[go: up one dir, main page]

CN110912901A - Application login verification method, device and system - Google Patents

Application login verification method, device and system Download PDF

Info

Publication number
CN110912901A
CN110912901A CN201911180516.8A CN201911180516A CN110912901A CN 110912901 A CN110912901 A CN 110912901A CN 201911180516 A CN201911180516 A CN 201911180516A CN 110912901 A CN110912901 A CN 110912901A
Authority
CN
China
Prior art keywords
login
logged
module
end equipment
security level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911180516.8A
Other languages
Chinese (zh)
Inventor
李宁馨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN201911180516.8A priority Critical patent/CN110912901A/en
Publication of CN110912901A publication Critical patent/CN110912901A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides an application login verification method, device and system, wherein the method comprises the steps of receiving a user login request sent by front-end equipment; the user login request comprises an identifier of a module to be logged in and a user identifier; inquiring the identifier of the module to be logged in a security level set, and determining the security level of the module to be logged in; acquiring a login authentication mechanism corresponding to the security level and the user identifier; and carrying out validity verification on the front-end equipment based on the login verification mechanism. The invention can set corresponding security levels for different modules according to the importance degree and set different login verification mechanisms for different security levels, so that different functional modules in the bank application have corresponding login verification mechanisms, and the bank application can be operated more conveniently and has higher security after a unified login verification mechanism is abandoned.

Description

Application login verification method, device and system
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method, an apparatus, and a system for verifying application login.
Background
In order to facilitate the use of banking functions by users, most banks are provided with banking Applications (APPs) so that users can use the banking applications to handle business.
As the bank application relates to user privacy and fund, in order to protect the user privacy security and fund security, the bank application is provided with a login verification mechanism, and can log in the bank application only through the login verification mechanism to check and use various functions provided by the bank application.
At present, a bank application is provided with a plurality of functional modules, the functional modules in the bank application adopt a unified manual login verification mechanism, and all the functional modules can be used after a user is confirmed to pass the login verification mechanism.
However, the importance degree of different function modules in the bank application is different, and some function modules belong to importance modules, such as transfer and query; some function modules belong to non-importance modules, such as information.
If different functional modules all adopt a uniform login authentication mechanism, a user still needs to manually log in and increase user operations when logging in an unimportant module, and the user still adopts general manual login when logging in an important module, so that a strengthened authentication mode is lacked.
Disclosure of Invention
In view of the above, the invention provides an application login verification method, device and system, which can adopt different login mechanisms according to the importance degree of modules in bank application, can adopt automatic login for non-important modules so as to facilitate the use of users, and can adopt a strengthened verification mechanism for important modules so as to improve the safety of the modules.
In order to achieve the above object, the present application provides the following technical features:
an application login authentication method, comprising:
receiving a user login request sent by front-end equipment; the user login request comprises an identifier of a module to be logged in and a user identifier;
inquiring the identifier of the module to be logged in a security level set, and determining the security level of the module to be logged in;
acquiring a login authentication mechanism corresponding to the security level and the user identifier;
and carrying out validity verification on the front-end equipment based on the login verification mechanism.
Optionally, before the obtaining the login authentication mechanism corresponding to the security level and the user identifier, the method further includes:
judging whether the front-end equipment has a logged-in module;
if the front-end equipment has a logged module, determining the security level of the logged module;
if the security level of the module to be logged in is not higher than that of the logged-in module, skipping the steps of acquiring a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism, and determining that the front-end equipment passes validity authentication;
if the front-end equipment does not have a logged module, or if the security level of the module to be logged in is higher than that of the logged module, the steps of obtaining a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism are executed.
Optionally, the security level set includes a plurality of security levels with sequentially higher levels, and a plurality of login authentication mechanisms corresponding to the plurality of security levels one to one;
the level of the login authentication mechanism with the high security level is higher than that of the login authentication mechanism with the low security level.
Optionally, the set of security levels includes:
an automatic login level, a general login level and an enhanced login level, wherein the enhanced login level is higher than the general login level, and the general login level is higher than the automatic login level;
the login authentication mechanism at the automatic login level is null;
the login authentication mechanism of the general login level comprises a password authentication mechanism and a user password;
the login authentication mechanism for enhancing the login level comprises a biological characteristic authentication mechanism and a user biological password.
Optionally, before receiving the user login request sent by the front-end device, the method further includes:
and determining a personalized login authentication mechanism set by the user for a plurality of security levels through interface interaction.
An application login authentication apparatus comprising:
the receiving unit is used for receiving a user login request sent by the front-end equipment; the user login request comprises an identifier of a module to be logged in and a user identifier;
the determining unit is used for inquiring the identifier of the module to be logged in the security level set and determining the security level of the module to be logged in;
the acquisition unit is used for acquiring a login authentication mechanism corresponding to the security level and the user identification;
and the verification unit is used for verifying the validity of the front-end equipment based on the login verification mechanism.
Optionally, before the obtaining unit, the method further includes:
the first judgment unit is used for judging whether the front-end equipment has a logged-in module or not; if the front-end equipment has a logged-in module, entering a grade determining unit; if the front-end equipment does not have a logged module, entering the acquisition unit;
a level determining unit for determining a security level of the logged module;
the second judgment unit is used for judging whether the security level of the module to be logged in is higher than that of the logged module;
if the security level of the module to be logged in is not higher than that of the logged-in module, skipping the acquisition unit and the verification unit and determining that the front-end equipment passes validity verification;
and if the security level of the module to be logged in is higher than that of the logged module, entering the acquisition unit.
An application login verification system comprising:
the front-end equipment is used for receiving and sending a user login request through interface interaction; the user login request comprises an identifier of a module to be logged in and a user identifier;
a database server for storing a set of security levels;
the back-end equipment is used for receiving a user login request sent by the front-end equipment; querying the identifier of the module to be logged in a security level set stored in the database server, and determining the security level of the module to be logged in; acquiring a login authentication mechanism corresponding to the security level and the user identifier; and carrying out validity verification on the front-end equipment based on the login verification mechanism.
Optionally, the back-end device is further configured to determine whether the front-end device has a logged-in module before the login authentication mechanism corresponding to the security level is acquired;
if the front-end equipment has a logged module, determining the security level of the logged module;
if the security level of the module to be logged in is not higher than that of the logged-in module, skipping the steps of acquiring a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism, and determining that the front-end equipment passes validity authentication;
if the front-end equipment does not have a logged module, or if the security level of the module to be logged in is higher than that of the logged module, the steps of obtaining a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism are executed.
Optionally, the back-end device is further configured to interact with the front-end device through an interface before receiving the user login request sent by the front-end device, and determine a personalized login authentication mechanism set by the user for the multiple security levels in the security level set; sending a plurality of individualized login verification mechanisms and user identifications set by security levels to a database server;
and the database server is also used for correspondingly storing the user identification and an individualized login verification mechanism set by a plurality of security levels.
Through the technical means, the following beneficial effects can be realized:
the invention can set corresponding security levels for different modules according to the importance degree and set different login verification mechanisms for different security levels, so that different functional modules in the bank application have corresponding login verification mechanisms, and the bank application can be operated more conveniently and has higher security after a unified login verification mechanism is abandoned.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of an application login verification system according to an embodiment of the present invention;
FIG. 2 is a flowchart of an application login verification method according to an embodiment of the present invention;
fig. 3 is a flowchart of a first embodiment of an application login authentication method disclosed in the embodiments of the present invention;
fig. 4 is a flowchart of a second embodiment of an application login authentication method disclosed in the embodiments of the present invention;
fig. 5 is a schematic structural diagram of an application login authentication apparatus according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of another application login authenticator apparatus according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides an application login authentication system, comprising:
a front-end device 100, a database server 200, and a back-end device 300.
On the basis of the application login authentication system shown in fig. 1, the pre-configuration process of the present invention is first described, and applied to the backend device 300. Referring to fig. 2, the following steps may be included:
step S201: a plurality of security levels are determined.
A plurality of security levels with successively higher levels is determined. For example, an automatic login level, a general login level, and an enhanced login level, and the enhanced login level is higher than the general login level, and the general login level is higher than the automatic login level.
The back-end device may receive a plurality of security levels set by a technician according to an actual application scenario, and store the plurality of security levels. Of course, other ways may be used, and the invention is not limited to the specific implementation.
Step S202: and determining the security levels of the plurality of functional modules according to the importance degrees of the plurality of functional modules.
The back-end equipment can determine the importance degree of each functional module according to the actual application scene, and respectively endow each functional module with a corresponding security level according to the importance degree.
Of course, the backend device may also directly receive the security levels of the plurality of functional modules, where the security levels of the plurality of functional modules are determined in advance according to the importance levels of the respective functional modules. Of course, other ways may be used, and the invention is not limited to the specific implementation.
Step S203: the back-end equipment sets one or more login authentication mechanisms for different security levels, and the level of the login authentication mechanism with the high security level is higher than that of the login authentication mechanism with the low security level.
In order to avoid using a unified login authentication mechanism, different login authentication mechanisms may be set for different security levels, respectively, and one security level may correspond to one or more login authentication mechanisms. For example, a general security level may employ a password login mechanism, an authentication code login mechanism, a short message authentication login mechanism, and the like.
It can be understood that, since the security level has a high-low score and correspondingly the login authentication mechanism also has a high-low score, and the level of the login authentication mechanism with the high security level is higher than that of the login authentication mechanism with the low security level, the purpose of setting the corresponding authentication login mechanisms for different functions can be achieved.
Step S204: a set of security levels is generated.
The security level set comprises a plurality of security levels with gradually increasing levels, each security level comprises identifications of a plurality of function modules to indicate that the function modules belong to the security level, and each security level corresponds to one or more login authentication mechanisms.
Alternatively, the banking application may set a default login authentication mechanism for each security level.
Optionally, in order to achieve better user experience, the front-end device may perform interface interaction with the back-end device, so that the user may set a login authentication mechanism for different security levels according to the preference of the user.
When a user sets login authentication mechanisms with different security levels according to own preference, the back-end equipment needs to verify whether the login authentication mechanisms of all the security levels meet the condition of increasing step by step, namely the level of the login authentication mechanism with the high security level is higher than that of the login authentication mechanism with the low security level.
If the login authentication mechanism set by the user according to the preference meets the condition, the login authentication mechanism set by the user is saved, and if the login authentication mechanism does not meet the condition, the user is reminded to replace other login authentication mechanisms.
The invention provides an embodiment I of an application login verification method, which is applied to back-end equipment. Referring to fig. 3, the following steps may be included:
step S300: the front-end equipment generates a user login request through interface interaction and sends the user login request to the back-end equipment. The user login request comprises an identifier of the module to be logged in and a user identifier.
The front-end equipment can be electronic equipment such as mobile equipment and desktop computers, and bank application is installed in the front-end equipment. And under the condition that the user needs to log in the bank application, generating a user login request through interface interaction.
The user login request comprises the identifier of the functional module to be logged in selected by the user and the user identifier. The front-end device may send a user login request to the back-end device.
Step S301: the back-end equipment receives a user login request sent by the front-end equipment.
Step S302: and the back-end equipment inquires the identifier of the module to be logged in the security level set and determines the security level of the module to be logged in.
The security level set in the database server comprises a plurality of security levels with gradually increasing levels, each security level comprises identifications of a plurality of functional modules to indicate that the functional modules belong to the security level, and each security level corresponds to one or more login authentication mechanisms.
The back-end equipment inquires the identification of the module to be logged in a security level set in the database server, and the security level of the module to be logged in can be obtained after the inquiry.
Step S303: and the back-end equipment acquires a login authentication mechanism corresponding to the security level and the user identification.
The back-end device may obtain, from the security level set of the database server, a login authentication mechanism corresponding to the security level and the user identifier of the module to be logged in. One login authentication mechanism includes a login authentication means and a user password, e.g., a password login means and a user password.
Step S304: and the back-end equipment carries out validity verification on the front-end equipment based on the login verification mechanism.
And the back-end equipment performs validity verification on the front-end equipment based on a login verification mechanism. Take login authentication mechanism as password login mode and user password as example. The back-end equipment informs the front-end equipment of adopting a password login sending mode so that the front-end equipment can display a password login interface.
After the user fills in the password, the front-end equipment sends the user filling password to the back-end equipment so that the back-end equipment can compare the user filling password with the pre-stored user password, if the user filling password is consistent with the pre-stored user password, the legality verification is passed, and if the user filling password is not consistent with the pre-stored user password, the legality verification is not passed.
Through the technical means, the following beneficial effects can be realized:
the invention can set corresponding security levels for different modules according to the importance degree and set different login verification mechanisms for different security levels, so that different functional modules in the bank application have corresponding login verification mechanisms, and the bank application can be operated more conveniently and has higher security after a unified login verification mechanism is abandoned.
The invention provides an embodiment II of an application login verification method, which is applied to back-end equipment. Referring to fig. 4, the following steps may be included:
step S401: the back-end equipment receives a user login request sent by the front-end equipment.
Step S402: and the back-end equipment inquires the identifier of the module to be logged in the security level set and determines the security level of the module to be logged in.
The security level set in the database server comprises a plurality of security levels with gradually increasing levels, each security level comprises identifications of a plurality of functional modules to indicate that the functional modules belong to the security level, and each security level corresponds to one or more login authentication mechanisms.
The back-end equipment inquires the identification of the module to be logged in a security level set in the database server, and the security level of the module to be logged in can be obtained after the inquiry.
Step S403: judging whether the front-end equipment has a logged-in module; if yes, go to step S404; if not, the process proceeds to step S406.
Step S404: and if the front-end equipment has a logged module, determining the security level of the logged module.
Step S405: and judging whether the security level of the module to be logged in is higher than that of the logged-in module, if so, entering step S406, and if not, directly determining that the front-end equipment passes the validity verification.
And if the security level of the module to be logged in is not higher than that of the logged-in module, skipping the steps of acquiring a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism, and determining that the front-end equipment passes the validity authentication.
If the security level of the module to be logged in is higher than that of the logged-in module, step S406 is performed.
Through steps S403-S405, a login verification compatibility scheme between different functional modules can be realized; i.e. a login authentication mechanism with a high security level is compatible with a login authentication mechanism with a low security level.
Step S406: and the back-end equipment acquires a login authentication mechanism corresponding to the security level and the user identification.
The back-end device may obtain, from the security level set of the database server, a login authentication mechanism corresponding to the security level and the user identifier of the module to be logged in. One login authentication mechanism includes a login authentication means and a user password, e.g., a password login means and a user password.
Step S407: and the back-end equipment carries out validity verification on the front-end equipment based on the login verification mechanism.
And the back-end equipment performs validity verification on the front-end equipment based on a login verification mechanism. Take login authentication mechanism as password login mode and user password as example. The back-end equipment informs the front-end equipment of adopting a password login sending mode so that the front-end equipment can display a password login interface.
After the user fills in the password, the front-end equipment sends the user filling password to the back-end equipment so that the back-end equipment can compare the user filling password with the pre-stored user password, if the user filling password is consistent with the pre-stored user password, the legality verification is passed, and if the user filling password is not consistent with the pre-stored user password, the legality verification is not passed.
Through the technical means, the following beneficial effects can be realized:
the invention can set corresponding security levels for different modules according to the importance degree and set different login verification mechanisms for different security levels, so that different functional modules in the bank application have corresponding login verification mechanisms, and the bank application can be operated more conveniently and has higher security after a unified login verification mechanism is abandoned.
Referring to fig. 5, the present invention provides an application login authentication apparatus, including:
a receiving unit 51, configured to receive a user login request sent by a front-end device; the user login request comprises an identifier of a module to be logged in and a user identifier;
a determining unit 52, configured to query, in a security level set, an identifier of the module to be logged in, and determine a security level of the module to be logged in;
an obtaining unit 53, configured to obtain a login authentication mechanism corresponding to the security level and the user identifier;
and an authentication unit 54, configured to perform validity authentication on the front-end device based on the login authentication mechanism.
Optionally, referring to fig. 6, before the obtaining unit 53, the method further includes:
a first judgment unit 55, configured to judge whether the front-end device has a logged-in module; if the front-end equipment has a logged-in module, entering a grade determining unit; if the front-end equipment does not have a logged module, entering the acquisition unit;
a determination level unit 56 for determining a security level of the logged-in module;
a second judging unit 57, configured to judge whether the security level of the module to be logged is higher than the security level of the logged module;
if the security level of the module to be logged in is not higher than that of the logged-in module, skipping the acquisition unit and the verification unit and determining that the front-end equipment passes validity verification;
and if the security level of the module to be logged in is higher than that of the logged module, entering the acquisition unit.
Optionally, the security level set includes a plurality of security levels with sequentially higher levels, and a plurality of login authentication mechanisms corresponding to the plurality of security levels one to one; the level of the login authentication mechanism with the high security level is higher than that of the login authentication mechanism with the low security level.
Optionally, the set of security levels includes:
an automatic login level, a general login level and an enhanced login level, wherein the enhanced login level is higher than the general login level, and the general login level is higher than the automatic login level;
the login authentication mechanism at the automatic login level is null;
the login authentication mechanism of the general login level comprises a password authentication mechanism and a user password;
the login authentication mechanism for enhancing the login level comprises a biological characteristic authentication mechanism and a user biological password.
Optionally, before receiving the user login request sent by the front-end device, the method further includes: and determining a personalized login authentication mechanism set by the user for a plurality of security levels through interface interaction.
Referring to fig. 1, the present invention provides an application login authentication system, comprising:
the front-end equipment 100 is used for generating and sending a user login request through interface interaction; the user login request comprises an identifier of the module to be logged in and a user identifier.
A database server 200 for storing a set of security levels; the security level set comprises a plurality of security levels with sequentially increased levels, each security level comprises identifications of a plurality of functional modules, each security level corresponds to one or more login authentication mechanisms, and the level of the login authentication mechanism with the high security level is higher than the level of the login authentication mechanism with the low security level.
The back-end equipment 300 is used for receiving a user login request sent by the front-end equipment; inquiring the identifier of the module to be logged in the security level set of the database server, and determining the security level of the module to be logged in; acquiring a login authentication mechanism corresponding to the security level and the user identifier; and carrying out validity verification on the front-end equipment based on the login verification mechanism.
The backend device 300 is further configured to determine whether the front-end device has a logged-in module before the obtaining of the login authentication mechanism corresponding to the security level;
if the front-end device 100 has a logged-in module, determining the security level of the logged-in module;
if the security level of the module to be logged in is not higher than that of the logged-in module, skipping the steps of acquiring a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism, and determining that the front-end equipment passes validity authentication;
if the front-end device 100 does not have a logged-in module, or if the security level of the module to be logged in is higher than the security level of the logged-in module, the steps of obtaining a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end device based on the login authentication mechanism are performed.
Optionally, the back-end device 300 is further configured to interact with the front-end device through an interface before the receiving of the user login request sent by the front-end device, and determine a personalized login authentication mechanism set by the user for multiple security levels in the security level set; sending a plurality of individualized login verification mechanisms and user identifications set by security levels to a database server;
the database server 200 is further configured to store the user identifier in correspondence with a personalized login authentication mechanism set by a plurality of security levels.
Through the technical means, the following beneficial effects can be realized:
the invention can set corresponding security levels for different modules according to the importance degree and set different login verification mechanisms for different security levels, so that different functional modules in the bank application have corresponding login verification mechanisms, and the bank application can be operated more conveniently and has higher security after a unified login verification mechanism is abandoned.
The functions described in the method of the present embodiment, if implemented in the form of software functional units and sold or used as independent products, may be stored in a storage medium readable by a computing device. Based on such understanding, part of the contribution of the embodiments of the present invention to the prior art or part of the technical solution may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computing device (which may be a personal computer, a server, a mobile computing device, a network device, or the like) to execute all or part of the steps of the method described in the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. An application login authentication method, comprising:
receiving a user login request sent by front-end equipment; the user login request comprises an identifier of a module to be logged in and a user identifier;
inquiring the identifier of the module to be logged in a security level set, and determining the security level of the module to be logged in;
acquiring a login authentication mechanism corresponding to the security level and the user identifier;
and carrying out validity verification on the front-end equipment based on the login verification mechanism.
2. The method of claim 1, further comprising, prior to said obtaining a login authentication mechanism corresponding to said security level and user identification:
judging whether the front-end equipment has a logged-in module;
if the front-end equipment has a logged module, determining the security level of the logged module;
if the security level of the module to be logged in is not higher than that of the logged-in module, skipping the steps of acquiring a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism, and determining that the front-end equipment passes validity authentication;
if the front-end equipment does not have a logged module, or if the security level of the module to be logged in is higher than that of the logged module, the steps of obtaining a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism are executed.
3. The method according to claim 1 or 2, wherein the security level set includes a plurality of security levels whose levels are sequentially higher, and a plurality of login authentication mechanisms in one-to-one correspondence with the plurality of security levels;
the level of the login authentication mechanism with the high security level is higher than that of the login authentication mechanism with the low security level.
4. The method of claim 3, wherein the set of security levels comprises:
an automatic login level, a general login level and an enhanced login level, wherein the enhanced login level is higher than the general login level, and the general login level is higher than the automatic login level;
the login authentication mechanism at the automatic login level is null;
the login authentication mechanism of the general login level comprises a password authentication mechanism and a user password;
the login authentication mechanism for enhancing the login level comprises a biological characteristic authentication mechanism and a user biological password.
5. The method of claim 3, wherein prior to receiving the user login request sent by the front-end device, further comprising:
and determining a personalized login authentication mechanism set by the user for a plurality of security levels through interface interaction.
6. An application login authentication apparatus, comprising:
the receiving unit is used for receiving a user login request sent by the front-end equipment; the user login request comprises an identifier of a module to be logged in and a user identifier;
the determining unit is used for inquiring the identifier of the module to be logged in the security level set and determining the security level of the module to be logged in;
the acquisition unit is used for acquiring a login authentication mechanism corresponding to the security level and the user identification;
and the verification unit is used for verifying the validity of the front-end equipment based on the login verification mechanism.
7. The apparatus of claim 6, further comprising, prior to the obtaining unit:
the first judgment unit is used for judging whether the front-end equipment has a logged-in module or not; if the front-end equipment has a logged-in module, entering a grade determining unit; if the front-end equipment does not have a logged module, entering the acquisition unit;
a level determining unit for determining a security level of the logged module;
the second judgment unit is used for judging whether the security level of the module to be logged in is higher than that of the logged module;
if the security level of the module to be logged in is not higher than that of the logged-in module, skipping the acquisition unit and the verification unit and determining that the front-end equipment passes validity verification;
and if the security level of the module to be logged in is higher than that of the logged module, entering the acquisition unit.
8. An application login authentication system, comprising:
the front-end equipment is used for receiving and sending a user login request through interface interaction; the user login request comprises an identifier of a module to be logged in and a user identifier;
a database server for storing a set of security levels;
the back-end equipment is used for receiving a user login request sent by the front-end equipment; querying the identifier of the module to be logged in a security level set stored in the database server, and determining the security level of the module to be logged in; acquiring a login authentication mechanism corresponding to the security level and the user identifier; and carrying out validity verification on the front-end equipment based on the login verification mechanism.
9. The system of claim 8,
the back-end equipment is further used for judging whether the front-end equipment has a logged-in module before the login verification mechanism corresponding to the security level is acquired;
if the front-end equipment has a logged module, determining the security level of the logged module;
if the security level of the module to be logged in is not higher than that of the logged-in module, skipping the steps of acquiring a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism, and determining that the front-end equipment passes validity authentication;
if the front-end equipment does not have a logged module, or if the security level of the module to be logged in is higher than that of the logged module, the steps of obtaining a login authentication mechanism corresponding to the security level and performing validity authentication on the front-end equipment based on the login authentication mechanism are executed.
10. The system of claim 8,
the back-end equipment is also used for interacting with the front-end equipment through an interface and determining an individualized login verification mechanism set by a user for a plurality of security levels in the security level set before the user login request sent by the front-end equipment is received; sending a plurality of individualized login verification mechanisms and user identifications set by security levels to a database server;
and the database server is also used for correspondingly storing the user identification and an individualized login verification mechanism set by a plurality of security levels.
CN201911180516.8A 2019-11-27 2019-11-27 Application login verification method, device and system Pending CN110912901A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911180516.8A CN110912901A (en) 2019-11-27 2019-11-27 Application login verification method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911180516.8A CN110912901A (en) 2019-11-27 2019-11-27 Application login verification method, device and system

Publications (1)

Publication Number Publication Date
CN110912901A true CN110912901A (en) 2020-03-24

Family

ID=69818687

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911180516.8A Pending CN110912901A (en) 2019-11-27 2019-11-27 Application login verification method, device and system

Country Status (1)

Country Link
CN (1) CN110912901A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113709082A (en) * 2020-05-20 2021-11-26 腾讯科技(深圳)有限公司 Application login method and device and account login mode setting method
CN114417276A (en) * 2021-12-30 2022-04-29 珠海大横琴科技发展有限公司 A security verification method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580075A (en) * 2013-10-14 2015-04-29 深圳市腾讯计算机系统有限公司 User login validation method, device and system
CN106778138A (en) * 2016-12-27 2017-05-31 东华互联宜家数据服务有限公司 The control method and device of software license limit
CN106878250A (en) * 2016-08-19 2017-06-20 阿里巴巴集团控股有限公司 Across the singlet login method and device of application
CN107528853A (en) * 2017-09-12 2017-12-29 上海艾融软件股份有限公司 The implementation method of micro services control of authority
EP3373510A1 (en) * 2015-10-26 2018-09-12 Alibaba Group Holding Limited Method and device for realizing session identifier synchronization
CN109815683A (en) * 2018-12-29 2019-05-28 深圳云天励飞技术有限公司 Authorization verification method and related device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104580075A (en) * 2013-10-14 2015-04-29 深圳市腾讯计算机系统有限公司 User login validation method, device and system
EP3373510A1 (en) * 2015-10-26 2018-09-12 Alibaba Group Holding Limited Method and device for realizing session identifier synchronization
CN106878250A (en) * 2016-08-19 2017-06-20 阿里巴巴集团控股有限公司 Across the singlet login method and device of application
CN106778138A (en) * 2016-12-27 2017-05-31 东华互联宜家数据服务有限公司 The control method and device of software license limit
CN107528853A (en) * 2017-09-12 2017-12-29 上海艾融软件股份有限公司 The implementation method of micro services control of authority
CN109815683A (en) * 2018-12-29 2019-05-28 深圳云天励飞技术有限公司 Authorization verification method and related device

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113709082A (en) * 2020-05-20 2021-11-26 腾讯科技(深圳)有限公司 Application login method and device and account login mode setting method
CN113709082B (en) * 2020-05-20 2023-07-21 腾讯科技(深圳)有限公司 Application login method and device and account login mode setting method
CN114417276A (en) * 2021-12-30 2022-04-29 珠海大横琴科技发展有限公司 A security verification method and device

Similar Documents

Publication Publication Date Title
EP3044987B1 (en) Method and system for verifying an account operation
US8719911B2 (en) Methods, systems, and computer program products for authenticating an identity of a user by generating a confidence indicator of the identity of the user based on a combination of multiple authentication techniques
CN103607284B (en) Identity authentication method and equipment and server
CN105323253B (en) Identity verification method and device
CN111030812A (en) Token verification method, device, storage medium and server
CN103491084B (en) The authentication method of a kind of client and device
CN104243157A (en) Method and device for user identity authentication
US9009793B2 (en) Dynamic pin dual factor authentication using mobile device
CN107086979B (en) User terminal verification login method and device
CN108650098B (en) Method and device for user-defined verification mode
CN107484152B (en) Management method and device for terminal application
CN105227536A (en) A kind of Quick Response Code login method and equipment
EP2787707A1 (en) Method for allowing user access, client, server, and system
CN103475484B (en) USB key authentication methods and system
CN109831441B (en) Identity authentication method, system and related components
CN105681258B (en) Session method and conversational device based on third-party server
CN105162775A (en) Logging method and device of virtual machine
CN105993156B (en) Server access verification method and device
CN110795174A (en) Application program interface calling method, device, equipment and readable storage medium
CN110324344A (en) The method and device of account information certification
CN104836777B (en) Identity verification method and system
US20150180851A1 (en) Method, device, and system for registering terminal application
CN110912901A (en) Application login verification method, device and system
CN105162774A (en) Virtual machine login method and device used for terminal
CN108737398B (en) Processing method and device of trust system, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200324