server verifies the received information based on the public key corresponding to the private key to determine whether the access behavior of the terminal is operated by a person.
13. An apparatus for behavior verification based on a verification code, the apparatus comprising:
the generating module is used for acquiring a verification challenge code request of a terminal and generating a verification code, wherein the verification challenge code request is sent after the terminal is determined to be accessed to the electronic equipment;
the sending module is used for sending the verification code to the terminal so that the terminal sends the verification code to the electronic equipment, the electronic equipment obtains a confirmation instruction of the verification code after receiving the verification code, the verification code is signed based on a private key, and first signature information is generated;
the verification module is used for acquiring the first signature information, the verification code and a public key index of the terminal, determining a public key based on the public key index, verifying the received information according to the public key, and determining whether the access behavior of the terminal is operated by a person.
14. An electronic device comprising a memory and a processor, wherein the memory has stored therein at least one instruction, at least one program, a set of codes, or a set of instructions that are loaded and executed by the processor to implement the method for verification of behavior based on a verification code of any of claims 1-11.
15. A computer-readable storage medium, having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, which is loaded and executed by a processor to perform the method for verification of behavior based on a verification code according to any one of claims 1 to 11.
CN201710427641.9A 2017-06-08 2017-06-08 Behavior verification method and device based on verification code Active CN109039990B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710427641.9A CN109039990B (en) 2017-06-08 2017-06-08 Behavior verification method and device based on verification code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710427641.9A CN109039990B (en) 2017-06-08 2017-06-08 Behavior verification method and device based on verification code

Publications (2)

Publication Number Publication Date
CN109039990A CN109039990A (en) 2018-12-18
CN109039990B true CN109039990B (en) 2020-07-07

Family

ID=64629437

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710427641.9A Active CN109039990B (en) 2017-06-08 2017-06-08 Behavior verification method and device based on verification code

Country Status (1)

Country Link
CN (1) CN109039990B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020144527A1 (en) * 2019-01-10 2020-07-16 Innolab Engineering Sàrl Network-connectable sensing device
CN109992976B (en) * 2019-02-27 2024-07-02 平安科技(深圳)有限公司 Access credential verification method, device, computer equipment and storage medium
CN110062002A (en) * 2019-04-29 2019-07-26 核芯互联科技(青岛)有限公司 A kind of method for authenticating and Related product
CN110611598B (en) * 2019-10-15 2022-03-18 浙江齐治科技股份有限公司 Method, device and system for realizing challenge code
CN111193595B (en) * 2019-11-28 2023-05-09 腾讯云计算(北京)有限责任公司 Error detection method, device, equipment and storage medium for electronic signature
CN111245870B (en) * 2020-04-26 2020-08-14 国网电子商务有限公司 Identity authentication method based on mobile terminal and related device
CN112233287B (en) * 2020-10-19 2023-01-24 北京安恒利通科技股份公司 Automatic unlocking method of intelligent lock and intelligent lock system
CN112717417B (en) * 2020-12-31 2025-02-07 新浪技术(中国)有限公司 A human-machine identification method and device
CN114726595B (en) * 2022-03-24 2023-09-29 中科吉芯(昆山)信息科技有限公司 Method for authenticating identity of man-machine by using space-time information

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103488922A (en) * 2013-08-27 2014-01-01 百度在线网络技术(北京)有限公司 Method and equipment for providing verification code
CN104680376A (en) * 2015-03-13 2015-06-03 中国工商银行股份有限公司 Transaction information verification method and device
CN105681340A (en) * 2016-03-07 2016-06-15 吴晓军 Digital certificate use method and apparatus
US9436930B2 (en) * 2012-11-28 2016-09-06 Emc Corporation Method and apparatus for recognizing image content
CN105991519A (en) * 2015-01-29 2016-10-05 阿里巴巴集团控股有限公司 Method, device and system of verifying identifying codes

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014068632A1 (en) * 2012-10-29 2014-05-08 三菱電機株式会社 Facility management device, facility management system and program

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9436930B2 (en) * 2012-11-28 2016-09-06 Emc Corporation Method and apparatus for recognizing image content
CN103488922A (en) * 2013-08-27 2014-01-01 百度在线网络技术(北京)有限公司 Method and equipment for providing verification code
CN105991519A (en) * 2015-01-29 2016-10-05 阿里巴巴集团控股有限公司 Method, device and system of verifying identifying codes
CN104680376A (en) * 2015-03-13 2015-06-03 中国工商银行股份有限公司 Transaction information verification method and device
CN105681340A (en) * 2016-03-07 2016-06-15 吴晓军 Digital certificate use method and apparatus

Also Published As

Publication number Publication date
CN109039990A (en) 2018-12-18

Similar Documents

Publication Publication Date Title
CN109039990B (en) Behavior verification method and device based on verification code
RU2643473C2 (en) Method and tools for fingerprinting identification
CN105847243B (en) Method and device for accessing intelligent camera
CN106453245B (en) Verify the method and device of identity
CN104125067B (en) Account and token secret key binding method and device
CN105656948A (en) Account login method and device
TWI761843B (en) Access control method and device, electronic device and storage medium
CN111368232A (en) Password sharing reflux method and device, electronic equipment and storage medium
CN107230060B (en) Account loss reporting method and device
KR101642019B1 (en) Method, apparatus, program, and recording medium of verifying terminal
CN105491250B (en) Recognition methods, device and the equipment of the incoming number true and false
CN106097494A (en) The method for unlocking of smart lock and device
EP3176719B1 (en) Methods and devices for acquiring certification document
US9667784B2 (en) Methods and devices for providing information in voice service
CN111917728A (en) Password verification method and device
CN107145771B (en) Application program unlocking method and device and terminal
US9667424B2 (en) Methods and apparatuses for binding token key to account
CN104125267A (en) Account protection method, device and terminal equipment
CN110008668B (en) Data processing method, device and storage medium
CN105282162A (en) Processing method and device for account management business
CN105681261A (en) Security authentication method and apparatus
CN109246094B (en) User terminal verification method, device and storage medium
CN106651379A (en) Payment method and device
CN114124462B (en) Verification code transmission method and device, electronic equipment and storage medium
CN106712960B (en) Processing method and device of verification code information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant