CN114039754B - A security verification method and device - Google Patents

Abstract

The invention discloses a safety verification method and device, which relate to the field of communication technology and are used for improving the safety of information verification, including: in the case of downlink safety verification, acquiring target verification information and a preset message template, and the preset message The template includes deep link parameters; encode the target verification information based on the deep link parameters to obtain the encoded information; add the encoded information to the preset message template to obtain the sent message body; the sent message body includes the target deep link and target verification information , the delivered message body is used to complete the security verification of the target application program; the delivered message body is sent to the user to complete the delivery of the security verification information. The present invention is applied in the scene of verifying safety information.

Description

A security verification method and device

technical field

The present invention relates to the field of communication technology, in particular to a safety verification method and device.

Background technique

With the continuous change of communication technology, the mobile communication network has experienced the rapid development of 2G, 3G and 4G, and the network infrastructure capabilities provided by operators are getting stronger and stronger, and the network bandwidth is getting wider and wider. The basic communication services provided have not changed much. With the continuous innovation of mobile terminals, the functions of the terminals are becoming more and more powerful, and the needs of users for information exchange are also becoming more and more abundant. At present, the SMS service of operators has been widely favored by users due to its strong accessibility, high security, and global interconnection and interoperability. However, due to the limited service experience, it can only send limited text messages, and a large number of users have chosen it. In addition to other information exchange methods, some industry customers still choose SMS to send necessary information to their users, but this can no longer meet their more business needs.

In the existing technical solutions, there are many problems in the security verification method, for example: the existing text message verification code is issued in plain text, which is prone to information leakage; due to the limitation of the text length and text format of a single message, it is impossible to apply a higher security verification method; The existing SMS verification code needs to be input by the user, and the operation experience needs to be optimized; the reply of the existing verification code is transmitted through the Internet, and there is a risk of being intercepted. Therefore, the security for performing information verification is low.

Contents of the invention

The invention provides a safety verification method and device for improving the safety of information verification.

To achieve the above object, the present invention adopts the following technical solutions:

In the first aspect, a security verification method is provided, which is applied to a security verification device, and the method includes: in the case of performing downlink security verification, acquiring target verification information and a preset message template, where the preset message template includes deep link parameters; Encode the target verification information based on the deep link parameters to obtain the encoded information; add the encoded information to the preset message template to obtain the sent message body; the sent message body includes the target deep link and target verification information, and the sent message body uses To complete the security verification of the target application program; send the delivery message body to the user, and complete the delivery of the security verification information.

In a possible implementation, after sending the sent message body to the user and completing sending the security verification information, the method further includes: the user triggers the target deep link included in the sent message body to start the target application; The application completes security verification based on the target verification information.

In a possible implementation manner, in the case of performing downlink security verification, before acquiring target verification information and a preset message template, the method further includes: pre-constructing a preset message template, and determining deep link parameters and field information collection rules; The deep link parameters include at least one of the following: deep link format, deep link variables, and field information collection rules are used to determine and collect target field information carried in the target verification information.

In a possible implementation, before obtaining the target verification information and the preset message template in the case of downlink security verification, the method further includes: in the case of uplink security verification, receiving the verification request sent by the server and the target identify, establish a security verification task; the server is the server corresponding to the target application; receive the security verification request initiated by the user, and the security verification request carries the first verification information and the user ID; judge whether the user ID matches the target ID, and If the identifier matches the target identifier, verify the first verification information.

In a possible implementation manner, after verifying the first verification information, the method further includes: if the first verification information passes the verification, judging whether the first verification information carries target field information, and the target field information is used for Perform security verification; if the target field information is carried in the first verification information, collect the target field information and send the target field information to the server to complete the upload of the security verification information.

In a possible implementation manner, the target field information is sent to the server, and after the upload of the security verification information is completed, the method further includes: in the case of performing two-way security verification, generating the target verification information according to the first verification information and other information ; Other information includes at least one of the following: target identification, user information, target application program information; based on the target verification information, complete the downlink security verification process.

In a second aspect, a security verification device is provided, which includes: an acquisition unit, a processing unit, and a sending unit; the acquisition unit is used to acquire target verification information and preset The message template, the preset message template includes deep link parameters; the processing unit is used to encode the target verification information based on the deep link parameters to obtain encoded information; the processing unit is also used to add the encoded information to the preset message template to obtain Send message body; send message body includes target deep link and target verification information, and send message body is used to complete security verification of target application program; sending unit is used to send message body to user to complete security verification Dissemination of information.

In a third aspect, there is provided a computer-readable storage medium storing one or more programs, the one or more programs include instructions, and when the instructions are executed by a computer, the computer executes a security verification method according to the first aspect .

In a fourth aspect, an electronic device includes: a processor and a memory; wherein the memory is used to store one or more programs, and the one or more programs include computer-executable instructions, and when the electronic device is running, the processor executes the program stored in the memory The computer executes the instruction, so that the electronic device executes a safety verification method as in the first aspect.

The present invention provides a safety verification method and device, which are applied in the scene of safety information verification. In the case of safety verification, the target verification information and the preset message template including deep link parameters are first obtained, so that the deep link can be based on The parameter encodes the target verification information to obtain the encoded information. In order to further add the encoded information to the preset message template, obtain the sent message body including the target deep link and target verification information, and send the sent message body to the user to complete the sending of the security verification information, thereby completing the Security verification of the target application. Through the above method, the security of the transmission channel can be improved, and a higher level of security verification can be realized by carrying more abundant forms of verification information, avoiding the risk of verification information being intercepted, thereby improving the security of information verification.

Description of drawings

Fig. 1 is a schematic structural diagram of a safety verification system provided by an embodiment of the present invention;

FIG. 2 is a first schematic flow diagram of a security verification method provided by an embodiment of the present invention;

FIG. 3 is a second schematic flow diagram of a security verification method provided by an embodiment of the present invention;

FIG. 4 is a third schematic flow diagram of a security verification method provided by an embodiment of the present invention;

FIG. 5 is a fourth schematic flow diagram of a security verification method provided by an embodiment of the present invention;

Fig. 6 is a schematic diagram of a security verification method flow chart 5 provided by an embodiment of the present invention;

FIG. 7 is a sixth schematic flow diagram of a security verification method provided by an embodiment of the present invention;

Fig. 8 is a schematic structural diagram of a safety verification device provided by an embodiment of the present invention;

FIG. 9 is a second structural schematic diagram of a safety verification device provided by an embodiment of the present invention;

Fig. 10 is a schematic structural diagram of a safety verification device provided by an embodiment of the present invention III;

FIG. 11 is a first structural schematic diagram of an electronic device provided by an embodiment of the present invention;

FIG. 12 is a second structural schematic diagram of an electronic device provided by an embodiment of the present invention.

Detailed ways

The technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention.

In the description of the present invention, unless otherwise specified, "/" means "or", for example, A/B may mean A or B. The "and/or" in this article is just an association relationship describing associated objects, which means that there can be three relationships, for example, A and/or B, which can mean: A exists alone, A and B exist at the same time, and B exists alone These three situations. In addition, "at least one" and "plurality" mean two or more. Words such as "first" and "second" do not limit the number and order of execution, and words such as "first" and "second" do not necessarily limit the difference.

A security verification method provided by an embodiment of the present invention can be applied to a security verification system. Fig. 1 shows a schematic structural diagram of the security verification system. As shown in FIG. 1 , the security verification system 20 includes: a server 21 , a security verification device 22 , a message network 23 and a terminal 24 . In actual application, the number of terminals 24 may be multiple. The server 21 is connected to the safety verification device 22 , the safety verification device 22 is connected to the message network 23 , and the message network 23 is connected to the terminal 24 . The server 21 , the security verification device 22 , the message network 23 and the terminal 24 may be connected in a wired manner or in a wireless manner, which is not limited in this embodiment of the present invention.

The security verification system 20 may be used in the Internet of Things, and the security verification system 20 may include hardware such as multiple central processing units (central processing units, CPUs), multiple memories, and storage devices storing multiple operating systems.

The server 21 can be used in the Internet of Things, and is a server corresponding to the application program, and is used to process various tasks of the application program, including performing security verification tasks, so as to ensure the normal operation of the application program.

The safety verification device 22 can be used for the Internet of Things, and includes multiple processing units, such as: a communication unit, which is used to realize the basic communication function with the server and the message network 23, and supports the required communication protocol; Rules, to encode the verification string; verification unit, used to process verification process logic, generate random verification information (such as verification code), etc.; storage unit: used to store necessary data such as configuration information, templates and logs; template unit: use According to the format of the message content, configure the sending content template, and generate the message body according to the template; management unit: used for configuration management, parameter configuration and other operations of the security verification device 22 .

The message network 23 can be used in the Internet of Things, and is used to complete the network interaction between the security verification device 22 and the terminal 24, and receive or send data packets, signaling messages, and the like.

It should be noted that the server 21, the security verification device 22, the message network 23, and the terminal 24 may be independent devices, or may be integrated into the same device, which is not specifically limited in the present invention.

When the server 21, the safety verification device 22, the message network 23 and the terminal 24 are integrated in the same device, the communication mode between the server 21, the safety verification device 22, the message network 23 and the terminal 24 is the internal module of the device. communication. In this case, the communication process between the two is the same as "the communication process between the server 21, the security verification device 22, the message network 23, and the terminal 24 is independent of each other".

In the following embodiments provided by the present invention, the present invention is described by taking the server 21 , the security verification device 22 , the message network 23 and the terminal 24 as an example where they are set independently of each other.

A security verification method provided by an embodiment of the present invention will be described below with reference to the accompanying drawings.

As shown in Figure 2, a security verification method provided by an embodiment of the present invention is applied to a terminal including multiple memories and multiple CPUs, including S201-S204:

S201. Acquire target verification information and a preset message template in the case of performing downlink security verification.

Wherein, the preset message template includes deep link parameters.

As a possible implementation, the security verification method provided by the embodiment of the present invention can be a security verification method based on 5G messages, and optionally, it can also be a security verification method based on other types of messages. Inventions are not limited.

As a possible implementation manner, the downlink security verification is a verification method in which the security verification device sends verification information to the terminal.

As a possible implementation, the target verification information generated by the server (server) corresponding to the target application is obtained through the application programming interface (Application Programming Interface, API); The verification unit randomly generates target verification information.

It should be noted that the aforementioned preset message templates are message templates among various message templates pre-generated in the security verification device, and the security verification device includes multiple pre-configured message templates.

S202. Encode the target verification information based on the deep link parameters to obtain encoded information.

As a possible implementation, after obtaining the target verification information and the preset message template, based on the target verification information, combined with the deep link parameters included in the preset message template, encoding is performed to obtain the encoded information (that is, the target verification information is information obtained after encoding).

S203. Add the encoding information to the preset message template to obtain a sent message body.

Wherein, the sent message body includes the target deep link and target verification information, and the sent message body is used to complete the security verification of the target application program.

As a possible implementation manner, the encoded information after encoding the target verification information is added to a preset message template, so that it can be combined to form a delivered message body.

It should be noted that the above-mentioned sent message body can be understood as the form and content of the verification message that the user can view after the verification information is sent to the terminal.

S204. Send the sent message body to the user, and complete the sending of the security verification information.

As a possible implementation, the message body (that is, the verification information) can be sent to the user (that is, the terminal) through the operator's 5G message network to realize the delivery of the security verification information and send the security verification information to the terminal.

In one design, in order to complete the security verification of the target application, as shown in FIG. 3 , in a security verification method provided in an embodiment of the present invention, after the above S204, the following S301-S302 may be specifically included:

S301. The user triggers the target deep link included in the delivered message body, and starts the target application program.

As a possible implementation, after receiving the sent message body, the user can trigger the target deep link carried in the message, thereby triggering the terminal to start the target application, and pass the verification information to the target application to complete the verification information To the target application program, so as to realize the security verification process.

S302. The target application completes security verification based on the target verification information.

As a possible implementation, after the target application is started by sending the target deep link included in the sent message body, the target application can complete security verification based on the target verification information included in the sent message body.

In one design, in order to construct a preset message template, as shown in FIG. 4 , in a security verification method provided in an embodiment of the present invention, before the above S201, the following S401 may be specifically included:

S401. Construct a preset message template in advance, and determine deep link parameters and field information collection rules.

Wherein, the deep link parameters include at least one of the following: deep link format, deep link variable, and the field information collection rule is used to determine and collect the target field information carried in the target verification information.

As a possible implementation manner, the above-mentioned deep link parameters may include parameters such as a deep link format, a setting variable corresponding to the deep link, and the like.

As a possible implementation, the electronic device (safety verification device) can be pre-configured with various message templates, complete the configuration of the delivered message templates, fill in the deep link format in the message templates, and set variables.

As a possible implementation, when constructing a preset message template, field information collection rules can also be configured correspondingly, so that when the terminal receives the verification message corresponding to the message template, the required field information can be collected from the verification message .

In one design, in order to complete uplink security verification, as shown in FIG. 5 , a security verification method provided by an embodiment of the present invention may specifically include the following S501-S503 before the above S201:

S501. In the case of performing uplink security verification, receive a verification request and a target identifier sent by the server, and establish a security verification task.

Wherein, the server is a server corresponding to the target application program.

As a possible implementation, the uplink security verification is a verification method for the terminal to send verification information to the security verification device, and the above-mentioned target ID is the ID of the terminal corresponding to the target application program to be security verified.

As a possible implementation, the above-mentioned server is the server corresponding to the target application program. When the target application program needs to be security verified, the server corresponding to the target application program can send a verification request to the security verification device, and The identification corresponding to the terminal (that is, the target identification) is attached to the verification request.

As a possible implementation manner, after receiving the verification request and the target identifier sent by the server, the safety verification device may establish a safety verification task.

It can be understood that, when the target application program needs to perform security verification, the server corresponding to the target application program may submit a security verification request and the terminal identifier to be verified to the security verification device to add a security verification task.

S502. Receive a security verification request initiated by a user.

Wherein, the security verification request carries the first verification information and the user identification.

As a possible implementation, during the security verification process, the security verification device also needs to receive a security verification request sent by a user (ie, a terminal) to obtain first verification information and a user ID (terminal ID).

As a possible implementation manner, when the user sends the security verification request message, the first verification information and the user identifier may be carried in the security verification request message.

It can be understood that the user can initiate a verification request in the terminal, and call a 5G message deep link to carry the first verification information. Therefore, the user does not need to input, so that the terminal directly jumps to the Chatbot specified by the 5G message, and sends the first verification information to the security verification device through the operator's 5G message network.

S503. Determine whether the user ID matches the target ID, and if the user ID matches the target ID, verify the first verification information.

As a possible implementation, after receiving the verification request sent by the server and the target ID, establishing a security verification task, and receiving the security verification request sent by the user, the security verification device can compare the user ID and the target ID to determine Whether the user ID and the target ID match (ie, are they consistent).

As a possible implementation manner, after it is determined that the user identifier matches the target identifier, the first verification information is further verified.

It can be understood that the security verification device may determine whether the user ID received from the terminal is consistent with the target ID received from the server, and if they are consistent, proceed to the next step of verifying the first verification information.

In one design, in order to complete the upload of security verification information, as shown in FIG. 6, a security verification method provided by an embodiment of the present invention may specifically include the following S601-S602 after the above S503:

S601. When the first verification information passes the verification, determine whether the first verification information carries target field information.

Among them, the target field information is used for security verification.

As a possible implementation, when the first verification information passes the verification, the security verification device may further determine whether the first verification information carries target field information, so that if the first verification information carries target field information, Security verification is performed through the target field information.

It can be understood that after verifying the received first verification information, it is confirmed whether the verification information sent by the terminal is correct and valid, so as to further determine whether the first verification information carries target field information if the verification is passed.

S602. If the target field information is carried in the first verification information, collect the target field information and send the target field information to the server to complete uploading of the security verification information.

As a possible implementation manner, when it is determined that the first verification information carries the target field information, the target field information is collected from the first verification information.

As a possible implementation, after the target field information is collected from the first verification information, the target field information can be sent to the server corresponding to the target application program through the 5G message network, so as to upload the security verification information.

In one design, in order to realize two-way security verification, as shown in FIG. 7, a security verification method provided by an embodiment of the present invention may specifically include the following S701-S702 after the above S602:

S701. In the case of performing bidirectional security verification, generate target verification information according to the first verification information and other information.

Wherein, other information includes at least one of the following: target identifier, user information, and target application program information.

As a possible implementation, the two-way security verification is a verification method in which after the terminal sends verification information to the safety verification device, the safety verification device returns a verification message to the terminal after judging the received verification information.

As a possible implementation, the security verification device needs to check whether the configuration requires two-way security verification between the terminal and the server, so as to deal with security risks caused by counterfeit servers in special scenarios.

S702. Complete the downlink security verification process based on the target verification information.

As a possible implementation manner, when it is determined that two-way security verification is required, target verification information may be generated according to the first verification information and other information. In this way, the delivery of the target verification information is completed through the downlink security verification process.

As a possible implementation, when an abnormal result occurs, the result can be provided to the server through the interface to respond in time.

In one implementation, the above-mentioned security verification process is applicable to scenarios similar to current account retrieval identity verification, which can simplify the input operation, and carry more complex verification information and application-specific information to the security verification device to achieve comprehensive verification. At the same time, it supports two-way verification between the application program and the server to meet the differentiated verification requirements in different scenarios and avoid the risk of server-side forgery.

Exemplarily, using the method and security verification device of the present invention, the two-way verification between the terminal and the server is realized based on 5G messages. For example, an application will search for a server in the same subnet under the accessed subnet, so there is a risk of the server (terminal) being counterfeited (similar to a fake base station) to achieve the purpose of obtaining user data or fraud. Therefore, before accessing the service, the two-way verification between the application program and the server is realized based on the 5G message, and only the correct server (terminal) can pass the verification. The safety verification device can be set independently, or can be built into the server and exist as a module.

The specific implementation steps are as follows: the terminal connects to the network, starts the application program to search for the server, and after selecting the corresponding server, initiates two-way security verification, jumps to the specified Chatbot through the deep link of the 5G message, and sends the verification information to the security verification device through the 5G message . To complete the verification of the application program, generate verification information and send it to the application program through 5G messages. After receiving the verification information, the application completes the verification of the server, establishes a service association with the server, and starts to execute the corresponding task function.

The embodiment of the present invention utilizes the 5G message channel, simplifies the input operation through the deep link, and realizes the method for verifying the safety of the application program. Using 5G messages to solve the problem of application security verification has the following advantages: the transmission channel is safe; it can carry richer forms of verification information to achieve a higher level of security verification; avoid the risk of SMS verification codes being easily intercepted, and at the same time improve user operations Efficiency: In addition to the verification method of sending verification information, it also supports two-way verification to meet the needs of differentiated verification based on 5G messages in different scenarios.

It should be further noted that, for the 5G messages involved in this application, for communication operators, meeting user communication needs is the most basic service tenet. When the 5G era comes, global operators have reached a broad consensus in GSMA that SMS services need to be upgraded to rich media message services, which we call 5G message services. The 5G message service not only supports multimedia message interaction between individual users, but also enables industry customers to provide their users with new interactive digital services based on rich media. According to the GSMA plan, all 5G terminals will support 5G message services in the future, and the relevant standards have been formulated. The emergence of 5G message service will bring a brand-new service experience to mobile phone users, and bring valuable development opportunities for global operators, industry customers and related industries.

5G messages are constructed based on the GSMA RCS UP standard to realize multimedia and lightweight messages, and realize the interactive nature of industry messages by introducing MaaP technology. 5G messaging brings a brand-new human-computer interaction mode. Users can complete one-stop business experiences such as service search, discovery, interaction, and payment within the message window, and build a new social and information service portal.

Using 5G messages, users do not need to download the client, and can receive 5G messages at the terminal's native SMS entry. The 5G message service makes the information communication between individual users richer and more convenient. In addition to sending text messages, users can also send pictures, audio and video and other media and information in various formats.

Using 5G messaging, governments and enterprises can deliver public and commercial services directly to end users, and users can also use the directory service function of 5G messaging to search and select services in a manner similar to an app store. These public and commercial services are presented on the user's message interface in the form of rich media messages and interactive cards, and users can communicate with service providers or choose services at any time. With the help of 5G messages, users can conveniently communicate with service providers from all walks of life in the message window to obtain efficient personalized services; industry customers and their users can also establish convenient intelligent service channels to obtain more user feedback , so as to establish a closer relationship with users.

On the basis of maintaining users' original communication habits and fully inheriting the code number system, real-name system, security, interconnection and carrier-level service quality of the 5G messaging service, the SMS service is upgraded in a terminal native way. 5G message service integrates multiple media and message formats, and can be seamlessly integrated with traditional SMS. The 5G messaging service utilizes capabilities such as artificial intelligence, cloud computing, and big data to provide users with efficient and intelligent services, meeting users' rich information communication needs and diversified service needs.

5G messages support rich media formats, including text, pictures, audio and video, etc. The 5G message service is divided into two categories, one is messages interacting between individual users and individual users, and the other is messages interacting between industry customers and individual users. Messages between individual users can also be classified into point-to-point messages, group messages and group chat messages.

The message function between individual users, the messages transmitted between individual users in 5G messages can support a variety of media formats, including text, pictures, audio, video, emoticons, locations and contacts, etc. It supports online messages and offline messages, and can provide users with message status reports and message history management.

Peer-to-peer messaging: Refers to a message sent from one user to another. In addition to supporting basic functions, peer-to-peer messages also support mutual conversion between messages and short messages. If the message recipient is not a 5G message user or the message recipient is a 5G message user but is not online, the network will send the message through the SMS channel. If the message contains multimedia content, when it falls back to a short message, the URL for extracting the multimedia content is carried in the short message content, and the receiver can click on the URL after receiving the short message to access the multimedia content.

Mass sending message: refers to a user inputting or selecting multiple contacts at one time, and sending a mass message to the contact list. A group message appears as a point-to-point message on the receiver's terminal. In addition to supporting basic functions, group messaging also supports transferring messages to SMS. If the message recipient is not a 5G message user or the message recipient is a 5G message user but is not online, the network will send the message through the SMS channel. If the message contains multimedia content, when it falls back to a short message, the URL for extracting the multimedia content is carried in the short message content, and the receiver can click on the URL after receiving the short message to access the multimedia content. Users can select multiple contacts with 5G messaging capabilities to create a group. After the group is successfully created, all users who have joined the group can exchange messages in the group. Supports group management functions, including creating groups, joining groups, exiting groups, deleting group members, and disbanding groups, etc.

Group Chat: Users can select multiple contacts with 5G messaging capabilities to create a group. After the group is successfully created, all users who have joined the group can exchange messages in the group. Supports group management functions, including creating groups, joining groups, exiting groups, deleting group members, and disbanding groups, etc.

The message function between industry and individual users, industry customers interact with individual users through the carrier network in the form of Chatbot. The message content sent by an individual user to an industry customer's Chatbot can contain media formats such as text, pictures, audio, video, emoticons, locations, and contacts.

The message content sent by the Chatbot of an industry customer to an individual user through point-to-point and group messaging can include media formats such as text, pictures, audio, video, emoticons, locations, and contacts, etc. In addition, rich media cards can also be included in the message. A list of options (including "suggested responses" and "suggested actions") can also be carried.

Discover Chatbot service: The message interaction between the user and the Chatbot can be triggered in various ways, such as clicking the search result after searching in the message search box, clicking on the browser web page, scanning the QR code, or entering the Chatbot ID. After triggering, you can enter the message interaction interface.

View Chatbot details: Chatbot details include account number, name, avatar, service description and customer service phone number, etc. Users can view the Chatbot details obtained by the terminal. Users can store Chatbot details locally on the terminal, or delete Chatbot details stored locally on the terminal. After receiving a message from the Chatbot for the first time, the terminal will check the details of the Chatbot from the operator network. If the Chatbot is not found, it will consider the source of the message as untrustworthy and will not display it to the user, thus ensuring Reliability of sources.

Message operation: Individual users can interact with Chatbot through "suggested replies". "Suggested Reply" is displayed as a clickable button on the interface. When the user clicks the "suggested reply" button, the terminal sends the content defined by the "suggested reply" to Chatbot as a message. This sent content is visible to the user. Individual users can interact with the Chatbot through "suggested actions". The "suggested action" is displayed as a clickable button on the interface. When the user clicks the "suggested operation" button, the terminal executes the functions defined by the "suggested operation", such as: opening a specific webpage or application, invoking the phone dialing application to complete an audio and video call to a specific object, querying the location on the map and Send the local location of the terminal, add calendar events, edit and draft and send text messages or audio and video messages, etc. The buttons in the message sent by Chatbot can be displayed in three ways: floating buttons, built-in buttons in rich media cards, and fixed buttons at the bottom of the message dialog interface. After the user clicks the floating button, all floating buttons disappear. After the user clicks the built-in button of the rich media card, the built-in button does not disappear. After the user clicks the fixed button, the fixed button does not disappear.

For the technical requirements of 5G messages, the basic requirements are: 5G messages are an upgrade of the basic communication capabilities of operators, and should be the basic communication capabilities generally possessed by terminals and operator networks in the 5G era. It should be natively supported on the terminal, and users can use the 5G message function without downloading and installing applications or operating service switches. At the same time, operators will upgrade their own network equipment to realize 5G message function and realize global interconnection. The terminal requirements are: the terminal should support GSMA RCS UniversalProfile v2.4, and the terminal should have the ability to upgrade according to the subsequent standard evolution.

The terminal should support the functions of personal messages and industry messages in 5G messages, including: configuring service access points, network parameters, service parameters, etc. according to the configuration files issued by the access operator's network; Authentication; send and receive one-to-one messages and group messages based on Standalone Message; interact with industry customer Chatbot through Standalone Message; support sending and receiving group chat messages; use HTTP protocol to transmit multimedia content in personal messages and industry messages, Including pictures, videos, audios, electronic business cards in vCard format, etc.; supports receiving, displaying and processing rich media card messages from Chatbot; supports functions such as "suggested operations" and "suggested replies" in the message interaction with Chatbot; supports to Search for Chatbot in the operator's Chatbot directory server; support Chatbot details query in the operator's Chatbot information server; support identifying the Deeplink corresponding to the Chatbot, and call the message application to start communicating with the Chatbot by scanning the QR code, clicking on the webpage, etc. Dialogue;) Supports complaints and reports on Chatbot messages and Chatbots; supports obtaining the Chatbot blacklist configured by the network, and supports users to configure the local Chatbot or contact blacklist of the terminal.

5G message requirements on the network: the operator network should support GSMA Universal Profile v2.4 and its subsequent upgrades, support terminal access and normal use of its 5G message function, and also support: provide a unified terminal-network for the terminal interface to ensure that the terminal can use the 5G message function normally after connecting to different operator networks; provide a unified Chatbot interface for industry customers to ensure that industry customers Chatbot can access different operator networks in the same way; after the terminal function version is upgraded, support Compatibility and coexistence processing of different versions of terminals; interconnection of messages between individual users between operators; review and certification of chatbots of industry customers; write chatbot list and chatbot details into chatbot directory and information service, and complete relevant data Management, support the terminal to query the Chatbot directory and Chatbot details; the operator network should ensure the accessibility of message delivery between individual users, between industry customers and individual users (for messages that cannot be delivered using 5G, use network SMS fallback, message Withdrawal and other means of delivery); the operator network establishes a unified technical specification standard based on the iterative update of the standard version to ensure the provision of relatively consistent product functions and unified technical service capabilities; it supports the shielding of industry customer spam information reported by the terminal.

5G message industry access requirements, industry customers can apply to the operator to activate the Chatbot, and by calling the API provided by the operator, realize message interaction with the terminal based on the Standalone Message method in GSMA RCS Universal Profile v2.4. Including: call the operator's network capabilities to send point-to-point or broadcast messages to the terminal; point-to-point or broadcast messages can send text or multimedia messages, and the messages can also include "recommended reply" and "suggested operation"; point-to-point or broadcast messages can send rich media cards Message, the rich media card can contain title, introduction, multimedia content, "suggested reply" and "suggested operation"; the multimedia message sent by the receiving terminal; the message returned by the receiving terminal after clicking "suggested reply" or "suggested operation" and Action information.

Further, the present invention also relates to a deep link. A deep link is a deep link in an application, which uses a Uniform Resource Identifier (URI) to link to a specific location within the application, rather than just launching the application. If the application is regarded as a website, then a deep link is a page in the website, such as a product page, an event promotion page, etc. Through deep links, you can directly jump to this page from the outside. The value of deep links is obvious in application marketing operations: Advertisers who use deep links can directly enter the specified application after users click on the advertisement, while application advertisements that do not use deep links can only redirect users to on the application home page. Deep linking is currently supported by mainstream operating systems such as Android, iOS, Windows, Firefox OS, and BlackBerry 10.

Taking the deep link of the target application under iOS as an example, the user can quickly jump to the "target applet" from other applications: the user invokes the deep link of the "target applet" in other applications and asks the user whether to start the target application , and jump directly to the "target applet" interface. 5G messages also support the deep link function, which can jump to a specified Chatbot; at the same time, according to the standard, you can also add operations such as sending specific message content after the jump.

The present invention provides a safety verification method and device, which are applied in the scene of safety information verification. In the case of safety verification, the target verification information and the preset message template including deep link parameters are first obtained, so that the deep link can be based on The parameter encodes the target verification information to obtain the encoded information. In order to further add the encoded information to the preset message template, obtain the sent message body including the target deep link and target verification information, and send the sent message body to the user to complete the sending of the security verification information, thereby completing the Security verification of the target application. Through the above method, the security of the transmission channel can be improved, and a higher level of security verification can be realized by carrying more abundant forms of verification information, avoiding the risk of verification information being intercepted, thereby improving the security of information verification.

The foregoing mainly introduces the solutions provided by the embodiments of the present invention from the perspective of methods. In order to realize the above functions, it includes corresponding hardware structures and/or software modules for performing various functions. Those skilled in the art should easily realize that, in combination with the units and algorithm steps of each example described in the embodiments disclosed herein, the embodiments of the present invention can be implemented in the form of hardware or a combination of hardware and computer software. Whether a certain function is executed by hardware or computer software drives hardware depends on the specific application and design constraints of the technical solution. Skilled artisans may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present invention.

The embodiment of the present invention can divide a security verification device into functional modules according to the above method example, for example, each functional module can be divided corresponding to each function, or two or more functions can be integrated into one processing module. The above-mentioned integrated modules can be implemented in the form of hardware or in the form of software function modules. Optionally, the division of modules in this embodiment of the present invention is schematic, and is only a logical function division, and there may be another division manner in actual implementation.

Fig. 8 is a schematic structural diagram of a security verification device provided by an embodiment of the present invention. As shown in FIG. 8 , a security verification device 40 is used to improve the security of information verification, for example, to implement a security verification method shown in FIG. 2 . The security verification device 40 includes: an acquisition unit 401 , a processing unit 402 and a sending unit 403 .

The obtaining unit 401 is configured to obtain target verification information and a preset message template when performing downlink security verification, and the preset message template includes deep link parameters.

The processing unit 402 is configured to encode the target verification information based on the deep link parameters to obtain encoded information.

The processing unit 402 is also used to add the encoded information to the preset message template to obtain the sent message body; the sent message body includes the target deep link and target verification information, and the sent message body is used to complete the security of the target application verify.

The sending unit 403 is configured to send the sent message body to the user to complete the sending of the security verification information.

Optionally, in a security verification device 40 provided in an embodiment of the present invention, as shown in FIG. 9 , the security verification device 40 may further include: an activation unit 404 and a verification unit 405 .

The starting unit 404 is configured for the user to trigger the target deep link contained in the message body to start the target application.

The verification unit 405 is used for the target application program to complete security verification based on the target verification information.

Optionally, in a security verification device 40 provided in an embodiment of the present invention, as shown in FIG. 10 , the security verification device 40 may further include: a construction unit 406 .

The construction unit 406 is configured to pre-build a preset message template, determine deep link parameters and field information collection rules; deep link parameters include at least one of the following: deep link format, deep link variables, and field information collection rules are used to determine and collect targets Verify the target field information carried in the information.

Optionally, in a security verification device 40 provided in an embodiment of the present invention, the acquisition unit 401 is further configured to receive a verification request and a target identifier sent by the server when performing uplink security verification, and establish a security verification task; The server is a server corresponding to the target application program.

The acquiring unit 401 is further configured to receive a security verification request initiated by a user, where the security verification request carries first verification information and a user identifier.

The processing unit 402 is further configured to determine whether the user identifier matches the target identifier.

The verification unit 405 is further configured to verify the first verification information when the user ID matches the target ID.

Optionally, in a security verification device 40 provided in an embodiment of the present invention, the security verification device 40 may further include: a collection unit.

The processing unit 402 is further configured to determine whether the first verification information carries target field information when the first verification information passes the verification, and the target field information is used for security verification.

The collection unit is configured to collect the target field information when the first verification information carries the target field information.

The sending unit 403 is further configured to send the target field information to the server to complete the upload of the security verification information.

Optionally, in a security verification device 40 provided in an embodiment of the present invention, the processing unit 402 is further configured to generate target verification information according to the first verification information and other information in the case of performing two-way security verification; other information Including at least one of the following: target identification, user information, and target application program information.

The sending unit 403 is further configured to complete the downlink security verification process based on the target verification information.

In the case that the functions of the above-mentioned integrated modules are implemented in the form of hardware, this embodiment of the present invention provides another possible structural diagram of the electronic device involved in the above-mentioned embodiments. As shown in FIG. 11 , an electronic device 60 is used to improve the security of information verification, for example, to execute a security verification method shown in FIG. 2 . The electronic device 60 includes a processor 601 , a memory 602 and a bus 603 . The processor 601 and the memory 602 may be connected through a bus 603 .

The processor 601 is the control center of the communication device, and may be one processor, or may be a general term for multiple processing elements. For example, the processor 601 may be a general-purpose central processing unit (central processing unit, CPU), or other general-purpose processors. Wherein, the general-purpose processor may be a microprocessor or any conventional processor.

As an embodiment, the processor 601 may include one or more CPUs, such as CPU 0 and CPU 1 shown in FIG. 11 .

The memory 602 may be a read-only memory (read-only memory, ROM) or other types of static storage devices that can store static information and instructions, a random access memory (random access memory, RAM) or other types that can store information and instructions The dynamic storage device can also be an electrically erasable programmable read-only memory (electrically erasable programmable read-only memory, EEPROM), a magnetic disk storage medium or other magnetic storage devices, or can be used to carry or store instructions or data structures desired program code and any other medium that can be accessed by a computer, but not limited thereto.

As a possible implementation manner, the memory 602 may exist independently of the processor 601, and the memory 602 may be connected to the processor 601 through the bus 603, and is used for storing instructions or program codes. When the processor 601 invokes and executes the instructions or program codes stored in the memory 602, a security verification method provided by the embodiment of the present invention can be implemented.

In another possible implementation manner, the memory 602 may also be integrated with the processor 601 .

The bus 603 may be an Industry Standard Architecture (Industry Standard Architecture, ISA) bus, a Peripheral Component Interconnect (PCI) bus, or an Extended Industry Standard Architecture (Extended Industry Standard Architecture, EISA) bus, etc. The bus can be divided into address bus, data bus, control bus and so on. For ease of representation, only one thick line is used in FIG. 11 , but it does not mean that there is only one bus or one type of bus.

It should be noted that the structure shown in FIG. 11 does not limit the electronic device 60 . In addition to the components shown in FIG. 11 , the electronic device 60 may include more or fewer components than shown, or combine certain components, or have a different arrangement of components.

As an example, with reference to FIG. 8 , the functions implemented by the acquiring unit 401 , the processing unit 402 and the sending unit 403 in the electronic device are the same as those of the processor 601 in FIG. 11 .

Optionally, as shown in FIG. 11 , the electronic device 60 provided in this embodiment of the present invention may further include a communication interface 604 .

The communication interface 604 is used to connect with other devices through the communication network. The communication network may be Ethernet, wireless access network, wireless local area network (wireless local area networks, WLAN) and so on. The communication interface 604 may include a receiving unit for receiving data, and a sending unit for sending data.

In one design, in the electronic device provided by the embodiment of the present invention, the communication interface may also be integrated in the processor.

Fig. 12 shows another hardware structure of the electronic device in the embodiment of the present invention. As shown in FIG. 12 , the electronic device 70 may include a processor 701 , a communication interface 702 , a memory 703 and a bus 704 . The processor 701 is coupled with the communication interface 702 and the memory 703 .

For functions of the processor 701, reference may be made to the description of the processor 601 above. In addition, the processor 701 also has a storage function, and reference may be made to the function of the above-mentioned memory 602 .

The communication interface 702 is used to provide data to the processor 701 . The communication interface 702 may be an internal interface of the communication device, or an external interface of the communication device (equivalent to the communication interface 604).

It should be pointed out that the structure shown in FIG. 12 does not constitute a limitation to the electronic device 70. In addition to the components shown in FIG. certain components, or a different arrangement of components.

Through the above description of the implementation, those skilled in the art can clearly understand that, for the convenience and brevity of the description, only the division of the above functional units is used as an example for illustration. In practical applications, the above function allocation can be completed by different functional units according to needs, that is, the internal structure of the device is divided into different functional units, so as to complete all or part of the functions described above. For the specific working process of the above-described system, device, and unit, reference may be made to the corresponding process in the foregoing method embodiments, and details are not repeated here.

An embodiment of the present invention also provides a computer-readable storage medium, in which instructions are stored. When a computer executes the instructions, the computer executes each step in the method flow shown in the above-mentioned method embodiments.

An embodiment of the present invention provides a computer program product containing instructions, and when the instructions are run on a computer, the computer is made to execute a security verification method in the above method embodiments.

Wherein, the computer-readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, device, or device, or any combination thereof. More specific examples (non-exhaustive list) of computer readable storage media include: electrical connection having one or more wires, portable computer disk, hard disk. Random Access Memory (Random Access Memory, RAM), Read-Only Memory (Read-Only Memory, ROM), Erasable Programmable Read-Only Memory (Erasable Programmable Read Only Memory, EPROM), registers, hard disk, optical fiber, portable compact Disk read-only memory (Compact Disc Read-Only Memory, CD-ROM), an optical storage device, a magnetic storage device, or any other form of computer-readable storage medium in a suitable combination of the above, or values in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be a component of the processor. The processor and the storage medium may be located in an application specific integrated circuit (Application Specific Integrated Circuit, ASIC). In the embodiments of the present invention, a computer-readable storage medium may be any tangible medium containing or storing a program, and the program may be used by or in combination with an instruction execution system, apparatus or device.

Since the electronic devices, computer-readable storage media, and computer program products in the embodiments of the present invention can be applied to the above-mentioned methods, the technical effects that can be obtained can also refer to the above-mentioned method embodiments, and the embodiments of the present invention are not described herein Let me repeat.

The above are only specific implementations of the present invention, but the protection scope of the present invention is not limited thereto. Any changes or replacements within the technical scope disclosed in the present invention shall be covered within the protection scope of the present invention.

Claims (10)

1. A security verification method applied to a security verification device, the method comprising:

under the condition of carrying out downlink security verification, acquiring target verification information and a preset message template, wherein the preset message template comprises deep link parameters;

encoding the target verification information based on the deep link parameters to obtain encoded information;

adding the coding information into the preset message template to obtain a message body; the message body comprises a target deep link and the target verification information, and is used for completing safety verification of a target application program;

the message body is sent to the user to finish the sending of the security verification information;

Before the target verification information and the preset message template are obtained under the condition of carrying out the downlink security verification, the method further comprises the following steps:

under the condition of carrying out uplink security verification, receiving a verification request and a target identifier sent by a server, and establishing a security verification task; the server is a server corresponding to the target application program;

receiving a security verification request initiated by a user, wherein the security verification request carries first verification information and a user identifier;

judging whether the user identifier is matched with the target identifier or not, and verifying the first verification information under the condition that the user identifier is matched with the target identifier;

after the first verification information is verified, the method further includes:

judging whether the first verification information carries target field information or not under the condition that the first verification information passes verification, wherein the target field information is used for carrying out security verification;

and under the condition that the first verification information carries the target field information, acquiring the target field information, and sending the target field information to the server to finish uploading the security verification information.

2. The method of claim 1, wherein the sending the body of the delivery message to the user, after completing the delivery of the security verification information, further comprises:

triggering the target deep link included in the message body by a user, and starting the target application program;

the target application completes security verification based on the target verification information.

3. The method according to claim 2, wherein before the target verification information and the preset message template are obtained in the case of performing the downstream security verification, the method further includes:

pre-constructing the preset message template, and determining the deep link parameters and the field information acquisition rules; the deep link parameters include at least one of: and the field information acquisition rule is used for determining and acquiring target field information carried in the target verification information.

4. The method of claim 1, wherein the sending the target field information to the server, after the uploading of the security verification information is completed, further comprises:

Under the condition of bidirectional security verification, generating target verification information according to the first verification information and other information; the other information includes at least one of: the target identification, the user information and the target application information;

and completing the downlink security verification process based on the target verification information.

5. A security verification apparatus, comprising: the device comprises an acquisition unit, a processing unit and a sending unit;

the acquisition unit is used for acquiring target verification information and a preset message template under the condition of downlink security verification, wherein the preset message template comprises deep link parameters;

the processing unit is used for encoding the target verification information based on the deep link parameters to obtain encoded information;

the processing unit is further configured to add the encoded information to the preset message template to obtain a message body; the message body comprises a target deep link and the target verification information, and is used for completing safety verification of a target application program;

the sending unit is used for sending the sending message body to a user to finish the sending of the security verification information;

The acquisition unit is further used for receiving the verification request and the target identifier sent by the server under the condition of uplink security verification, and establishing a security verification task; the server is a server corresponding to the target application program;

the acquisition unit is further used for receiving a security verification request initiated by a user, wherein the security verification request carries first verification information and a user identifier;

the processing unit is further used for judging whether the user identifier is matched with the target identifier;

the verification unit is used for verifying the first verification information under the condition that the user identifier is matched with the target identifier;

the security verification apparatus further includes: an acquisition unit;

the processing unit is further configured to determine whether the first verification information carries target field information if the first verification information passes verification, where the target field information is used for security verification;

the acquisition unit is used for acquiring the target field information under the condition that the first verification information carries the target field information;

and the sending unit is also used for sending the target field information to the server to finish the uploading of the security verification information.

6. The security verification device of claim 5, further comprising: a starting unit and a verification unit;

the starting unit is used for triggering the target deep link included in the message body by a user and starting the target application program;

and the verification unit is used for completing security verification by the target application program based on the target verification information.

7. The security verification device of claim 6, wherein the security verification device further comprises: a construction unit;

the construction unit is used for constructing the preset message template in advance and determining the deep link parameters and the field information acquisition rules; the deep link parameters include at least one of: and the field information acquisition rule is used for determining and acquiring target field information carried in the target verification information.

8. The security authentication device of claim 5, wherein the processing unit is further configured to generate the target authentication information based on the first authentication information and other information in the case of bi-directional security authentication; the other information includes at least one of: the target identification, the user information and the target application information;

The sending unit is further configured to complete the downlink security verification process based on the target verification information.

9. A computer readable storage medium storing one or more programs, wherein the one or more programs comprise instructions, which when executed by a computer, cause the computer to perform a security verification method as claimed in any one of claims 1-4.

10. An electronic device, comprising: a processor and a memory; wherein the memory is configured to store one or more programs, the one or more programs comprising computer-executable instructions that, when executed by the electronic device, cause the electronic device to perform a security verification method as claimed in any one of claims 1 to 4.