CN111447207B

CN111447207B - Verification code verification method, electronic device and storage medium

Info

Publication number: CN111447207B
Application number: CN202010213392.5A
Authority: CN
Inventors: 曹汝帅; 何宏丽
Original assignee: China Mobile Communications Group Co Ltd; MIGU Culture Technology Co Ltd
Current assignee: China Mobile Communications Group Co Ltd; MIGU Culture Technology Co Ltd
Priority date: 2020-03-24
Filing date: 2020-03-24
Publication date: 2022-11-01
Anticipated expiration: 2040-03-24
Also published as: CN111447207A

Abstract

The embodiment of the invention provides a verification code verification method, electronic equipment and a storage medium, wherein the method comprises the following steps: sending a verification code generation request; displaying an image to be verified and a verification rule according to the received verification code information, so that a user can verify the image to be verified according to the verification rule; and receiving the verification operation of the user, generating a verification result, and sending the verification result to a server side so that the server side compares the verification result with the verification code verification information to complete verification. The verification code verification method, the verification code verification system, the electronic equipment and the storage medium provided by the embodiment of the invention have the advantages that the operation of one image block in the verification code verification process can influence the operation of another image block, the current selection of a user depends on the selection of the previous step, and if an error occurs, the rollback is required, so that the complexity of the verification code is obviously improved, the machine identification is better avoided, and the network security is improved.

Description

Verification code verification method, electronic device and storage medium

技术领域technical field

本发明涉及网络安全领域，尤其涉及一种验证码验证方法、系统、电子设备及存储介质。The invention relates to the field of network security, in particular to a verification code verification method, system, electronic equipment and storage medium.

背景技术Background technique

验证码是一种用于区分用户是计算机还是人的公共全自动程序。它在互联网中被广泛应用，可以防止以计算机方式实现的恶意破解密码、刷票、论坛灌水等行为。Captcha is a public, fully automated procedure for distinguishing a user from a computer or a human. It is widely used in the Internet, and it can prevent malicious password cracking, ticket swiping, forum flooding and other behaviors implemented by computer.

现有技术中的验证码有多种表现形式，如数字和字母的随机组合、图片中含有特定文字或特定元素、随机生成两元的四则运算、滑动验证码等。这些验证码本身采取了一定的防计算机识别措施，如将包含待识别信息的图片做扭曲变形，又如在待识别信息的背景上随机地添加直线或点等。这些措施有一定的效果。但随着计算机技术的进步，现有技术中验证码复杂度低的缺陷被发现与利用，已经有越来越多的验证码被破解，给网络安全带来隐患。The verification codes in the prior art have various manifestations, such as random combinations of numbers and letters, pictures containing specific words or specific elements, four arithmetic operations that randomly generate two elements, and sliding verification codes. These verification codes themselves have taken certain anti-computer identification measures, such as distorting the picture containing the information to be identified, and adding straight lines or dots randomly on the background of the information to be identified. These measures have had some effect. However, with the advancement of computer technology, the defect of low complexity of verification codes in the prior art has been discovered and utilized, and more and more verification codes have been cracked, which brings hidden dangers to network security.

发明内容Contents of the invention

本发明实施例提供一种验证码验证方法、电子设备及存储介质，用以解决现有技术中验证码复杂度低，易于被破解的缺陷。Embodiments of the present invention provide a verification code verification method, electronic equipment, and a storage medium to solve the defects of low complexity and easy cracking of verification codes in the prior art.

本发明第一方面实施例提供一种验证码验证方法，应用于客户端，包括：The embodiment of the first aspect of the present invention provides a verification code verification method applied to a client, including:

发送验证码生成请求，以使得服务器端根据所述验证码生成请求生成验证码信息以及验证码校验信息；其中，所述验证码信息包括待验证图像与验证规则；所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述验证规则用于描述验证所述待验证图像的方式；所述验证码校验信息用于描述待验证图像信息中的图像块的正确位置；Send a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request; wherein, the verification code information includes images to be verified and verification rules; the images to be verified include multiple image blocks, the multiple image blocks are obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; the verification rule is used to describe The method of verifying the image to be verified; the verification code verification information is used to describe the correct position of the image block in the image information to be verified;

根据所接收到的验证码信息展示待验证图像与验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；Displaying the image to be verified and verification rules according to the received verification code information, so that the user performs verification operations on the image to be verified according to the verification rules;

接收用户的验证操作并生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。Receive the user's verification operation and generate a verification result, and send the verification result to the server, so that the server compares the verification result with the verification code verification information to complete the verification.

上述技术方案中，所述验证码信息为第一验证码信息，所述第一验证码信息包括第一待验证图像与第一验证规则；所述第一待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以绑定相邻图像块交换位置的方式被打乱；所述第一验证规则用于描述验证所述第一待验证图像的方式；In the above technical solution, the verification code information is first verification code information, and the first verification code information includes a first image to be verified and a first verification rule; the first image to be verified includes a plurality of image blocks, so The multiple image blocks are obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by binding adjacent image blocks to exchange positions; the first verification rule is used to describe A method of verifying the first image to be verified;

所述验证码校验信息为第一验证码校验信息，所述第一验证码校验信息用于描述第一待验证图像信息中的图像块的正确位置。The verification code verification information is first verification code verification information, and the first verification code verification information is used to describe the correct position of the image block in the first image information to be verified.

上述技术方案中，所述根据所接收到的验证码信息展示待验证图像与验证规则为根据所接收到的第一验证码信息展示第一待验证图像与第一验证规则；In the above technical solution, displaying the image to be verified and the verification rule according to the received verification code information is displaying the first image to be verified and the first verification rule according to the received first verification code information;

相应地，所述根据用户的验证操作生成验证结果包括：Correspondingly, said generating the verification result according to the verification operation of the user includes:

采集信息的步骤，该步骤包括采集用户所选取图像块的信息；The step of collecting information, which includes collecting the information of the image block selected by the user;

互换位置的步骤，该步骤包括将用户所选取的图像块与其相邻图像块互换位置；The step of exchanging positions, which includes exchanging the positions of the image block selected by the user and its adjacent image blocks;

重复执行所述采集信息的步骤以及互换位置的步骤，直至用户停止验证操作；Repeat the step of collecting information and the step of exchanging positions until the user stops the verification operation;

将图像块以及图像块所在空间位置的信息作为验证结果；其中，The image block and the information of the spatial position of the image block are used as the verification result; where,

所述互换位置的步骤进一步包括：The step of exchanging positions further includes:

确定用户所选取的图像块被绑定，若该图像块为上一次位置互换操作中引发位置变化的图像块，则与建立绑定关系的相邻图像块互换位置；若该图像块并非上一次位置互换操作中引发位置变化的图像块，解除绑定关系，然后从第一待验证图像中为用户所选择的图像块查找相邻图像块，与查找到的相邻图像块建立绑定关系，与建立绑定关系的相邻图像块互换位置；Determine that the image block selected by the user is bound. If the image block is the image block that caused the position change in the last position swap operation, exchange the position with the adjacent image block that established the binding relationship; if the image block is not The image block that caused the position change in the last position exchange operation is released, and the binding relationship is released, and then the adjacent image block is searched for the image block selected by the user from the first image to be verified, and a binding is established with the found adjacent image block. Determine the relationship, and exchange positions with the adjacent image blocks that establish the binding relationship;

或，确定用户所选择的图像块未被绑定，从第一待验证图像中为用户所选择的图像块查找相邻图像块，与查找到的相邻图像块建立绑定关系，与建立绑定关系的相邻图像块互换位置。Or, determine that the image block selected by the user is not bound, search for an adjacent image block for the image block selected by the user from the first image to be verified, establish a binding relationship with the found adjacent image block, and establish a binding relationship with the image block selected by the user. Adjacent image blocks with a certain relationship are exchanged.

本发明第二方面实施例提供一种验证码验证方法，应用于服务器端，包括：The embodiment of the second aspect of the present invention provides a verification code verification method applied to the server, including:

根据所接收到的验证码生成请求，生成验证码信息以及验证码校验信息；其中，所述验证码信息包括待验证图像与验证规则；所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述验证规则用于描述验证所述待验证图像的方式；所述验证码校验信息用于描述待验证图像中的图像块的正确位置；Generate verification code information and verification code verification information according to the received verification code generation request; wherein, the verification code information includes an image to be verified and a verification rule; the image to be verified includes a plurality of image blocks, and the plurality of image blocks are obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; the verification rule is used to describe the verification of the image to be verified Mode; the verification code verification information is used to describe the correct position of the image block in the image to be verified;

将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息；Send the verification code information to the client, so that the client displays the verification code information;

接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。Receive the verification result returned by the client, compare the verification result with the verification code verification information, and complete the verification.

上述技术方案中，所述生成验证码信息以及验证码校验信息为生成第一验证码信息以及第一验证码校验信息；所述生成第一验证码信息以及第一验证码校验信息包括：In the above technical solution, the generating the verification code information and the verification code verification information is generating the first verification code information and the first verification code verification information; the generating the first verification code information and the first verification code verification information includes :

在一原始图像中分割出图像块，为所述图像块编号，并将所述图像块与所述图像块所在空间位置之间的关联关系信息作为第一验证码校验信息；Segmenting an image block from an original image, numbering the image block, and using the association relationship information between the image block and the spatial position of the image block as the first verification code verification information;

生成随机数序列；Generate a sequence of random numbers;

根据所述随机数序列中的一个或多个随机数，将相应图像块编号的图像块与相邻图像块互换位置，生成第一待验证图像。According to one or more random numbers in the random number sequence, the image block corresponding to the image block number is exchanged with the adjacent image block to generate the first image to be verified.

本发明第三方面实施例提供一种验证码验证方法，应用于客户端，包括：The embodiment of the third aspect of the present invention provides a verification code verification method applied to the client, including:

发送验证码生成请求，以使服务器端根据所述验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息；其中，所述验证码信息包括待验证图像与验证规则；Send a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request and the risk level of the user's operating environment; wherein, the verification code information includes images to be verified and verification rules ;

根据所接收到的验证码信息展示所述待验证图像与所述验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；displaying the image to be verified and the verification rule according to the received verification code information, so that the user performs a verification operation on the image to be verified according to the verification rule;

根据用户的验证操作生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。Generate a verification result according to the verification operation of the user, and send the verification result to the server, so that the server compares the verification result with the verification code verification information to complete the verification.

本发明第四方面实施例提供一种验证码验证方法，应用于服务器端，包括：The embodiment of the fourth aspect of the present invention provides a verification code verification method applied to the server, including:

根据所接收到的验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息；其中，所述验证码信息包括待验证图像与验证规则；所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述验证规则用于描述验证所述待验证图像的方式；所述验证码校验信息用于描述待验证图像中的图像块的正确位置；According to the received verification code generation request and the risk level of the user's operating environment, generate verification code information and verification code verification information; wherein, the verification code information includes images to be verified and verification rules; the images to be verified include multiple image blocks, the multiple image blocks are obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; the verification rule is used to describe The method of verifying the image to be verified; the verification code verification information is used to describe the correct position of the image block in the image to be verified;

上述技术方案中，所述风险等级包括：In the above technical solution, the risk level includes:

高风险或中风险或低风险；high risk or medium risk or low risk;

相应地，所述根据所接收到的验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息包括：Correspondingly, said generating verification code information and verification code verification information according to the received verification code generation request and the risk level of the user's operating environment includes:

根据所接收到的验证码生成请求以及所述高风险的风险等级，生成第一验证码信息以及第一验证码校验信息；其中，所述第一验证码信息包括第一待验证图像与第一验证规则；所述第一待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以绑定相邻图像块交换位置的方式被打乱；所述第一验证规则用于描述验证所述第一待验证图像的方式；所述第一验证码校验信息用于描述第一待验证图像信息中的图像块的正确位置；According to the received verification code generation request and the high-risk risk level, generate first verification code information and first verification code verification information; wherein, the first verification code information includes the first image to be verified and the first verification code information. A verification rule; the first image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are bound to adjacent images The way in which blocks are exchanged is disrupted; the first verification rule is used to describe the way to verify the first image to be verified; the first verification code check information is used to describe the image in the first image information to be verified the correct position of the block;

或，根据所接收到的验证码生成请求以及所述中风险的风险等级，生成第二验证码信息以及第二验证码校验信息；其中，所述第二验证码信息包括第二待验证图像与第二验证规则；所述第二待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以位置移动和角度旋转相结合的方式被打乱；所述第二验证规则用于描述验证所述第二待验证图像的方式；所述第二验证码校验信息用于描述第二待验证图像信息中的图像块的正确位置；Or, generate second verification code information and second verification code verification information according to the received verification code generation request and the risk level of the medium risk; wherein, the second verification code information includes a second image to be verified and the second verification rule; the second image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are moved by position and The combination of angle and rotation is disrupted; the second verification rule is used to describe the method of verifying the second image to be verified; the second verification code check information is used to describe the information in the second image information to be verified The correct position of the image block;

或，根据所接收到的验证码生成请求以及所述低风险的风险等级，生成第三验证码信息以及第三验证码校验信息；其中，所述第三验证码信息包括第三待验证图像与第三验证规则；所述第三待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以角度旋转的方式被打乱；所述第三验证规则用于描述验证所述第三待验证图像的方式；所述第三验证码校验信息用于描述第三待验证图像信息中的图像块的正确位置。Or, generate third verification code information and third verification code verification information according to the received verification code generation request and the low-risk risk level; wherein, the third verification code information includes a third image to be verified and the third verification rule; the third image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are rotated by an angle The method is disrupted; the third verification rule is used to describe the method of verifying the third image to be verified; the third verification code check information is used to describe the correct position of the image block in the third image information to be verified .

本发明第五方面实施例提供一种验证码验证系统，包括服务器端和客户端，其中，所述服务器端与所述客户端之间通信连接；The embodiment of the fifth aspect of the present invention provides a verification code verification system, including a server and a client, wherein the server and the client are connected by communication;

所述客户端，用于执行如本发明第一方面实施例所述的验证码验证方法；The client is configured to execute the verification code verification method described in the embodiment of the first aspect of the present invention;

所述服务器端，用于执行如本发明第二方面实施例所述的验证码验证方法；The server end is used to execute the verification code verification method described in the embodiment of the second aspect of the present invention;

或or

所述客户端，用于执行如本发明第三方面实施例所述的验证码验证方法；The client is configured to execute the verification code verification method described in the embodiment of the third aspect of the present invention;

所述服务器端，用于执行如本发明第四方面实施例所述的验证码验证方法。The server end is configured to execute the verification code verification method described in the embodiment of the fourth aspect of the present invention.

本发明第六方面实施例提供一种电子设备，包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序，所述处理器执行所述程序时实现如本发明第一方面实施例所述的验证码验证方法的步骤，或实现如本发明第二方面实施例所述的验证码验证方法的步骤，或实现如本发明第三方面实施例所述的验证码验证方法的步骤，或实现如本发明第四方面实施例所述的验证码验证方法的步骤。The embodiment of the sixth aspect of the present invention provides an electronic device, including a memory, a processor, and a computer program stored on the memory and operable on the processor. When the processor executes the program, the first aspect of the present invention is implemented. The steps of the verification code verification method described in the embodiment, or the steps for realizing the verification code verification method described in the embodiment of the second aspect of the present invention, or the steps of realizing the verification code verification method described in the embodiment of the third aspect of the present invention Steps, or the steps for implementing the verification code verification method according to the embodiment of the fourth aspect of the present invention.

本发明第七方面实施例提供一种非暂态计算机可读存储介质，其上存储有计算机程序，该计算机程序被处理器执行时实现如本发明第一方面实施例所述的验证码验证方法的步骤，或实现如本发明第二方面实施例所述的验证码验证方法的步骤，或实现如本发明第三方面实施例所述的验证码验证方法的步骤，或实现如本发明第四方面实施例所述的验证码验证方法的步骤。The embodiment of the seventh aspect of the present invention provides a non-transitory computer-readable storage medium, on which a computer program is stored. When the computer program is executed by a processor, the verification code verification method as described in the embodiment of the first aspect of the present invention is implemented. or realize the steps of the verification code verification method as described in the embodiment of the second aspect of the present invention, or realize the steps of the verification code verification method as described in the embodiment of the third aspect of the present invention, or realize the steps of the verification code verification method as described in the fourth embodiment of the present invention The steps of the verification code verification method described in the aspect embodiments.

本发明实施例提供的验证码验证方法、电子设备及存储介质提高了验证码的复杂度，增加了验证码被破解的难度，从而更好地避免被机器识别，提高了网络安全性。The verification code verification method, electronic equipment, and storage medium provided by the embodiments of the present invention increase the complexity of the verification code and increase the difficulty of cracking the verification code, thereby better avoiding being recognized by machines and improving network security.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案，下面将对实施例或现有技术描述中所需要使用的附图作一简单地介绍，显而易见地，下面描述中的附图是本发明的一些实施例，对于本领域普通技术人员来讲，在不付出创造性劳动的前提下，还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description These are some embodiments of the present invention. Those skilled in the art can also obtain other drawings based on these drawings without creative work.

图1为本发明实施例提供的验证码验证方法的流程图；Fig. 1 is a flowchart of a verification code verification method provided by an embodiment of the present invention;

图2为本发明实施例中通过相邻图像块互换位置的方式调整图像中已被打乱的图像块的图像验证码的示例图；Fig. 2 is an example diagram of adjusting image verification codes of disrupted image blocks in an image by exchanging positions of adjacent image blocks in an embodiment of the present invention;

图3为本发明实施例提供的验证码验证方法的流程图；FIG. 3 is a flowchart of a verification code verification method provided by an embodiment of the present invention;

图4为本发明实施例提供的验证码验证方法中的互换位置操作的实现流程图；FIG. 4 is a flow chart of realizing the exchange position operation in the verification code verification method provided by the embodiment of the present invention;

图5为本发明另一实施例提供的验证码验证方法的流程图；Fig. 5 is a flowchart of a verification code verification method provided by another embodiment of the present invention;

图6为本发明实施例中通过位置移动和角度旋转相结合的方式调整图像中已被打乱的图像块的图像验证码的示例图；Fig. 6 is an example diagram of adjusting the image verification code of a disrupted image block in an image by combining position movement and angle rotation in an embodiment of the present invention;

图7为本发明实施例中通过角度旋转的方式调整图像中已被打乱的图像块的图像验证码的示例图；FIG. 7 is an example diagram of an image verification code for adjusting an image block in an image that has been disturbed by angle rotation in an embodiment of the present invention;

图8为本发明再一实施例提供的验证码验证方法的流程图；FIG. 8 is a flow chart of a verification code verification method provided by another embodiment of the present invention;

图9为本发明实施例提供的第一服务器端的示意图；FIG. 9 is a schematic diagram of a first server end provided by an embodiment of the present invention;

图10为本发明实施例提供的第一客户端的示意图；FIG. 10 is a schematic diagram of a first client provided by an embodiment of the present invention;

图11为本发明实施例提供的第二服务器端的示意图；FIG. 11 is a schematic diagram of a second server end provided by an embodiment of the present invention;

图12为本发明实施例提供的第二客户端的示意图；FIG. 12 is a schematic diagram of a second client provided by an embodiment of the present invention;

图13示例了一种电子设备的实体结构示意图。Fig. 13 illustrates a schematic diagram of the physical structure of an electronic device.

具体实施方式Detailed ways

为使本发明实施例的目的、技术方案和优点更加清楚，下面将结合本发明实施例中的附图，对本发明实施例中的技术方案进行清楚、完整地描述，显然，所描述的实施例是本发明一部分实施例，而不是全部的实施例。基于本发明中的实施例，本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例，都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

图1为本发明实施例提供的验证码验证方法的流程图，如图1所示，本发明实施例提供的验证码验证方法，应用于服务器端，具体包括以下步骤：Fig. 1 is a flowchart of the verification code verification method provided by the embodiment of the present invention. As shown in Fig. 1, the verification code verification method provided by the embodiment of the present invention is applied to the server end, and specifically includes the following steps:

步骤101、根据所接收到的验证码生成请求，生成验证码信息以及验证码校验信息。Step 101: Generate verification code information and verification code verification information according to the received verification code generation request.

在本发明实施例中，验证码为图像验证码，图像验证码需要用户通过对图像中已被打乱的图像块进行调整，从而完成验证。In the embodiment of the present invention, the verification code is an image verification code, and the image verification code requires the user to adjust the disrupted image blocks in the image to complete the verification.

在本发明实施例中，验证码信息包括待验证图像与验证规则。In the embodiment of the present invention, the verification code information includes the image to be verified and verification rules.

所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱。The image to be verified includes multiple image blocks obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity.

所述验证规则用于描述验证所述待验证图像的方式。The verification rule is used to describe the manner of verifying the image to be verified.

所述验证码校验信息用于描述待验证图像中的图像块的正确位置。The verification code check information is used to describe the correct position of the image block in the image to be verified.

验证码信息可以有多种样式。在本发明实施例中，验证码信息为第一验证码信息。第一验证码信息包括第一待验证图像与第一验证规则；所述第一待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以绑定相邻图像块交换位置的方式被打乱；所述第一验证规则用于描述验证所述第一待验证图像的方式。The verification code information can have various styles. In this embodiment of the present invention, the verification code information is first verification code information. The first verification code information includes a first image to be verified and a first verification rule; the first image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the plurality of image blocks are in The position in the original image is disrupted by binding adjacent image blocks to exchange positions; the first verification rule is used to describe the method of verifying the first image to be verified.

相应的，所述验证码校验信息为第一验证码校验信息，所述第一验证码校验信息用于描述第一待验证图像中的图像块的正确位置。Correspondingly, the verification code verification information is first verification code verification information, and the first verification code verification information is used to describe the correct position of the image block in the first image to be verified.

具体的说，绑定相邻图像块交换位置的方式是指在一个图像块(称为图像块A)的相邻位置处有一个或多个与它大小、形状相同的图像块，从所述的一个或多个相邻图像块中选取一个图像块B，将所选取的图像块B与图像块A绑定后互换位置，实现了一次相邻图像块互换位置的操作。Specifically, the way of binding adjacent image blocks to exchange positions means that there are one or more image blocks with the same size and shape at the adjacent position of an image block (called image block A), from the An image block B is selected from one or more adjacent image blocks, and the selected image block B is bound to the image block A to exchange positions, realizing an operation of exchanging positions of adjacent image blocks.

采用绑定相邻图像块交换位置的方式可生成第一待验证图像以及第一验证码校验信息。具体的说包括以下步骤：The first image to be verified and the verification information of the first verification code can be generated by binding adjacent image blocks to exchange positions. Specifically, it includes the following steps:

生成随机数序列；Generate a sequence of random numbers;

图2为本发明实施例中通过相邻图像块互换位置的方式调整图像中已被打乱的图像块的图像验证码的示例图。以图2为例，在图2的左上方将一个原始图像分割出多个图像块，为这些图像块分别进行编号，如1、2、3、……、14。这些图像块的位置未曾变换前，与其所在的空间位置具有关联关系，后续这些图像块被打乱后，这种关联关系遭到了破坏。为了在后续步骤中校验用户的验证操作是否正确，将图像块与图像块所在空间位置之间的关联关系信息作为第一验证码校验信息。例如，从母图中切割出来的图像块编号分别为1、2、3和4，这些图像块在未被打乱前所占据的空间位置的编号为A、B、C和D。那么第一验证码校验信息可以是[A-1]/[B-2]/[C-3]/[D-4]。FIG. 2 is an example diagram of adjusting image verification codes of disrupted image blocks in an image by exchanging positions of adjacent image blocks in an embodiment of the present invention. Taking Fig. 2 as an example, an original image is divided into multiple image blocks on the upper left of Fig. 2 , and these image blocks are respectively numbered, such as 1, 2, 3, . . . , 14. Before the positions of these image blocks are transformed, there is an association relationship with their spatial positions. After these image blocks are subsequently disrupted, this association relationship is destroyed. In order to check whether the user's verification operation is correct in the subsequent steps, the association relationship information between the image block and the spatial position of the image block is used as the first verification code verification information. For example, the numbers of the image blocks cut out from the mother image are 1, 2, 3, and 4 respectively, and the numbers of the spatial positions occupied by these image blocks before being shuffled are A, B, C, and D. Then the first verification code check information may be [A-1]/[B-2]/[C-3]/[D-4].

在打乱这些图像块之前，首先要生成一个随机数列。这个随机数列在本发明实施例中又被称为随机化种子。Before shuffling these image blocks, a sequence of random numbers is first generated. This random number sequence is also called a randomization seed in the embodiment of the present invention.

在本发明实施例中，根据系统时间以及发起验证码请求的客户端生成随机化种子。由于随机化种子取决于系统时间、发起验证码请求的客户端这两个因素，因此同一客户端在不同时间所请求的验证码不会相同；类似的，同一时间不同客户端所请求的验证码也不会相同。In the embodiment of the present invention, the randomization seed is generated according to the system time and the client that initiates the verification code request. Since the randomization seed depends on the system time and the client that initiates the verification code request, the verification code requested by the same client at different times will not be the same; similarly, the verification code requested by different clients at the same time Nor will it be the same.

现举例说明：假设请求时间为“2019-01-25 17:25:46”，获得系统时间为：1548407738000，对该时间进行位数截取407738。假设当前对象的哈希码为1163157884，同样对其进行截取631578。其中，在本发明实施例中，截取过程中对系统时间的位数截取位置是固定的，即去掉高四位取中间6位；对哈希码的位数截取位置则相应“随机”，可取最高6位，也可取最低6位，或如上述假设的那样，取中间6位。根据系统时间以及发起验证码请求的客户端分别得到两个随机数后，对这两个随机数做自定义加法运算，计算过程如下：Here is an example: Assume that the request time is "2019-01-25 17:25:46", and the obtained system time is: 1548407738000, and the number of digits of the time is truncated to 407738. Assuming that the hash code of the current object is 1163157884, it is also intercepted to 631578. Wherein, in the embodiment of the present invention, the interception position of the digits of the system time is fixed during the interception process, that is, remove the high four digits and take the middle 6 digits; the interception position of the digits of the hash code is correspondingly "random", which is desirable The highest 6 digits may also be the lowest 6 digits, or as assumed above, the middle 6 digits. After obtaining two random numbers according to the system time and the client that initiated the verification code request, perform a custom addition operation on the two random numbers. The calculation process is as follows:

计算结果为038206。The result of the calculation is 038206.

在得到一个随机数后，根据该随机数可得到图像块的随机化种子。After obtaining a random number, the randomization seed of the image block can be obtained according to the random number.

在本发明实施例中，根据随机数038206可得到一位数种子序列如下：0、3、8、2、0、6。从这些一位数种子序列中为图像块(假设从母图中分割出的图像块的数目小于或等于6个)分别选取一个值作为随机化种子。根据应用场景的不同，由随机数生成随机化种子的具体实现方式会有差异。在本发明的其它实施例中会有进一步的描述。In the embodiment of the present invention, the one-digit seed sequence can be obtained according to the random number 038206 as follows: 0, 3, 8, 2, 0, 6. A value is selected from these one-digit seed sequences for image blocks (assuming that the number of image blocks segmented from the parent image is less than or equal to 6) as a randomization seed. Depending on the application scenario, the specific implementation of generating a random seed from a random number will vary. There will be further descriptions in other embodiments of the present invention.

在得到随机化种子后，就可以根据随机化种子将相应图像块编号的图像块与相邻图像块互换位置，生成第一待验证图像。After the randomization seed is obtained, the image block corresponding to the image block number and the adjacent image block can be swapped according to the randomization seed to generate the first image to be verified.

例如，在前面的例子中，一位数种子序列包括：0、3、8、2、0、6。根据这些种子对相应编号的图像块进行相邻图像块互换位置的操作，如先对编号为0的图像块进行相邻图像块互换位置操作(如果编号为0的图像块周围有多于一个相邻图像块，随机选择其中一个相邻图像块做互换位置操作)，然后对编号为3的图像块进行相邻图像块互换位置操作，……，直至对编号为6的图像块进行相邻图像块互换位置操作。经过多次变换后，图像块的编号顺序发生了变化。最终所生成的图像就是第一待验证图像。For example, in the previous example, the single-digit seed sequence consisted of: 0, 3, 8, 2, 0, 6. According to these seeds, the adjacent image block exchange position operation is performed on the corresponding numbered image block, such as first performing the adjacent image block exchange position operation on the image block numbered 0 (if there are more than An adjacent image block, randomly select one of the adjacent image blocks to perform the swap position operation), and then perform the adjacent image block swap position operation on the image block numbered 3, ..., until the image block numbered 6 Carry out the operation of exchanging positions of adjacent image blocks. After multiple transformations, the numbering order of image blocks has changed. The finally generated image is the first image to be verified.

图2中的右上图是图2左上图中的图像块通过相邻图像块互换位置的方式所生成的第一待验证图像。The upper right image in FIG. 2 is the first image to be verified generated by exchanging positions of the image blocks in the upper left image in FIG. 2 .

第一待验证图像中具体包括有：图像块的信息、图像块的母图信息以及验证方式信息。其中，图像块的母图是指图像块所源自的图像。图像块的信息包括图像块的形状、大小，图像块的编号，图像块被打乱后在母图中的位置等。图像块信息是每个图像块的私有信息，不同的图像块所对应的信息各不相同。验证方式信息反映了所有图像块共同遵循的验证方式，如第一待验证图像中的所有图像块都遵循相邻图像块互换位置的验证方式。The first image to be verified specifically includes: information about the image block, information about the parent image of the image block, and information about the verification method. Wherein, the parent image of the image block refers to the image from which the image block originates. The information of the image block includes the shape and size of the image block, the number of the image block, and the position of the image block in the parent image after being scrambled. The image block information is private information of each image block, and different image blocks correspond to different information. The verification mode information reflects the verification mode followed by all image blocks, for example, all image blocks in the first image to be verified follow the verification mode of exchanging positions of adjacent image blocks.

第一验证码信息还包括了第一验证规则，第一验证规则用于描述验证所述第一待验证图像的方式，例如，一种可能的第一验证规则为“互换相邻图像块的位置，恢复原来的图像”。The first verification code information also includes a first verification rule, which is used to describe the method of verifying the first image to be verified. For example, a possible first verification rule is "exchanging adjacent image blocks position and restore the original image".

在本发明实施例中，验证码信息还可以是其它样式的验证码信息，如在本发明之后的实施例所提到的以位置移动和角度旋转相结合的方式打乱图像块所得到的验证码信息，或以角度旋转的方式打乱图像块所得到的验证码信息，或其他通过调整重心偏移角度的方式打乱图像块所得到的验证码信息。In the embodiment of the present invention, the verification code information can also be other styles of verification code information, such as the verification obtained by disrupting the image blocks by combining position movement and angle rotation mentioned in the embodiments after the present invention Code information, or the verification code information obtained by disrupting the image blocks by angular rotation, or other verification code information obtained by disturbing the image blocks by adjusting the offset angle of the center of gravity.

步骤102、将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息。Step 102. Send the verification code information to the client, so that the client displays the verification code information.

步骤103、接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。Step 103: Receive the verification result returned by the client, compare the verification result with the verification code verification information, and complete the verification.

在本发明实施例中，验证结果为用户在客户端所完成的验证操作的结果。如何生成验证结果将在本发明的其它实施例中做进一步说明。In the embodiment of the present invention, the verification result is the result of the verification operation completed by the user on the client terminal. How to generate verification results will be further described in other embodiments of the present invention.

验证码校验信息在之前已经有具体的描述。客户端所返回的验证结果中包括了待验证图像在验证后，图像中的图像块与其所在空间位置之间的关联关系，将验证结果与验证码校验信息进行比对，若比对结果一致，则通过验证，反之，未通过验证。The verification code verification information has been described in detail before. The verification result returned by the client includes the correlation between the image blocks in the image and their spatial positions after the verification of the image to be verified. Compare the verification result with the verification code verification information. If the comparison results are consistent , the verification is passed, otherwise, the verification is not passed.

仍以本发明实施例中提到的第一验证码信息为例。图2中下方的图是图2右上图经过验证操作后所生成的图。将其与图2左上图进行比较，可以发现两者相同，因此通过验证。Still take the first verification code information mentioned in the embodiment of the present invention as an example. The lower figure in Figure 2 is the figure generated after the verification operation on the upper right figure in Figure 2. Comparing it with the upper left figure in Figure 2, it can be found that the two are the same, so the verification is passed.

本发明实施例提供的验证码验证方法提高了验证码的复杂度，增加了验证码被破解的难度，从而更好地避免被机器识别，提高了网络安全性。The verification code verification method provided by the embodiment of the present invention increases the complexity of the verification code and increases the difficulty of cracking the verification code, thereby better avoiding being recognized by machines and improving network security.

基于上述任一实施例，图3为本发明实施例提供的验证码验证方法的流程图，如图3所示，本发明实施例提供的验证码验证方法，应用于客户端，具体包括以下步骤：Based on any of the above embodiments, Fig. 3 is a flow chart of the verification code verification method provided by the embodiment of the present invention. As shown in Fig. 3, the verification code verification method provided by the embodiment of the present invention is applied to the client, and specifically includes the following steps :

步骤301、发送验证码生成请求，以使得服务器端根据所述验证码生成请求生成验证码信息以及验证码校验信息。Step 301: Send a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request.

所述验证码信息包括待验证图像与验证规则；所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱。The verification code information includes an image to be verified and a verification rule; the image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the plurality of image blocks in the original image The position is disturbed by adjusting the offset angle of the center of gravity.

验证码信息可以有多种样式，所述样式反映了验证码的验证方式。如为数字排序，从候选字符中选取指定的字符就是两种不同的验证码样式。在本发明实施例中，所述验证码信息为第一验证码信息。The verification code information can have multiple styles, and the styles reflect the verification method of the verification code. For numerical sorting, selecting specified characters from candidate characters is two different verification code styles. In this embodiment of the present invention, the verification code information is first verification code information.

所述第一验证码信息包括第一待验证图像与第一验证规则；所述第一待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述第一验证规则用于描述验证所述第一待验证图像的方式。The first verification code information includes a first image to be verified and a first verification rule; the first image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the plurality of images The positions of the blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; the first verification rule is used to describe the method of verifying the first image to be verified.

相应的，验证码校验信息为第一验证码校验信息，所述第一验证码校验信息用于描述第一待验证图像信息中的图像块的正确位置。Correspondingly, the verification code verification information is the first verification code verification information, and the first verification code verification information is used to describe the correct position of the image block in the first image information to be verified.

在本发明实施例中，发送验证码生成请求的操作可以有多种触发方式。例如，用户在验证界面上点击“获取验证码”的按钮后，向服务器端发送验证码生成请求。又例如，客户端捕捉到用户在验证界面上输入除验证码以外的其它验证信息(如用户名、密码)后，向服务器端发送验证码生成请求。在本发明实施例中，可采用后一种方式，这有助于减少用户的等待时间。In this embodiment of the present invention, the operation of sending a verification code generation request may be triggered in various ways. For example, after the user clicks the button "Get Verification Code" on the verification interface, a verification code generation request is sent to the server. For another example, the client sends a verification code generation request to the server after capturing that the user has input other verification information (such as user name and password) on the verification interface except the verification code. In the embodiment of the present invention, the latter method can be adopted, which helps to reduce the waiting time of the user.

步骤302、根据所接收到的验证码信息展示待验证图像与验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作。Step 302: Present the image to be verified and the verification rule according to the received verification code information, so that the user can perform verification operation on the image to be verified according to the verification rule.

在本步骤中，仍以第一验证码信息为例。在前文中已经提到第一待验证图像信息具体可包括图像块的信息、图像块的母图信息以及验证方式信息。在本发明实施例中，采用绘制的方式来展示第一待验证图像与第一验证规则。在绘制时，将图像块的母图、图像块分别进行绘制。由于图像块的信息中包含有图像块的形状与大小信息，也包含有被打乱后的图像块的编号信息等信息，因此绘制生成的待验证图像依然保持“混乱”的状态。作为一种优选实现方式，在绘制时使用重心来绘制图像块位置。In this step, the first verification code information is still used as an example. It has been mentioned above that the first image information to be verified may specifically include image block information, image block master image information, and verification mode information. In the embodiment of the present invention, the first image to be verified and the first verification rule are displayed by drawing. When drawing, the parent image of the image block and the image block are drawn separately. Since the image block information includes the shape and size information of the image block, as well as information such as the number information of the shuffled image block, the generated image to be verified remains in a "chaotic" state. As a preferred implementation manner, the center of gravity is used to draw the position of the image block during drawing.

图像块绘制完成后，还需要根据第一待验证图像信息中的验证方式信息设置图像块的属性。例如，将图像块的属性设置为旋转、平移。After the image block is drawn, it is also necessary to set the attributes of the image block according to the verification mode information in the first image information to be verified. For example, set the properties of the image block to rotate, translate.

验证规则的绘制为本领域技术人员的公知常识，因此不在此处重复。The drawing of verification rules is common knowledge of those skilled in the art, so it will not be repeated here.

步骤303、根据用户的验证操作生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。Step 303: Generate a verification result according to the user's verification operation, and send the verification result to the server, so that the server compares the verification result with the verification code verification information to complete the verification.

用户根据待验证图像与验证规则，可进行验证操作。在进行验证操作时，会对待验证图像中的被打乱的图像块进行诸如点击、拖动等操作。图像块在这些操作的驱动下，会发生相应变化。采集这些变化所包含的信息可形成验证结果。Users can perform verification operations according to the image to be verified and the verification rules. During the verification operation, operations such as clicking and dragging will be performed on the disrupted image blocks in the image to be verified. Driven by these operations, image blocks will change accordingly. Capturing the information contained in these changes can form the verification result.

对于第一待验证图像，用户通过点击操作来选定图像块，所选定的图像块需要与其相邻的图像块互换位置。但在实际应用中，一个图像块可能有不止一个相邻图像块，如何让计算机系统自动判断该与哪个相邻图像块互换位置；在验证过程中，上一步的互换位置操作可能并不合适，如何判断什么场景下需要恢复刚完成的位置互换。这些都需要采用本发明实施例所提供的方法实现。For the first image to be verified, the user selects an image block by clicking, and the selected image block needs to be exchanged with its adjacent image block. However, in practical applications, an image block may have more than one adjacent image block, how to let the computer system automatically determine which adjacent image block should be swapped; in the verification process, the swap position operation in the previous step may not be Appropriate, how to judge in which scenarios need to resume the position swap just completed. All of these need to be realized by adopting the method provided by the embodiment of the present invention.

具体的说，本步骤包括：Specifically, this step includes:

将图像块以及图像块所在空间位置的信息作为验证结果。The image block and the information of the spatial position of the image block are used as the verification result.

图4为本发明实施例提供的验证码验证方法中的互换位置操作的实现流程图，如图4所示，互换位置的步骤进一步包括：Fig. 4 is a flow chart of realizing the operation of exchanging positions in the verification code verification method provided by the embodiment of the present invention. As shown in Fig. 4, the step of exchanging positions further includes:

S1、确定用户所选取的图像块，检测所选择的图像块是否被绑定，如果被绑定，该图像块为上一次位置互换操作中被绑定的图像块，执行S2，如果未被绑定，执行S5；其中，所述绑定描述了互换位置的两个相邻图像块之间的关系；S1. Determine the image block selected by the user, and detect whether the selected image block is bound. If it is bound, the image block is the image block bound in the last position exchange operation. Execute S2. If not Binding, performing S5; wherein, the binding describes the relationship between two adjacent image blocks whose positions are exchanged;

S2、检测所选择的图像块是否是上一次位置互换操作中引发位置变换的图像块，如果是，则进行位置互换(实际操作效果是对上一步变换的撤销操作)，如果不是，则解除绑定关系；其中，所述引发位置变换的图像块为用户所选取的图像块；S2. Detect whether the selected image block is the image block that caused the position transformation in the last position exchange operation, if yes, perform position exchange (the actual operation effect is the undo operation to the previous step transformation), if not, then Release the binding relationship; wherein, the image block that causes the position change is the image block selected by the user;

S3、按照固定顺序(如顺时针)在第一待验证图像中为所选择的图像块查找相邻图像块；其中，在查找相邻图像块时优先选择未发生过位置变换的图像块；S3. Search for adjacent image blocks for the selected image block in the first image to be verified according to a fixed order (such as clockwise); wherein, when searching for adjacent image blocks, preferentially select image blocks that have not undergone position transformation;

S4、与查找到的相邻图像块建立绑定关系，进行位置互换，结束对用户所选择的图像块的操作；S4. Establish a binding relationship with the found adjacent image block, perform position exchange, and end the operation on the image block selected by the user;

S5、按照固定顺序(如顺时针)在待验证图像中为用户所选择的图像块查找相邻图像块；其中，在查找相邻图像块时优先选择发生过位置变换的图像块；S5. Searching for adjacent image blocks for the image block selected by the user in the image to be verified according to a fixed order (such as clockwise); wherein, when searching for adjacent image blocks, preferentially select the image block whose position has changed;

S6、与查找到的相邻图像块建立绑定关系，进行位置互换，结束对用户所选择的图像块的操作。S6. Establish a binding relationship with the found adjacent image block, perform position exchange, and end the operation on the image block selected by the user.

通过上述步骤能够实现对相邻图像块的位置互换。Through the above steps, the position exchange of adjacent image blocks can be realized.

本发明实施例提供的验证码验证方法提高了验证的复杂度，从而更好地避免被机器识别，提高了网络安全性。The verification code verification method provided by the embodiment of the present invention increases the complexity of verification, thereby better avoiding being recognized by machines and improving network security.

基于上述任一实施例，图5为本发明另一实施例提供的验证码验证方法的流程图，如图5所示，本发明另一实施例提供的验证码验证方法，应用于服务器端，具体包括以下步骤：Based on any of the above embodiments, FIG. 5 is a flow chart of a verification code verification method provided by another embodiment of the present invention. As shown in FIG. 5, the verification code verification method provided by another embodiment of the present invention is applied to the server side. Specifically include the following steps:

步骤501、根据所接收到的验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息。Step 501: Generate verification code information and verification code verification information according to the received verification code generation request and the risk level of the user's operating environment.

所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述验证规则用于描述验证所述待验证图像的方式；所述验证码校验信息用于描述待验证图像中的图像块的正确位置。The image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; The verification rule is used to describe the way of verifying the image to be verified; the verification code verification information is used to describe the correct position of the image block in the image to be verified.

在本发明实施例中，可根据用户操作环境的风险等级确定验证码操作的复杂度。一个基本的原则是风险越高，验证码操作的难度系数就越高。In the embodiment of the present invention, the complexity of the verification code operation may be determined according to the risk level of the user's operating environment. A basic principle is that the higher the risk, the higher the difficulty factor of the verification code operation.

在本发明实施例中，提供了三种复杂度不同的验证码。第一种验证码的复杂度最高，它采用相邻图像块位置互换的方式来调整待验证图像中被打乱的图像块位置，从而完成验证。在本发明之前的实施例中已经做了详细说明，此处不再重复。In the embodiment of the present invention, three verification codes with different complexities are provided. The first type of verification code has the highest complexity. It uses the method of exchanging the positions of adjacent image blocks to adjust the position of the disturbed image blocks in the image to be verified, so as to complete the verification. It has been described in detail in the previous embodiments of the present invention and will not be repeated here.

第二种验证码的复杂度中等，它是通过位置移动和角度旋转相结合的方式调整图像中已被打乱的图像块，从而完成验证。例如，已被打乱的图像块是从一原始图像中切割下来的、形状不规则的图像块，这些图像块不仅在水平和/或垂直方向上发生了位置移动，而且相对一基准轴的角度被打乱，因此用户在验证时通过旋转的方式调整这些图像块的角度，使得它们与未被打乱前的角度相同或相近，同时还需要调整这些图像块的位置，使得它们与未被打乱前的位置相同或相近(所述相近指图像块调整后的位置与该图像块在被打乱前的位置之间的差值应在一个阈值范围内)。在此此类验证码中，为了减少用户操作的难度，一般将图像块可旋转的角度设定为固定值(比如：顺时针或逆时针旋转45度或90度)。图6为本发明实施例中通过位置移动和角度旋转相结合的方式调整图像中已被打乱的图像块的图像验证码的示例图。在图6中，左上方的图为原始图像，其中编号为1-8的图像块为分割出来的图像块。这些图像块在打乱的过程中，位置发生变化且角度发生旋转(由于图像块为六边形，旋转角度从图中无法明显的显示出来)，得到图6中右上方的图。用户只有将已被打乱的图像块重新恢复成如图6中最下方的图，方能通过验证。需要说明的是，在图6中为了表述清楚的目的，未在图6中展示图像块重叠的情形，实际上在打乱图像块时，被打乱的图像块可以重叠。The complexity of the second type of verification code is medium. It adjusts the disrupted image blocks in the image through a combination of position movement and angle rotation, so as to complete the verification. For example, image blocks that have been shuffled are irregularly shaped image blocks that have been cut from an original image. These image blocks have not only moved in horizontal and/or vertical directions, but also have an are scrambled, so the user adjusts the angles of these image blocks by rotating them during verification, so that they are the same or similar to the angles before they were not scrambled, and also needs to adjust the positions of these image blocks so that they are not scrambled. The positions before the scrambling are the same or similar (the closeness means that the difference between the adjusted position of the image block and the position of the image block before being scrambled should be within a threshold range). In this type of verification code, in order to reduce the difficulty of user operations, the rotatable angle of the image block is generally set to a fixed value (for example: 45 degrees or 90 degrees clockwise or counterclockwise). FIG. 6 is an example diagram of adjusting the image verification code of a disrupted image block in an image by a combination of position movement and angle rotation in an embodiment of the present invention. In FIG. 6 , the picture on the upper left is the original image, and the image blocks numbered 1-8 are the segmented image blocks. During the process of scrambling these image blocks, the position changes and the angle rotates (because the image blocks are hexagonal, the rotation angle cannot be clearly displayed from the figure), and the upper right figure in Figure 6 is obtained. The user can only pass the verification if he restores the disturbed image block to the bottom picture in Figure 6. It should be noted that in FIG. 6 , for the purpose of clarity, the overlap of image blocks is not shown in FIG. 6 . In fact, when the image blocks are shuffled, the shuffled image blocks may overlap.

第三种验证码的复杂度最低，它是通过角度旋转的方式调整图像中已被打乱的图像块，从而完成验证。图7为本发明实施例中通过角度旋转的方式调整图像中已被打乱的图像块的图像验证码的示例图。图7最左侧的图为原始图像，从这一原始图像中切割下来的多个同心的水滴形或水滴形环(最内部为水滴形，其他为同心水滴形环)。将这些切割下来的多个同心的水滴形或水滴形环相对基准轴(如图中的水平线与垂直线)进行旋转，从而得到已被打乱的图像块。图7中的中间部分的图为被打乱后的图像。由于这些图像块相对基准轴的角度被打乱，因此用户在验证时可通过旋转的方式调整这些图像块的角度，使得它们与未被打乱前的角度相同或相近(所述相近指图像块调整后的角度与该图像块在被打乱前的角度之间的差值应在一个阈值范围内)。在此验证码中，图像块的位置不能移动，但可围绕中心旋转任意角度。用户只有将已被打乱的图像块重新恢复成如图7中最右侧的图，方能通过验证。The third type of verification code has the lowest complexity, and it completes the verification by adjusting the disrupted image blocks in the image by means of angle rotation. FIG. 7 is an example diagram of an image verification code for adjusting a disrupted image block in an image by means of angular rotation in an embodiment of the present invention. The leftmost figure in Fig. 7 is the original image, and a plurality of concentric drop-shaped or drop-shaped rings (the innermost is drop-shaped, and the others are concentric drop-shaped rings) are cut out from this original image. The cut out multiple concentric drop-shaped or drop-shaped rings are rotated relative to the reference axis (such as the horizontal line and the vertical line in the figure), so as to obtain the image blocks that have been disturbed. The picture in the middle part of Fig. 7 is the image after being scrambled. Since the angles of these image blocks relative to the reference axis are disturbed, the user can adjust the angles of these image blocks by rotating them during verification, so that they are the same or similar to the angles before being disturbed (the similarity refers to the The difference between the adjusted angle and the angle of the image block before being scrambled should be within a threshold). In this verification code, the position of the image block cannot be moved, but it can be rotated at any angle around the center. The user can only pass the verification if he restores the disturbed image block to the rightmost picture in Figure 7.

对于第二种验证码和第三种验证码，在验证过程中对每个图像块的操作都是独立的，一个图像块的操作并不影响另一个图像块，因此这两种验证码的复杂度均为O(n)(注：此处复杂度使用衡量计算机算法中的复杂度概念)。而对于第一种验证码，在验证过程中对一个图像块的操作会影响另一个图像块(相邻位置的图像块)，用户当前的选择取决于上一步的选择，若出错则需要回退，因此这一验证码的复杂度近乎为O(n^m)，其中n为图像块的数目，m为预设的调整次数。显然，通过增加复杂度可更好地避免被机器识别，达到验证码存在的初衷。For the second type of verification code and the third type of verification code, the operation of each image block is independent during the verification process, and the operation of one image block does not affect the other image block, so the complexity of these two types of verification codes The degrees are all O(n) (Note: The complexity here uses the concept of complexity in measuring computer algorithms). For the first type of verification code, the operation on one image block during the verification process will affect another image block (an adjacent image block), the current selection of the user depends on the selection of the previous step, and a rollback is required if there is an error , so the complexity of this verification code is almost O(n^m), where n is the number of image blocks, and m is the preset number of adjustments. Obviously, by increasing the complexity, it can better avoid being recognized by machines and achieve the original intention of the verification code.

虽然服务器能够提供三种验证码，但在实际应用中，会根据客户端的风险高低选择生成其中的一种验证码。Although the server can provide three types of verification codes, in practical applications, one of the verification codes will be selected and generated according to the risk of the client.

具体的说：Specifically:

根据所接收到的验证码生成请求以及所述高风险的风险评估结果，生成第一验证码信息以及第一验证码校验信息；其中，所述第一验证码信息包括第一待验证图像与第一验证规则；所述第一待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以绑定相邻图像块交换位置的方式被打乱；所述第一验证规则用于描述验证所述第一待验证图像的方式；所述第一验证码校验信息用于描述第一待验证图像信息中的图像块的正确位置；According to the received verification code generation request and the high-risk risk assessment result, generate first verification code information and first verification code verification information; wherein, the first verification code information includes the first image to be verified and The first verification rule; the first image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are bound to adjacent The way in which the image blocks are exchanged is disrupted; the first verification rule is used to describe the way to verify the first image to be verified; the first verification code check information is used to describe the first image information to be verified The correct position of the image block;

或，根据所接收到的验证码生成请求以及所述中风险的风险评估结果，生成第二验证码信息以及第二验证码校验信息；其中，所述第二验证码信息包括第二待验证图像与第二验证规则；所述第二待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以位置移动和角度旋转相结合的方式被打乱；所述第二验证规则用于描述验证所述第二待验证图像的方式；所述第二验证码校验信息用于描述第二待验证图像信息中的图像块的正确位置；Or, generate second verification code information and second verification code verification information according to the received verification code generation request and the risk assessment result of the medium risk; wherein, the second verification code information includes the second verification code information to be verified Image and second verification rule; the second image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are moved by position The method combined with angle rotation is disrupted; the second verification rule is used to describe the method of verifying the second image to be verified; the second verification code check information is used to describe the second image information to be verified The correct position of the image block;

或，根据所接收到的验证码生成请求以及所述低风险的风险评估结果，生成第三验证码信息以及第三验证码校验信息；其中，所述第三验证码信息包括第三待验证图像与第三验证规则；所述第三待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以角度旋转的方式被打乱；所述第三验证规则用于描述验证所述第三待验证图像的方式；所述第三验证码校验信息用于描述第三待验证图像信息中的图像块的正确位置。Or, generate third verification code information and third verification code verification information according to the received verification code generation request and the low-risk risk assessment result; wherein, the third verification code information includes the third verification code information to be verified Image and third verification rule; the third image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are rotated by an angle The method is disrupted; the third verification rule is used to describe the method of verifying the third image to be verified; the third verification code check information is used to describe the correctness of the image block in the third image information to be verified Location.

对于第一验证码信息以及第一验证码校验信息的生成过程在前文中已经有详细说明，因此不在此处重复。下面对第二验证码信息以及第二验证码校验信息的生成过程，以及第三验证码信息以及第三验证码校验信息的生成过程进行说明。The generation process of the first verification code information and the first verification code verification information has been described in detail above, so it will not be repeated here. The following describes the generation process of the second verification code information and the second verification code verification information, and the generation process of the third verification code information and the third verification code verification information.

生成第二验证码信息以及第二验证码校验信息时也需要从原始图像中分割出图像块，然后生成随机数序列，根据随机数序列中的随机数调整图像块的重心相对坐标与旋转角度，生成第二待验证图像。同时，根据图像块在分割时的原始位置信息以及调整时的旋转角度可得到第二验证码校验信息。When generating the second verification code information and the second verification code verification information, it is also necessary to segment the image block from the original image, then generate a random number sequence, and adjust the relative coordinates and rotation angle of the center of gravity of the image block according to the random number in the random number sequence , to generate the second image to be verified. At the same time, the second verification code verification information can be obtained according to the original position information of the image block during division and the rotation angle during adjustment.

具体的说：Specifically:

在生成随机数列时，参照第一验证码信息以及第一验证码校验信息生成过程中的描述，可根据系统时间以及发起验证码请求的客户端生成随机数，如038206，然后根据该随机数得到二位数种子序列如下：03、38、82、20、06。从这些二位数种子序列中为图像块(假设从原始图像中分割出的图像块的数目小于或等于5个)分别选取一个值作为随机化种子。同时还可以根据该随机数得到三位数种子序列如下：038、382、820、206。When generating a random number sequence, refer to the description in the generation process of the first verification code information and the first verification code verification information, you can generate a random number according to the system time and the client that initiated the verification code request, such as 038206, and then according to the random number The two-digit seed sequence is obtained as follows: 03, 38, 82, 20, 06. A value is selected from these two-digit seed sequences for image blocks (assuming that the number of image blocks segmented from the original image is less than or equal to 5) as a randomization seed. At the same time, the three-digit seed sequence can also be obtained according to the random number as follows: 038, 382, 820, 206.

根据随机化种子打乱图像块时，以100％为基准，根据随机化种子的数值可以得出每个图像块的重心相对坐标及旋转角度值。例如，在前面的例子中，二位数种子序列包括：03、38、82、20、06。根据这些种子序列可得到3％、38％、82％、20％和6％这几个百分比值。这些百分比值在本发明实施例中被称为重心相对坐标，它们描述了水平位置(或垂直位置)的偏移比例，如3％表示图像块被移动到母图的从左右到水平方向3％的位置。第二种验证码除了要移动位置外，还需要旋转角度。但第二种验证码中可能的旋转角度值不是随机值，而是若干个固定值，如45度的整数倍。在打乱图像块时，以45度的整数倍为例，根据前述的三位数种子序列并以360度为基准，可得到38度、22度(382除以360的余数)、100度(820除以360的余数)和206度(假设旋转方向均设定为顺时针)。将这些角度值除以45取整后乘45，得到旋转角度为0度、0度、90度和180度。从重心相对坐标的候选值集合以及旋转角度值的候选值集合中分别选取重心相对坐标和旋转角度值，图像块按照所选取的重心相对坐标和旋转角度值被打乱，从而得到第二待验证图像。When the image block is disturbed according to the randomization seed, the relative coordinates of the center of gravity and the rotation angle value of each image block can be obtained according to the value of the randomization seed based on 100%. For example, in the previous example, the two-digit seed sequence included: 03, 38, 82, 20, 06. Percentage values of 3%, 38%, 82%, 20% and 6% can be obtained from these seed sequences. These percentage values are called the relative coordinates of the center of gravity in the embodiment of the present invention, and they describe the offset ratio of the horizontal position (or vertical position), such as 3% means that the image block is moved to 3% from the left and right to the horizontal direction of the parent image s position. The second type of verification code not only needs to move the position, but also needs to rotate the angle. However, the possible rotation angle values in the second verification code are not random values, but several fixed values, such as integer multiples of 45 degrees. When disturbing the image block, taking the integer multiple of 45 degrees as an example, according to the aforementioned three-digit seed sequence and taking 360 degrees as the benchmark, 38 degrees, 22 degrees (the remainder of 382 divided by 360), 100 degrees ( The remainder of 820 divided by 360) and 206 degrees (assuming both directions of rotation are set to clockwise). Divide these angle values by 45 and multiply by 45 to obtain the rotation angles of 0 degrees, 0 degrees, 90 degrees, and 180 degrees. Select the relative coordinates of the center of gravity and the value of the rotation angle from the candidate value set of the relative coordinates of the center of gravity and the candidate value set of the rotation angle value, and the image block is disturbed according to the selected relative coordinates of the center of gravity and the value of the rotation angle, thereby obtaining the second to-be-verified image.

第二待验证图像中具体包括有：图像块的信息、图像块的母图信息以及验证方式信息。其中，图像块的母图是指图像块所源自的图像。图像块的信息包括图像块的形状、大小，图像块的重心相对坐标，旋转角度值。The second image to be verified specifically includes: information of the image block, information of a parent image of the image block, and information of a verification method. Wherein, the parent image of the image block refers to the image from which the image block originates. The information of the image block includes the shape and size of the image block, the relative coordinates of the center of gravity of the image block, and the value of the rotation angle.

第二验证规则用于描述验证所述第二待验证图像的方式，如“旋转图像块的角度并移动图像块的位置，恢复原来的图像”。The second verification rule is used to describe the method of verifying the second image to be verified, such as "rotate the angle of the image block and move the position of the image block to restore the original image".

第二验证码校验信息为图像块的原始位置信息和旋转角度。图像块的原始位置信息在图像块从母图上被分割时就可以获得，结合客户端返回的位置偏移量与图像块被打乱时的重心相对坐标，可确定打乱后的图像块在用户验证后的位置信息与原始位置信息是否一致。特别的，第二验证码校验信息中的旋转角度也可以用图像块旋转点击次数代替。由于在第二种验证码中，旋转角度的候选值是固定的，用户在验证时，每次操作(如点击操作)图像块会旋转固定的角度(如45度)，因此可将图像块旋转点击次数代替旋转角度。当验证码校验信息中包括图像块旋转点击次数时，将用户在做验证操作时的图像块点击次数模8(假设一次旋转45度，则360/45＝8)取余，所得到的结果与验证码校验信息中所保存的图像块旋转点击次数进行比较，两者一致，则验证成功。The verification information of the second verification code is the original position information and rotation angle of the image block. The original position information of the image block can be obtained when the image block is divided from the parent image. Combined with the position offset returned by the client and the relative coordinates of the center of gravity when the image block is scrambled, it can be determined that the scrambled image block is at Whether the verified location information of the user is consistent with the original location information. In particular, the rotation angle in the verification information of the second verification code may also be replaced by the number of image block rotation clicks. Since in the second type of verification code, the candidate value of the rotation angle is fixed, the image block will be rotated by a fixed angle (such as 45 degrees) every time the user operates (such as a click operation) during verification, so the image block can be rotated Clicks instead of rotations. When the verification code verification information includes the number of image block rotation clicks, the number of image block clicks modulo 8 (assuming a rotation of 45 degrees, then 360/45=8) when the user performs the verification operation is taken as a remainder, and the obtained result Compared with the number of image block rotation clicks stored in the verification code verification information, if the two are consistent, the verification is successful.

生成第三验证码信息以及第三验证码校验信息时也需要从原始图像中分割出图像块，然后生成随机数序列，根据随机数序列中的随机数调整图像块的旋转角度，生成第三待验证图像。同时，根据图像块的旋转角度可得到第二验证码校验信息。When generating the third verification code information and the third verification code verification information, it is also necessary to segment the image block from the original image, then generate a random number sequence, adjust the rotation angle of the image block according to the random number in the random number sequence, and generate the third The image to be verified. At the same time, the second verification code verification information can be obtained according to the rotation angle of the image block.

具体的说：Specifically:

在生成随机数列时，参照第一验证码信息以及第一验证码校验信息生成过程中的描述，可根据系统时间以及发起验证码请求的客户端生成随机数，如038206。然后以360度为基准，根据随机化种子的数值可以得出每个图像块被打乱后的旋转角度。例如，在前面的例子中，所生成的三位数种子序列包括：038、382、820、206。根据这些三位数种子序列，可得到图像块打乱后的旋转角度分别是38度、22度(382除以360的余数)、100度(820除以360的余数)和206度(假设旋转方向均设定为顺时针)。图像块按照所选取的旋转角度值被打乱，从而得到第三待验证图像。When generating a random number sequence, refer to the description in the generation process of the first verification code information and the first verification code verification information, and generate random numbers according to the system time and the client that initiates the verification code request, such as 038206. Then, based on 360 degrees, the rotation angle of each image block after being scrambled can be obtained according to the value of the randomization seed. For example, in the previous example, the generated three-digit seed sequence includes: 038, 382, 820, 206. According to these three-digit seed sequences, the rotation angles of image blocks after being disrupted are 38 degrees, 22 degrees (remainder of dividing 382 by 360), 100 degrees (remainder of dividing 820 by 360) and 206 degrees (assuming rotation direction is set to clockwise). The image block is scrambled according to the selected rotation angle value, so as to obtain the third image to be verified.

第三待验证图像中具体包括有：图像块的信息、图像块的母图信息以及验证方式信息。其中，图像块的母图是指图像块所源自的图像。图像块的信息包括图像块的形状、大小，图像块的旋转角度值。The third image to be verified specifically includes: image block information, image block parent image information, and verification mode information. Wherein, the parent image of the image block refers to the image from which the image block originates. The information of the image block includes the shape and size of the image block, and the rotation angle value of the image block.

第三验证规则用于描述验证所述第三待验证图像的方式，如“旋转图像块的角度，恢复原来的图像”。The third verification rule is used to describe the way of verifying the third image to be verified, such as "rotate the angle of the image block to restore the original image".

第三验证码校验信息为旋转角度，这一旋转角度的大小与方向与图像块被打乱后的旋转角度大小与方向相关。例如，图像块打乱后的旋转角度分别是38度、22度、100度和206度(假设旋转方向均设定为顺时针)，那么验证码校验信息是逆时针方向的38度、22度、100度和206度，或顺时针方向的322度、338度、260度和154度。The verification information of the third verification code is the rotation angle, and the size and direction of the rotation angle are related to the size and direction of the rotation angle after the image block is scrambled. For example, the rotation angles of image blocks after they are scrambled are 38 degrees, 22 degrees, 100 degrees and 206 degrees (assuming that the rotation directions are all set to clockwise), then the verification code check information is 38 degrees, 22 degrees counterclockwise. degrees, 100 degrees and 206 degrees, or 322 degrees, 338 degrees, 260 degrees and 154 degrees clockwise.

从本步骤的描述可以看到，验证码类型的确定与多种因素有关，即使是同一终端设备、同一操作者，也可能会因为具体操作行为的不同而使验证码类型发生变化。这增加了验证的安全性。It can be seen from the description of this step that the determination of the verification code type is related to many factors, even if it is the same terminal device and the same operator, the verification code type may change due to different specific operation behaviors. This increases the security of authentication.

步骤502、将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息。Step 502: Send the verification code information to the client, so that the client displays the verification code information.

步骤503、接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。Step 503: Receive the verification result returned by the client, compare the verification result with the verification code verification information, and complete the verification.

在之前的步骤中，根据用户操作环境的风险等级确定了具体的验证码类型，在本步骤中，只需要将验证结果与相应类型的验证码校验信息进行比对，即可完成验证。In the previous steps, the specific verification code type is determined according to the risk level of the user's operating environment. In this step, the verification can be completed by comparing the verification result with the verification information of the corresponding type of verification code.

本发明实施例提供的验证码验证方法提供了生成多种验证码的能力，能够根据用户操作场景的风险程度选取对应复杂度的验证码，提升了网络安全程度。The verification code verification method provided by the embodiment of the present invention provides the ability to generate multiple verification codes, and can select a verification code corresponding to the complexity according to the risk level of the user operation scene, which improves the network security.

基于上述任一实施例，在本发明实施例中，所述验证码验证方法还包括：Based on any of the above-mentioned embodiments, in the embodiment of the present invention, the verification code verification method further includes:

根据对所接收到的用户信息的分析得到用户行为，对所述用户行为进行风险评估，得到用户操作环境的风险等级。The user behavior is obtained according to the analysis of the received user information, and the risk assessment is performed on the user behavior to obtain the risk level of the user's operating environment.

在本发明实施例中，用户信息是指与用户登录有关的信息，如用户地理位置、上次登录时间、终端设备信息、Cookie、请求时间、请求次数等。根据这些用户信息可以分析出用户行为，例如，假设验证码的使用场景为登录，则根据前述的用户信息可以分析出诸如异地登录、Token失效后登录(长时间未登录)、频繁登录(登录退出再登录)等行为。用户信息可由客户端采集后发送到服务器端。In this embodiment of the present invention, user information refers to information related to user login, such as user geographic location, last login time, terminal device information, cookies, request time, number of requests, etc. According to these user information, user behavior can be analyzed. For example, assuming that the usage scenario of the verification code is login, then based on the aforementioned user information, it can be analyzed such as remote login, login after Token expires (no login for a long time), frequent login (login and logout), etc. Log in again) and other behaviors. User information can be collected by the client and sent to the server.

在本发明实施例中，根据用户信息分析用户行为可采用本领域技术人员所公知的方法实现。例如，将本次用户登录尝试时的用户地理位置与所保存的前一次用户登录尝试时的用户地理位置进行比较，如果地理位置发生远距离的改变(如在不同的行政区域，或距离变动超过一个阈值(如50km))，则可以认为发生了异地登录行为。又如，结合请求时间、请求次数，可以分析出频繁登录(登录退出再登录)行为。In the embodiment of the present invention, analyzing user behavior according to user information may be implemented using methods known to those skilled in the art. For example, compare the user's geographic location at the time of this user's login attempt with the saved user's geographic location at the previous user's login attempt, and if the geographic location changes in a long distance (such as in a different administrative region, or the distance changes more than A threshold (such as 50km)), then it can be considered that a remote login has occurred. For another example, combined with the request time and the number of requests, frequent login (login, logout, and login) behaviors can be analyzed.

在得到用户行为后，可根据用户行为评估用户操作场景的风险等级。例如，Token失效后登录(长时间未登录)是常见的用户登录行为，此类用户登录场景风险为低风险；异地登录在日常生活中发生频率相对较低，一旦检测到此类用户行为可认为用户登录场景的风险为中等风险；更换终端设备或个人信息(如手机号或支付密码等)在日常生活中的发生概率最低，一旦检测到此类用户行为可认为用户登录场景的风险为高风险。After the user behavior is obtained, the risk level of the user operation scenario can be evaluated according to the user behavior. For example, logging in after the token expires (not logging in for a long time) is a common user login behavior, and the risk of this type of user login scenario is low risk; remote login occurs relatively infrequently in daily life, and once such user behavior is detected, it can be considered The risk of the user login scenario is medium risk; the probability of changing terminal equipment or personal information (such as mobile phone number or payment password, etc.) in daily life is the lowest. Once such user behavior is detected, the risk of the user login scenario can be considered as high risk .

本发明实施例提供的验证码验证方法通过对用户操作环境的风险评估，为选取对应复杂度的验证码提供了依据，提高了网络安全程度。The verification code verification method provided by the embodiment of the present invention provides a basis for selecting a verification code of corresponding complexity through risk assessment of the user's operating environment, and improves network security.

基于上述任一实施例，图8为本发明再一实施例提供的验证码验证方法的流程图，如图8所示，本发明实施例再一提供的验证码验证方法，应用于客户端，具体包括以下步骤：Based on any of the above-mentioned embodiments, FIG. 8 is a flow chart of a verification code verification method provided by another embodiment of the present invention. As shown in FIG. 8 , the verification code verification method provided by another embodiment of the present invention is applied to the client. Specifically include the following steps:

步骤801、发送验证码生成请求，以使服务器端根据所述验证码生成请求以及所述风险评估结果，生成验证码信息以及验证码校验信息；其中，所述验证码信息包括待验证图像与验证规则；所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述验证规则用于描述验证所述待验证图像的方式；所述验证码校验信息用于描述待验证图像中的图像块的正确位置。Step 801: Send a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request and the risk assessment result; wherein, the verification code information includes the image to be verified and Verification rules; the image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are adjusted by adjusting the offset angle of the center of gravity Scrambling; the verification rule is used to describe the way of verifying the image to be verified; the verification code check information is used to describe the correct position of the image block in the image to be verified.

步骤802、根据所接收到的验证码信息展示所述待验证图像与所述验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；。Step 802: Display the image to be verified and the verification rule according to the received verification code information, so that the user can perform a verification operation on the image to be verified according to the verification rule;

在本发明实施例中，采用绘制的方式展示待验证图像与验证规则。在前文中已经提到，待验证图像包括：图像块的信息、图像块的母图信息以及验证方式信息。在绘制时，将母图、图像块分别进行绘制。由于图像块的信息中包含有图像块的形状与大小信息，也包含有诸如图像块的位置信息、图像块的角度信息、图像块的编号信息等信息，因此绘制生成的待验证图像依然保持“混乱”的状态。作为一种优选实现方式，在绘制时使用重心来绘制图像块位置。In the embodiment of the present invention, the images to be verified and the verification rules are displayed by means of drawing. As mentioned above, the image to be verified includes: the information of the image block, the information of the parent image of the image block, and the information of the verification method. When drawing, draw the master image and the image block separately. Since the image block information includes the shape and size information of the image block, as well as information such as the position information of the image block, the angle information of the image block, and the number information of the image block, the generated image to be verified by drawing still remains " state of confusion". As a preferred implementation manner, the center of gravity is used to draw the position of the image block during drawing.

以第三验证码中的第三待验证图像为例，建立坐标系，然后参照坐标系绘制母图；接着对于任意一个图像块，根据图像块的形状与大小信息可确定所要绘制的图像块的形状与大小(如长、宽等)，根据图像块的位置信息(如重心坐标)以及角度信息(如相对基准轴所要旋转的角度)可确定所要绘制的图像块在坐标系中的位置以及相对坐标系的角度，从而绘制这一图像块。Taking the third image to be verified in the third verification code as an example, establish a coordinate system, and then draw the mother image with reference to the coordinate system; then, for any image block, the image block to be drawn can be determined according to the shape and size information of the image block Shape and size (such as length, width, etc.), the position and relative The angle of the coordinate system from which to draw this image patch.

在本发明实施例中，对于图像块之间或图像块与母图之间有重叠的待验证图像(如第二待验证图像)，在绘制时可采用图层技术，即图像块与剩余母图位于不同的图层上，且这些图层支持合并。合并后的图层不再支持操作(能合并的图层都是位置匹配正确的图像块)，合并后的图层置于最底层。In the embodiment of the present invention, for the image to be verified (such as the second image to be verified) that overlaps between image blocks or between the image block and the parent image, layer technology can be used when drawing, that is, the image block and the remaining parent image are on separate layers, and those layers support merging. The merged layer no longer supports operations (the layers that can be merged are image blocks with correct positions), and the merged layer is placed at the bottom.

要实现图层合并需要依靠图像块信息，具体的说，需要依靠其中的预期位置信息。以前述的第二验证码为例，预期位置信息为预期的重心相对坐标，当移动图像块使其重心与预期重心“相等”时，即说明图块位置匹配正确，这一图像块所在的图层就能够与周围的图层进行合并。To implement layer merging, it is necessary to rely on image block information, specifically, it needs to rely on expected position information therein. Taking the aforementioned second verification code as an example, the expected position information is the relative coordinates of the expected center of gravity. When the image block is moved to make the center of gravity "equal" to the expected center of gravity, it means that the position of the block is matched correctly. Layers can then be merged with surrounding layers.

图像块绘制完成后，还需要根据待验证图像信息中的验证方式信息设置图像块的属性。例如，对于第一验证码中的图像块，图像块的属性为旋转、平移；对于第二验证码中的图像块，图像块的属性为旋转、平移。对于第三验证码中的图像块，图像块的属性为旋转。After the image block is drawn, it is necessary to set the attributes of the image block according to the verification method information in the image information to be verified. For example, for the image blocks in the first verification code, the attributes of the image blocks are rotation and translation; for the image blocks in the second verification code, the attributes of the image blocks are rotation and translation. For the image block in the third verification code, the attribute of the image block is rotation.

步骤803、根据用户的验证操作生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。Step 803: Generate a verification result according to the user's verification operation, and send the verification result to the server, so that the server compares the verification result with the verification code verification information to complete the verification.

用户根据待验证图像与验证规则，可进行验证操作。在完成验证操作时，会对待验证图像中的被打乱的图像块进行诸如点击、拖动等操作。图像块在这些操作的驱动下，会发生相应变化。采集这些变化所包含的信息可形成验证结果。Users can perform verification operations according to the image to be verified and the verification rules. When the verification operation is completed, operations such as clicking and dragging will be performed on the disturbed image blocks in the image to be verified. Driven by these operations, image blocks will change accordingly. Capturing the information contained in these changes can form the verification result.

在之前的实施例中，已经对第一验证码的验证过程做了说明，因此不在此处重复。In the previous embodiments, the verification process of the first verification code has been described, so it will not be repeated here.

在验证第二验证码时，用户通过水平方向或垂直方向的拖动操作可实现所选定图像块的位置移动，通过点击操作可实现所选定图像块的旋转。图像旋转的点击次数以及图像块的位置偏移量作为验证结果。When verifying the second verification code, the user can move the selected image block by dragging horizontally or vertically, and rotate the selected image block by clicking. The number of clicks for image rotation and the position offset of the image block are used as the verification result.

在验证第三验证码时，用户通过点击操作可选定所要操作的图像块(如同心水滴形或同心水滴形环)，通过拖动操作可实现所选定图像块的角度旋转。一旦用户停止此次拖动操作，客户端采集该图像块在此次旋转操作中所旋转的角度，将旋转角度信息作为验证结果。When verifying the third verification code, the user can select the image block to be operated (such as concentric droplet or concentric droplet ring) by clicking, and the selected image block can be rotated by dragging the angle. Once the user stops the drag operation, the client collects the angle rotated by the image block during the rotation operation, and uses the rotation angle information as the verification result.

本发明实施例提供的验证码验证方法通过采集用户信息来评估风险，从而提供与风险对应的验证码，提升了网络安全性。The verification code verification method provided by the embodiment of the present invention evaluates risks by collecting user information, thereby providing verification codes corresponding to risks, and improving network security.

基于上述任一实施例，在本发明的又一实施例中，本发明实施例提供的验证码验证方法还包括：Based on any of the above embodiments, in another embodiment of the present invention, the verification code verification method provided in the embodiment of the present invention further includes:

采集并发送用户信息，以使服务器端根据对所述用户信息的分析得到用户行为，进而对用户行为进行风险评估，得到用户操作环境的风险等级。Collect and send user information, so that the server can obtain user behavior based on the analysis of the user information, and then perform risk assessment on user behavior to obtain the risk level of the user's operating environment.

在本发明实施例中，用户信息是指与用户登录有关的信息，如用户地理位置、上次登录时间、终端设备信息、Cookie、请求时间、请求次数等。这些用户信息均或可由客户端根据用户的操作得到，或为客户端自身的信息，因此可由客户端采集并发送到服务器端。In this embodiment of the present invention, user information refers to information related to user login, such as user geographic location, last login time, terminal device information, cookies, request time, number of requests, etc. The user information can be obtained by the client according to the user's operation, or is the information of the client itself, so it can be collected by the client and sent to the server.

本发明实施例提供的验证码验证方法向服务器端发送用户信息，以使得服务器端能够对用户操作环境进行风险评估，为选取对应复杂度的验证码提供了依据，提高了网络安全程度。The verification code verification method provided by the embodiment of the present invention sends user information to the server, so that the server can perform risk assessment on the user's operating environment, provides a basis for selecting a verification code of corresponding complexity, and improves network security.

基于上述任一实施例，在本发明的又一实施例中，所述根据用户的验证操作生成验证结果还包括：Based on any of the above-mentioned embodiments, in another embodiment of the present invention, generating the verification result according to the verification operation of the user further includes:

对用户的验证操作进行修正，根据修正后的验证操作生成验证结果。The verification operation of the user is corrected, and a verification result is generated according to the corrected verification operation.

用户的验证操作一般而言精密度并不高，在旋转角度、移动位置等操作时难免与预期的位置有所偏差。在本发明实施例中，在客户端对用户的验证操作提供修正，通过修正操作，可将用户验证操作后与预期位置存在一定偏差的图像块调整至预期位置处。Generally speaking, the precision of the user's verification operation is not high, and it is inevitable to deviate from the expected position during operations such as rotation angle and moving position. In the embodiment of the present invention, the user's verification operation is corrected on the client side. Through the correction operation, the image block that has a certain deviation from the expected position after the user's verification operation can be adjusted to the expected position.

与服务端做修正处理相比，本发明实施例提供的验证码验证方法在客户端实现了对用户验证操作的修正，使视觉更加自然，且能避免服务端修正处理时判错，从而提高验证码的通过率。Compared with the correction process on the server side, the verification code verification method provided by the embodiment of the present invention realizes the correction of the user verification operation on the client side, making the vision more natural, and can avoid wrong judgments during the correction process on the server side, thereby improving verification. Code passing rate.

本发明又一实施例提供了一种验证码验证系统，包括第一服务器端和第一客户端，其中，所述第一服务器端与所述第一客户端之间通信连接。Yet another embodiment of the present invention provides a verification code verification system, including a first server and a first client, wherein the first server and the first client are connected by communication.

图9为本发明实施例提供的第一服务器端的示意图，如图9所示，本发明实施例提供的第一服务器端包括：Fig. 9 is a schematic diagram of the first server end provided by the embodiment of the present invention. As shown in Fig. 9, the first server end provided by the embodiment of the present invention includes:

验证码生成模块901，用于根据所接收到的验证码生成请求，生成验证码信息以及验证码校验信息；其中，所述验证码信息包括待验证图像与验证规则；所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述验证规则用于描述验证所述待验证图像的方式；所述验证码校验信息用于描述待验证图像信息中的图像块的正确位置；The verification code generation module 901 is configured to generate verification code information and verification code verification information according to the received verification code generation request; wherein, the verification code information includes images to be verified and verification rules; the images to be verified include A plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; the verification rule is used for Describe the way to verify the image to be verified; the verification code verification information is used to describe the correct position of the image block in the image information to be verified;

验证码发送模块902，用于将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息；A verification code sending module 902, configured to send the verification code information to the client, so that the client displays the verification code information;

验证模块903，用于接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。The verification module 903 is configured to receive the verification result returned by the client, compare the verification result with the verification code verification information, and complete the verification.

本发明实施例提供的服务器所生成的验证码在验证过程中对一个图像块的操作会影响另一个图像块(相邻位置的图像块)，用户当前的选择取决于上一步的选择，若出错则需要回退，因此这一验证码的复杂度得到明显提升，从而更好地避免被机器识别，提高了网络安全性。The verification code generated by the server provided by the embodiment of the present invention will affect another image block (an adjacent image block) during the verification process. The current selection of the user depends on the selection of the previous step. It needs to fall back, so the complexity of this verification code is significantly improved, so as to better avoid being recognized by machines and improve network security.

图10为本发明实施例提供的第一客户端的示意图，如图10所示，本发明实施例提供的第一客户端包括：Fig. 10 is a schematic diagram of the first client provided by the embodiment of the present invention. As shown in Fig. 10, the first client provided by the embodiment of the present invention includes:

验证码生成请求发送模块1001，用于发送验证码生成请求，以使得服务器端根据所述验证码生成请求生成验证码信息以及验证码校验信息；其中，所述验证码信息包括待验证图像与验证规则；所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述验证规则用于描述验证所述待验证图像的方式；所述验证码校验信息用于描述待验证图像信息中的图像块的正确位置；A verification code generation request sending module 1001, configured to send a verification code generation request, so that the server side generates verification code information and verification code verification information according to the verification code generation request; wherein, the verification code information includes the image to be verified and Verification rules; the image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are adjusted by adjusting the offset angle of the center of gravity Scrambling; the verification rule is used to describe the way of verifying the image to be verified; the verification code check information is used to describe the correct position of the image block in the image information to be verified;

验证码展示模块1002，用于根据所接收到的验证码信息展示待验证图像与验证规则；A verification code display module 1002, configured to display images to be verified and verification rules according to the received verification code information;

验证结果生成模块1003，用于根据用户的验证操作生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。The verification result generation module 1003 is configured to generate a verification result according to the verification operation of the user, and send the verification result to the server, so that the server compares the verification result with the verification code verification information, Complete verification.

本发明实施例提供的客户端在验证验证码时，对一个图像块的操作会影响另一个图像块(相邻位置的图像块)，用户当前的选择取决于上一步的选择，若出错则需要回退，因此这一验证码的复杂度得到明显提升，从而更好地避免被机器识别，提高了网络安全性。When the client provided by the embodiment of the present invention verifies the verification code, the operation on one image block will affect another image block (an adjacent image block), and the current selection of the user depends on the selection of the previous step. Therefore, the complexity of this verification code has been significantly improved, so as to better avoid being recognized by machines and improve network security.

本发明另一实施例提供了一种验证码验证系统，包括第二服务器端和第二客户端，其中，所述第二服务器端与所述第二客户端之间通信连接。Another embodiment of the present invention provides a verification code verification system, including a second server end and a second client end, wherein the second server end and the second client end are in a communication connection.

图11为本发明实施例提供的第二服务器端的示意图，如图11所示，本发明实施例提供的第二服务器端包括：FIG. 11 is a schematic diagram of a second server end provided by an embodiment of the present invention. As shown in FIG. 11 , the second server end provided by an embodiment of the present invention includes:

验证码生成模块1101，用于根据所接收到的验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息；所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述验证规则用于描述验证所述待验证图像的方式；所述验证码校验信息用于描述待验证图像中的图像块的正确位置；The verification code generating module 1101 is configured to generate verification code information and verification code verification information according to the received verification code generation request and the risk level of the user's operating environment; the image to be verified includes a plurality of image blocks, and the plurality of image blocks are obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; the verification rule is used to describe the verification of the image to be verified Mode; the verification code verification information is used to describe the correct position of the image block in the image to be verified;

验证码发送模块1102，用于将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息；A verification code sending module 1102, configured to send the verification code information to the client, so that the client displays the verification code information;

验证模块1103，用于接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。The verification module 1103 is configured to receive the verification result returned by the client, compare the verification result with the verification code verification information, and complete the verification.

本发明实施例提供的服务器提供了生成多种验证码的能力，能够根据用户验证场景的风险程度选取对应复杂度的验证码，提升了网络安全程度。The server provided by the embodiment of the present invention provides the ability to generate multiple verification codes, and can select verification codes of corresponding complexity according to the risk level of user verification scenarios, thereby improving network security.

图12为本发明实施例提供的第二客户端的示意图，如图12所示，本发明实施例提供的第二客户端包括：FIG. 12 is a schematic diagram of a second client provided by an embodiment of the present invention. As shown in FIG. 12 , the second client provided by this embodiment of the present invention includes:

验证码生成请求发送模块1201，用于发送验证码生成请求，以使服务器端根据所述验证码生成请求以及所述风险评估结果，生成验证码信息以及验证码校验信息；其中，所述验证码信息包括待验证图像与验证规则；所述待验证图像包括多个图像块，所述多个图像块通过拆分原始图像得到，所述多个图像块在所述原始图像中的位置以调整重心偏移角度的方式被打乱；所述验证规则用于描述验证所述待验证图像的方式；所述验证码校验信息用于描述待验证图像中的图像块的正确位置；A verification code generation request sending module 1201, configured to send a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request and the risk assessment result; The code information includes an image to be verified and a verification rule; the image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are adjusted The mode of center of gravity offset angle is disrupted; the verification rule is used to describe the method of verifying the image to be verified; the verification code verification information is used to describe the correct position of the image block in the image to be verified;

验证码展示模块1202，用于根据所接收到的验证码信息展示所述待验证图像与所述验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；A verification code display module 1202, configured to display the image to be verified and the verification rule according to the received verification code information, so that the user performs a verification operation on the image to be verified according to the verification rule;

验证结果生成模块1203，用于根据用户的验证操作生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。The verification result generation module 1203 is configured to generate a verification result according to the verification operation of the user, and send the verification result to the server, so that the server compares the verification result with the verification code verification information, Complete verification.

本发明实施例提供的客户端能够采集用户验证场景的信息，从而提供给服务器端，使得服务器端能够根据用户验证场景的风险程度选取对应复杂度的验证码，提升了网络安全程度。The client provided by the embodiment of the present invention can collect the information of the user verification scene and provide it to the server, so that the server can select a verification code corresponding to the complexity according to the risk level of the user verification scene, which improves the network security.

图13示例了一种电子设备的实体结构示意图，如图13所示，该电子设备可以包括：处理器(processor)1310、通信接口(Communications Interface)1320、存储器(memory)1330和通信总线1340，其中，处理器1310，通信接口1320，存储器1330通过通信总线1340完成相互间的通信。处理器1310可以调用存储器1330中的逻辑指令，以执行如下方法：发送验证码生成请求；根据所接收到的验证码信息展示待验证图像与验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；接收用户的验证操作并生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。或执行如下方法：根据所接收到的验证码生成请求，生成验证码信息以及验证码校验信息；将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息；接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。或执行如下方法：发送验证码生成请求，以使服务器端根据所述验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息；根据所接收到的验证码信息展示所述待验证图像与所述验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；根据用户的验证操作生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。或执行如下方法：根据所接收到的验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息；将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息；接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。FIG. 13 illustrates a schematic diagram of the physical structure of an electronic device. As shown in FIG. 13 , the electronic device may include: a processor (processor) 1310, a communication interface (Communications Interface) 1320, a memory (memory) 1330 and a communication bus 1340, Wherein, the processor 1310 , the communication interface 1320 , and the memory 1330 communicate with each other through the communication bus 1340 . The processor 1310 can call the logic instructions in the memory 1330 to perform the following method: send a verification code generation request; display the image to be verified and the verification rules according to the received verification code information, so that the user can perform the verification according to the verification rules. performing a verification operation on the image to be verified; receiving the user's verification operation and generating a verification result, and sending the verification result to the server, so that the server compares the verification result with the verification code verification information, Complete verification. Or perform the following method: generate verification code information and verification code verification information according to the received verification code generation request; send the verification code information to the client, so that the client displays the verification code information; Receive the verification result returned by the client, compare the verification result with the verification code verification information, and complete the verification. Or perform the following method: send a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request and the risk level of the user's operating environment; The image to be verified and the verification rule, so that the user performs a verification operation on the image to be verified according to the verification rule; a verification result is generated according to the verification operation of the user, and the verification result is sent to the server, so that The server side compares the verification result with the verification code verification information to complete the verification. Or perform the following method: generate verification code information and verification code verification information according to the received verification code generation request and the risk level of the user's operating environment; send the verification code information to the client, so that the client Displaying the verification code information; receiving the verification result returned by the client, comparing the verification result with the verification code verification information, and completing the verification.

需要说明的是，本实施例中的电子设备在具体实现时可以为服务器，也可以为PC机，还可以为其他设备，只要其结构中包括如图13所示的处理器1310、通信接口1320、存储器1330和通信总线1340，其中处理器1310，通信接口1320，存储器1330通过通信总线1340完成相互间的通信，且处理器1310可以调用存储器1330中的逻辑指令以执行上述方法即可。本实施例不对电子设备的具体实现形式进行限定。It should be noted that the electronic device in this embodiment may be a server, a PC, or other devices during specific implementation, as long as its structure includes a processor 1310 and a communication interface 1320 as shown in FIG. 13 , the memory 1330 and the communication bus 1340, wherein the processor 1310, the communication interface 1320, and the memory 1330 communicate with each other through the communication bus 1340, and the processor 1310 can call the logic instructions in the memory 1330 to execute the above method. This embodiment does not limit the specific implementation form of the electronic device.

此外，上述的存储器1330中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时，可以存储在一个计算机可读取存储介质中。基于这样的理解，本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来，该计算机软件产品存储在一个存储介质中，包括若干指令用以使得一台计算机设备(可以是个人计算机，服务器，或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括：U盘、移动硬盘、只读存储器(ROM，Read-Only Memory)、随机存取存储器(RAM，Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。In addition, the above-mentioned logic instructions in the memory 1330 may be implemented in the form of software function units and may be stored in a computer-readable storage medium when sold or used as an independent product. Based on this understanding, the essence of the technical solution of the present invention or the part that contributes to the prior art or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the method described in each embodiment of the present invention. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program codes. .

进一步地，本发明实施例公开一种计算机程序产品，所述计算机程序产品包括存储在非暂态计算机可读存储介质上的计算机程序，所述计算机程序包括程序指令，当所述程序指令被计算机执行时，计算机能够执行上述各方法实施例所提供的方法，例如包括：发送验证码生成请求；根据所接收到的验证码信息展示待验证图像与验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；接收用户的验证操作并生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。或例如包括：根据所接收到的验证码生成请求，生成验证码信息以及验证码校验信息；将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息；接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。或例如包括：发送验证码生成请求，以使服务器端根据所述验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息；根据所接收到的验证码信息展示所述待验证图像与所述验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；根据用户的验证操作生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。或例如包括：根据所接收到的验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息；将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息；接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。Furthermore, the embodiment of the present invention discloses a computer program product, the computer program product includes a computer program stored on a non-transitory computer-readable storage medium, the computer program includes program instructions, when the program instructions are executed by the computer When executing, the computer can execute the methods provided by the above-mentioned method embodiments, for example, including: sending a verification code generation request; displaying the image to be verified and the verification rules according to the received verification code information, so that the user can perform the verification according to the verification rules. Perform a verification operation on the image to be verified; receive the user's verification operation and generate a verification result, and send the verification result to the server, so that the server compares the verification result with the verification code verification information Yes, verification is complete. Or for example include: generating verification code information and verification code verification information according to the received verification code generation request; sending the verification code information to the client, so that the client displays the verification code information; receiving The verification result returned by the client is compared with the verification code verification information to complete the verification. Or include, for example: sending a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request and the risk level of the user's operating environment; The image to be verified and the verification rule, so that the user performs a verification operation on the image to be verified according to the verification rule; a verification result is generated according to the verification operation of the user, and the verification result is sent to the server, so that the The server side compares the verification result with the verification code verification information to complete the verification. Or, for example, include: generating verification code information and verification code verification information according to the received verification code generation request and the risk level of the user's operating environment; sending the verification code information to the client, so that the client displays The verification code information: receiving the verification result returned by the client, comparing the verification result with the verification code verification information, and completing the verification.

另一方面，本发明实施例还提供一种非暂态计算机可读存储介质，其上存储有计算机程序，该计算机程序被处理器执行时实现以执行上述各实施例提供的传输方法，例如包括：发送验证码生成请求；根据所接收到的验证码信息展示待验证图像与验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；接收用户的验证操作并生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。或例如包括：根据所接收到的验证码生成请求，生成验证码信息以及验证码校验信息；将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息；接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。或例如包括：发送验证码生成请求，以使服务器端根据所述验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息；根据所接收到的验证码信息展示所述待验证图像与所述验证规则，以使得用户根据所述验证规则对所述待验证图像进行验证操作；根据用户的验证操作生成验证结果，将所述验证结果发送给服务器端，以使得所述服务器端将所述验证结果与所述验证码校验信息进行比对，完成验证。或例如包括：根据所接收到的验证码生成请求以及用户操作环境的风险等级，生成验证码信息以及验证码校验信息；将所述验证码信息发送给客户端，以使得所述客户端展示所述验证码信息；接收客户端返回的验证结果，将所述验证结果与所述验证码校验信息进行比对，完成验证。On the other hand, an embodiment of the present invention also provides a non-transitory computer-readable storage medium, on which a computer program is stored. When the computer program is executed by a processor, the transmission method provided by the above-mentioned embodiments is implemented, for example, including : Send a verification code generation request; display the image to be verified and verification rules according to the received verification code information, so that the user can perform verification operations on the image to be verified according to the verification rules; receive the verification operation of the user and generate a verification result , sending the verification result to the server, so that the server compares the verification result with the verification code verification information to complete the verification. Or for example include: generating verification code information and verification code verification information according to the received verification code generation request; sending the verification code information to the client, so that the client displays the verification code information; receiving The verification result returned by the client is compared with the verification code verification information to complete the verification. Or include, for example: sending a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request and the risk level of the user's operating environment; The image to be verified and the verification rule, so that the user performs a verification operation on the image to be verified according to the verification rule; a verification result is generated according to the verification operation of the user, and the verification result is sent to the server, so that the The server side compares the verification result with the verification code verification information to complete the verification. Or, for example, include: generating verification code information and verification code verification information according to the received verification code generation request and the risk level of the user's operating environment; sending the verification code information to the client, so that the client displays The verification code information: receiving the verification result returned by the client, comparing the verification result with the verification code verification information, and completing the verification.

以上所描述的装置实施例仅仅是示意性的，其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的，作为单元显示的部件可以是或者也可以不是物理单元，即可以位于一个地方，或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。本领域普通技术人员在不付出创造性的劳动的情况下，即可以理解并实施。The device embodiments described above are only illustrative, and the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in One place, or it can be distributed to multiple network elements. Part or all of the modules can be selected according to actual needs to achieve the purpose of the solution of this embodiment. It can be understood and implemented by those skilled in the art without any creative effort.

通过以上的实施方式的描述，本领域的技术人员可以清楚地了解到各实施方式可借助软件加必需的通用硬件平台的方式来实现，当然也可以通过硬件。基于这样的理解，上述技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来，该计算机软件产品可以存储在计算机可读存储介质中，如ROM/RAM、磁碟、光盘等，包括若干指令用以使得一台计算机设备(可以是个人计算机，服务器，或者网络设备等)执行各个实施例或者实施例的某些部分所述的方法。Through the above description of the implementations, those skilled in the art can clearly understand that each implementation can be implemented by means of software plus a necessary general hardware platform, and of course also by hardware. Based on this understanding, the essence of the above technical solution or the part that contributes to the prior art can be embodied in the form of software products, and the computer software products can be stored in computer-readable storage media, such as ROM/RAM, magnetic discs, optical discs, etc., including several instructions to make a computer device (which may be a personal computer, server, or network device, etc.) execute the methods described in various embodiments or some parts of the embodiments.

最后应说明的是：以上实施例仅用以说明本发明的技术方案，而非对其限制；尽管参照前述实施例对本发明进行了详细的说明，本领域的普通技术人员应当理解：其依然可以对前述各实施例所记载的技术方案进行修改，或者对其中部分技术特征进行等同替换；而这些修改或者替换，并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present invention, rather than to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: it can still be Modifications are made to the technical solutions described in the foregoing embodiments, or equivalent replacements are made to some of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions of the various embodiments of the present invention.

Claims

1. A verification code verification method, characterized in that it is applied to the client, including:

Send a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request; wherein, the verification code information includes images to be verified and verification rules; the images to be verified include multiple image blocks, the multiple image blocks are obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; the verification rule is used to describe The method of verifying the image to be verified; the verification code verification information is used to describe the correct position of the image block in the image information to be verified;

Displaying the image to be verified and verification rules according to the received verification code information, so that the user performs verification operations on the image to be verified according to the verification rules;

receiving the user's verification operation and generating a verification result, and sending the verification result to the server, so that the server compares the verification result with the verification code verification information to complete the verification;

Wherein, the verification code information is first verification code information, and the first verification code information includes a first image to be verified and a first verification rule; the first image to be verified includes a plurality of image blocks, and the plurality of The image block is obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by binding adjacent image blocks to exchange positions; the first verification rule is used to describe the verification of the The mode of the first image to be verified;

The verification code verification information is first verification code verification information, and the first verification code verification information is used to describe the correct position of the image block in the first image information to be verified.

2. The verification code verification method according to claim 1, wherein the displaying the image to be verified and the verification rule according to the received verification code information is displaying the first verification code information according to the received first verification code information. Validate the image with the first validation rule;

Correspondingly, said generating the verification result according to the verification operation of the user includes:

The step of collecting information, which includes collecting the information of the image block selected by the user;

The step of exchanging positions, which includes exchanging the positions of the image block selected by the user and its adjacent image blocks;

Repeat the step of collecting information and the step of exchanging positions until the user stops the verification operation;

The image block and the information of the spatial position of the image block are used as the verification result; where,

The step of exchanging positions further includes:

Determine that the image block selected by the user is bound. If the image block is the image block that caused the position change in the last position swap operation, exchange the position with the adjacent image block that established the binding relationship; if the image block is not The image block that caused the position change in the last position exchange operation is released, and the binding relationship is released, and then the adjacent image block is searched for the image block selected by the user from the first image to be verified, and a binding is established with the found adjacent image block. Determine the relationship, and exchange positions with the adjacent image blocks that establish the binding relationship;

Or, determine that the image block selected by the user is not bound, search for an adjacent image block for the image block selected by the user from the first image to be verified, establish a binding relationship with the found adjacent image block, and establish a binding relationship with the image block selected by the user. Adjacent image blocks with a certain relationship are exchanged.

3. A verification code verification method, characterized in that it is applied to the server side, including:

Generate verification code information and verification code verification information according to the received verification code generation request; wherein, the verification code information includes an image to be verified and a verification rule; the image to be verified includes a plurality of image blocks, and the plurality of image blocks are obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; the verification rule is used to describe the verification of the image to be verified Mode; the verification code verification information is used to describe the correct position of the image block in the image to be verified;

Send the verification code information to the client, so that the client displays the verification code information;

Receive the verification result returned by the client, compare the verification result with the verification code verification information, and complete the verification;

4. A verification code verification method, characterized in that it is applied to the client, including:

Send a verification code generation request, so that the server generates verification code information and verification code verification information according to the verification code generation request and the risk level of the user's operating environment; wherein, the verification code information includes images to be verified and verification rules The image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity ; The verification rule is used to describe the way to verify the image to be verified; the verification code check information is used to describe the correct position of the image block in the image to be verified;

displaying the image to be verified and the verification rule according to the received verification code information, so that the user performs a verification operation on the image to be verified according to the verification rule;

Generate a verification result according to the user's verification operation, and send the verification result to the server, so that the server compares the verification result with the verification code verification information to complete the verification;

5. A verification code verification method, characterized in that it is applied to the server side, comprising:

According to the received verification code generation request and the risk level of the user's operating environment, generate verification code information and verification code verification information; wherein, the verification code information includes images to be verified and verification rules; the images to be verified include multiple image blocks, the multiple image blocks are obtained by splitting the original image, and the positions of the multiple image blocks in the original image are disrupted by adjusting the offset angle of the center of gravity; the verification rule is used to describe The method of verifying the image to be verified; the verification code verification information is used to describe the correct position of the image block in the image to be verified;

6. The verification code verification method according to claim 5, wherein the risk level includes:

high risk or medium risk or low risk;

Correspondingly, said generating verification code information and verification code verification information according to the received verification code generation request and the risk level of the user's operating environment includes:

According to the received verification code generation request and the high-risk risk level, generate first verification code information and first verification code verification information; wherein, the first verification code information includes the first image to be verified and the first verification code information. A verification rule; the first image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are bound to adjacent images The way in which blocks are exchanged is disrupted; the first verification rule is used to describe the way to verify the first image to be verified; the first verification code check information is used to describe the image in the first image information to be verified the correct position of the block;

Or, generate second verification code information and second verification code verification information according to the received verification code generation request and the risk level of the medium risk; wherein, the second verification code information includes a second image to be verified and the second verification rule; the second image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are moved by position and The combination of angle and rotation is disrupted; the second verification rule is used to describe the method of verifying the second image to be verified; the second verification code check information is used to describe the information in the second image information to be verified The correct position of the image block;

Or, generate third verification code information and third verification code verification information according to the received verification code generation request and the low-risk risk level; wherein, the third verification code information includes a third image to be verified and the third verification rule; the third image to be verified includes a plurality of image blocks, the plurality of image blocks are obtained by splitting the original image, and the positions of the plurality of image blocks in the original image are rotated by an angle The method is disrupted; the third verification rule is used to describe the method of verifying the third image to be verified; the third verification code check information is used to describe the correct position of the image block in the third image information to be verified .

7. An electronic device comprising a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor implements one of claims 1 to 2 when executing the program. The steps of the verification code verification method, or realize the steps of the verification code verification method as claimed in claim 3, or realize the steps of the verification code verification method as claimed in claim 4, or realize the steps of the verification code verification method as claimed in claim 5 or 6 Steps of the verification code verification method.

8. A non-transitory computer-readable storage medium, on which a computer program is stored, characterized in that, when the computer program is executed by a processor, the steps of the verification code verification method according to any one of claims 1 to 2 are realized , or realize the steps of the verification code verification method as claimed in claim 3, or realize the steps of the verification code verification method as claimed in claim 4, or realize the steps of the verification code verification method as claimed in claim 5 or 6 .