CN102833074A - Authentication method and related equipment - Google Patents
Authentication method and related equipment Download PDFInfo
- Publication number
- CN102833074A CN102833074A CN2012103198265A CN201210319826A CN102833074A CN 102833074 A CN102833074 A CN 102833074A CN 2012103198265 A CN2012103198265 A CN 2012103198265A CN 201210319826 A CN201210319826 A CN 201210319826A CN 102833074 A CN102833074 A CN 102833074A
- Authority
- CN
- China
- Prior art keywords
- information
- authentication
- terminal
- identity
- authentication information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000006854 communication Effects 0.000 claims abstract description 16
- 238000004891 communication Methods 0.000 claims abstract description 15
- 238000005516 engineering process Methods 0.000 claims description 8
- 239000003999 initiator Substances 0.000 description 11
- 230000005540 biological transmission Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000001960 triggered effect Effects 0.000 description 3
- 230000006698 induction Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention discloses an authentication method and related equipment. When current service is required to be authenticated in the embodiment of the invention, identity recognition request information is transmitted to a second terminal through NFC (Near Field Communication), identity information returned by the second terminal through the NFC according to the identity recognition request information is received, then authentication information of the current service is acquired according to the identity information, and the current service is authenticated according to the authentication information, so that the trouble of manually inputting the authentication information by a user is saved, the authentication process becomes simple and convenient, the authentication time can be saved, the authentication flexibility is improved, and the accuracy for authentication can also be improved.
Description
Technical Field
The invention relates to the technical field of communication, in particular to an authentication method and related equipment.
Background
With the development of communication technology, the types of data services are becoming more and more diverse, and the relationship with the daily life of people is becoming more and more intimate, so how to ensure the security of data services also becomes a very important problem.
Based on the problem, the prior art provides various authentication methods, so-called authentication, which refers to a technology for checking the validity and validity of a data service used by a user, and in the research and practice processes of the prior art, the inventors of the present invention found that the existing authentication methods all require the user to manually input authentication information, such as a password or other authentication information, which is time-consuming and inconvenient, and also easily causes a situation that the user with authority cannot pass the authentication, such as the authentication may not pass due to forgetting or misoperation of the user at one time, and the like.
Disclosure of Invention
The embodiment of the invention provides an authentication method and related equipment, which can save authentication time, simplify the authentication process and improve the flexibility and accuracy of authentication.
An authentication method, comprising:
sending identification request information to a second terminal through Near Field Communication (NFC);
receiving identity information returned by the second terminal through NFC according to the identity identification request information;
acquiring authentication information of the current service according to the identity information;
and authenticating the current service according to the authentication information.
Optionally, the identity information may include information such as a user identifier, a user name, and/or a user password, and at this time, the acquiring the authentication information of the current service according to the identity information may specifically include:
and acquiring the authentication information of the current service according to the user identification, the user name and/or the user password.
The acquiring the authentication information of the current service according to the identity information may specifically include:
acquiring authentication information corresponding to the identity information from a plurality of groups of preset authentication information; determining a service identifier of a current service; and acquiring authentication information corresponding to the service identifier from the acquired authentication information corresponding to the identity information.
Wherein, the authenticating the current service according to the authentication information may include:
determining whether the authentication information is legal; if so, determining that the operation of the user on the current service is legal; if not, determining that the operation of the user on the current service is illegal. Or,
the authentication information can also be sent to third-party equipment to determine whether the authentication information is legal or not; receiving an authentication result returned by the third-party equipment; if the authentication result indicates that the authentication information is legal, determining that the operation of the user on the current service is legal; and if the authentication result indicates that the authentication information is illegal, determining that the operation of the user on the current service is illegal.
In addition, an embodiment of the present invention further provides an authentication method, including:
receiving identity identification request information sent by a first terminal through NFC;
and returning the identity information to the first terminal through NFC according to the identity identification request information so that the first terminal authenticates the current service according to the identity information.
Optionally, returning the identity information to the first terminal through NFC according to the identity identification request information may include:
when the identity identification request information is determined to be legal, identity information is acquired; and returning the acquired identity information to the first terminal through NFC.
Correspondingly, an embodiment of the present invention further provides a terminal device, which serves as a first terminal and includes a sending unit, a receiving unit, an obtaining unit and an authentication unit, and the terminal device includes the following components:
the first sending unit is used for sending the identity identification request information to the second terminal through the Near Field Communication (NFC) technology;
the first receiving unit is used for receiving the identity information returned by the second terminal through NFC according to the identity identification request information;
the obtaining unit is used for obtaining the authentication information of the current service according to the identity information;
and the authentication unit is used for authenticating the current service according to the authentication information.
Optionally, the identity information may include information such as a user identifier, a user name, and/or a user password, and then:
the obtaining unit may be specifically configured to obtain authentication information of the current service according to the user identifier, the user name, and/or the user password.
For example, the acquisition unit may comprise a first acquisition subunit, a determination subunit and a second acquisition subunit, as follows:
the first obtaining subunit is configured to obtain authentication information corresponding to the identity information from a plurality of preset sets of authentication information;
a determining subunit, configured to determine a service identifier of a current service;
and the second obtaining subunit is configured to obtain, from the obtained authentication information corresponding to the identity information, authentication information corresponding to the service identifier.
Optionally, the authentication unit may be specifically configured to determine whether the authentication information is legal, determine that the operation of the user on the current service is legal if the authentication information is legal, and determine that the operation of the user on the current service is illegal if the authentication information is not legal. Or,
optionally, the authentication unit is specifically configured to send the authentication information to a third-party device, so as to determine whether the authentication information is legal; receiving an authentication result returned by the third-party equipment; if the authentication result indicates that the authentication information is legal, determining that the operation of the user on the current service is legal; and if the authentication result indicates that the authentication information is illegal, determining that the operation of the user on the current service is illegal.
In addition, another terminal device is provided in an embodiment of the present invention, and includes a second receiving unit and a second sending unit as a second terminal;
the second receiving unit is used for receiving the identity identification request information sent by the first terminal through NFC;
and the second sending unit is used for returning the identity information to the first terminal through NFC according to the identity identification request information so that the first terminal can authenticate the current service according to the identity information.
Optionally, the second sending unit may include an obtaining subunit and a sending subunit, as follows:
the acquiring subunit is used for acquiring the identity information when the identity identification request information is determined to be legal;
and the sending subunit is used for returning the acquired identity information to the first terminal through the NFC.
Correspondingly, the embodiment of the invention also provides a communication system which comprises any one of the first terminal and any one of the second terminal provided by the embodiment of the invention.
When the current service needs to be authenticated, the embodiment of the invention sends the identity identification request information to the second terminal through the NFC, receives the identity information returned by the second terminal through the NFC according to the identity identification request information, then acquires the authentication information of the current service according to the identity information, and authenticates the operation of the current service according to the authentication information, thereby saving the trouble of manually inputting the authentication information by a user, simplifying the authentication process, saving the authentication time, improving the authentication flexibility, greatly reducing the authentication failure caused by misoperation when the user manually inputs the authentication information, and greatly improving the authentication accuracy.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of an authentication method provided by an embodiment of the present invention;
fig. 2 is another flowchart of an authentication method provided by an embodiment of the present invention;
fig. 3 is another flowchart of an authentication method provided by the embodiment of the present invention;
fig. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a terminal device according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a communication system according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to better explain the embodiments of the present invention, a conventional Near Field Communication (NFC) technology will be briefly described below.
NFC is a short-range, high-frequency wireless communication technology that allows contactless point-to-point data transmission to exchange data between electronic devices. NFC may use an active mode for data exchange or a passive mode for data exchange. In the passive mode, the source device that initiates NFC communication is called an NFC initiator device, and the other device that is the passive party is called an NFC target device. The NFC initiator provides a radio frequency energy Field (RF-Field) during the whole communication process, and can select one of the transmission speeds of 106kbps (bit rate), 212kbps or 424kbps to transmit data to the NFC target device, and the NFC target device does not need to generate a radio frequency Field, but can transmit data back to the NFC initiator at the same speed by using a load modulation (load modulation) technology. During an application session, the NFC device may switch its role between the NFC initiator and the NFC target. With this functionality, a NFC device with a low battery power may require to act as an NFC target device in a passive mode instead of an NFC initiator device.
The NFC has three working modes, namely a read-write mode, a peer-to-peer mode, and an emulation card mode, and may specifically be as follows:
(1) and (3) reading and writing modes: the electronic tag can be used as a non-contact card reader, such as reading relevant information from a poster or an exhibition information electronic tag.
(2) Point-to-point mode: the two activated NFC devices are allowed to exchange data, for example, to exchange contact information, etc.
(3) A card-imitating mode: NFC devices are used as smart payment cards, for example in traffic ticketing systems.
Passive NFC devices require only one magnetic induction coil to obtain the necessary energy from an active NFC device, a transceiver chip to hold the data you want to share, and an antenna. The active NFC device adds a power source, a transceiver chip and an antenna. But the added part is small as if the components of the device were unchanged. Therefore, the NFC function is embedded in many devices.
The embodiment of the invention provides an authentication method and related equipment. The following are detailed below.
The first embodiment,
The embodiment will be described from the perspective of a first terminal, where the first terminal may be used as an NFC initiator, and specifically may be a terminal such as a Personal Computer (PC), a tablet Computer, or a mobile phone.
An authentication method, comprising: sending identity identification request information to a terminal through NFC, receiving identity information returned by the second terminal through the NFC according to the identity identification request information, acquiring authentication information of the current service according to the identity information, and authenticating the current service according to the acquired authentication information.
As shown in fig. 1, the specific process may be as follows:
101. the first terminal sends identity identification request information to the second terminal through NFC;
the first terminal may be an NFC initiator, and may specifically be a terminal such as a Personal Computer (PC), a tablet Computer, or a mobile phone.
102. The first terminal receives identity information returned by the second terminal through NFC according to the identity identification request information;
the IDentity information may include information such as a user Identification (ID), a user name (e.g., a nickname of the user, etc.), and/or a user password.
103. The first terminal acquires authentication information of the current service according to the received identity information; for example, the authentication information of the current service may be newly acquired according to the user identifier, the user name, and/or the user password.
The authentication information may be pre-stored in the first terminal according to the requirements of the actual application, and the authentication information may have only one group or multiple groups, for example, different groups of authentication information may be stored according to different users, different groups of authentication information may be stored according to different services, and the like, and the dividing manner may be various, and is not described herein again. For convenience of description, in the embodiments of the present invention, authentication information corresponding to different groups according to different users is taken as an example for description. The following were used:
in the first terminal, a plurality of sets of authentication information are stored, each set of authentication information corresponds to a user, each set of authentication information includes at least one piece of authentication information, and one piece of authentication information may correspond to at least one service, for convenience of description, in the embodiment of the present invention, an example in which one piece of authentication information corresponds to one service is described, for example, a service identifier of service 1 is service identifier 1, which corresponds to authentication information 1, a service identifier of service 2 is service identifier 2, which corresponds to authentication information 2, a service identifier of service 3 is service identifier 3, which corresponds to authentication information 3, and so on. At this time, the obtaining of the authentication information of the current service according to the identity information received in step 102 (i.e. step 102) may specifically be:
acquiring authentication information corresponding to the identity information from a plurality of groups of preset authentication information, determining a service identifier of the current service, and acquiring the authentication information corresponding to the service identifier from the acquired authentication information corresponding to the identity information.
For example, after receiving the identity information, the authentication information corresponding to the identity information (i.e., the authentication information corresponding to the user identifier, the user name, and/or the user password) may be obtained from preset multiple sets of authentication information according to the identity information, such as the user identifier, the user name, and/or the user password, since there may be multiple sets of the obtained authentication information corresponding to the identity information, such as different authentication information corresponding to different services, and so on, the service identifier of the current service may be further determined, and then the authentication information corresponding to the service identifier of the current service may be obtained from the "authentication information corresponding to the identity information" according to the service identifier.
104. The first terminal authenticates the current service according to the acquired authentication information; for example, the following may be specifically mentioned:
and determining whether the authentication information acquired in the step 103 is legal, if so, determining that the operation of the user on the current service is legal, and if not, determining that the operation of the user on the current service is illegal.
Or, the third-party device may also determine the validity of the authentication information, that is, "authenticate the current service according to the authentication information," specifically, the method may include:
sending the acquired authentication information to third-party equipment to determine whether the authentication information is legal or not; receiving an authentication result returned by the third-party equipment; if the authentication result indicates that the authentication information is legal, determining that the operation of the user on the current service is legal; and if the authentication result indicates that the authentication information is illegal, determining that the operation of the user on the current service is illegal.
The third-party device may specifically be other terminal device, or may also be a network-side device, such as a server corresponding to the current service, and the like. The method for determining the authentication information by the third-party device may specifically refer to the prior art, and is not described herein again.
For the method for determining whether the authentication information is legal, reference may be made to the prior art, which is not described herein again.
As can be seen from the above, in this embodiment, when the current service needs to be authenticated, the NFC is adopted to send the identification request information to the second terminal, receive the identification information returned by the second terminal through the NFC according to the identification request information, then obtain the authentication information of the current service according to the identification information, and authenticate the current service according to the authentication information, which saves the trouble of requiring the user to manually input the authentication information, simplifies the authentication process, not only can save the authentication time and improve the flexibility of the authentication, but also greatly reduces the authentication failure caused by the misoperation when the user manually inputs the authentication information, and greatly improves the accuracy of the authentication.
Example II,
In this embodiment, a description will be given from the perspective of a second terminal, where the second terminal may be an NFC target device, and specifically may be a terminal such as a PC, a tablet computer, or a mobile phone.
An authentication method, comprising: and receiving identity identification request information sent by the first terminal through NFC, and returning identity information to the first terminal through NFC according to the identity identification request information so that the first terminal can authenticate the current service according to the identity information.
As shown in fig. 2, the specific process may be as follows:
201. the second terminal receives identity identification request information sent by the first terminal through NFC;
the first terminal can be used as an NFC initiator. Specifically, the terminal may be a PC, a tablet computer, or a mobile phone.
202. And the second terminal returns the identity information to the first terminal through NFC according to the identity identification request information so that the first terminal can authenticate the current service according to the identity information.
The identity information may include information such as a user identification, a user name (e.g., a nickname of the user, etc.), and/or a user password.
The returning of the identity information to the first terminal through the NFC according to the identity identification request information may specifically include:
and when the identity identification request information is determined to be legal, acquiring the identity information, and returning the acquired identity information to the first terminal through NFC.
For the method for the first terminal to authenticate the current service according to the identity information, reference may be made to embodiment one, which is not described herein again.
It can be seen from the above that, in the embodiment, when the current service needs to be authenticated, the identity authentication request information sent by the first terminal through the NFC is received, and then the identity information is returned to the first terminal through the NFC according to the identity authentication request information, so that the first terminal can authenticate the current service according to the identity information, which saves the trouble of requiring the user to manually input the authentication information, simplifies the authentication process, not only saves the authentication time, but also improves the flexibility of authentication, and also greatly reduces the authentication failure caused by the misoperation when the user manually inputs the authentication information, thereby greatly improving the accuracy of authentication.
Example III,
The method described in the first and second embodiments will be described in detail below by way of example.
In this embodiment, a first terminal, specifically a PC, and a second terminal, specifically a mobile phone, are taken as an example for description, where the PC and the mobile phone both have NFC modules, that is, have an NFC function. The NFC function means that data transmission can be performed by NFC.
As shown in fig. 3, the specific process may be as follows:
301. the PC sends identity identification request information to a mobile phone of a user through NFC;
the PC stores the authentication information of the current service and the corresponding relation between the authentication information and the identity information.
For example, taking a login mailbox as an example, the PC stores information such as a user name and a login password of the mailbox; if the user needs to log in the mailbox, the user can trigger the PC to send the identification request information to the mobile phone of the user through the NFC, wherein the triggering modes can be various, and can be directly triggered or indirectly triggered, for example, the PC can be triggered to send the identification request information to the mobile phone of the user through the NFC by directly clicking a certain key, or the PC can be set to send the identification request information to the mobile phone of the user through the NFC when the user opens the mail login interface, and the like.
302. The mobile phone receives an identity recognition request message sent by the PC, and sends the identity information returned by the NFC according to the identity recognition request message to the PC;
the identity information may include information such as a user identification, a user name (e.g., a nickname of the user, etc.), and/or a user password.
For example, after receiving an identity recognition request message sent by a PC, a mobile phone may determine whether the identity recognition request message is legal, if so, acquire the identity information, and return the acquired identity information to the PC through NFC, otherwise, the mobile phone may not act or return a prompt message denying provision of the identity information to the PC.
303. After receiving the identity information sent by the mobile phone through the NFC, the PC acquires the authentication information of the current service according to the received identity information, which may specifically be as follows, for example:
the PC acquires authentication information corresponding to the identity information from a plurality of groups of preset authentication information, determines the service identification of the current service, and acquires the authentication information corresponding to the service identification from the acquired authentication information corresponding to the identity information.
For example, also taking logging in a mailbox as an example, after receiving identity information sent by a mobile phone, a PC acquires authentication information corresponding to the identity information from preset multiple sets of authentication information, and since there may be multiple acquired authentication information corresponding to the identity information, the PC may further determine a service identifier of a current service, that is, a service identifier of "mailbox logging", and then acquires the authentication information corresponding to the service identifier from the acquired "authentication information corresponding to the identity information" according to the determined service identifier, that is, acquires the authentication information of "mailbox logging".
Of course, if each identity information only corresponds to one authentication information, the PC may also directly search the authentication information corresponding to the identity information from the stored multiple sets of authentication information according to the received identity information without determining the service identifier of the current service.
304. The PC authenticates the operation of the current service according to the acquired authentication information, which may specifically be as follows, for example:
and determining whether the acquired authentication information is legal, if so, determining that the operation of the user on the current service is legal, and if not, determining that the operation of the user on the current service is illegal.
Or, the third-party device may also determine the validity of the authentication information, that is, "authenticate the current service according to the authentication information," specifically, the method may include:
sending the acquired authentication information to third-party equipment to determine whether the authentication information is legal or not; receiving an authentication result returned by the third-party equipment; if the authentication result indicates that the authentication information is legal, determining that the operation of the user on the current service is legal; and if the authentication result indicates that the authentication information is illegal, determining that the operation of the user on the current service is illegal.
For example, taking logging in a mailbox as an example, after acquiring the authentication information, the PC automatically inputs information such as a user name and a login password of the mailbox on a mailbox login interface, if the input user name and login password are verified to be correct by the PC to a network mail server connected to the PC, the user is allowed to log in the mailbox to send and receive mails, otherwise, if the input user name and login password are incorrect, the user is denied to log in the mailbox.
It should be noted that, the above description is only given by taking the login of the mailbox as an example, and it should be understood that the embodiment of the present invention may also be applied to other services, such as login of some games, microblog login, blog login, online business hall, login of shopping account, and the like, and details are not described herein again.
It can be known from the above that, when the PC of this embodiment needs to authenticate the current service, the PC can send the identification request information to the mobile phone through the NFC, then receive the identity information returned by the mobile phone through the NFC according to the identification request information, obtain the authentication information of the current service according to the identity information, and finally authenticate the current service according to the authentication information, which saves the trouble of requiring the user to manually input the authentication information on the PC, and makes the authentication process simple and convenient, not only can save the authentication time and improve the flexibility of the authentication, but also greatly reduces the authentication failure caused by the misoperation when the user manually inputs the authentication information, and greatly improves the accuracy of the authentication.
Example four,
In order to better implement the above method, the present invention further provides a terminal device, which may be used as the first terminal in the embodiment of the present invention, as shown in fig. 4, the terminal device includes a first sending unit 401, a first receiving unit 402, an obtaining unit 403, and an authenticating unit 404;
a first sending unit 401, configured to send identity identification request information to the second terminal through NFC;
the second terminal may be an NFC target device, and specifically may be a terminal such as a PC, a tablet computer, or a mobile phone.
A first receiving unit 402, configured to receive identity information returned by the second terminal through NFC according to the identity identification request information;
the identity information may include information such as a user identification, a user name (e.g., a nickname of the user, etc.), and/or a user password.
An obtaining unit 403, configured to obtain authentication information of a current service according to the identity information received by the first receiving unit 402;
for example, the obtaining unit 403 may be specifically configured to obtain authentication information of the current service according to the user identifier, the user name, and/or the user password received by the first receiving unit 402;
an authenticating unit 404, configured to authenticate the current service according to the authentication information acquired by the acquiring unit 403.
Optionally, the authentication information may be pre-stored in the terminal device according to a requirement of an actual application, that is, the first terminal, and the authentication information may have only one group or multiple groups, for example, authentication information of different groups may be stored according to different users, authentication information of different groups may be stored according to different services, and the like, and the dividing manner may be various and is not described herein again. For convenience of description, in the embodiments of the present invention, authentication information corresponding to different groups according to different users is taken as an example for description. The following were used:
in the terminal device, that is, the first terminal, multiple sets of authentication information may be stored, each set of authentication information corresponds to one user, each set of authentication information includes at least one piece of authentication information, and one piece of authentication information may correspond to at least one service, for convenience of description, in the embodiment of the present invention, an example in which one piece of authentication information corresponds to one service is described, for example, a service identifier of service 1 is service identifier 1, which corresponds to authentication information 1, a service identifier of service 2 is service identifier 2, which corresponds to authentication information 2, a service identifier of service 3 is service identifier 3, which corresponds to authentication information 3, and so on. Then, at this time, the obtaining unit 403 may include a first obtaining subunit, a determining subunit, and a second obtaining subunit;
the first obtaining subunit is configured to obtain, from a plurality of preset sets of authentication information, authentication information corresponding to the received identity information;
a determining subunit, configured to determine a service identifier of a current service;
and the second acquiring subunit is used for acquiring the authentication information corresponding to the service identifier determined by the determining subunit from the authentication information corresponding to the identity information acquired by the first acquiring subunit.
For example, after the first receiving unit 402 receives the identity information, the first obtaining subunit may obtain, according to the identity information, such as information of a user identifier, a user name, and/or a user password, authentication information corresponding to the identity information (i.e., authentication information corresponding to information of the user identifier, the user name, and/or the user password) from preset multiple sets of authentication information, since the obtained authentication information corresponding to the identity information may have multiple sets, such as different authentication information corresponding to different services, and so on, the service identifier of the current service may be further determined by the determining subunit, and then the second obtaining subunit obtains, according to the service identifier, authentication information corresponding to the service identifier of the current service from "authentication information corresponding to the identity information".
The method for authenticating the "operation performed by the user on the current service" by the authentication unit 404 according to the authentication information may be implemented in various ways, for example:
the authentication unit 404 may be specifically configured to determine whether the obtained authentication information is legal, determine that the operation of the user on the current service is legal if the obtained authentication information is legal, and determine that the operation of the user on the current service is illegal if the obtained authentication information is not legal.
Or, the third-party device may also determine the validity of the authentication information, that is:
the authentication unit 404 may be specifically configured to send the acquired authentication information to the third-party device, so as to determine whether the authentication information is legal; receiving an authentication result returned by the third-party equipment; if the authentication result indicates that the authentication information is legal, determining that the operation of the user on the current service is legal; and if the authentication result indicates that the authentication information is illegal, determining that the operation of the user on the current service is illegal.
The terminal device, i.e., the first terminal, may specifically be a terminal serving as an NFC initiator, specifically a PC, a tablet computer, or a mobile phone.
In a specific embodiment, the above units may be implemented as independent entities, or may be combined arbitrarily to be implemented as the same or several entities, and specific implementations of the above units may refer to the foregoing method embodiments, and are not described herein again.
As can be seen from the above, when the terminal device (i.e. the first terminal) of this embodiment needs to authenticate the current service, the first sending unit 401 sends the identification request information to the second terminal through NFC, the first receiving unit 402 receives the identification information returned by the second terminal through NFC according to the identification request information, the obtaining unit 403 obtains the authentication information of the current service according to the identification information, and the authentication unit 404 authenticates the current service according to the authentication information, thereby eliminating the trouble of requiring the user to manually input the authentication information, simplifying the authentication process, not only saving the authentication time and improving the flexibility of the authentication, but also greatly reducing the authentication failure caused by the misoperation when the user manually inputs the authentication information, and greatly improving the accuracy of the authentication.
Example V,
Correspondingly, another terminal device may be used as the second terminal in the embodiment of the present invention, as shown in fig. 5, the terminal device may include a second receiving unit 501 and a second sending unit 502;
a second receiving unit 501, configured to receive identity identification request information sent by a first terminal through a Near Field Communication (NFC) technology;
the first terminal can be used as an NFC initiator. Specifically, the terminal may be a PC, a tablet computer, or a mobile phone.
The second sending unit 502 is configured to return identity information to the first terminal through NFC according to the identity identification request information received by the second receiving unit 501, so that the first terminal authenticates the current service according to the identity information.
For example, after receiving the identity information sent by the second sending unit 502, the first terminal may obtain the authentication information of the current service according to the identity information, and then authenticate the current service according to the obtained authentication information, which may be specifically referred to in the foregoing embodiments and is not described herein again.
The identity information may include information such as a user identification, a user name (e.g., a nickname of the user, etc.), and/or a user password.
Optionally, the second sending unit 502 may include an acquiring subunit and a sending subunit, as follows:
an obtaining subunit, configured to obtain the identity information when it is determined that the identity identification request information received by the second receiving unit 501 is legal;
and the sending subunit is used for returning the identity information acquired by the acquiring subunit to the first terminal through NFC.
The terminal device, i.e., the second terminal, may specifically be an NFC target device, and specifically may be a terminal such as a PC, a tablet computer, or a mobile phone.
In a specific implementation, the above units may be specifically implemented as independent entities, or may be combined arbitrarily to be implemented as the same or several entities, and the specific implementation of the above units may refer to the foregoing embodiments, which are not described herein again.
As can be seen from the above, in this embodiment, when the current service needs to be authenticated, the terminal device, that is, the second receiving unit 501 in the second terminal receives the identification request information sent by the first terminal through the NFC, and then the second sending unit 502 returns the identification information to the first terminal through the NFC according to the identification request information, so that the first terminal can authenticate the current service according to the identification information, thereby eliminating the trouble of requiring the user to manually input the authentication information, making the authentication process simple and convenient, not only saving the authentication time and improving the flexibility of the authentication, but also greatly reducing the authentication failure caused by the misoperation when the user manually inputs the authentication information, and greatly improving the accuracy of the authentication.
Example six,
Accordingly, an embodiment of the present invention further provides a communication system, which may include a first terminal and a second terminal, where the first terminal is any one of the terminal devices provided in the fourth embodiment, and the second terminal is any one of the terminal devices provided in the fifth embodiment, and reference may be specifically made to the fourth embodiment and the fifth embodiment, which is not described herein again.
For example, as shown in fig. 6, the communication system may specifically include a first terminal 601 and a second terminal 602, as follows:
the first terminal 601 is configured to send identity identification request information to the second terminal 602 through NFC, receive identity information returned by the second terminal 602 through NFC according to the identity identification request information, acquire authentication information of a current service according to the identity information, and authenticate the current service according to the acquired authentication information;
the second terminal 602 is configured to receive the identification request information sent by the first terminal 601 through NFC, and return the identification information to the first terminal through NFC according to the received identification request information.
The identity information may include information such as a user identification, a user name (e.g., a nickname of the user, etc.), and/or a user password. The authentication information may be pre-stored in the first terminal according to the requirements of the actual application, and the authentication information may have only one group or multiple groups, for example, different groups of authentication information may be stored according to different users, different groups of authentication information may be stored according to different services, and the like, and the dividing manner may be various, and is not described herein again.
For example, the first terminal 601 may be specifically configured to obtain authentication information corresponding to the identity information from a plurality of preset sets of authentication information, determine a service identifier of the current service, and obtain authentication information corresponding to the service identifier from the obtained authentication information corresponding to the identity information.
In addition, the method for authenticating the "operation performed by the user on the current service" by the first terminal 601 according to the authentication information has a plurality of ways, as follows:
for example, the first terminal 601 may be specifically configured to determine whether the acquired authentication information is legal, determine that the operation of the user on the current service is legal if the acquired authentication information is legal, and determine that the operation of the user on the current service is illegal if the acquired authentication information is not legal.
For another example, the third-party device may determine the validity of the authentication information, that is:
the first terminal 601 may be specifically configured to send the acquired authentication information to the third-party device, so as to determine whether the authentication information is legal; receiving an authentication result returned by the third-party equipment; if the authentication result indicates that the authentication information is legal, determining that the operation of the user on the current service is legal; and if the authentication result indicates that the authentication information is illegal, determining that the operation of the user on the current service is illegal.
The first terminal may specifically be an NFC initiator, the second terminal may be an NFC target, the first terminal and the second terminal may specifically be terminals such as a PC, a tablet computer, or a mobile phone, for example, the first terminal may specifically be a PC, and the second terminal may specifically be a mobile phone, and so on.
The specific implementation of each device can be referred to the previous embodiment, and is not described herein again.
As can be seen from the above, when the communication system of this embodiment needs to authenticate the current service, the first terminal 601 sends the identification request information to the second terminal 602 through NFC, receives the identification information returned by the second terminal 602 through NFC according to the identification request information, and then the first terminal 601 obtains the authentication information of the current service according to the identification information, and authenticates the current service according to the authentication information, thereby eliminating the trouble of requiring the user to manually input the authentication information, making the authentication process simple and convenient, not only saving the authentication time and improving the flexibility of authentication, but also greatly reducing the authentication failure caused by the misoperation when the user manually inputs the authentication information, and greatly improving the accuracy of authentication.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
The above detailed description is provided for an authentication method and related devices provided by the embodiments of the present invention, and the principle and the implementation of the present invention are explained in detail by applying specific examples, and the description of the above embodiments is only used to help understanding the method and the core idea of the present invention; meanwhile, for those skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. An authentication method, comprising:
sending identity identification request information to a second terminal through NFC;
receiving identity information returned by the second terminal through NFC according to the identity identification request information;
acquiring authentication information of the current service according to the identity information;
and authenticating the current service according to the authentication information.
2. The method as claimed in claim 1, wherein the step of obtaining the authentication information of the current service according to the identity information comprises:
acquiring authentication information corresponding to the identity information from a plurality of groups of preset authentication information;
determining a service identifier of a current service;
and acquiring authentication information corresponding to the service identifier from the acquired authentication information corresponding to the identity information.
3. The method according to claim 1 or 2, wherein the step of authenticating the current service according to the authentication information comprises:
sending the authentication information to third-party equipment to determine whether the authentication information is legal or not;
receiving an authentication result returned by the third-party equipment;
and if the authentication result indicates that the authentication information is legal, determining that the operation of the user on the current service is legal.
4. An authentication method, comprising:
receiving identity identification request information sent by a first terminal through NFC;
and returning identity information to the first terminal through NFC according to the identity identification request information so that the first terminal authenticates the current service according to the identity information.
5. The method according to claim 4, wherein the step of returning identity information to the first terminal through NFC according to the identity identification request information, so that the first terminal authenticates the current service according to the identity information, comprises:
when the identity identification request information is determined to be legal, identity information is acquired;
and returning the acquired identity information to the first terminal through NFC so that the first terminal authenticates the current service according to the identity information.
6. A terminal device, comprising:
the first sending unit is used for sending the identification request information to the second terminal through NFC;
the first receiving unit is used for receiving the identity information returned by the second terminal through NFC according to the identity identification request information;
the obtaining unit is used for obtaining the authentication information of the current service according to the identity information;
and the authentication unit is used for authenticating the current service according to the authentication information.
7. The terminal device according to claim 6, wherein the acquiring unit comprises a first acquiring subunit, a determining subunit and a second acquiring subunit;
the first obtaining subunit is configured to obtain authentication information corresponding to the identity information from a plurality of preset sets of authentication information;
a determining subunit, configured to determine a service identifier of a current service;
and the second obtaining subunit is configured to obtain, from the obtained authentication information corresponding to the identity information, authentication information corresponding to the service identifier.
8. The terminal device according to claim 6 or 7,
the authentication unit is specifically configured to send the authentication information to third-party equipment to determine whether the authentication information is legal; receiving an authentication result returned by the third-party equipment; and if the authentication result indicates that the authentication information is legal, determining that the operation of the user on the current service is legal.
9. A terminal device, comprising:
the second receiving unit is used for receiving the identity identification request information sent by the first terminal through the Near Field Communication (NFC) technology;
and the second sending unit is used for returning the identity information to the first terminal through NFC according to the identity identification request information so that the first terminal authenticates the current service according to the identity information.
10. The terminal device according to claim 9, wherein the second sending unit comprises an acquiring subunit and a sending subunit;
the acquiring subunit is used for acquiring the identity information when the identity identification request information is determined to be legal;
and the sending subunit is used for returning the acquired identity information to the first terminal through the NFC.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012103198265A CN102833074A (en) | 2012-08-31 | 2012-08-31 | Authentication method and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012103198265A CN102833074A (en) | 2012-08-31 | 2012-08-31 | Authentication method and related equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102833074A true CN102833074A (en) | 2012-12-19 |
Family
ID=47336054
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012103198265A Pending CN102833074A (en) | 2012-08-31 | 2012-08-31 | Authentication method and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102833074A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015013958A1 (en) * | 2013-08-01 | 2015-02-05 | 西门子公司 | Programmable logic controller as well as user identification system and method thereof |
| CN104980430A (en) * | 2015-05-06 | 2015-10-14 | 腾讯科技(深圳)有限公司 | Terminal authentication method, device and system |
| US9264901B2 (en) | 2013-06-28 | 2016-02-16 | Huawei Technologies Co., Ltd. | Method, apparatus, and system for establishing data connection |
| CN105429949A (en) * | 2015-10-28 | 2016-03-23 | 广东欧珀移动通信有限公司 | Cipher pushing method and pushing system |
| CN105681261A (en) * | 2014-11-19 | 2016-06-15 | 小米科技有限责任公司 | Security authentication method and apparatus |
| CN105743844A (en) * | 2014-12-08 | 2016-07-06 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN106295269A (en) * | 2015-06-23 | 2017-01-04 | 阿里巴巴集团控股有限公司 | A kind of method for operating traffic thereof and device |
| CN110300083A (en) * | 2018-03-22 | 2019-10-01 | 华为技术有限公司 | A kind of method, terminal and authentication server obtaining identity information |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1848994A (en) * | 2005-04-11 | 2006-10-18 | 华为技术有限公司 | Method for realizing right discrimination of microwave cut-in global interoperating system |
| CN101083538A (en) * | 2006-05-30 | 2007-12-05 | 卓望数码技术(深圳)有限公司 | Real-time counting method for value added business of IP network environment |
| CN101202637A (en) * | 2006-12-11 | 2008-06-18 | 中兴通讯股份有限公司 | Device and method for realizing charging according to resource types based on medium service apparatus |
| US20090112981A1 (en) * | 2007-10-25 | 2009-04-30 | Slavik Markovich | Database end-user identifier |
| CN101997678A (en) * | 2010-11-18 | 2011-03-30 | 东莞宇龙通信科技有限公司 | Password acquisition method and terminal |
| CN102217280A (en) * | 2011-05-25 | 2011-10-12 | 华为技术有限公司 | Method, system, and server for user service authentication |
-
2012
- 2012-08-31 CN CN2012103198265A patent/CN102833074A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1848994A (en) * | 2005-04-11 | 2006-10-18 | 华为技术有限公司 | Method for realizing right discrimination of microwave cut-in global interoperating system |
| CN101083538A (en) * | 2006-05-30 | 2007-12-05 | 卓望数码技术(深圳)有限公司 | Real-time counting method for value added business of IP network environment |
| CN101202637A (en) * | 2006-12-11 | 2008-06-18 | 中兴通讯股份有限公司 | Device and method for realizing charging according to resource types based on medium service apparatus |
| US20090112981A1 (en) * | 2007-10-25 | 2009-04-30 | Slavik Markovich | Database end-user identifier |
| CN101997678A (en) * | 2010-11-18 | 2011-03-30 | 东莞宇龙通信科技有限公司 | Password acquisition method and terminal |
| CN102217280A (en) * | 2011-05-25 | 2011-10-12 | 华为技术有限公司 | Method, system, and server for user service authentication |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9264901B2 (en) | 2013-06-28 | 2016-02-16 | Huawei Technologies Co., Ltd. | Method, apparatus, and system for establishing data connection |
| WO2015013958A1 (en) * | 2013-08-01 | 2015-02-05 | 西门子公司 | Programmable logic controller as well as user identification system and method thereof |
| CN105681261A (en) * | 2014-11-19 | 2016-06-15 | 小米科技有限责任公司 | Security authentication method and apparatus |
| CN105743844A (en) * | 2014-12-08 | 2016-07-06 | 联想(北京)有限公司 | Information processing method and electronic device |
| CN104980430A (en) * | 2015-05-06 | 2015-10-14 | 腾讯科技(深圳)有限公司 | Terminal authentication method, device and system |
| CN104980430B (en) * | 2015-05-06 | 2018-07-03 | 腾讯科技(深圳)有限公司 | Terminal authentication method, apparatus and system |
| CN106295269A (en) * | 2015-06-23 | 2017-01-04 | 阿里巴巴集团控股有限公司 | A kind of method for operating traffic thereof and device |
| CN105429949A (en) * | 2015-10-28 | 2016-03-23 | 广东欧珀移动通信有限公司 | Cipher pushing method and pushing system |
| CN105429949B (en) * | 2015-10-28 | 2017-11-28 | 广东欧珀移动通信有限公司 | The method for pushing and supplying system of password |
| US10187383B2 (en) | 2015-10-28 | 2019-01-22 | Guangdong Oppo Mobile Telecommunications Corp., Ltd. | Method of pushing passwords, and pushing system |
| US10462125B2 (en) | 2015-10-28 | 2019-10-29 | Guangdong Oppo Mobile Telecommunications Corp., Ltd. | Method of pushing passwords, pushing system and terminal device |
| CN110300083A (en) * | 2018-03-22 | 2019-10-01 | 华为技术有限公司 | A kind of method, terminal and authentication server obtaining identity information |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102802156B (en) | A kind of method for authenticating and relevant device | |
| CN103259667B (en) | The method and system of eID authentication on mobile terminal | |
| US9520918B2 (en) | Login via near field communication with automatically generated login information | |
| US9594896B2 (en) | Two factor authentication using near field communications | |
| CN102833074A (en) | Authentication method and related equipment | |
| US8630585B2 (en) | Method and apparatus for communicating with external interface device using contactless | |
| CN104243461B (en) | A kind of method of mobile terminal network safety certification, SD blocks entirely and mobile terminal | |
| CN104618315B (en) | A kind of method, apparatus and system of verification information push and Information Authentication | |
| JP2013097650A (en) | Authentication system, authentication method and authentication server | |
| CN103905191A (en) | Verification method applied to mobile terminal, mobile terminal and system | |
| JPWO2015002271A1 (en) | Device and authentication system | |
| CN104660405A (en) | Business equipment authentication method and equipment | |
| CN105681258A (en) | Session method and session device based on third-party server | |
| CA2836890C (en) | Two factor authentication using near field communications | |
| EP3090376B1 (en) | Method for accessing a service and a corresponding server | |
| CN104980420A (en) | Business processing method, device, terminal and server | |
| CN104640112A (en) | Authentication method, device and system | |
| CN103684796A (en) | SMI (subscriber identity module) card and personal identity authentication method | |
| CN106779711A (en) | Safe payment method and device based on eID | |
| US10756927B2 (en) | Method for virtually connecting two persons, corresponding media and system | |
| CN107454557B (en) | Router connection method and system | |
| KR20120089388A (en) | Method for Requesting Caller Authentication of Voice Network using Data Network, Caller Device and Program | |
| CN105577607A (en) | User identity authentication method and user identity authentication device | |
| CN102065126A (en) | Telnet method for mobile terminal, telnet system and mobile terminal | |
| KR102163676B1 (en) | Method for Multi Authentication by using One Time Division Code |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 519000 Zhuhai hi tech Zone, science and Technology Innovation Coast Meizu Technology Building Applicant after: Meizu Technology (China) Co., Ltd. Address before: 519000 Zhuhai hi tech Zone, science and Technology Innovation Coast Meizu Technology Building Applicant before: Zhuhai Meizu Technology Co., Ltd. |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: APPLICANT; FROM: ZHUHAI MEIZU TECHNOLOGY CO., LTD. TO: MEIZU TECHNOLOGY (CHINA) CO., LTD. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20121219 |