WO2020124579A1 - Method for verifying user identity, and electronic device - Google Patents

Abstract

Disclosed are a method for verifying a user identity, and an electronic device, relating to the field of terminals. In an identity verification process, identity verification can be performed on multiple pieces of simultaneously collected face information, and proof of the presence of multiple users can be provided, thereby reducing potential safety hazards to the user's privacy and property. The method comprises: an electrode device operating a target application, and enabling a multi-user joint identity verification function provided by the target application; the electronic device displaying a first preview interface captured by a camera, and giving a prompt to input face information of a plurality of pre-set users into the first preview interface; the electronic device acquiring N pieces of face information to be verified from the first preview interface, wherein N is an integer greater than 1; and if all the pieces of face information to be verified in the N pieces of face information to be verified are pieces of face information of the pre-set users, allowing the electronic device to continue operating the target application.

Description

Method for verifying user identity and electronic equipment Technical field

This application relates to the field of terminals, and in particular to a method and electronic device for verifying a user's identity.

Background technique

At present, the method of authenticating a user by collecting the user's face information has been widely used in various electronic devices. For example, when the phone is locked, the user's face information can be collected through the camera. If the collected face information matches the pre-stored face information of the legal user, indicating that the user's identity verification is passed, the mobile phone can automatically unlock the screen.

However, in some cases, it may be necessary to authenticate multiple users in the same scenario. For example, when signing a contract, debit, or applying for a certificate (such as a marriage certificate), or a joint account online, multiple users are required to confirm the presence of the same information. At this time, if the face information of each user is collected one by one for identity verification, even if each user passes the identity verification, it is difficult to prove that the multiple users completed the confirmation of the above information at the same time and in the same space . For example, after user A completes identity verification through its face information, it can use user B's video to forge user B's face information to authenticate user B. In this way, user A can also sign a related contract with user B when user B is not present. Obviously, this authentication method will bring great security risks to users' privacy and property.

Summary of the invention

This application provides a method and electronic device for verifying the identity of a user, which can authenticate multiple face information collected at the same time during the identity verification process and provide proof of the presence of multiple users, thereby reducing the privacy and property of the user. Security risks.

In order to achieve the above purpose, this application adopts the following technical solutions:

In the first aspect, the present application provides a method for verifying a user's identity, including: an electronic device running a target application; when the multi-user federation authentication function provided in the target application is turned on, the electronic device displays a first preview interface captured by the camera And prompt to enter face information of multiple preset users in the first preview interface; the electronic device obtains N (N is an integer greater than 1) face information to be verified from the first preview interface, that is, the If multiple users need to enter face information in the first preview interface for identity verification at the same time; if each of the N face information to be verified is the face information of the preset user, the description If multiple preset users complete identity authentication at the same time and place, then the electronic device may continue to run the target application, for example, the electronic device may open the target application or run the next function after the identity authentication is successful. If the above-mentioned N face information to be verified contains face information of a non-preset user, it means that multi-user joint authentication fails, and the electronic device can stop running the target application, ensuring the accuracy and security of multi-user identity authentication , So as to reduce hidden security risks to user privacy and property.

Exemplarily, the above target application may be a game application. When the game is opened, the above multi-user joint authentication is performed to ensure that the user uses the game application under the authorization of other users, and improve the supervision of users who use the game application. ability. Or, the above target application may be a payment application. By conducting the above-mentioned multi-user joint identity verification when conducting property transactions, it can ensure that the preset multiple users are informed and authorized about the transaction, thereby improving the security of property transactions and reducing The probability of loss of user property.

In a possible design method, before the electronic device opens the multi-user joint authentication function provided by the target application, the method further includes: the electronic device prompts the user to set the number of users who authenticate the user when performing the multi-user joint authentication; responding to The number of users input by the user is N, the electronic device displays the second preview interface captured by the camera, and obtains face information of N users from the second preview interface; the electronic device regards the N users as N preset users, Establish a correspondence between the target application and the face information of the N authenticated users.

In a possible design method, after the electronic device opens the multi-user joint authentication function provided by the target application, the method further includes: the electronic device obtains face information of N preset users corresponding to the target application; After the device obtains N pieces of face information to be verified from the first preview interface, the device further includes: the electronic device compares the N pieces of face information to be verified with the face information of the N preset users to determine each face to be verified The verification face information is the face information of the preset user. Subsequently, each time multi-user joint authentication is performed in the target application, the N preset users need to participate in completing the multi-user joint authentication together, thereby providing multi-user presence certification using the target application.

In a possible design method, after the electronic device obtains the face information of N authenticated users from the second preview interface, the method further includes: the electronic device records the face of the N preset users in the second preview interface Sequence between information; after the electronic device obtains the N face information to be verified from the first preview interface, the method further includes: the electronic device determines the order between the N face information to be verified in the first preview interface, The sequence between the face information of the N preset users in the second preview interface is the same. Only when the order between the N face information to be verified in the first preview interface and the face information of the N preset users in the second preview interface are the same, the multi-user joint authentication can be successfully passed To improve the accuracy of multi-user joint identity verification.

In a possible design method, the electronic device opens the multi-user joint authentication function provided by the target application, including: the electronic device automatically turns on the multi-user joint authentication function when the target application is running; or, the electronic device is running the target application At this time, the multi-user federation authentication function is turned on in response to user input.

In a possible design method, the electronic device turns on the multi-user joint authentication function provided by the target application, including: the electronic device turns on the multi-user joint authentication function when starting the target application; or, the electronic device runs the target application to provide The first function is to turn on the multi-user federation authentication function.

In a possible design method, if each of the N face information to be verified is face information of a preset user, the electronic device is allowed to continue to run the target application, including: Each of the N pieces of face information to be verified is face information of a preset user, and the electronic device is allowed to continue to run the target application within a preset duration. After a preset time period, the target application may again require the user to perform multi-user joint authentication to avoid the situation where the user uses the target application for a long time and indulges the target application.

In a second aspect, the present application provides a method for verifying the identity of a user, including: the electronic device detects that the user opens the first function of the target application, and the first function is to require N (N is an integer greater than 1) users for multi-user syndication The function of identity verification; the electronic device displays the first input interface, and prompts to enter the identity information of N users in the first input interface; the electronic device obtains N identity information from the first input interface; the electronic device displays the camera to capture And prompt the N users to enter face information in the first preview interface; the electronic device obtains N personal face information from the first preview interface, that is, multiple users are simultaneously acquired in the first preview interface Face information for identity verification; furthermore, the electronic device sends a verification request to the server, the verification request includes the N identity information and the N personal face information, so that the server performs multi-user joint identity verification for the N users ; If the message of successful multi-user joint authentication sent by the server is received, indicating that the above-mentioned first function has been authorized by multiple users, the electronic device can perform the first function.

If the multi-user joint authentication failure message sent by the server is received, it means that the multi-user joint authentication fails, and the electronic device can refuse to perform the first function, which ensures the accuracy and security of the multi-user identity authentication, thereby reducing the Hidden dangers caused by user privacy and property.

Exemplarily, the above target application may be an application to sign a contract online, and perform multi-user joint identity verification on multiple parties participating in the contract to provide a multi-user presence certificate to avoid subsequent contract disputes. For another example, the above target application may be an application for online certificate or joint account business, which performs multi-user joint identity verification on multiple parties involved in the business, proving that multiple parties involved in the above business are present and authorize the forthcoming business. Prevent other users from impersonating legitimate users to handle related business on the spot. For another example, the above target application may be an application that processes multi-user shared property online (such as husband and wife shared property), and performs multi-user joint identity verification on the multi-owner of the shared property to ensure that the multi-owner of the shared property is present and informed of the transaction Content, thereby reducing potential security risks to user property.

In a possible design method, before the electronic device sends the verification request to the server, the method further includes: the electronic device displays the correspondence between the N pieces of identity information and the N personal faces information, and prompts the user to confirm the use of the N pieces The identity information and N personal face information perform the first function; wherein, the electronic device sends a verification request to the server, including: if the user's confirmation operation of the above N identity information and N personal face information is detected, the electronic device sends the verification request to the server Verify the request.

In a possible design method, before the electronic device detects that the user opens the first function of the target application, the method further includes: the electronic device obtains the identity information entered by the user in the second input interface; the electronic device obtains the user in the second preview Face information entered in the interface; the electronic device sends a registration request to the server, the registration request contains the user's identity information and face information, so that the server establishes the correspondence between the user's identity information and face information, That is, the registration process of the multi-user joint authentication function is completed.

In a third aspect, the present application provides a method for verifying a user's identity, including: a server receives a verification request sent by an electronic device, the verification request includes N identity information and N face information to be verified; the server obtains the N N pieces of registered face information corresponding to each piece of identity information, and the server stores the correspondence between the identity information and face information of each registered user; the server determines the N pieces of registered face information and N pieces of pending verification There is a one-to-one correspondence of face information; the server sends a message to the electronic device that the multi-user joint authentication is successful.

In a possible design method, before the server receives the verification request sent by the electronic device, the method further includes: the server receives a registration request sent by the electronic device, and the registration request includes the user's identity information and face information; the server establishes the The correspondence between the user's identity information and face information.

In a possible design method, before the server establishes the correspondence between the user's identity information and face information, the method further includes: the server inquires that the user's identity information is correct identity information in a preset database, Avoid illegal users from registering multi-user joint authentication function.

In a possible design method, the user's identity information includes the user's avatar information; after the server receives the registration request sent by the electronic device, the method further includes: the server determines the avatar information and the face in the identity information The information corresponds to ensure the authenticity of the face information and identity information uploaded by the user.

In a fourth aspect, the present application provides an electronic device, including: a processing unit for running a target application and opening a multi-user federation authentication function provided by the target application; a display unit for displaying a first preview captured by a camera Interface, and prompts to enter face information of multiple preset users in the first preview interface; an obtaining unit is used to obtain N face information to be verified from the first preview interface, N is an integer greater than 1; processing The unit is also used to allow the electronic device to continue to run the target application if each of the N face information to be verified is face information of a preset user.

In a possible design method, the above display unit is also used to prompt the user to set the number of users who authenticate the user when performing the multi-user joint authentication; the display unit is also used to display the number of users N in response to the user input A second preview interface captured by the camera, and acquiring face information of N users from the second preview interface; the processing unit is also used to use the N users as N preset users to establish the target application and the Correspondence between face information of N authenticated users.

In a possible design method, the above-mentioned obtaining unit is further used to obtain face information of N preset users corresponding to the target application; the processing unit is also used to compare the N face information to be verified With the face information of the N preset users, it is determined that each face information to be verified is the face information of the preset user.

In a possible design method, the above processing unit is further configured to record the order between the face information of the N preset users in the second preview interface in the memory; determine the N number in the first preview interface The order between the face information to be verified is the same as the order between the face information of the N preset users in the second preview interface.

In a possible design method, the above processing unit is specifically configured to automatically turn on the multi-user federation authentication function when running the target application; or, when running the target application, open the multi-user federation in response to user input Identity verification function.

In a possible design method, the above-mentioned processing unit is specifically configured to open the multi-user federation authentication function when starting the target application; or, to open the multi-user federation identity when running the first function provided by the target application Verification function.

In a possible design method, if each of the N pieces of face information to be verified is face information of a preset user, the above processing unit is specifically used to allow the electronic device to Continue to run the target application within the set time.

In a fifth aspect, the present application provides an electronic device, including: an acquisition unit for detecting a first function for a user to open a target application, the first function is a function that requires N users to perform multi-user joint authentication, and N is greater than 1. An integer; a display unit for displaying the first input interface and prompting for input of identity information of N users in the first input interface; displaying a first preview interface captured by the camera and prompting the N users in the first preview Face information is input in the interface; the obtaining unit is also used to obtain N identity information from the first input interface; N face information is obtained from the first preview interface; the communication unit is used to send a verification request to the server, The verification request includes the N identity information and the N personal face information, so that the server performs multi-user joint identity verification for the N users; the processing unit is used for receiving multi-user joint identity verification sent by the server If the message is successful, the first function is executed.

In a possible design method, the above display unit is further used to display the correspondence between the N identity information and the N personal face information, and prompt the user to confirm the use of the N identity information and the N personal face information Perform the first function; if a user's confirmation operation of the N identity information and the N personal face information is detected, the communication unit sends the verification request to the server.

In a possible design method, the above-mentioned obtaining unit is further used to obtain the identity information input by the user in the second input interface; obtaining the face information entered by the user in the second preview interface; and the communication unit is also used to Send a registration request to the server, where the registration request contains the user's identity information and face information, so that the server establishes a correspondence between the user's identity information and face information.

In a sixth aspect, the present application provides a server, including: a communication unit for receiving a verification request sent by an electronic device, the verification request including N identity information and N face information to be verified; a processing unit for Obtain N registered face information corresponding to the N pieces of identity information respectively, and the server stores the correspondence between the identity information and face information of each registered user; determine the N registered face information and The N pieces of face information to be verified have a one-to-one correspondence; the communication unit is also used to send a message of successful multi-user joint identity verification to the electronic device.

In a possible design method, the above-mentioned communication unit is also used to receive a registration request sent by an electronic device, and the registration request contains the user's identity information and face information; the above-mentioned processing unit is also used to establish the user's identity Correspondence between information and face information.

In a possible design method, the above-mentioned processing unit is also used to query the user's identity information in the preset database as the correct identity information.

In a possible design method, the user's identity information includes the user's avatar information; the above processing unit is also used to determine that the avatar information in the identity information corresponds to the face information.

In a seventh aspect, the present application provides an electronic device, including a processor, and a communication module, an input device, an output device, and a memory all coupled to the processor, and one or more computer programs; the one or more computers described above The program is stored in the memory, and when the electronic device is running, the processor executes one or more computer programs stored in the memory, so that the electronic device executes the authenticated user described in any one of the first aspect or the second aspect Identity method.

Exemplarily, the processor is used to: run the target application and open the multi-user joint authentication function provided by the target application; the output device is to: display the first preview interface captured by the camera, and prompt Input the face information of a plurality of preset users in the first preview interface; the input device is used to obtain N face information to be verified from the first preview interface, and N is an integer greater than 1; The processor is further configured to allow the electronic device to continue to run the target application if each of the N face information to be verified is face information of a preset user.

Exemplarily, the input device is used to: detect a first function for a user to open a target application, the first function is a function that requires N users to perform multi-user joint authentication, and N is an integer greater than 1; the output The device is used for: the electronic device displays a first input interface, and prompts for input of identity information of N users in the first input interface; displays a first preview interface captured by a camera, and prompts the N users to Input face information in the first preview interface; the processor is used to: obtain N identity information from the first input interface; obtain N face information from the first preview interface; The communication module sends a verification request to the server, where the verification request includes the N identity information and the N face information, so that the server performs multi-user joint identity verification on the N users; if received The message that the multi-user joint authentication succeeded sent by the server performs the first function.

In an eighth aspect, the present application provides a server, including a processor, a communication module and a memory coupled with the processor, and one or more computer programs; the one or more computer programs are stored in the memory, When the server is running, the processor executes one or more computer programs stored in the memory, so that the server executes the method for verifying the identity of the user according to any one of the above third aspects.

Exemplarily, the communication module is used to: receive a verification request sent by an electronic device, where the verification request includes N identity information and N face information to be verified; and the processor is used to: acquire and N pieces of registered face information corresponding to each piece of identity information, and the correspondence between the identity information of each registered user and face information is stored in the memory; determining the N pieces of registered face information and the The N pieces of face information to be verified are in one-to-one correspondence; the communication module is further configured to: send a message of successful multi-user joint identity verification to the electronic device.

In a ninth aspect, the present application provides a computer storage medium, including computer instructions, which when executed on an electronic device, causes the electronic device to perform the verification of the user's identity as described in any one of the first aspect or the second aspect method.

In a tenth aspect, the present application provides a computer storage medium, including computer instructions, which, when the computer instructions run on the server, cause the server to perform the method for verifying the identity of the user according to any one of the first and third aspects.

In an eleventh aspect, the present application provides a computer program product that, when the computer program product runs on an electronic device, causes the electronic device to perform the method for verifying the identity of a user according to any one of the first aspect or the second aspect.

In a twelfth aspect, the present application provides a computer program product that, when the computer program product runs on a server, causes the server to perform the method for verifying the user's identity as described in any one of the third aspects.

Understandably, the electronic devices described in the fourth, fifth, and seventh aspects provided above, the servers described in the sixth, and eighth aspects, and the computer storage media described in the ninth and tenth aspects, And the computer program products described in the eleventh and twelfth aspects are used to perform the corresponding methods provided above. Therefore, for the beneficial effects that can be achieved, refer to the corresponding methods provided above. The beneficial effects will not be repeated here.

BRIEF DESCRIPTION

FIG. 1 is a schematic structural diagram 1 of an electronic device according to an embodiment of the present application;

2 is an architectural diagram of an operating system in an electronic device provided by an embodiment of the present application;

3 is a first schematic flowchart of a method for verifying a user's identity provided by an embodiment of the present application;

4 is a schematic diagram 1 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

5 is a schematic diagram 2 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

6 is a schematic diagram 3 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

7 is a schematic diagram 4 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

8 is a schematic diagram 5 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

9 is a schematic diagram 6 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

10 is a second schematic flowchart of a method for verifying a user's identity provided by an embodiment of the present application;

11 is a schematic diagram 7 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

12 is a schematic diagram 8 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

13 is a schematic diagram 9 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

14 is a schematic diagram 10 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

15 is a third schematic flowchart of a method for verifying a user's identity provided by an embodiment of this application;

16 is a schematic diagram 11 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

17 is a schematic diagram 12 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

18 is a schematic diagram 13 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

19 is a schematic diagram 14 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

20 is a fourth schematic flowchart of a method for verifying a user's identity provided by an embodiment of the present application;

21 is a schematic flowchart 5 of a method for verifying a user's identity provided by an embodiment of this application;

22 is a schematic diagram 15 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

23 is a schematic diagram 16 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

24 is a schematic diagram 17 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

25 is a schematic diagram 18 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

26 is a schematic diagram 19 of a scenario of a method for verifying a user's identity provided by an embodiment of this application;

27 is a second structural diagram of an electronic device according to an embodiment of the present application;

28 is a schematic structural diagram 3 of an electronic device according to an embodiment of the present application;

29 is a schematic structural diagram 1 of a server according to an embodiment of the present application;

30 is a second structural diagram of a server according to an embodiment of the present application.

detailed description

The implementation of this embodiment will be described in detail below with reference to the drawings.

The method for verifying the user's identity provided by the embodiments of the present application can be applied to mobile phones, tablet computers, desktops, laptops, notebook computers, ultra-mobile personal computers (UMPC), handheld computers, netbooks, Personal digital assistants (personal digital assistants, PDAs), wearable electronic devices, virtual reality devices, etc., the specific forms of the electronic devices are not particularly limited in the following embodiments.

FIG. 1 shows a schematic structural diagram of an electronic device 100.

The electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, a universal serial bus (USB) interface 130, a charging management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2 , Mobile communication module 150, wireless communication module 160, audio module 170, speaker 170A, receiver 170B, microphone 170C, headset interface 170D, sensor module 180, motor 191, indicator 192, camera 193, display screen 194, and user identification module (subscriber identification module, SIM) card interface 195 and so on.

It can be understood that the structure illustrated in the embodiment of the present invention does not constitute a specific limitation on the electronic device 100. In other embodiments of the present application, the electronic device 100 may include more or fewer components than shown, or combine certain components, or split certain components, or arrange different components. The illustrated components can be implemented in hardware, software, or a combination of software and hardware.

The processor 110 may include one or more processing units. For example, the processor 110 may include an application processor (application processor, AP), a modem processor, a graphics processor (graphics processing unit, GPU), and an image signal processor. (image)signal processor (ISP), controller, memory, video codec, digital signal processor (DSP), baseband processor, and/or neural-network processing unit (NPU) Wait. Among them, the different processing units may be independent devices or may be integrated in one or more processors.

The controller may be the nerve center and command center of the electronic device 100. The controller can generate the operation control signal according to the instruction operation code and the timing signal to complete the control of instruction fetch and execution.

The processor 110 may also be provided with a memory for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may store instructions or data that the processor 110 has just used or recycled. If the processor 110 needs to use the instruction or data again, it can be directly called from the memory. The repeated access is avoided, and the waiting time of the processor 110 is reduced, thereby improving the efficiency of the system.

In some embodiments, the processor 110 may include one or more interfaces. Interfaces can include integrated circuit (inter-integrated circuit, I2C) interface, integrated circuit built-in audio (inter-integrated circuit, sound, I2S) interface, pulse code modulation (pulse code modulation (PCM) interface, universal asynchronous transceiver (universal) asynchronous receiver/transmitter, UART) interface, mobile industry processor interface (MIPI), general-purpose input/output (GPIO) interface, subscriber identity module (SIM) interface, and /Or universal serial bus (USB) interface, etc.

It can be understood that the interface connection relationship between the modules illustrated in the embodiments of the present invention is only a schematic description, and does not constitute a limitation on the structure of the electronic device 100. In other embodiments of the present application, the electronic device 100 may also use different interface connection methods in the foregoing embodiments, or a combination of multiple interface connection methods.

The charging management module 140 is used to receive charging input from the charger. The charger can be a wireless charger or a wired charger. In some wired charging embodiments, the charging management module 140 may receive the charging input of the wired charger through the USB interface 130. In some wireless charging embodiments, the charging management module 140 may receive wireless charging input through the wireless charging coil of the electronic device 100. While the charging management module 140 charges the battery 142, it can also supply power to the electronic device through the power management module 141.

The power management module 141 is used to connect the battery 142, the charging management module 140 and the processor 110. The power management module 141 receives input from the battery 142 and/or the charging management module 140, and supplies power to the processor 110, internal memory 121, external memory, display screen 194, camera 193, wireless communication module 160, and the like. The power management module 141 can also be used to monitor battery capacity, battery cycle times, battery health status (leakage, impedance) and other parameters. In some other embodiments, the power management module 141 may also be disposed in the processor 110. In other embodiments, the power management module 141 and the charging management module 140 may also be set in the same device.

The wireless communication function of the electronic device 100 can be realized by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, the modem processor, and the baseband processor.

Antenna 1 and antenna 2 are used to transmit and receive electromagnetic wave signals. Each antenna in the electronic device 100 may be used to cover a single or multiple communication frequency bands. Different antennas can also be reused to improve antenna utilization. For example, the antenna 1 can be multiplexed as a diversity antenna of a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.

The mobile communication module 150 may provide a wireless communication solution including 2G/3G/4G/5G and the like applied to the electronic device 100. The mobile communication module 150 may include at least one filter, switch, power amplifier, low noise amplifier (LNA), and the like. The mobile communication module 150 can receive the electromagnetic wave from the antenna 1 and filter, amplify, etc. the received electromagnetic wave, and transmit it to the modem processor for demodulation. The mobile communication module 150 can also amplify the signal modulated by the modulation and demodulation processor and convert it to electromagnetic wave radiation through the antenna 1. In some embodiments, at least part of the functional modules of the mobile communication module 150 may be provided in the processor 110. In some embodiments, at least part of the functional modules of the mobile communication module 150 and at least part of the modules of the processor 110 may be provided in the same device.

The modem processor may include a modulator and a demodulator. Among them, the modulator is used to modulate the low-frequency baseband signal to be transmitted into a high-frequency signal. The demodulator is used to demodulate the received electromagnetic wave signal into a low-frequency baseband signal. The demodulator then transmits the demodulated low-frequency baseband signal to the baseband processor for processing. The low-frequency baseband signal is processed by the baseband processor and then passed to the application processor. The application processor outputs a sound signal through an audio device (not limited to a speaker 170A, a receiver 170B, etc.), or displays an image or video through a display screen 194. In some embodiments, the modem processor may be an independent device. In other embodiments, the modem processor may be independent of the processor 110, and may be set in the same device as the mobile communication module 150 or other functional modules.

The wireless communication module 160 can provide wireless local area networks (wireless local area networks, WLAN) (such as wireless fidelity (Wi-Fi) networks), Bluetooth (bluetooth, BT), and global navigation satellites that are applied to the electronic device 100 Wireless communication solutions such as global navigation (satellite system, GNSS), frequency modulation (FM), near field communication (NFC), infrared technology (infrared, IR), etc. The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives the electromagnetic wave via the antenna 2, frequency-modulates and filters the electromagnetic wave signal, and sends the processed signal to the processor 110. The wireless communication module 160 can also receive the signal to be transmitted from the processor 110, frequency-modulate it, amplify it, and convert it to electromagnetic waves through the antenna 2 to radiate it out.

In some embodiments, the antenna 1 of the electronic device 100 and the mobile communication module 150 are coupled, and the antenna 2 and the wireless communication module 160 are coupled so that the electronic device 100 can communicate with the network and other devices through wireless communication technology. The wireless communication technology may include a global mobile communication system (global system for mobile communications, GSM), general packet radio service (general packet radio service, GPRS), code division multiple access (code division multiple access, CDMA), broadband Wideband code division multiple access (WCDMA), time-division code division multiple access (TD-SCDMA), long-term evolution (LTE), BT, GNSS, WLAN, NFC , FM, and/or IR technology, etc. The GNSS may include a global positioning system (GPS), a global navigation satellite system (GLONASS), a beidou navigation system (BDS), and a quasi-zenith satellite system (quasi -zenith satellite system (QZSS) and/or satellite-based augmentation system (SBAS).

The electronic device 100 realizes a display function through a GPU, a display screen 194, and an application processor. The GPU is a microprocessor for image processing, connecting the display screen 194 and the application processor. The GPU is used to perform mathematical and geometric calculations, and is used for graphics rendering. The processor 110 may include one or more GPUs that execute program instructions to generate or change display information.

The display screen 194 is used to display images, videos and the like. The display screen 194 includes a display panel. The display panel can use a liquid crystal display (LCD), organic light-emitting diode (OLED), active matrix organic light-emitting diode or active matrix organic light-emitting diode (active-matrix organic light-emitting diode) emitting diode, AMOLED, flexible light-emitting diode (FLED), Miniled, MicroLed, Micro-oLed, quantum dot light emitting diode (QLED), etc. In some embodiments, the electronic device 100 may include 1 or N display screens 194, where N is a positive integer greater than 1.

The electronic device 100 can realize a shooting function through an ISP, a camera 193, a video codec, a GPU, a display screen 194, an application processor, and the like.

The ISP processes the data fed back by the camera 193. For example, when taking a picture, the shutter is opened, and light is transmitted to the photosensitive element of the camera through the lens, and the optical signal is converted into an electrical signal. The photosensitive element of the camera transmits the electrical signal to the ISP for processing and converts it into an image visible to the naked eye. ISP can also optimize the algorithm of image noise, brightness and skin color. ISP can also optimize the exposure, color temperature and other parameters of the shooting scene. In some embodiments, the ISP may be set in the camera 193.

The camera 193 is used to capture still images or videos. The object generates an optical image through the lens and projects it onto the photosensitive element. The photosensitive element may be a charge coupled device (charge coupled device, CCD) or a complementary metal-oxide-semiconductor (CMOS) phototransistor. The photosensitive element converts the optical signal into an electrical signal, and then transmits the electrical signal to the ISP to convert it into a digital image signal. The ISP outputs the digital image signal to the DSP for processing. DSP converts digital image signals into standard RGB, YUV and other format image signals. In some embodiments, the electronic device 100 may include 1 or N cameras 193, where N is a positive integer greater than 1.

In the embodiment of the present application, the camera 193 may send the captured image to a processor (for example, a GPU processor), and the processor extracts one or more face information in the image through a certain face recognition algorithm.

The digital signal processor is used to process digital signals. In addition to digital image signals, it can also process other digital signals. For example, when the electronic device 100 is selected at a frequency point, the digital signal processor is used to perform Fourier transform on the energy at the frequency point.

The video codec is used to compress or decompress digital video. The electronic device 100 may support one or more video codecs. In this way, the electronic device 100 can play or record videos in various encoding formats, for example: moving picture experts group (MPEG) 1, MPEG2, MPEG3, MPEG4, etc.

NPU is a neural-network (NN) computing processor. By drawing on the structure of biological neural networks, such as the transfer mode between neurons in the human brain, it can quickly process the input information and can continue to self-learn. The NPU can realize applications such as intelligent recognition of the electronic device 100, such as image recognition, face recognition, voice recognition, and text understanding.

The external memory interface 120 can be used to connect an external memory card, such as a Micro SD card, to expand the storage capacity of the electronic device 100. The external memory card communicates with the processor 110 through the external memory interface 120 to realize the data storage function. For example, save music, video and other files in an external memory card.

The internal memory 121 may be used to store computer executable program code, where the executable program code includes instructions. The processor 110 executes instructions stored in the internal memory 121 to execute various functional applications and data processing of the electronic device 100. The internal memory 121 may include a storage program area and a storage data area. Among them, the storage program area may store an operating system, at least one function required application programs (such as sound playback function, image playback function, etc.). The storage data area may store data (such as audio data, phone book, etc.) created during use of the electronic device 100 and the like. In addition, the internal memory 121 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, a universal flash memory (universal flash storage, UFS), and so on.

The electronic device 100 may implement audio functions through an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, a headphone interface 170D, and an application processor. For example, music playback, recording, etc.

The audio module 170 is used to convert digital audio information into analog audio signal output, and also used to convert analog audio input into digital audio signal. The audio module 170 can also be used to encode and decode audio signals. In some embodiments, the audio module 170 may be disposed in the processor 110, or some functional modules of the audio module 170 may be disposed in the processor 110.

The speaker 170A, also called "speaker", is used to convert audio electrical signals into sound signals. The electronic device 100 can listen to music through the speaker 170A, or listen to a hands-free call.

The receiver 170B, also known as "handset", is used to convert audio electrical signals into sound signals. When the electronic device 100 answers a call or voice message, the voice can be received by bringing the receiver 170B close to the ear.

The microphone 170C, also known as "microphone", "microphone", is used to convert sound signals into electrical signals. When making a call or sending a voice message, the user can make a sound by approaching the microphone 170C through a person's mouth, and input a sound signal to the microphone 170C. The electronic device 100 may be provided with at least one microphone 170C. In other embodiments, the electronic device 100 may be provided with two microphones 170C. In addition to collecting sound signals, it may also implement a noise reduction function. In other embodiments, the electronic device 100 may also be provided with three, four, or more microphones 170C to collect sound signals, reduce noise, identify sound sources, and implement directional recording functions.

The headset interface 170D is used to connect wired headsets. The earphone interface 170D may be a USB interface 130, or a 3.5mm open mobile electronic device (open terminal) platform (OMTP) standard interface, and the American Telecommunications Industry Association (cellular telecommunications industry association of the United States, CTIA) standard interface.

The sensor module 180 may specifically include a pressure sensor, a gyro sensor, a barometric pressure sensor, a magnetic sensor, an acceleration sensor, a distance sensor, a proximity light sensor, a fingerprint sensor, a temperature sensor, a touch sensor, an ambient light sensor, or a bone conduction sensor, etc. One or more, this embodiment of the present application does not make any limitation on this.

The motor 191 may generate a vibration prompt. The motor 191 can be used for vibration notification of incoming calls and can also be used for touch vibration feedback. For example, touch operations applied to different applications (such as taking pictures, audio playback, etc.) may correspond to different vibration feedback effects. For the touch operation of different areas of the display screen 194, the motor 191 can also correspond to different vibration feedback effects. Different application scenarios (for example: time reminder, receiving information, alarm clock, game, etc.) can also correspond to different vibration feedback effects. Touch vibration feedback effect can also support customization.

The indicator 192 can be an indicator light, which can be used to indicate the charging state, the amount of power change, and can also be used to indicate messages, missed calls, notifications, and the like.

The SIM card interface 195 is used to connect a SIM card. The SIM card can be inserted into or removed from the SIM card interface 195 to achieve contact and separation with the electronic device 100. The electronic device 100 may support 1 or N SIM card interfaces, where N is a positive integer greater than 1. The SIM card interface 195 can support Nano SIM cards, Micro SIM cards, SIM cards, etc. The same SIM card interface 195 can insert multiple cards at the same time. The types of the multiple cards may be the same or different. The SIM card interface 195 can also be compatible with different types of SIM cards. The SIM card interface 195 can also be compatible with external memory cards. The electronic device 100 interacts with the network through a SIM card to realize functions such as call and data communication. In some embodiments, the electronic device 100 uses eSIM, that is, an embedded SIM card. The eSIM card can be embedded in the electronic device 100 and cannot be separated from the electronic device 100.

The software system of the electronic device 100 may adopt a layered architecture, event-driven architecture, micro-core architecture, micro-service architecture, or cloud architecture. The embodiment of the present application takes an Android system with a layered architecture as an example to exemplarily explain the software structure of the electronic device 100.

2 is a block diagram of the software structure of the electronic device 100 according to an embodiment of the present application.

The layered architecture divides the software into several layers, and each layer has a clear role and division of labor. The layers communicate with each other through a software interface. In some embodiments, the Android system is divided into four layers, from top to bottom are the application layer, the application framework layer, the Android runtime and the system library, and the kernel layer.

The application layer may include a series of application packages.

The application package can include applications such as camera, gallery, calendar, call, map, navigation, Bluetooth, music, video, SMS and so on.

In the embodiment of the present application, as shown in FIG. 2, the application layer may further include a target application that needs to authenticate multiple users at the same time.

For example, the above target application may be a game application. When the user age of the game application is less than a certain age (for example, 13 years old), when the game application is opened, the identity of the user and its guardian can be verified at the same time, thereby ensuring the user The game application is used with the permission or escort of the guardian.

For another example, the above target application may be a payment application. When a user uses a payment application to pay for a large transaction, the payment application may require the relevant personnel involved in the transaction to perform identity authentication together, thereby ensuring that the relevant personnel of the transaction make the transaction Be informed.

For another example, the above target application may also be an application issued by a government agency to handle online related services. For example, when transferring a vehicle, both old and new owners are required to go through the transfer procedures on site. At this time, the application can be used to verify the identity of the old and new owners. For another example, when applying for a marriage certificate, both men and women are required to go through the relevant procedures on the spot. At this time, the application can be used to verify the identity of both men and women. As another example, when signing a contract, both Party A and Party B are required to confirm the contract content on site. At this time, the application can be used to verify the identity of Party A and Party B.

The application framework layer provides an application programming interface (application programming interface) and programming framework for applications at the application layer. The application framework layer includes some predefined functions.

As shown in FIG. 2, the application framework layer may include an authentication service, and the authentication service may provide a multi-user joint authentication function to the target application. For example, the above target application may call an authentication service to obtain user's face information for registration, authentication and other processes. For example, the authentication service may collect image information containing multiple user faces by driving an image sensor such as a camera. In addition, the authentication service can also calculate the number of faces contained in the collected face information, and perform live detection on the face information. In addition, the authentication service can also extract the facial features of each face in the facial information, and compare the extracted facial features with the registered user's facial features to determine whether multiple users currently undergoing identity verification Is a legitimate user.

It should be noted that the above authentication service can be run in a common execution environment (rich execution environment, REE), or in a trusted execution environment (trusted execution environment, TEE), or a security element (secure element, SE) and other security In a higher environment. Of course, it is also possible to run a part of the program of the above authentication service in REE and another part of the program in TEE, which is not limited in this embodiment of the present application.

In addition, the application framework layer may also include drawing services (such as surfaceflinger), window managers, content providers, phone managers, resource managers, notification managers, and so on.

Among them, the drawing service can be used to build the display page of the application. The display page can be composed of one or more views. For example, a display page that includes an SMS notification icon may include a view that displays text and a view that displays pictures. The window manager is used to manage window programs. The window manager can obtain the size of the display screen, determine whether there is a status bar, lock the screen, intercept the screen, etc. Content providers are used to store and retrieve data, and make these data accessible to applications. The data may include videos, images, audio, calls made and received, browsing history and bookmarks, phonebooks, etc. The phone manager is used to provide the communication function of the electronic device 100. For example, the management of the call status (including connection, hang up, etc.). The resource manager provides various resources for the application, such as localized strings, icons, pictures, layout files, video files, and so on. The notification manager enables applications to display notification information in the status bar, which can be used to convey notification-type messages, and can disappear automatically after a short stay without user interaction. For example, the notification manager is used to notify the completion of downloading, message reminders, etc. The notification manager can also be a notification that appears in the status bar at the top of the system in the form of a chart or scroll bar text, such as a notification of an application running in the background, or a notification that appears on the screen in the form of a dialog window. For example, the text message is displayed in the status bar, a prompt sound is emitted, the electronic device vibrates, and the indicator light flashes.

Android Runtime includes core library and virtual machine. Android runtime is responsible for the scheduling and management of the Android system.

The core library contains two parts: one part is the function function that Java language needs to call, and the other part is the core library of Android.

The application layer and the application framework layer run in the virtual machine. The virtual machine executes the java files of the application layer and the application framework layer into binary files. The virtual machine is used to perform functions such as object lifecycle management, stack management, thread management, security and exception management, and garbage collection.

The system library may include multiple functional modules. For example: surface manager (surface manager), media library (Media library), 3D graphics processing library (for example: OpenGL ES), 2D graphics engine (for example: SGL), etc.

The surface manager is used to manage the display subsystem and provides the fusion of 2D and 3D layers for multiple applications.

The media library supports a variety of commonly used audio, video format playback and recording, and still image files. The media library can support multiple audio and video encoding formats, such as: MPEG4, H.264, MP3, AAC, AMR, JPG, PNG, etc.

The 3D graphics processing library is used to realize 3D graphics drawing, image rendering, synthesis, and layer processing.

The 2D graphics engine is a drawing engine for 2D drawing.

The kernel layer is the layer between hardware and software. The kernel layer includes at least a display driver, a camera driver, an audio driver, a sensor driver, etc. The embodiment of the present application does not make any limitation on this.

Exemplarily, before the target application in the electronic device 100 needs to simultaneously authenticate multiple users, each user who needs to be authenticated needs to register their own identity information and face information in the electronic device 100.

Taking a mobile phone as an example of the electronic device 100, a user using the mobile phone may be one or more family members in the family. In order to facilitate subsequent users to use the multi-user joint authentication function provided by the target application in the mobile phone, each member of the family can register their own identity information and face information in the mobile phone through the following steps S301-S305. As shown in FIG. 3, steps S301-S305 specifically include:

S301. The mobile phone prompts the user to input identity information.

Exemplarily, the mobile phone may prompt the user to input identity information when the user installs or uses the target application for the first time. Taking the target application as an example of a game APP, as shown in (a) of FIG. 4, after the user opens the registration function of the game APP in the mobile phone, the mobile phone can display the registration interface 401. In the registration interface 401, options for filling in identity information such as the name, age, gender, mobile phone number, and ID number of the registered user are set to prompt the user to enter the corresponding identity information in the registration interface 401.

Or, the identity information input by the user may not be directly associated with the target application. For example, a mobile phone can provide multi-user federation authentication in the system settings. When it is detected that the user opens the function for the first time, as shown in (b) in FIG. 4, the mobile phone may display the registration interface 402. Similar to the registration interface 401 described above, the registration interface 402 can also be set to fill in one or more identity information options such as the name, age, gender, mobile phone number, and ID number of the registered user, which is not done in the embodiments of this application Any restrictions.

S302. In response to user A's input operation, the mobile phone obtains user A's identity information.

Taking the above registration interface 402 as an example, as shown in FIG. 5, a user who wishes to register (for example, user A) can enter his own name, age, gender, mobile phone number, and identity card number in the corresponding fill-in options of the registration interface 402 . If it is detected that the user clicks the next button 403 in the registration interface 401, the mobile phone may save the identity information entered by the user in the registration interface 401 at this time as the identity information of the user A locally.

S303. The mobile phone prompts the user to input face information.

Exemplarily, after detecting that the user clicks the next button 403 above, the mobile phone may call its camera (for example, the front camera) to obtain the currently captured preview interface, and detect whether there is a preview interface through a preset face detection algorithm Face information. As shown in FIG. 6, the mobile phone may display the content captured by the camera in the preview interface 601, for example, the mobile phone may display the content captured by the camera in the preset area 602 of the preview interface 601. The mobile phone may prompt the user to adjust the position of the human face in the preview interface 601, so that the mobile phone can detect the user's human face in the preset area 602 of the preview interface 601.

S304. The mobile phone uses the camera to obtain the face information input by user A.

As shown in FIG. 7, after user A completely puts his face in the preset area 602 of the preview interface 601, the mobile phone can recognize the face information in the preset area 602, and save the recognized face information locally . Exemplarily, after detecting a human face in the preset area 602, the mobile phone may extract corresponding facial features according to the image information in the preset area 602. For example, the extracted face feature may be a feature matrix, and the mobile phone may store the extracted feature matrix locally.

After the face information of user A is obtained, as shown in FIG. 7, the mobile phone may also display a prompt 701 of successful entry of face information. Subsequent mobile phones can use the face information entered when user A registers to authenticate user A's user identity. In addition, after acquiring the face information of user A, as shown in FIG. 7, the mobile phone may also display a return button 702 and a next button 703. If it is detected that the user clicks the return button 702, the mobile phone may delete the face information obtained this time, and return to the preview interface 601 to recapture and detect the face information. If it is detected that the user clicks the return button 703, it means that the user confirms to use the face information entered this time as a basis for subsequent identity verification, and the mobile phone may continue to perform step S305 at this time.

Of course, if the mobile phone does not recognize face information in the preset area 602 within a preset time, or repeatedly detects that the face information entered by the user is incomplete, the phone may display a prompt message that the registration failed and exit the registration process .

S305. The mobile phone establishes a correspondence between user A's identity information and face information, and prompts user A to register successfully.

In step S305, as shown in FIG. 8, the mobile phone may display the identity information and face information of user A obtained in steps S302 and S304 on the touch screen, respectively, and prompt the user to confirm. If it is detected that the user clicks the confirmation button 801, it means that the user agrees to bind the identity information entered this time with face information, and the mobile phone may establish a correspondence between the identity information of user A and face information in a preset database. For example, a face feature database and an identity information database may be set in the mobile phone in advance, and the mobile phone may save the acquired face information of user A in the face feature database, and generate a face feature index of the face information. Furthermore, the mobile phone may store the correspondence between user A's facial feature index and user A's identity information in the identity information database. In this way, in the subsequent user identity verification, the mobile phone can find the face feature index corresponding to the identity information in the identity information database according to the identity information entered by the user, and then in the face feature database according to the face feature index Find the corresponding face information. Of course, if it is detected that the user clicks the return button 802 shown in FIG. 8, the mobile phone can return to the previous menu so that the user can modify the identity information and/or face information that has been entered, which is not done in the embodiments of the present application Any restrictions.

In addition, after detecting that the user clicks the confirmation button 801, as shown in FIG. 9, the mobile phone may also display a message 901 that user A has successfully registered on the display screen. Moreover, the mobile phone can also display an option 902 of adding other registered users. If it is detected that the user clicks the option 902, the mobile phone may continue to perform the above steps S301-S305 to register other users (for example, user B and user C, etc.) that can use the multi-user joint authentication function.

In this way, different users can complete the registration process of the multi-user joint identity verification function in the mobile phone through the above steps S301-S305. Each registered user will establish a correspondence between their identity information and face information in the mobile phone. Subsequently, when the mobile phone needs to simultaneously authenticate multiple users to provide proof of the presence of multiple users, the mobile phone can separately authenticate multiple face information appearing in the same image collected. When multiple face information appearing in the same image are the face information of the registered user, the mobile phone can determine that the multi-user joint identity verification is passed, indicating that the multiple users have completed identity authentication at the same time and place, which ensures The accuracy and security of users when they are authenticated.

After multiple users have registered the multi-user joint authentication function in the above mobile phones, before using the multi-user joint authentication function, the user can enable the multi-user joint authentication in the target application through the following steps S1001-S1006 Features. Of course, if the user does not need to use the multi-user joint authentication function in the target application (for example, the above-mentioned game APP), for example, parents do not need their guardian to accompany while using the game APP, the user can skip the following steps S1001-S1006 Open the game APP.

Exemplarily, as shown in FIG. 10, steps S1001-S1006 specifically include:

S1001. After detecting that the user enables the multi-user joint authentication function in the target application, the mobile phone prompts the user to select the number of users when the multi-user joint authentication is performed.

Taking the game APP as an example of the target application, as shown in (a) of FIG. 11, when the mobile phone detects that the user opens the game APP, if the multi-user federation authentication function in the game APP is not enabled, the mobile phone may display that multi-user federation is enabled Enable button 1101 for identity verification function. After detecting that the user clicks the enable button 1101, it indicates that subsequent users want to turn on the multi-user joint authentication function when opening the game APP to prove that the user is using the game APP in the company of others. At this time, as shown in (b) in FIG. 11 As shown, the mobile phone may prompt the user to enter the number of users who subsequently participate in multi-user federation authentication.

In some embodiments, the mobile phone can also automatically enable the multi-user federation authentication function in the target application for the user. For example, when it is detected that the user opens the game APP, the mobile phone can automatically turn on the front camera to collect the user image using the game APP. If the user image determines that the user who uses the game APP is younger (for example, less than 10 years old), the mobile phone can automatically enable the multi-user federation authentication function and prompt the user to select the number of users in the multi-user federation authentication.

S1002. When the number of users is N (N>1), the mobile phone prompts to enter N personal face information in the preview interface.

Exemplarily, if the number of users when the user selects multi-user joint authentication is 2, the mobile phone detects that the user selects the option of 2 people, as shown in FIG. 12, the mobile phone can call its camera (for example, the front camera) to obtain The currently captured preview interface 1201 is displayed and displayed. In addition, the mobile phone may also prompt the user in the preview interface 1201 to input the face information of the user 1 and the user 2 at the designated position of the preview interface 1201.

For example, when the user selects two users for joint authentication, the mobile phone may mark two areas in the preview interface 1201 according to the number of users, namely, the area 1202 and the area 1203 shown in FIG. 12. These two areas are used to collect face information of user 1 and user 2, respectively. In this way, users A and B who participate in the multi-user joint authentication can adjust their positions in the preview interface 1201 according to the prompt in the preview interface 1201, so that the mobile phone can detect the user 1 (such as the user) in the area 1202 of the preview interface 1201. A) Face information, and the face information of user 2 (eg, user B) is detected in the area 1202 of the preview interface 1201.

S1003. The mobile phone obtains N personal face information from the preview interface.

S1004. The mobile phone determines that the above-mentioned N personal face information are all face information of the registered user.

As shown in FIG. 13, after the mobile phone detects face information in both the area 1202 and the area 1203 of the preview interface 1201, it can be determined that the number of faces at this time is the same as the number of users set by the user (that is, 2), then , The mobile phone can determine whether the face information in the area 1202 and the area 1203 is the face information of the registered registered user one by one. If the number of collected face information is different from the number of users set by the user, the mobile phone may prompt the user to enter the incorrect number of faces in the preview interface 1201, and return to the preview interface 1201 to reacquire the preview interface 1201. Face information.

Exemplarily, the mobile phone may match the face information extracted from the area 1202 with the face information of the registered user A, user B, and user C in the face feature library. If the face information in the area 1202 matches the face information of the user A, indicating that the face captured in the area 1202 is the face of the user A, the mobile phone can search in the identity information database according to the face feature index of the user A To user A's identity information.

Similarly, the mobile phone can match the face information extracted from the area 1203 with the face information of the registered user A, user B, and user C in the face feature library. If the face information in the area 1203 matches the face information of the user B, indicating that the face captured in the area 1203 is the face of the user B, the mobile phone can search in the identity information database according to the face feature index of the user B To user B's identity information. In this way, the mobile phone can determine that the two face information collected in the preview interface 1201 are the face information of the registered user.

In addition, if the mobile phone determines that the one or more facial information collected this time is not the registered user's facial information, the mobile phone may display a registration button to prompt the unregistered user to register the identity information and the facial information in the mobile phone. If it is detected that the user clicks the registration button, the mobile phone can register the identity information and face information of the new user through the above steps S301-S305.

In some embodiments of the present application, after the mobile phone detects face information from the above-mentioned area 1202 and area 1203, it can also perform live detection on the face information in area 1202 and area 1203, that is, confirm the face captured by the mobile phone The image belongs to a real living user, rather than using fake face information such as pictures or videos. For example, a mobile phone may use a temperature sensor to detect whether the temperature distribution in the area 1202 and the area 1203 conforms to the temperature distribution on the face surface. If it matches the temperature distribution on the face surface, it may be considered to be detected by a living body. For another example, the mobile phone may also require the user to blink, open his mouth, or read a piece of text to identify whether the users in the area 1202 and the area 1203 are living users. The embodiment of the present application does not make any limitation on this.

S1005. The mobile phone prompts the user to confirm the correspondence between the N personal face information and the corresponding N identity information.

S1006. If the user's confirmation operation is detected, the mobile phone establishes a correspondence between the target application, the N personal face information, and the N identity information.

Exemplarily, after the mobile phone determines that the face information in the area 1202 and the area 1203 are the face information of the registered user A and the registered user B, respectively, as shown in FIG. 14, the mobile phone may compare the face information and identity of the user A The information and user B's face information and identity information are displayed on the touch screen to prompt the user to confirm. If it is detected that the user clicks the confirmation button 1401, it means that the user agrees to perform multi-user joint identity verification by user A and user B when the game APP is subsequently run. Then, the mobile phone can establish a correspondence between the game APP, user A's face information and identity information, and user B's face information and identity information.

Exemplarily, the authentication registration table shown in Table 1 may be pre-stored in the mobile phone, and the authentication registration table is used to record the correspondence between each application that enables the multi-user joint authentication function and the corresponding multiple preset users . In this embodiment of the present application, multiple preset users corresponding to an application may be referred to as an authenticated user of the application. For example, the authenticated users of the game APP include user A and user B. If it is detected that the user clicks the confirm button 1401 shown in FIG. 14, the mobile phone can compare the ID of the game APP (such as the package name of the application) with the relevant information (such as identity information and face) of the authenticated user (that is, user A and user B) Information) is recorded in the authentication registration form. In this way, when it is subsequently detected that the user opens the game APP, the mobile phone can determine whether the currently authenticated user is the authenticated user recorded in the authentication registration table through the authentication registration table shown in Table 1.

Table 1

App ID Identity Information Face information Game APP ID User A's identity information User A's face information A User B's identity information User B's face information Payment APP ID User B's identity information User B's face information A User C's identity information User C's face information

It should be noted that the process of enabling the multi-user joint authentication function in the target application of the mobile phone (that is, the above S1001-S1006) only needs to be completed once by the user in the target application. That is to say, after the user sets user A and user B through the above S1001-S1006 as the authenticated users who have completed the multi-user joint authentication function in the target application, each subsequent multi-user joint authentication in the target application requires User A and user B participate in the multi-user joint authentication to provide multi-user presence certification using the target application.

Of course, the user can also replace the authenticated user who performs multi-user joint identity verification in the target application through the above steps S1001-S1006. For example, by enabling the multi-user joint identity verification function, the authenticated user can be modified from user A and user B to user A and user C, and this embodiment of the present application does not make any limitation on this.

After the user sets the user A and the user B as the authenticated users by enabling the multi-user joint authentication function in the target application, if it is detected that the user has turned on the multi-user joint authentication function in the target application, the mobile phone can perform the following step S1501 -S1505 performs multi-user joint authentication. Exemplarily, as shown in FIG. 15, steps S1501-S1505 specifically include:

S1501: After detecting that the user opens the multi-user joint authentication function in the target application, the mobile phone determines the authenticated user corresponding to the target application.

Taking the above-mentioned game APP as an example of target application, the mobile phone may display a verification button for multi-user joint authentication when entering the game APP, or may display the verification button when entering a certain function of the game APP. As shown in FIG. 16, after detecting that the user opens the game APP, if the user has enabled the multi-user joint authentication function in the target application (that is, the above S1001-S1006), the mobile phone may display a verification button 1601 to prompt the user to perform multi-user joint identity verification.

In some embodiments, the mobile phone can also automatically turn on the multi-user federation authentication function in some scenarios. For example, after detecting that the user opens the game APP, the mobile phone may request the user to enter the user's age. If the user is younger (for example, less than 10 years old), the mobile phone may automatically open the multi-user joint authentication function in the game APP. Alternatively, the user can also set the phone to a child mode. If it is detected that the phone is in the child mode when the user opens the game app, the phone can automatically turn on the multi-user joint authentication function in the game app. Or, the mobile phone can also monitor the running duration of the game APP. When the running duration of the game APP in the mobile phone is greater than a preset time (for example, 2 hours), the mobile phone can automatically open the multi-user joint authentication function in the game APP.

After the mobile phone opens the multi-user joint identity verification function of the game APP, the mobile phone can obtain the relevant information of the authenticated user corresponding to the game APP in the authentication registration table shown in Table 1 according to the ID of the game APP. For example, the authenticated users corresponding to the game APP include user A and user B. Then, the mobile phone can obtain the corresponding facial feature index according to the user A's identity information in the identity information database, and then, the mobile phone can obtain the user A's face information according to the user A's facial feature index in the facial feature database . Similarly, the mobile phone can obtain the corresponding facial feature index according to the user B's identity information in the identity information database. Furthermore, the mobile phone can obtain the user B's facial information according to the user B's facial feature index in the facial feature database .

S1502. The mobile phone prompts the user to input face information of N (N>1) authenticated users in the preview interface.

After the mobile phone determines that the authenticated users corresponding to the game APP are user A and user B, as shown in FIG. 17, the mobile phone can call its camera (for example, the front camera) to obtain the currently captured preview interface 1701 and display the preview interface 1701. Moreover, since the mobile phone has determined that the game APP corresponds to two authenticated users, as shown in FIG. 17, the mobile phone can mark two areas (ie, area 1702 and area 1703) in the preview interface 1701 to prompt the user to Enter the face information of each authenticated user in these two areas.

Further, the mobile phone can also prompt the user to enter face information in the preview interface 1701 according to the position relationship of multiple authenticated users when the multi-user joint authentication function is enabled, and the subsequent phone can also follow the position relationship of each face information in the preview interface 1701 Determine whether multi-user federation authentication is passed. For example, when the multi-user joint authentication function is enabled, the face information of user A is on the left side of the preview interface, and the face information of user B is on the right side of the preview interface. Then, when actually performing multi-user joint authentication, user A needs to enter his face information on the left side of the preview interface (that is, area 1702), and user B needs to enter his face information on the right side of the preview interface (That is, in area 1703), otherwise the mobile phone can determine that the multi-user federation authentication fails.

S1503. The mobile phone obtains N personal face information from the preview interface.

S1504. The mobile phone determines that the above N personal face information are all face information of the authenticated user.

If the mobile phone extracts face information in the area 1702 and the area 1703 of the preview interface 1701 respectively, the mobile phone can determine that the number of currently authenticated persons is the same as the number of authenticated users, then the mobile phone can determine the area 1702 and the area 1703 one by one Is the face information of the authenticated users (ie user A and user B).

Exemplarily, the authenticated user corresponding to the above-mentioned area 1702 is user A. Then, the mobile phone may compare the face information collected in the area 1702 with the face information of user A. When the similarity between the face information in the area 1702 and the face information of the user A is greater than a preset value, it can be determined that the face information in the area 1702 is the face information of the authenticated user A.

Similarly, the authenticated user corresponding to the above area 1703 is user B. Then, the mobile phone can compare the face information collected in area 1703 with the face information of user B. When the similarity between the face information in the area 1703 and the face information of the user B is greater than a preset value, it can be determined that the face information in the area 1703 is the face information of the authenticated user B. In this way, the mobile phone can determine that the two face information collected in the preview interface 1701 are the face information of the two authenticated users preset by the user in steps S1001-S1006, and the location of the two face information in the preview interface 1701 The relationship also conforms to the positional relationship set by the user in steps S1001-S1006.

S1505. The mobile phone displays a message that the multi-user joint authentication is successful, and continues to run the target application.

As shown in (a) of FIG. 18, if the N personal face information collected by the mobile phone in this multi-user joint authentication process corresponds to the facial information of the N authenticated users of the game APP, the mobile phone can display A message 1801 that the multi-user federation authentication succeeded. Of course, after the multi-user joint authentication succeeds, it means that the user has permission to use the game APP, and the mobile phone can continue to run the target application (ie, the game APP). For example, the mobile phone can automatically open the game APP to enter the home page of the game APP.

Or, if the mobile phone determines that one or more face information collected during the multi-user joint authentication process is not the face information of the authenticated user, as shown in (b) in FIG. 18, the mobile phone may display the multi-user joint Authentication failed message. At this time, the user does not have permission to use the game APP, and the mobile phone cannot enter the home page of the game APP to continue to run the game APP.

Further, after the multi-user joint authentication is successful, the mobile phone can also set the effective time for the multi-user joint authentication to succeed. Taking the effective time as 2 hours for example, after the user passes the multi-user joint authentication in the game APP, the mobile phone can allow the user to use the game APP for 2 hours. Then, if the mobile phone detects that the game APP is still running in the foreground after 2 hours, the mobile phone may prompt the user to perform multi-user joint authentication again. That is to say, when the running time of the game APP exceeds the above-mentioned effective time, the mobile phone may repeatedly perform the above steps S1501-S1505 to perform multi-user joint authentication, so as to avoid users who use the game APP from indulging in games.

In addition, in the above embodiment, the game APP is taken as an example to illustrate. It can be understood that the mobile phone can also set up a multi-user joint authentication function in other applications to verify the identities of multiple users at the same time, thereby realizing the mobile phone Provide a multi-user presence proof for a certain function in For example, the aforementioned target APP may also be a payment APP. If the user sets the authentication users who perform the multi-user joint authentication function in the payment APP to the user B and the user C through the above steps S1001-S1006. Then, as shown in FIG. 19, when the mobile phone detects that the transaction amount in the payment APP exceeds a preset amount (for example, 20,000), the mobile phone may prompt to input face information of user B and user C for multi-user joint authentication. If user B and user C have passed the multi-user joint identity verification in the payment app, it means that the authenticated users (ie, user B and user C) bound to the payment app have been informed and authorized about this large transaction, then the mobile phone can Continue to complete this large transaction, so as to improve the security of property transactions and reduce the probability of loss of user property.

In other words, if the multi-user federation authentication is turned on when the target application is opened, after the multi-user federation authentication, the mobile phone can continue to run the target application means that the mobile phone can open the target application to enter the display interface of the target application; When a certain function of the target application (such as the above-mentioned payment function) is enabled, multi-user federation authentication is turned on. After the multi-user federation authentication, the mobile phone can continue to run the target application because the mobile phone can continue to execute the function.

It should be noted that, in the foregoing embodiments, the local registration, activation, and implementation of the multi-user joint authentication function on the mobile phone are used as examples. It can be understood that the mobile phone can also complete the registration and verification process of the multi-user joint authentication function by interacting with the server.

Exemplarily, similar to the above steps S301-S305, before using the multi-user joint authentication function provided by the target application, the mobile phone may register the user's identity information and face information in the server through the following steps S2001-S2008. As shown in FIG. 20, steps S2001-S2008 specifically include:

S2001, the mobile phone prompts the user to input identity information.

S2002. In response to user A's input operation, the mobile phone obtains user A's identity information.

S2003, the mobile phone prompts the user to input face information.

S2004. The mobile phone uses the camera to obtain the face information input by user A.

Wherein, the implementation process of steps S2001-S2004 is the same as the implementation process of steps S301-S304 in the above embodiment, so it will not be repeated here.

S2005. The mobile phone sends a registration request to the server. The registration request includes user A's identity information and face information.

After obtaining the face information and identity information of user A, the mobile phone may encrypt the face information and identity information and carry it in the registration request to the server, and the server performs the following steps S2006-S2008 to complete the registration process of user A.

S2006. The server determines that the identity information of user A is valid identity information.

After receiving the identity information and face information of user A, the server may first search in the server whether the same identity information as the received identity information or the same face information as the received face information is stored. If it is not found, it means that the identity information and face information of user A sent at this time have not been registered in the server.

Then, the server can verify whether the identity information of user A is real and valid identity information through the Ministry of Public Security or other authoritative identity database. For example, the identity information of user A sent from the mobile phone contains the name and ID number of user A. The server may request the above-mentioned identity database to query whether there is a user matching the name and ID number of user A. If a user who matches the name and ID number of user A can be found in the identity database, it means that the identity information entered by user A in the mobile phone is real and valid identity information. Otherwise, it means that the identity information entered by user A in the mobile phone is wrong, and the server can send the registration result of the failed registration to the mobile phone.

In some embodiments of the present application, the identity information of user A sent from the mobile phone may include the face information of user A. For example, when a mobile phone prompts the user to enter identification information, the user may be required to enter a photo of an ID card, and the user's ID card is generally printed with the user's avatar. At this time, the identity information collected by the mobile phone is the information on the ID card of user A, and the face information of user A is also included in the information. Then, before the server verifies the identity information of user A with the identity database, the server can compare the face information in the identity information of user A with the face information collected by the mobile phone this time. If the similarity of the face information of the two persons is greater than the threshold, it means that the identity information and face information uploaded by user A correspond. Furthermore, the server can verify whether the identity information of user A is valid identity information from the identity database, thereby ensuring the authenticity of the face information and identity information uploaded by user A.

S2007. The server establishes the correspondence between the identity information of user A and the face information.

If it is determined that the identity information entered by user A in the mobile phone is valid identity information, the server may store the identity information and face information of user A in the server, and establish a correspondence between the identity information of user A and the face information relationship. Through the above registration method, the server can store the correspondence between the identity information and face information of multiple users. Subsequently, the server can find the corresponding face information according to the user's identity information, and then can verify the user's identity based on the face information.

S2008. The server sends the registration result of the successful registration of user A to the mobile phone, so that the mobile phone displays the registration result.

After the server establishes the correspondence between user A's identity information and face information, it indicates that user A has completed registration in the server. At this time, the server can send the registration result of user A's successful registration to the mobile phone. After receiving the registration result, the mobile phone may display a successful registration message to prompt the user that the registration is successful.

The difference from the above steps S301-S305 is that the user's identity information and face information are both stored in the server. Therefore, each user who needs to register can use a different mobile phone to complete the registration process through the above steps S2001-S2008. For example, user B can register user B's identity information and face information in the server through his mobile phone; user C can also register user C's identity information and face information in the server through his mobile phone.

Later, when the target application in the mobile phone needs to simultaneously authenticate multiple users to provide proof of the presence of multiple users, the mobile phone can collect images containing multiple face information and send them to the server. The server performs multi-user joint identity verification on the multiple face information collected at this time according to the face information of the registered user. If the multi-user joint identity verification is passed, it means that the multiple users have completed the identity authentication at the same time and place, which ensures the accuracy and security of the multi-user identity authentication.

After multiple users participating in multi-user joint authentication successfully register their own identity information and face information in the server through the mobile phone, if it is detected that a user has turned on the multi-user joint authentication function in the target application, the mobile phone can Perform the following steps S2101-S2108 to perform multi-user federation authentication. Exemplarily, as shown in FIG. 21, steps S2101-S2108 specifically include:

S2101: After detecting that the user opens the multi-user joint authentication function in the target application, the mobile phone prompts M (M>1) users participating in the multi-user joint authentication function to input identity information respectively.

S2102. The mobile phone obtains M pieces of identity information respectively input by M users.

In the embodiment of the present application, a multi-user joint authentication function may be set in the target application. For example, when the target application is a game APP, multi-user joint authentication can be performed when the game APP is opened. For another example, when the target application is a payment APP, multi-user joint identity verification can be performed when conducting large-value transactions. For another example, when the target application is a related application for online certificate processing, multi-user joint identity verification can be performed on multiple users related to the certificate when processing the certificate.

Taking the target application as an example of a vehicle management APP, the vehicle management APP provides users with the function of handling vehicle transfer procedures online. As shown in FIG. 22, a transfer button 2201 is displayed on the homepage of the vehicle management APP. If it is detected that the user clicks the transfer button 2201, it means that the user (for example, user A) wants to transfer the vehicle under his own name to another user (for example, user B). At this time, the vehicle management APP needs to perform multi-user joint identity verification on the two users participating in the vehicle transfer procedure to ensure that the two users participating in the vehicle transfer procedure do not dispute the transfer procedure.

Therefore, if it is detected that the user clicks the transfer button 2201, it means that the user has turned on the multi-user joint authentication function in the vehicle management APP. At this time, as shown in (a) of FIG. 23, the mobile phone can jump to the input interface 2301 of the vehicle management APP, where the mobile phone can prompt the owner of the vehicle before the transfer (ie, the old owner) to enter his identity information. After the user A, as the old car owner, enters his identity information in the input interface 2301, he can click the OK button 2302 to submit his identity information. If it is detected that the user clicks the next button 2302, the mobile phone can obtain the identity information input by user A in the input interface 2301.

In addition, after detecting that the user clicks the OK button 2302 in the input interface 2301, as shown in (b) in FIG. 23, the mobile phone can jump to the input interface 2303 of the vehicle management APP, and the mobile phone can prompt in the input interface 2303 The owner of the vehicle after the transfer (ie, the new owner) enters his identity information. After the user B, as the old car owner, enters his identity information in the input interface 2303, he can click the next button 2304 to submit his identity information. If it is detected that the user clicks the next button 2304 in the input interface 2303, the mobile phone can obtain the identity information input by the user B in the input interface 2303.

In the above embodiment, the mobile phone obtains the identity information of the two users A and B as an example. In different application scenarios, the number of users participating in the multi-user joint identity verification function may be different. For example, when signing a three-party agreement online in the target application, the mobile phone needs to obtain the identity information of the three users.

S2103. The mobile phone prompts M users participating in the multi-user joint authentication function to input face information in the same preview interface.

Still taking the above vehicle management APP as an example of the target application, after the mobile phone obtains the identity information of the two users, the new car owner (user A) and the old car owner (user B), as shown in FIG. 24, the mobile phone can call its camera (for example, the front Set the camera) Obtain the currently captured preview interface 2401 and display the preview interface 2401. Moreover, the mobile phone can mark the input area 2402 of the face information of the new car owner and the input area 2403 of the face information of the old car owner on the preview interface 2401, thereby prompting the user A and the user B to input their own face information on the preview interface 2401.

S2104. The mobile phone obtains M pieces of face information to be verified from the preview interface.

After the mobile phone displays the preview interface 2401, it can detect whether there is a human face in the input area 2402 and the input area 2403 in real time. When it is detected that a face appears in the input area 2402 and the input area 2403, the mobile phone can extract the face information in the input area 2402 and the face information in the input area 2403. The two face information are the face information waiting for verification in the subsequent multi-user joint identity verification.

That is to say, when identity verification is required for multiple users, the verification method provided in this embodiment of the present application can collect face information of the multiple users in the same preview interface, thereby ensuring that the multiple users are in the same time and scene Understand and confirm a certain information (such as the above transfer procedures). This verification method provides multi-user presence verification, which can reduce the security risks caused by unequal information in transactions involving multiple users.

S2105. The mobile phone sends a verification request to the server, where the verification request includes the M identity information and M face information to be verified.

After the mobile phone obtains the identity information of the new owner (user A) and the old owner (user B) and the face information to be verified by user A and user B, the phone can use the encryption method agreed with the server to encrypt the identity information and face The information is encrypted. Furthermore, the mobile phone can carry the encrypted M pieces of identity information and M pieces of face information to be verified in the verification request and send it to the server, so as to avoid the security risk of information leakage during the interaction between the phone and the server.

In some embodiments, as shown in FIG. 25, before sending a verification request to the server, the mobile phone may display the collected identity information and face information of the new and old car owners to the user, and the user confirms whether to use this time The collected identity information and face information are used for vehicle transfer. If it is detected that the user clicks the confirmation button 2401 as shown in FIG. 25, the mobile phone may send the above verification request to the server.

Exemplarily, after detecting that the user clicks the above confirmation button 2401, the mobile phone can generate the summary of the verification request by using the cryptographic algorithm such as the hash algorithm and the collected face information and the operation content of the vehicle transfer confirmed by the user . Furthermore, the mobile phone can carry the encrypted operation content, identity information, face information and abstract in the verification request and send it to the server.

S2106. The server finds corresponding M pieces of registered face information according to the M pieces of identity information.

S2107. The server determines that the M pieces of registered face information correspond to the M pieces of face information to be verified.

In step S2106, after the server receives the verification request sent by the mobile phone, if the verification request is encrypted, the server can decrypt the verification request using the corresponding decryption algorithm to obtain the identity information carried in the verification request and the face to be verified information.

Exemplarily, the server may use the corresponding decryption algorithm to decrypt the operation content, identity information, face information, and digest carried in the verification request. Furthermore, the server can verify the integrity of the received face information and operation content through a summary to ensure that the information received by the server has not been tampered with and the user is informed about the operation content (ie, vehicle transfer operation) corresponding to this authentication . To prevent the attacker from intercepting the user's face information, it can be used for authentication applications for other operations without the user's knowledge.

After the server obtains the M identity information in the authentication request, it can further determine whether the multiple users performing multi-user joint authentication this time are all registered users who have been registered in the server. Since each user stores his own identity information and corresponding face information in the server during registration, the server can find whether the identity information of user A and user B received this time are stored locally. If the identity information of user A and user B is saved, it means that both user A and user B requesting multi-user identity verification this time are registered users. Then, the mobile phone can find the face information corresponding to the identity information of user A and the face information corresponding to the identity information of user B, that is, the registered face information.

In step S2107, after the mobile phone obtains the registered face information corresponding to the user A's identity information, the mobile phone can compare the registered face information with the face information to be verified entered by the user A in the verification request. If the similarity between the two is greater than the threshold, it means that the authentication of User A participating in the multi-user joint authentication is successful.

Similarly, after the mobile phone obtains the registered face information corresponding to the identity information of the user B, the mobile phone can compare the registered face information with the face information to be verified entered by the user B in the verification request. If the similarity between the two is greater than the threshold, it means that the authentication of User B participating in the multi-user joint authentication is successful. If the authentication of both user A and user B is successful, it can be determined that this multi-user joint authentication is successful. Through this multi-user joint identity verification, user A and user B can be provided with proof of presence, so as to ensure that user A and user B participating in the vehicle transfer have authorized and confirmed the transfer process at the same time and in the scenario to avoid other users posing as users A or user B completes the transfer procedure and brings property damage to the user.

S2108. The server sends a message that the multi-user joint authentication is successful to the mobile phone.

After the identity verification of both user A and user B is successful, the server can send a message that the multi-user joint authentication is successful to the mobile phone. At this time, as shown in FIG. 26, the mobile phone may display a message that multi-user joint authentication is successful. In addition, the mobile phone can also automatically jump to the next operation interface (such as an online number selection interface) of the vehicle transfer procedure, so that the user can continue to complete other procedures of the vehicle transfer procedure.

In addition, if the authentication of User A and/or User B participating in the multi-user federation authentication fails this time, the server may determine that the multi-user federation authentication fails this time. Then, the server can send a message to the mobile phone that multi-user federation failed. The mobile phone can also display a message that multi-user federation failed. At this time, the mobile phone cannot jump to the next operation interface of the vehicle transfer procedure, so as to prevent the illegal user from impersonating the legitimate user to transfer the vehicle and damage the user's property security.

It should be noted that, in the above embodiments, the vehicle management APP is taken as an example for the target application. It can be understood that the identity verification method provided by the embodiments of the present application can also be applied to other scenarios where the identities of multiple users need to be verified simultaneously. For example, when using an online contract signing application, the above-mentioned identity verification method can be used to perform multi-user joint identity verification on multiple parties participating in the contract signing, so as to provide a multi-user presence certificate to avoid subsequent contract disputes. For another example, when handling the business of marriage certificate or joint account online, the above-mentioned identity verification method can be used to perform multi-user joint identity verification on multiple parties participating in the business, proving that all parties involved in the above-mentioned business are present and authorizing the forthcoming business , To avoid other users impersonating legitimate users to handle related business on the spot. For another example, when dealing with the common property of multiple users online (for example, the common property of husband and wife), the above-mentioned identity verification method can be used to perform multi-user joint identity verification on the multi-owner of the common property to ensure that the multi-owner of the common property is present and informed of the transaction Content, thereby reducing potential security risks to user property.

In some embodiments, FIG. 27 shows a possible structural schematic diagram of the electronic device involved in the foregoing embodiment. The electronic device includes: an acquisition unit 2701, a processing unit 2702, a display unit 2703, and a communication unit 2704.

The obtaining unit 2701 is used to support the electronic device to perform the processes S302 and S304 in FIG. 3, and the process S1003 in FIG. 10, and the process S1503 in FIG. 15, and the processes S2002 and S2004 in FIG. 20, and the process in FIG. 21. S2102 and S2104; the processing unit 2702 is used to support the electronic device to execute the process S305 in FIG. 3, and the processes S1004-S1006 in FIG. 10, and the processes S1504-S1505 in FIG. 15; the display unit 2703 is used to support the electronic device execution diagram Processes S301 and S303 in 3, and processes S1001-S1002 in FIG. 10, and processes S1501, S1502 and S1505 in FIG. 15, and processes S2001 and S2003 in FIG. 20, and processes S2101 and S2103 in FIG. 21; The communication unit 2704 is used to support the electronic device to perform the processes S2005 and S2008 in FIG. 20 and the processes S2105 and S2108 in FIG. 21. Wherein, all relevant content of each step involved in the above method embodiments can be referred to the function description of the corresponding function module, which will not be repeated here.

In other embodiments, FIG. 28 shows a possible structural schematic diagram of the electronic device involved in the foregoing embodiments. The electronic device includes a processor 2801, a memory 2802, an input device 2803, an output device 2804, and a communication module 2805. The number of the processor 2801, the memory 2802, the input device 2803, the output device 2804, and the communication module 2805 can be one or more (the number is taken as an example in FIG. 28), and they can communicate through the bus 2806.

The processor 2801 may specifically be the processor 110 shown in FIG. 1. The processor 2801 can be used to control and manage the actions of the electronic device. For example, the processor 2801 may be a central processing unit (Central Processing Unit, CPU), GPU, general-purpose processor, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit (Application-Specific Integrated Circuit, ASIC), on-site Programmable gate array (Field Programmable Gate Array, FPGA) or other programmable logic devices, transistor logic devices, hardware components or any combination thereof. It can implement or execute various exemplary logical blocks, modules, and circuits described in conjunction with the disclosure of the present application. The processor may also be a combination of computing functions, for example, including one or more microprocessor combinations, a combination of DSP and microprocessor, and so on.

The memory 2802 may specifically be the internal memory 121 and the external memory 120 shown in FIG. 1. The memory 2802 may include a high-speed random access memory (RAM), and may also include a non-volatile memory, such as a magnetic disk storage device, a flash memory device, or other volatile solid-state storage devices.

The input device 2803 may be a device that receives information input by a user, such as the microphone 170C or the touch sensor in the sensor module 180 shown in FIG. 1.

The output device 2804 may be a device such as a display for displaying information input by the user, information provided to the user, and various menus of the electronic device. Specifically, the display may be configured in the form of a liquid crystal display, an organic light-emitting diode, or the like. For example, the output device 2804 may be the speaker 170A or the display screen 194 shown in FIG. 1. In addition, a touch sensor may be integrated on the display screen 194 to collect touch events on or near it, and send the collected touch information to other devices (such as a processor, etc.).

The communication module 2805 may be a transceiver, a transceiver circuit, or a communication interface. For example, Bluetooth devices, Wi-Fi devices, peripheral interfaces, etc. Exemplarily, the communication module 2805 may specifically be the radio frequency module 150 and the communication module 160 shown in FIG. 1.

In some embodiments, FIG. 29 shows a possible structural schematic diagram of the server involved in the foregoing embodiments. The server includes: a communication unit 2901, a processing unit 2902, and a determination unit 2903.

The communication unit 2901 is used to support the server to execute the processes S2005 and S2008 in FIG. 20, and the processes S2105 and S2108 in FIG. 21; the processing unit 2902 is used to support the server to execute the process S2007 in FIG. 20, and the process S2106 in FIG. 21; The determining unit 2903 is used to support the server to perform the process S2006 in FIG. 20 and the process S2107 in FIG. 21. Wherein, all relevant content of each step involved in the above method embodiments can be referred to the function description of the corresponding function module, which will not be repeated here.

In other embodiments, FIG. 30 shows a possible structural diagram of the server involved in the above embodiments. The server includes a processor 3001, a memory 3002, and a communication module 3003. The number of the processor 3001, the memory 3002, and the communication module 3003 may be one or more (the number is taken as an example in FIG. 28), and they can communicate through the bus 3004.

The processor 3001 can be used to control and manage the actions of the electronic device. For example, the processor 3001 may be a central processor (Central Processing Unit, CPU), GPU, general-purpose processor, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit (Application-Specific Integrated Circuit, ASIC), on-site Programmable gate array (Field Programmable Gate Array, FPGA) or other programmable logic devices, transistor logic devices, hardware components or any combination thereof. It can implement or execute various exemplary logical blocks, modules, and circuits described in conjunction with the disclosure of the present application. The processor may also be a combination of computing functions, for example, including one or more microprocessor combinations, a combination of DSP and microprocessor, and so on.

The memory 3002 is used to store program codes and data of the server. For example, the memory 3002 may include a high-speed random access memory (RAM), and may also include a non-volatile memory, such as a magnetic disk storage device, a flash memory device, or other volatile solid-state storage devices.

The communication module 3003 is used to support communication between the server and other network entities. For example, the communication module 3003 may be a transceiver, a transceiver circuit, a communication interface, or the like.

Through the description of the above embodiments, those skilled in the art can clearly understand that, for the convenience and conciseness of description, only the above-mentioned division of each functional module is used as an example for illustration. In practical applications, the above-mentioned functions can be allocated as needed Completed by different functional modules, that is, dividing the internal structure of the device into different functional modules to complete all or part of the functions described above. For the specific working processes of the system, device and unit described above, reference may be made to the corresponding processes in the foregoing method embodiments, which will not be repeated here.

The functional units in the embodiments of the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of hardware or software function unit.

If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it may be stored in a computer-readable storage medium. Based on such an understanding, the technical solutions of the embodiments of the present application may essentially be part of or contribute to the existing technology or all or part of the technical solutions may be embodied in the form of software products, and the computer software products are stored in a storage The medium includes several instructions to enable a computer device (which may be a personal computer, server, or network device, etc.) or processor to perform all or part of the steps of the methods described in the embodiments of the present application. The foregoing storage media include: flash memory, mobile hard disk, read-only memory, random access memory, magnetic disk or optical disk and other media that can store program codes.

The above is only the specific implementation of the embodiments of the present application, but the protection scope of the embodiments of the present application is not limited to this, any changes or replacements within the technical scope disclosed in the embodiments of the present application should be covered in this Within the scope of protection of the application examples. Therefore, the protection scope of the embodiments of the present application shall be subject to the protection scope of the claims.

Claims (30)

A method for verifying the identity of a user, which is characterized by including: The electronic device runs the target application and opens the multi-user joint authentication function provided by the target application; The electronic device displays a first preview interface captured by the camera, and prompts to enter face information of a plurality of preset users in the first preview interface; The electronic device obtains N pieces of face information to be verified from the first preview interface, where N is an integer greater than 1; If each of the N pieces of face information to be verified is face information of a preset user, the electronic device is allowed to continue to run the target application. The method according to claim 1, wherein before the electronic device opens the multi-user federation authentication function provided by the target application, the method further comprises: The electronic device prompts the user to set the number of users who authenticate the user when performing the multi-user joint identity verification; In response to the number N of users input by the user, the electronic device displays a second preview interface captured by the camera, and obtains face information of N users from the second preview interface; The electronic device uses the N users as N preset users, and establishes a correspondence between the target application and face information of the N authenticated users. The method according to claim 2, wherein after the electronic device opens the multi-user federation authentication function provided by the target application, the method further comprises: The electronic device obtains face information of N preset users corresponding to the target application; After the electronic device obtains N pieces of face information to be verified from the first preview interface, the method further includes: The electronic device compares the N face information to be verified with the face information of the N preset users to determine that each face information to be verified is the face information of the preset user. The method according to claim 2 or 3, wherein after the electronic device obtains face information of N authenticated users from the second preview interface, the method further includes: The order in which the electronic device records the face information of the N preset users in the second preview interface; After the electronic device obtains N pieces of face information to be verified from the first preview interface, the method further includes: The electronic device determines the order between the N face information to be verified in the first preview interface is the same as the order between the face information of the N preset users in the second preview interface . The method according to any one of claims 1-4, wherein the electronic device turning on the multi-user federation authentication function provided by the target application includes: The electronic device automatically turns on the multi-user federation authentication function when running the target application; or, When the electronic device runs the target application, the multi-user federation authentication function is turned on in response to user input. The method according to any one of claims 1-5, wherein the electronic device turning on the multi-user federation authentication function provided by the target application includes: When the electronic device starts the target application, the multi-user joint authentication function is turned on; or, The electronic device turns on the multi-user federation authentication function when running the first function provided by the target application. The method according to any one of claims 2-6, characterized in that if each of the N face information to be verified is face information of a preset user, it is allowed The electronic device continues to run the target application, including: If each of the N pieces of face information to be verified is face information of a preset user, the electronic device is allowed to continue to run the target application within a preset period of time. A method for verifying the identity of a user, which is characterized by including: The electronic device detects a first function for the user to open the target application, the first function is a function that requires N users to perform multi-user joint authentication, and N is an integer greater than 1; The electronic device displays a first input interface, and prompts for input of identity information of N users in the first input interface; The electronic device obtains N identity information from the first input interface; The electronic device displays a first preview interface captured by the camera, and prompts the N users to input face information in the first preview interface; The electronic device obtains N personal face information from the first preview interface; The electronic device sends a verification request to a server, where the verification request includes the N identity information and the N face information, so that the server performs multi-user joint identity verification on the N users; If a message of successful multi-user joint authentication sent by the server is received, the electronic device performs the first function. The method according to claim 8, wherein before the electronic device sends a verification request to the server, the method further comprises: The electronic device displays the correspondence between the N identity information and the N personal face information, and prompts the user to confirm the use of the N identity information and the N personal face information to perform the first function; Wherein, the electronic device sends a verification request to the server, including: If a user's confirmation operation of the N identity information and the N personal face information is detected, the electronic device sends the verification request to the server. The method according to claim 8 or 9, wherein before the electronic device detects that the user opens the first function of the target application when the target application is running, the method further comprises: The electronic device obtains the identity information input by the user in the second input interface; The electronic device obtains face information input by the user in the second preview interface; The electronic device sends a registration request to the server, where the registration request includes the user's identity information and face information, so that the server establishes a correspondence between the user's identity information and face information . A method for verifying the identity of a user, which is characterized by including: The server receives the verification request sent by the electronic device, where the verification request includes N identity information and N face information to be verified; The server obtains N registered face information corresponding to the N identity information respectively, and the server stores the correspondence between the identity information and face information of each registered user; The server determines that the N registered face information and the N face information to be verified have a one-to-one correspondence; The server sends a message to the electronic device that multi-user joint authentication is successful. The method of claim 11, before the server receives the verification request sent by the electronic device, further comprising: The server receives a registration request sent by the electronic device, and the registration request includes the user's identity information and face information; The server establishes a correspondence between the user's identity information and face information. The method of claim 12, before the server establishes a correspondence between the user's identity information and face information, further comprising: The server queries that the identity information of the user is correct identity information in a preset database. The method according to claim 12 or 13, wherein the user's identity information includes the user's avatar information; wherein, after the server receives the registration request sent by the electronic device, the method further includes: The server determines that the avatar information in the identity information corresponds to the face information. An electronic device, comprising a processor, and an input device, an output device, and a memory all coupled to the processor; wherein, The processor is used to: run a target application and turn on the multi-user joint authentication function provided by the target application; The output device is used to: display a first preview interface captured by the camera, and prompt to input face information of a plurality of preset users in the first preview interface; The input device is used to obtain N face information to be verified from the first preview interface, where N is an integer greater than 1; The processor is further configured to: if each of the N face information to be verified is face information of a preset user, allow the electronic device to continue to run the target application. The electronic device according to claim 15, characterized in that The output device is also used to: prompt the user to set the number of users who authenticate users when performing the multi-user joint authentication; The input device is also used for: the number N of users receiving user input; The output device is also used to: display a second preview interface captured by the camera; The processor is further configured to: obtain face information of N users from the second preview interface; use the N users as N preset users, and establish the target application and the N authenticated users The corresponding relationship between the face information. The electronic device according to claim 16, characterized in that The processor is further configured to: obtain face information of N preset users corresponding to the target application; by comparing the face information of N to be verified and face information of the N preset users To determine that each face information to be verified is face information of a preset user. The electronic device according to claim 16 or 17, wherein The processor is further configured to: record the order between the face information of the N preset users in the second preview interface in the memory; determine the N waiting lists in the first preview interface The order between the verification face information is the same as the order between the face information of the N preset users in the second preview interface. The electronic device according to any one of claims 16 to 18, characterized in that The processor is specifically configured to: turn on the multi-user joint authentication function when starting the target application; or, turn on the multi-user joint authentication function when running the first function provided by the target application. The electronic device according to any one of claims 16 to 19, characterized in that The processor is specifically configured to: if each of the N pieces of face information to be verified is face information of a preset user, allow the electronic device to continue to operate within a preset duration The target application. An electronic device, characterized in that it includes a processor, and a communication module, an input device, an output device, and a memory all coupled to the processor; wherein, The input device is used to: detect a first function for a user to open a target application, the first function is a function that requires N users to perform multi-user joint authentication, and N is an integer greater than 1; The output device is used for: the electronic device displays a first input interface and prompts for input of identity information of N users in the first input interface; displays a first preview interface captured by a camera and prompts the N Users input face information in the first preview interface; The processor is used to: obtain N identity information from the first input interface; obtain N face information from the first preview interface; instruct the communication module to send a verification request to the server, the verification The request includes the N identity information and the N face information, so that the server performs multi-user joint identity verification on the N users; if the multi-user joint identity verification sent by the server is successful Message, the first function is performed. The electronic device according to claim 21, wherein The output device is further configured to: display the correspondence between the N pieces of identity information and the N personal face information, and prompt the user to confirm that the N pieces of identity information and the N personal face information are used to execute the A function; The input device is also used to: detect user confirmation operations on the N pieces of identity information and the N personal faces information; The processor is specifically configured to instruct the communication module to send the verification request to the server if a user's confirmation operation on the N identity information and the N personal face information is detected. The electronic device according to claim 21 or 22, characterized in that The input device is also used to: obtain the identity information entered by the user in the second input interface; obtain the face information entered by the user in the second preview interface; The processor is further configured to instruct the communication module to send a registration request to the server, where the registration request includes the user's identity information and face information, so that the server establishes the user's identity information Correspondence between the face information. A server, characterized in that it includes a processor, and a communication module and a memory both coupled to the processor; wherein, The communication module is configured to receive a verification request sent by an electronic device, where the verification request includes N identity information and N face information to be verified; The processor is configured to: obtain N registered face information corresponding to the N identity information respectively, and store the correspondence between the identity information of each registered user and face information in the memory; determine the N registered face information correspond one-to-one with the N face information to be verified; The communication module is further configured to: send a message of successful multi-user joint authentication to the electronic device. The server according to claim 24, characterized in that The communication module is further configured to: receive a registration request sent by the electronic device, where the registration request includes the user's identity information and face information; The processor is also used to: query the user's identity information in the preset database as correct identity information; and establish a correspondence between the user's identity information and face information. The server according to claim 25, wherein the user's identity information includes the user's avatar information; The processor is further configured to determine that the avatar information in the identity information corresponds to the face information. A computer-readable storage medium having instructions stored in the computer-readable storage medium, characterized in that when the instructions run on an electronic device, the electronic device is caused to execute as claimed in claims 1-7 or claims The method for verifying the user's identity as described in any one of 8-10. A computer-readable storage medium having instructions stored in the computer-readable storage medium, characterized in that, when the instructions run on a server, the server is caused to execute any one of claims 11-14 The method described above to verify the identity of the user. A computer program product containing instructions, characterized in that when the computer program product runs on an electronic device, the electronic device is caused to execute any one of claims 1-7 or claims 8-10 Method of verifying user identity. A computer program product containing instructions, characterized in that when the computer program product runs on a server, the server is caused to execute the method for verifying the identity of a user according to any one of claims 11-14.

Images