[go: up one dir, main page]

CN114036494A - Factorized dynamic authentication process management method - Google Patents

Factorized dynamic authentication process management method Download PDF

Info

Publication number
CN114036494A
CN114036494A CN202111461857.XA CN202111461857A CN114036494A CN 114036494 A CN114036494 A CN 114036494A CN 202111461857 A CN202111461857 A CN 202111461857A CN 114036494 A CN114036494 A CN 114036494A
Authority
CN
China
Prior art keywords
authentication
transaction
user
authentication process
management method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111461857.XA
Other languages
Chinese (zh)
Inventor
葛良涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Digital China Financial Software Co ltd
Original Assignee
Digital China Financial Software Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Digital China Financial Software Co ltd filed Critical Digital China Financial Software Co ltd
Priority to CN202111461857.XA priority Critical patent/CN114036494A/en
Publication of CN114036494A publication Critical patent/CN114036494A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/313User authentication using a call-back technique via a telephone network
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Development Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Technology Law (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides a factorized dynamic authentication process management method, which comprises the following steps: defining an authentication factor when a system works, wherein the system works comprise an online state and an operating state; distributing corresponding events for the transaction, wherein each event corresponds to a number; initializing a plurality of authentication modes when the system is online; when the system works, an authentication process is defined; returning to an authentication process when the user initiates a transaction; the user completes the designated authentication in sequence; and the user submits the verification authentication process comparison authentication information of the transaction system and submits the comparison authentication information. And according to the specific transaction event, the operating environment and the service data value when the user initiates the transaction and the authentication factor configured in the authentication process, an authentication path of the user in the current scene is intelligently decided, and the transaction safety is ensured.

Description

Factorized dynamic authentication process management method
Technical Field
The invention relates to the technical field of data processing, in particular to a factorized dynamic authentication process management method.
Background
In recent years, with the continuous development of internet technology and information communication technology, users can use financial services basically without the limitation of physical network points and places, and can feel convenient experience brought by the internet financial services to the users at any time and any place. However, with the increasing frequency of non-face-to-face business scenes, the method also brings important challenges to the bank IT system for identifying whether the transaction initiation is subjective will and whether the transaction flow is safe. Therefore, how to control the user to finish the authentication meeting the corresponding requirements in different transaction scenes, how to conveniently introduce and use a user identification mode brought by a novel technology, and the method has great significance for preventing the internet financial risk.
Firstly, different business services are usually determined in the design and development stage and are bound with a specific transaction flow, and a unified mechanism is not used for effective management and control; secondly, the authentication flow is tightly coupled with the transaction flow, and the subsequent adjustment is needed, so that the business flow needs to be combed again and the adjustment is made to meet the transaction of the new authentication flow, thereby bringing great challenges to the stability and the convenience of the system; and thirdly, most authentication modes used by the current transaction are traditional modes such as certificate information comparison, networking check, photo comparison and the like, the authentication modes are easy to attack or falsely operated by others along with the development of the technology, the authentication modes such as face recognition, living body recognition and the like are introduced only for critical transactions with great energy in the industry, and the authentication modes cannot be popularized in a large area. The above three aspects make the urgent need of financial industry a set of mechanism, can decouple authentication flow and specific transaction, can independent and flexible configuration adjustment, take effect in real time, can introduce new authentication mode effectively to identify user identity information conveniently, in order to guarantee that the transaction is the operation initiated by the subjective intention of the user.
Disclosure of Invention
In view of the above, the present invention has been developed to provide a factored dynamic authentication flow management method that overcomes or at least partially solves the above-mentioned problems.
According to an aspect of the present invention, there is provided a factorized dynamic authentication flow management method, the management method comprising:
defining an authentication factor when a system works, wherein the system works comprise an online state and an operating state;
distributing corresponding events for the transaction, wherein each event corresponds to a number;
initializing a plurality of authentication modes when the system is online;
when the system works, an authentication process is defined;
returning to an authentication process when the user initiates a transaction;
the user completes the designated authentication in sequence;
and the user submits the verification authentication process comparison authentication information of the transaction system and submits the comparison authentication information.
Optionally, the authentication factor when defining the system operating state specifically includes:
when the system is in a working state, an authentication factor which can be used for determining that the transaction uses a corresponding authentication mode is dynamically added.
Optionally, the allocating corresponding events to the transaction, where each event corresponds to a number specifically includes:
when the transaction is designed, distributing corresponding events for the transaction, specifically comprising: a mobile phone number registration event, a second-class account opening event and a password resetting event.
Optionally, initializing multiple authentication modes when the system is online specifically includes:
the system initializes a plurality of authentication modes, including common authentication modes such as password verification, short message verification code verification, living body identification, face identification, identity networking verification and the like;
and after the system is online, a new authentication mode is expanded.
Optionally, when the system works, the defining of the authentication process specifically includes:
determining an applicable authentication process according to the event, the platform, the channel type and the legal person;
and selecting an authentication factor in the authentication flow, and executing an authentication mode under a corresponding path after the authentication factor is specified to meet a corresponding condition.
Optionally, the authentication procedure returned when the user initiates a transaction specifically includes:
when a user initiates a transaction, according to the current transaction event, an initiation channel, a platform, a legal person and the value of a specific factor of the user;
the system calculates an authentication path matched with the transaction and returns the authentication path;
if multiple authentication paths are returned, the user selects any path and completes the subsequent authentication mode.
Optionally, the specifically step of the user sequentially completing the designated authentication includes:
and the user sequentially carries out corresponding authentication according to the returned authentication mode, the system forwards pushes on a corresponding authentication path, the state is updated, and the service information submitted by authentication is recorded.
Optionally, the step of submitting, by the user, verification authentication information of the transaction system, and submitting the comparison authentication information specifically includes:
after the user completes all authentications, the user initiates transaction submission, and the system judges whether the authentication process is completed;
and comparing whether the transaction submission information is matched with the information applicable to authentication, and if the authentication process is completed and the transaction information is correct, initiating service submission processing.
The invention provides a factorized dynamic authentication process management method, which comprises the following steps: defining an authentication factor when a system works, wherein the system works comprise an online state and an operating state; distributing corresponding events for the transaction, wherein each event corresponds to a number; initializing a plurality of authentication modes when the system is online; when the system works, an authentication process is defined; returning to an authentication process when the user initiates a transaction; the user completes the designated authentication in sequence; and the user submits the verification authentication process comparison authentication information of the transaction system and submits the comparison authentication information. And according to the specific transaction event, the operating environment and the service data value when the user initiates the transaction and the authentication factor configured in the authentication process, an authentication path of the user in the current scene is intelligently decided, and the transaction safety is ensured.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of a factorized dynamic authentication process management method according to an embodiment of the present invention;
fig. 2 is a schematic view of an account opening process of a user on a platform a by configuration according to an embodiment of the present invention;
fig. 3 is a schematic view of an account opening process of a user on a platform B according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
The terms "comprises" and "comprising," and any variations thereof, in the present description and claims and drawings are intended to cover a non-exclusive inclusion, such as a list of steps or elements.
The technical solution of the present invention is further described in detail with reference to the accompanying drawings and embodiments.
As shown in fig. 1, a factorized dynamic authentication process management method specifically includes:
step S110: defining an authentication factor when the system is online or in operation;
step S120: assigning an event number to the transaction;
step S130: when the system is on line, initializing a plurality of authentication modes (supporting expansion);
step S140: defining an authentication flow when the system is on-line or running;
step S150: returning to an authentication process when the user initiates a transaction;
step S160: the user completes the designated authentication in sequence;
step S170: and comparing the authentication information with the submission information by the user submission transaction system verification authentication process.
A factorized dynamic authentication process management method comprises the following steps:
and dynamically adding an authentication factor which can be used for determining which authentication mode is used by the transaction when the system is on line or in the running process of the system. For example, for consumption transactions, if the transaction amount is greater than 1000, a password needs to be input for password verification, and if the transaction amount is less than 1000, the password does not need to be verified, the transaction amount is an authentication factor used for deciding what authentication method should be used for some transactions. The authentication factors are flexibly expanded according to actual service scenes, and the system initializes three types of authentication factors at present: the account opening class comprises a product type and an authentication grade; the finance class comprises transaction types, transaction amounts and risk tolerance levels; special classes include transaction context security, location.
During the design of the transaction, corresponding events are allocated to the transaction, such as a PHONE number registration event (PHONE _ REGISTER), a second-type account opening event (EA _ acc _ OPEN), a password RESET event (PASSWD _ RESET), and the like.
When the system is on line, the system initializes a plurality of authentication modes, such as common authentication modes of password verification, short message verification code verification, living body identification, face identification, identity networking verification and the like; after the system is on line, a new authentication mode is expanded
And dynamically configuring or modifying an authentication flow corresponding to a certain event on line of the system or in the running process of the system. Specifically, a specific applicable authentication process is determined according to an event, a platform, a channel type and a legal person, an authentication factor is selected in the authentication process, and an authentication mode under a corresponding path is executed after the authentication factor is specified to meet a corresponding condition.
For example: the process of implementing the account opening of the user on the platform a by configuration is shown in fig. 2, where the platform a is a self-service platform: 1. verifying the short message verification code; 2.1, when the product type comprises an authentication factor which is a virtual user product (factor value), identifying the living body; 2.2 when the product type is a second-class or third-class household product, performing online checking, performing living body identification after the online checking is finished, and performing face comparison after the living body identification is finished; the account opening process of the user on the platform B is shown in FIG. 3: 1. verifying the short message verification code; 2. password checking; 3. living body identification; 4. and (5) comparing the faces. The authentication flow is shown in fig. 2 and 3.
Domain classification of authentication factors: the transaction characteristics in the financial field are considered comprehensively, the authentication factors are classified according to the transaction, and the authentication factors commonly used in the field are initialized. The authentication factors are divided into four business fields of account opening type, financial transaction type and other business type, and the factors in each business field can be dynamically expanded and can be used in real time.
When a user initiates a transaction, according to the current transaction event of the user, an initiation channel, a platform, a legal person and the values of specific factors, such as transaction amount and product type, the system calculates an authentication path matched with the transaction and returns, if a plurality of authentication paths are returned, the user selects any path and completes the subsequent authentication mode.
And the user sequentially carries out corresponding authentication according to the returned authentication mode, the system forwards pushes on a corresponding authentication path, the state is updated, and the service information submitted by authentication is recorded.
After the user completes all authentications, the system initiates transaction submission, judges whether the authentication process is completed or not, and compares whether the transaction submission information is matched with the information applicable to the authentication or not, if the authentication process is completed and the transaction information is correct, service submission processing is initiated.
Has the advantages that:
the authentication process meeting the requirements can be configured for common business scenes in the financial field, the authentication process and the transaction process are decoupled, the authentication process is used as all transaction sharing capacity to be reused to the maximum extent, the complexity and the workload of designing and developing the transaction process are reduced, and the stability is improved.
The design of the authentication factors, the authentication modes and the authentication process in the steps S110, S130 and S140 dynamically adds or reuses the authentication factors, dynamically adjusts the authentication process, quickly introduces a new authentication mode, or removes some authentication modes so as to quickly meet the continuous change and enhancement of the bank business development to the transaction safety.
Most authentication factors which accord with the characteristics of the financial industry are accumulated and preset in the industry, a large number of authentication modes are realized, and a user can quickly define an authentication process of a new scene based on the authentication factors and the authentication modes.
The above embodiments are provided to further explain the objects, technical solutions and advantages of the present invention in detail, it should be understood that the above embodiments are merely exemplary embodiments of the present invention and are not intended to limit the scope of the present invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (8)

1. A factorized dynamic authentication process management method, the management method comprising:
defining an authentication factor when a system works, wherein the system works comprise an online state and an operating state;
distributing corresponding events for the transaction, wherein each event corresponds to a number;
initializing a plurality of authentication modes when the system is online;
when the system works, an authentication process is defined;
returning to an authentication process when the user initiates a transaction;
the user completes the designated authentication in sequence;
and the user submits the verification authentication process comparison authentication information of the transaction system and submits the comparison authentication information.
2. The factorized dynamic authentication process management method according to claim 1, wherein the authentication factor when defining the system operating state specifically includes:
when the system is in a working state, an authentication factor which can be used for determining that the transaction uses a corresponding authentication mode is dynamically added.
3. The factorized dynamic authentication process management method according to claim 1, wherein the assigning of the corresponding events to the transaction, each of the events corresponding to a number specifically comprises:
when the transaction is designed, distributing corresponding events for the transaction, specifically comprising: a mobile phone number registration event, a second-class account opening event and a password resetting event.
4. The factorized dynamic authentication process management method of claim 1, wherein initializing a plurality of authentication modes when the system is online specifically comprises:
the system initializes a plurality of authentication modes, including common authentication modes such as password verification, short message verification code verification, living body identification, face identification, identity networking verification and the like;
and after the system is online, a new authentication mode is expanded.
5. The factorized dynamic authentication process management method according to claim 1, wherein, when the system is in operation, defining an authentication process specifically comprises:
determining an applicable authentication process according to the event, the platform, the channel type and the legal person;
and selecting an authentication factor in the authentication flow, and executing an authentication mode under a corresponding path after the authentication factor is specified to meet a corresponding condition.
6. The factorized dynamic authentication process management method of claim 1, wherein the returning of the authentication process when the user initiates the transaction specifically comprises:
when a user initiates a transaction, according to the current transaction event, an initiation channel, a platform, a legal person and the value of a specific factor of the user;
the system calculates an authentication path matched with the transaction and returns the authentication path;
if multiple authentication paths are returned, the user selects any path and completes the subsequent authentication mode.
7. The factorized dynamic authentication process management method according to claim 1, wherein the step of the user sequentially completing the designated authentication specifically comprises:
and the user sequentially carries out corresponding authentication according to the returned authentication mode, the system forwards pushes on a corresponding authentication path, the state is updated, and the service information submitted by authentication is recorded.
8. The method according to claim 1, wherein the step of submitting the verification authentication information of the transaction system by the user and submitting the verification authentication information of the transaction system comprises:
after the user completes all authentications, the user initiates transaction submission, and the system judges whether the authentication process is completed;
and comparing whether the transaction submission information is matched with the information applicable to authentication, and if the authentication process is completed and the transaction information is correct, initiating service submission processing.
CN202111461857.XA 2021-12-02 2021-12-02 Factorized dynamic authentication process management method Pending CN114036494A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111461857.XA CN114036494A (en) 2021-12-02 2021-12-02 Factorized dynamic authentication process management method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111461857.XA CN114036494A (en) 2021-12-02 2021-12-02 Factorized dynamic authentication process management method

Publications (1)

Publication Number Publication Date
CN114036494A true CN114036494A (en) 2022-02-11

Family

ID=80146185

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111461857.XA Pending CN114036494A (en) 2021-12-02 2021-12-02 Factorized dynamic authentication process management method

Country Status (1)

Country Link
CN (1) CN114036494A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104599130A (en) * 2013-12-23 2015-05-06 腾讯科技(深圳)有限公司 Payment verification method, device and system
CN105324785A (en) * 2013-03-15 2016-02-10 因特鲁斯特公司 Online transaction verification
CN107018119A (en) * 2016-08-30 2017-08-04 阿里巴巴集团控股有限公司 Authentication system, method and platform
CN108650098A (en) * 2018-05-08 2018-10-12 阿里巴巴集团控股有限公司 The method and device of User Defined verification mode
CN110619208A (en) * 2019-09-24 2019-12-27 京东数字科技控股有限公司 User authentication method, server, user equipment and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105324785A (en) * 2013-03-15 2016-02-10 因特鲁斯特公司 Online transaction verification
CN104599130A (en) * 2013-12-23 2015-05-06 腾讯科技(深圳)有限公司 Payment verification method, device and system
CN107018119A (en) * 2016-08-30 2017-08-04 阿里巴巴集团控股有限公司 Authentication system, method and platform
CN108650098A (en) * 2018-05-08 2018-10-12 阿里巴巴集团控股有限公司 The method and device of User Defined verification mode
CN110619208A (en) * 2019-09-24 2019-12-27 京东数字科技控股有限公司 User authentication method, server, user equipment and system

Similar Documents

Publication Publication Date Title
CN112036890B (en) Customer identity authentication method and device
RU2635275C1 (en) System and method of identifying user's suspicious activity in user's interaction with various banking services
CN109691014B (en) Biometric identification and verification between internet of things devices and applications
US6446210B1 (en) Method for securing communication by selecting an encoding process using a first computer based upon ability of a second computer and deleting the process thereafter
CN106034149B (en) A kind of account recognition methods and device
CN107993066A (en) A kind of resource transaction method and electronic purse system
CN110086783A (en) A kind of method, apparatus, electronic equipment and the storage medium of more account managements
CN113256294B (en) Network payment method, device, equipment and system
CN111932368A (en) Credit card issuing system and construction method and device thereof
CN111711523A (en) Item handling authority authorization method and device, computer equipment and storage medium
EP4238281A1 (en) Techniques for redundant access rule management
CN109829273A (en) A kind of identity identifying method, device, system, equipment and readable storage medium storing program for executing
CN111901321A (en) Authentication method, device, electronic equipment and readable storage medium
JP2025510174A (en) Payment method, user terminal, apparatus, device, system and medium
CN114036494A (en) Factorized dynamic authentication process management method
CN117593011B (en) Secure payment method, device and equipment in mobile payment
CN111681104A (en) Internet bank self-help registration system and method
CN115208437B (en) Virtual card calling method and related equipment
WO2019168442A1 (en) Method and system for producing a scoring model
WO2023205440A1 (en) Multi-factor authenticated virtual transaction systems and methods
CN103747158A (en) Recharging method and device
CN111861491B (en) Information verification method, device and equipment
CN106600406A (en) Transaction method and terminal thereof
CN114528377A (en) Method, equipment and storage medium for batch signing of PDF electronic signatures
CN114186209B (en) Identity verification method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination