CN115603898A

CN115603898A - Verification code generation method, verification code generation device, terminal and storage medium

Info

Publication number: CN115603898A
Application number: CN202110766237.0A
Authority: CN
Inventors: 任灵; 张彬彬
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Hangzhou Information Technology Co Ltd
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Hangzhou Information Technology Co Ltd
Priority date: 2021-07-07
Filing date: 2021-07-07
Publication date: 2023-01-13

Abstract

The present disclosure relates to a verification code generation method, a verification code generation apparatus, a terminal, and a storage medium. The identifying code generating method is applied to a service platform and comprises the steps of receiving request information which is sent by an application platform and used for identifying code generation, wherein the request information at least comprises an identifying code generating factor and a communication identifier for generating an identifying code SIM; and sending a message containing a generating factor to the SIM card according to the communication identifier, wherein the generating factor is used for enabling the SIM card to generate a first verification code by adopting a verification code generating mode which is known by the SIM card and the service platform together. Compared with the situation that the service platform transmits the generated verification code to the SIM card, the method and the device only need to transmit the generation factor of the verification code. Because the condition that the information is hijacked or leaked exists in the process that the service platform transmits the information to the SIM card, the generation factor in the application can not be directly used for identity verification, and the verification code is directly generated in the SIM card. Therefore, the condition that the verification code is leaked can be effectively reduced, and the authentication safety is improved.

Description

Verification code generation method, verification code generation device, terminal and storage medium

技术领域technical field

本发明涉及信息技术领域，尤其涉及一种验证码生成方法、验证码生成装置、终端及存储介质。The present invention relates to the field of information technology, in particular to a method for generating a verification code, a device for generating a verification code, a terminal and a storage medium.

背景技术Background technique

随着网络信息的复杂化，个人信息泄露愈发严重。单一的静态信息如账号、密码已经不能很好保证用户的身份验证。尤其是在线支付领域，身份信息的验证对安全交易尤为重要。因此以各银行、第三方支付等为代表的越来越多的行业安全策略均采用了“验证码”的方式。短信验证码就是其中一种。短信验证码，是通过发送验证码到终端，然后用户输入接收到的验证码到登录框，当用户输入的验证码与发送的验证码一致，则校验通过。With the complexity of network information, personal information leakage is becoming more and more serious. Single static information such as account number and password can no longer guarantee the user's identity verification. Especially in the field of online payment, the verification of identity information is particularly important for secure transactions. Therefore, more and more industry security strategies represented by banks and third-party payment have adopted the "verification code" method. SMS verification code is one of them. The SMS verification code is sent to the terminal by sending the verification code, and then the user enters the received verification code into the login box. When the verification code entered by the user is consistent with the sent verification code, the verification is passed.

发明内容Contents of the invention

有鉴于此，本公开实施例期望提供一种验证码生成方法、验证码生成装置、终端及存储介质。In view of this, the embodiments of the present disclosure expect to provide a method for generating a verification code, a device for generating a verification code, a terminal, and a storage medium.

本公开的技术方案是这样实现的：The disclosed technical solution is achieved in this way:

一方面，本公开提供一种验证码生成方法。In one aspect, the present disclosure provides a verification code generation method.

本公开实施例提供的验证码生成方法，包括：The method for generating a verification code provided by an embodiment of the present disclosure includes:

接收应用平台发送的用于验证码生成的请求信息，所述请求信息至少包括验证码的生成因子、生成所述验证码SIM的通信标识；receiving request information for verification code generation sent by the application platform, where the request information includes at least a generation factor of the verification code and a communication identification for generating the verification code SIM;

根据所述通信标识，发送包含有所述生成因子的报文至所述SIM卡，其中，所述生成因子，用于供所述SIM卡采用与服务平台共同知晓验证码生成方式生成第一验证码。According to the communication identification, send a message containing the generation factor to the SIM card, wherein the generation factor is used for the SIM card to generate a first verification by using a method of generating a verification code that is commonly known to the service platform code.

在一些实施例中，所述验证码的生成因子至少包括以下之一：In some embodiments, the generation factor of the verification code includes at least one of the following:

事务ID标识，用于标识应用平台向服务平台发送请求信息的事务；The transaction ID is used to identify the transaction in which the application platform sends request information to the service platform;

事务时间，用于记录服务平台接收应用平台发送的所述请求信息的时间。The transaction time is used to record the time when the service platform receives the request information sent by the application platform.

在一些实施例中，所述请求信息还包括以下至少之一：In some embodiments, the request information also includes at least one of the following:

验证码位数，用于指示所述验证码的字符位数；The number of digits of the verification code is used to indicate the number of characters of the verification code;

第一提示信息，用于指示所述服务平台确认用户获取所述第一验证码时是否需要进行PIN码验证；The first prompt information is used to instruct the service platform to confirm whether PIN code verification is required when the user obtains the first verification code;

第二提示信息，用于指示所述服务平台确认用户获取所述第一验证码时是否需要提供提示文案供用户阅读。The second prompt information is used to instruct the service platform to confirm whether a prompt text needs to be provided for the user to read when the user obtains the first verification code.

在一些实施例中，所述发送包含有所述生成因子的报文至所述SIM卡，包括：In some embodiments, the sending the message containing the generation factor to the SIM card includes:

基于所述SIM卡对应的ICCID集成电路卡识别码，通过确定的分散算法生成第一密钥；Based on the ICCID integrated circuit card identification code corresponding to the SIM card, a first key is generated through a determined decentralized algorithm;

基于所述第一密钥以及所述报文生成第一MAC消息验证码；generating a first MAC message verification code based on the first key and the message;

对所述报文进行第一密钥加密；Encrypting the message with a first key;

发送所述第一MAC消息验证码以及经第一密钥加密的报文至所述SIM卡，其中所述第一MAC消息验证码用于供所述SIM卡对接收到的所述报文的完整性进行消息验证。sending the first MAC message verification code and the message encrypted by the first key to the SIM card, wherein the first MAC message verification code is used for the SIM card to verify the received message Integrity of message verification.

在一些实施例中，所述方法还包括：In some embodiments, the method also includes:

接收所述应用平台发送的由所述SIM卡生成的所述第一验证码；receiving the first verification code generated by the SIM card and sent by the application platform;

在接收所述第一验证码后，基于所述第一密钥，生成不同于所述第一密钥的第二密钥；after receiving the first verification code, generating a second key different from the first key based on the first key;

基于所述第二密钥对所述生成因子进行密钥加密得到与所述SIM卡生成的所述第一验证码相对应的第二验证码。Encrypting the generation factor based on the second key to obtain a second verification code corresponding to the first verification code generated by the SIM card.

在一些实施例中，所述基于所述第二密钥对所述生成因子进行密钥加密得到与所述SIM卡生成的所述第一验证码相对应的第二验证码，包括：In some embodiments, performing key encryption on the generation factor based on the second key to obtain a second verification code corresponding to the first verification code generated by the SIM card includes:

基于第二密钥对所述生成因子进行密钥加密得到验证码字符链；performing key encryption on the generating factor based on the second key to obtain a verification code character chain;

在所述验证码字符链的确定位置截取等于验证码位数的字符得到所述第二验证码。Intercepting characters equal to the number of digits of the verification code at a certain position of the verification code character chain to obtain the second verification code.

验证生成的所述第二验证码对所述第一验证码是否相同，得到验证结果；verifying whether the generated second verification code is the same as the first verification code, and obtaining a verification result;

反馈所述验证结果至所述应用平台。Feedback the verification result to the application platform.

另一方面，本公开还提供另一种验证码生成方法，其特征在于，应用于SIM卡，所述方法包括：On the other hand, the present disclosure also provides another method for generating a verification code, which is characterized in that it is applied to a SIM card, and the method includes:

接收服务平台发送的包含有验证码的生成因子的报文；Receive the message containing the generation factor of the verification code sent by the service platform;

基于所述生成因子以与服务平台共同知晓验证码生成方式生成第一验证码。Based on the generation factor, the first verification code is generated in a manner of jointly knowing the generation of the verification code with the service platform.

在一些实施例中，所述接收服务平台发送的包含有验证码的生成因子的报文前，所述方法包括：In some embodiments, before receiving the message sent by the service platform and including the generation factor of the verification code, the method includes:

向所述服务平台发送生成所述验证码SIM的通信标识以及与所述通信标识对应的ICCID；所述ICCID用于供所述服务平台基于所述ICCID生成用于对所述报文进行加密的第一密钥；Send to the service platform the communication identification that generates the verification code SIM and the ICCID corresponding to the communication identification; the ICCID is used for the service platform to generate a message for encrypting the message based on the ICCID first key;

所述接收服务平台发送的包含有验证码的生成因子的报文后，所述方法包括：After receiving the message sent by the service platform and including the generation factor of the verification code, the method includes:

基于所述ICCID集成电路卡识别码，通过确定的分散算法生成第三密钥，其中所述SIM卡生成所述第三密钥的分散算法与服务平台生成第一密钥的分散算法相同；Based on the ICCID integrated circuit card identification code, a third key is generated through a determined distribution algorithm, wherein the distribution algorithm for generating the third key by the SIM card is the same as the distribution algorithm for generating the first key by the service platform;

基于所述第三密钥对经所述第一密钥加密的所述报文进行解密，得到所述生成因子。Decrypt the message encrypted by the first key based on the third key to obtain the generation factor.

在一些实施例中，所述生成第一验证码，包括：In some embodiments, the generating the first verification code includes:

基于所述第三密钥，生成不同于所述第三密钥的第四密钥，其中所述SIM卡生成所述第四密钥的方式与所述服务平台生成所述第二密钥的方式相同；Based on the third key, generate a fourth key that is different from the third key, wherein the SIM card generates the fourth key in the same way as the service platform generates the second key in the same way;

基于所述第四密钥对所述生成因子进行密钥加密得到所述第一验证码。performing key encryption on the generation factor based on the fourth key to obtain the first verification code.

接收所述服务平台发送的第一MAC消息验证码，所述第一MAC消息验证码为所述服务平台基于所述第一密钥生成，用于供所述SIM卡对所述报文的完整性进行消息验证；receiving a first MAC message verification code sent by the service platform, the first MAC message verification code is generated by the service platform based on the first key, and is used for the SIM card to complete the message message verification;

基于所述第三密钥生成第二MAC消息验证码，其中，所述SIM卡生成第二MAC消息验证码的生成方式与所述服务平台生成第一MAC消息验证码的方式相同；Generate a second MAC message verification code based on the third key, wherein the SIM card generates the second MAC message verification code in the same manner as the service platform generates the first MAC message verification code;

验证所述第二MAC消息验证码与所述第一MAC消息验证码是否相同。Verifying whether the second MAC message verification code is the same as the first MAC message verification code.

对用户提供的PIN码进行验证；Verify the PIN code provided by the user;

在所述PIN码验证通过后，通过SIM卡所在设备的显示界面显示所述第一验证码。After the verification of the PIN code is passed, the first verification code is displayed on the display interface of the device where the SIM card is located.

在所述PIN码验证通过后，通过SIM卡所在设备的显示界面显示提示文案，所述提示文案用于说明所述第一验证码。After the verification of the PIN code is passed, a prompt text is displayed on the display interface of the device where the SIM card is located, and the prompt text is used to explain the first verification code.

又一方面，本公开还提供一种验证码生成装置，所述装置包括：In yet another aspect, the present disclosure also provides a device for generating a verification code, the device comprising:

第一处理单元，用于接收应用平台发送的用于验证码生成的请求信息，所述请求信息至少包括验证码的生成因子、生成所述验证码SIM的通信标识；The first processing unit is configured to receive request information for verification code generation sent by the application platform, where the request information includes at least a generation factor of the verification code and a communication identification for generating the verification code SIM;

第二处理单元，用于根据所述通信标识，发送包含有所述生成因子的报文至所述SIM卡，其中，所述生成因子，用于供所述SIM卡采用与服务平台共同知晓验证码生成方式生成第一验证码。The second processing unit is configured to send a message containing the generation factor to the SIM card according to the communication identification, wherein the generation factor is used for the SIM card to be jointly known and verified by the service platform The code generation method generates the first verification code.

在一些实施例中，所述第二处理单元，具体用于In some embodiments, the second processing unit is specifically used for

在一些实施例中，所述装置还包括第三处理单元，用于接收所述应用平台发送的由所述SIM卡生成的所述第一验证码；In some embodiments, the device further includes a third processing unit, configured to receive the first verification code sent by the application platform and generated by the SIM card;

在一些实施例中，所述第三处理单元，还用于In some embodiments, the third processing unit is also used to

在一些实施例中，所述第三处理单元还用于验证生成的所述第二验证码对所述第一验证码是否相同，得到验证结果；In some embodiments, the third processing unit is further configured to verify whether the generated second verification code is the same as the first verification code, and obtain a verification result;

再一方面，本公开还提供另一种验证码生成装置，应用于SIM卡，所述装置包括：In another aspect, the present disclosure also provides another device for generating a verification code, which is applied to a SIM card, and the device includes:

第一处理单元，用于接收服务平台发送的包含有验证码的生成因子的报文；The first processing unit is configured to receive a message sent by the service platform that includes the generation factor of the verification code;

第二处理单元，用于基于所述生成因子以与服务平台共同知晓验证码生成方式生成第一验证码。The second processing unit is configured to generate the first verification code based on the generation factor in a way that the verification code is commonly known to the service platform.

在一些实施例中，所述第一处理单元，还用于接收服务平台发送的包含有验证码的生成因子的报文前，向所述服务平台发送生成所述验证码SIM的通信标识以及与所述通信标识对应的ICCID；所述ICCID用于供所述服务平台基于所述ICCID生成用于对所述报文进行加密的第一密钥；以及In some embodiments, the first processing unit is further configured to send to the service platform the communication identification for generating the verification code SIM and the communication with The ICCID corresponding to the communication identifier; the ICCID is used for the service platform to generate a first key for encrypting the message based on the ICCID; and

接收服务平台发送的包含有验证码的生成因子的报文后，After receiving the message containing the verification code generation factor sent by the service platform,

在一些实施例中，所述第二处理单元具体用于In some embodiments, the second processing unit is specifically used for

在一些实施例中，所述第一处理单元还用于In some embodiments, the first processing unit is also used for

在一些实施例中，所述装置还包括第三处理单元，用于In some embodiments, the device further includes a third processing unit for

又一方面，本公开还提供一种终端。In yet another aspect, the present disclosure also provides a terminal.

本公开实施例提供的终端，包括：处理器和用于存储能够在处理器上运行的计算机程序的存储器，其中，所述处理器用于运行所述计算机程序时，执行上述实施例提供的验证码生成方法的步骤。The terminal provided by the embodiment of the present disclosure includes: a processor and a memory for storing a computer program that can run on the processor, wherein, when the processor is used to run the computer program, execute the verification code provided by the above embodiment The steps to generate the method.

再一方面，本公开还提供一种计算机可读存储介质。In yet another aspect, the present disclosure also provides a computer-readable storage medium.

本公开实施例提供的计算机可读存储介质，其上存储有计算机程序，其特征在于，该计算机程序被处理器执行时实现上述实施例提供的验证码生成方法的步骤。The computer-readable storage medium provided by the embodiments of the present disclosure has a computer program stored thereon, and is characterized in that, when the computer program is executed by a processor, the steps of the verification code generation method provided by the above-mentioned embodiments are implemented.

本公开实施例的验证码生成方法通过接收应用平台发送的用于验证码生成的请求信息，请求信息至少包括验证码的生成因子、生成验证码SIM的通信标识；根据通信标识，发送包含有生成因子的报文至SIM卡，其中，生成因子，用于供SIM卡采用与服务平台共同知晓验证码生成方式生成第一验证码。在申请中，服务平台根据接收的请求信息中的通信标识将验证码的生成因子发送给对应的SIM卡，供SIM卡根据接收到的生成因子在SIM卡内生成验证码。相对于传统的服务平台将生成好的验证码传输给SIM卡而言，本申请不需要将生成好的验证码传输给SIM卡，仅需要传输验证码的生成因子即可。由于在服务平台传输信息给SIM卡的过程中，会存在信息被劫持或信息泄露的情况，而本申请中的生成因子不会直接用于身份验证，验证码生成是在SIM卡内直接生成。因此本申请中采用的服务平台传输生成因子，供SIM卡在SIM卡内生成验证码的方法，能够有效减少验证码泄露的情况，提高身份验证安全性。The verification code generation method of the embodiment of the present disclosure receives the request information for verification code generation sent by the application platform. The request information includes at least the generation factor of the verification code and the communication identification of the SIM that generates the verification code; according to the communication identification, the sending includes generating The message of the factor is sent to the SIM card, wherein the factor is generated for the SIM card to generate the first verification code in a verification code generation method known jointly with the service platform. In the application, the service platform sends the verification code generation factor to the corresponding SIM card according to the communication identification in the received request information, so that the SIM card can generate the verification code in the SIM card according to the received generation factor. Compared with the traditional service platform that transmits the generated verification code to the SIM card, this application does not need to transmit the generated verification code to the SIM card, but only needs to transmit the generation factor of the verification code. Since information may be hijacked or leaked during the process of the service platform transmitting information to the SIM card, the generation factor in this application will not be directly used for identity verification, and the verification code generation is directly generated in the SIM card. Therefore, the service platform transmission generation factor used in this application and the method for the SIM card to generate a verification code in the SIM card can effectively reduce the leakage of the verification code and improve the security of identity verification.

附图说明Description of drawings

图1是根据一示例性实施例示出的验证码生成方法流程图一；Fig. 1 is a flow chart 1 of a method for generating a verification code according to an exemplary embodiment;

图2是根据一示例性实施例示出的验证码生成方法流程图二；Fig. 2 is a second flowchart of a method for generating a verification code according to an exemplary embodiment;

图3是根据一示例性实施例示出的验证码生成装置结构示意图一；Fig. 3 is a first structural schematic diagram of a verification code generation device according to an exemplary embodiment;

图4是根据一示例性实施例示出的验证码生成装置结构示意图二；Fig. 4 is a second structural schematic diagram of a verification code generation device according to an exemplary embodiment;

图5是根据一示例性实施例示出的验证码校验流程图；Fig. 5 is a flowchart of verification code verification according to an exemplary embodiment;

图6是根据一示例性实施例示出的终端结构示意图。Fig. 6 is a schematic structural diagram of a terminal according to an exemplary embodiment.

具体实施方式detailed description

以下结合说明书附图及具体实施例对本发明的技术方案做进一步的详细阐述。这里将详细地对示例性实施例进行说明，其示例表示在附图中。下面的描述涉及附图时，除非另有表示，不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本发明相一致的所有实施方式。相反，它们仅是与如所附权利要求书中所详述的、本发明的一些方面相一致的装置和方法的例子。The technical solutions of the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the present invention. Rather, they are merely examples of apparatuses and methods consistent with aspects of the invention as recited in the appended claims.

短信验证码，实质是验证用户是否是预留手机号或邮箱的持有者。验证码下发给用户的通道包括手机短信、用户注册时提供的邮箱等。其中手机短信因为其使用方便、快捷、兼容性好以及手机号实名制等特点已经成为验证码下发的主流渠道。现在提供的短信验证码服务，能有效的保证支付安全和账号安全。但是，直接将验证码下发时也会存在验证码被劫持或泄露的情况。现在通过非法手段于信息传输中途获取手机验证码，通过验证码进行盗窃、诈骗的犯罪行为也越来越普遍。The SMS verification code is essentially to verify whether the user is the holder of the reserved mobile phone number or email address. The channel through which the verification code is issued to the user includes SMS, email address provided by the user during registration, etc. Among them, mobile phone text messages have become the mainstream channel for issuing verification codes because of their convenience, speed, good compatibility, and real-name mobile phone number system. The SMS verification code service provided now can effectively guarantee payment security and account security. However, the verification code may be hijacked or leaked when the verification code is sent directly. Now it is more and more common to obtain mobile phone verification codes in the middle of information transmission through illegal means, and to commit crimes of theft and fraud through verification codes.

基于此，本公开提供一种验证码生成方法。图1是根据一示例性实施例示出的验证码生成方法流程图一。如图1所示，该验证码生成方法包括：Based on this, the present disclosure provides a verification code generation method. Fig. 1 is a first flow chart of a method for generating a verification code according to an exemplary embodiment. As shown in Figure 1, the verification code generation method includes:

步骤10、接收应用平台发送的用于验证码生成的请求信息，所述请求信息至少包括验证码的生成因子、生成所述验证码SIM的通信标识；Step 10. Receive the request information for verification code generation sent by the application platform, the request information at least includes the generation factor of the verification code and the communication identification of the SIM that generated the verification code;

步骤11、根据所述通信标识，发送包含有所述生成因子的报文至所述SIM卡，其中，所述生成因子，用于供所述SIM卡采用与服务平台共同知晓验证码生成方式生成第一验证码。Step 11. According to the communication identification, send a message containing the generation factor to the SIM card, wherein the generation factor is used for the SIM card to generate a verification code in a manner common to the service platform. The first verification code.

在本示例性实施例中，通信标识为SIM卡具有的能够标识出自身的标识信息；通信标识与SIM卡可具有一一对应的关系，根据确定好的通信标识能够确定出与该通信标识对应的唯一的SIM卡。In this exemplary embodiment, the communication identification is the identification information that the SIM card has that can identify itself; the communication identification and the SIM card may have a one-to-one correspondence, and the communication identification corresponding to the communication identification can be determined according to the determined communication identification. The only SIM card.

在本申请中，服务平台根据接收的通信标识，能够确定出对应的唯一的SIM卡，向该SIM卡发送包含有生成因子的报文。In this application, the service platform can determine the corresponding unique SIM card according to the received communication identification, and send a message including the generation factor to the SIM card.

生成因子可以为用于生成验证码的基础信息，其是生成验证码的基础。例如，生成因子可以为根据发生的事务，形成与事务相关的事务信息。例如，事务ID标识，用于标识应用平台向服务平台发送请求信息的事务的标识信息；事务时间，用于记录服务平台接收应用平台发送的所述请求信息的时间信息等。其中，事务时间具有事务发生时时间上的唯一性，因此基于事务时间的生成因子也具有唯一性，供SIM卡生成的验证码便具有当前时间的唯一性。在本申请中，生成因子最终可以具体为一个或多个字符信息，其可以包含有数字、字母和特殊字符等。The generation factor may be the basic information used to generate the verification code, which is the basis for generating the verification code. For example, the generation factor may be to generate transaction information related to the transaction according to the transaction that occurs. For example, the transaction ID is used to identify the identification information of the transaction that the application platform sends the request information to the service platform; the transaction time is used to record the time information when the service platform receives the request information sent by the application platform, etc. Wherein, the transaction time is unique in time when the transaction occurs, so the generation factor based on the transaction time is also unique, and the verification code generated by the SIM card has the uniqueness of the current time. In this application, the generating factor may finally be specifically one or more character information, which may contain numbers, letters, special characters, and the like.

在本示例性实施例中，服务平台将生成因子发送给SIM卡后，SIM卡可基于验证码生成规则根据接收的生成因子在SIM卡内直接生成对应的验证码。In this exemplary embodiment, after the service platform sends the generation factor to the SIM card, the SIM card can directly generate a corresponding verification code in the SIM card according to the received generation factor based on the verification code generation rule.

在本示例性实施例中，服务平台和SIM卡可预先约定验证码的生成方式，包括服务平台和SIM卡内都预置相同的验证码生成算法或规则，包括服务平台和SIM卡内都预置基于单一生成因子生成验证码的同一算法或规则，或都预置基于多个生成因子生成验证码的同一算法或规则。例如，都预置基于事务ID生成验证码的算法或规则，或都预置相同的基于事务ID和事务时间两个生成因子去生成验证码的算法或规则。具体的生成算法或规则可根据需要自行设定，例如在生成因子前面或中间位置添加一串预定字符，或将生成因子字符排序从头到尾进行颠倒等。In this exemplary embodiment, the service platform and the SIM card can pre-agreed on the generation method of the verification code, including the same verification code generation algorithm or rules are preset in the service platform and the SIM card, including both the service platform and the SIM card. Configure the same algorithm or rule for generating verification codes based on a single generation factor, or preset the same algorithm or rule for generating verification codes based on multiple generation factors. For example, an algorithm or rule for generating a verification code based on a transaction ID is preset, or an algorithm or rule for generating a verification code based on two generation factors of a transaction ID and transaction time is preset. The specific generation algorithm or rules can be set according to the needs, such as adding a series of predetermined characters in front of or in the middle of the generation factor, or reversing the order of the characters of the generation factor from the beginning to the end, etc.

本公开实施例的验证码生成方法通过接收应用平台发送的用于验证码生成的请求信息，请求信息至少包括验证码的生成因子、生成验证码SIM的通信标识；根据通信标识，发送包含有生成因子的报文至SIM卡，其中，生成因子，用于供SIM卡采用与服务平台共同知晓验证码生成方式生成第一验证码。The verification code generation method of the embodiment of the present disclosure receives the request information for verification code generation sent by the application platform. The request information includes at least the generation factor of the verification code and the communication identification of the SIM that generates the verification code; according to the communication identification, the sending includes generating The message of the factor is sent to the SIM card, wherein the factor is generated for the SIM card to generate the first verification code in a verification code generation method known jointly with the service platform.

在申请中，服务平台根据接收的请求信息中的通信标识将验证码的生成因子发送给对应的SIM卡，供SIM卡根据接收到的生成因子在SIM卡内生成验证码。相对于传统的服务平台将生成好的验证码传输给SIM卡而言，本申请不需要将生成好的验证码传输给SIM卡，仅需要传输验证码的生成因子即可。由于在服务平台传输信息给SIM卡的过程中，会存在信息被劫持或信息泄露的情况，而本申请中的生成因子不会直接用于身份验证，验证码生成是在SIM卡内直接生成。因此本申请中采用的服务平台传输生成因子，供SIM卡在SIM卡内生成验证码的方法，能够有效减少验证码泄露的情况，提高身份验证安全性。In the application, the service platform sends the verification code generation factor to the corresponding SIM card according to the communication identification in the received request information, so that the SIM card can generate the verification code in the SIM card according to the received generation factor. Compared with the traditional service platform that transmits the generated verification code to the SIM card, this application does not need to transmit the generated verification code to the SIM card, but only needs to transmit the generation factor of the verification code. Since information may be hijacked or leaked during the process of the service platform transmitting information to the SIM card, the generation factor in this application will not be directly used for identity verification, and the verification code generation is directly generated in the SIM card. Therefore, the service platform transmission generation factor used in this application and the method for the SIM card to generate a verification code in the SIM card can effectively reduce the leakage of the verification code and improve the security of identity verification.

在本示例性实施例中，应用平台向服务平台发送用于生成验证码的请求信息时，请求信息中还可以携带有指示需要生成的验证码的字符位数的相关信息；用于指示用户在SIM卡所在设备的显示界面获取第一验证码时，是否需要进行PIN码验证的第一提示信息；以及指示用户获取第一验证码时是否需要提供提示文案供的第二提示信息。其中PIN码为SIM卡的个人识别码，是防止别人盗用SIM卡的一种安全措施。提示文案包含有解释说明验证码的说明信息，用于供用户阅读。In this exemplary embodiment, when the application platform sends request information for generating a verification code to the service platform, the request information may also carry related information indicating the number of characters of the verification code to be generated; When the display interface of the device where the SIM card is located obtains the first verification code, whether a first prompt message is required for PIN code verification; and a second prompt message indicating whether the user needs to provide a prompt copy when obtaining the first verification code. Wherein the PIN code is the personal identification code of the SIM card, which is a security measure to prevent others from stealing the SIM card. The prompt text includes explanatory information explaining the verification code for users to read.

在本示例性实施例中，当请求信息中不包含有验证码位数时，服务平台和SIM卡可执行系统预先设置的默认的验证码位数。例如系统默认验证码位数为6位，则在服务平台没有收到应用平台发送的指示验证码位数的信息时，可自行生成6位的验证码，即此时应用平台默认接收6位字符的验证码。In this exemplary embodiment, when the request information does not include the digits of the verification code, the service platform and the SIM card may execute the default number of digits of the verification code preset by the system. For example, the system defaults that the number of digits of the verification code is 6 digits. When the service platform does not receive the information indicating the number of digits of the verification code sent by the application platform, it can generate a 6-digit verification code by itself, that is, the application platform accepts 6 characters by default. verification code.

其中，当服务平台确认应用平台发送的用户获取第一验证码时是否需要进行PIN码验证的请求为是时，SIM卡所在设备的显示界面显示第一验证码时，SIM卡所在设备会根据SIM卡内置的主动式指令弹出一个PIN码验证窗口，供对应的PIN码在验证窗口输入以进行PIN码验证。当验证通过后，用户可获得第一验证码。当用户输入的错误次数达到预设次数时，停止PIN码验证，此时用户将无法获得第一验证码。如此，可有效减少验证泄露及被他人窃取的机率。Among them, when the service platform confirms that the request sent by the application platform whether PIN code verification is required when the user obtains the first verification code is yes, and when the display interface of the device where the SIM card is located displays the first verification code, the device where the SIM card is located will display the first verification code according to the SIM The active command built in the card pops up a PIN code verification window for the corresponding PIN code to be input in the verification window for PIN code verification. After the verification is passed, the user can obtain the first verification code. When the wrong number of times entered by the user reaches the preset number of times, the verification of the PIN code is stopped, and the user will not be able to obtain the first verification code at this time. In this way, it can effectively reduce the probability of verification leakage and being stolen by others.

当服务平台确认应用平台发送的是否需要提供提示文案的请求为是时，用户在SIM卡所在设备的显示界面获取第一验证码时，提示文案可自动弹出，供用户阅读。如此，有利于用户更详细的了解验证码的相关信息。When the service platform confirms that the request sent by the application platform to provide a prompt copy is yes, when the user obtains the first verification code on the display interface of the device where the SIM card is located, the prompt copy can automatically pop up for the user to read. In this way, it is beneficial for the user to understand the related information of the verification code in more detail.

在本示例性实施例中，在向SIM卡发送生成因子时，可对包含有生成因子的报文进行加密后发送，以提高信息传输的安全性。例如，基于SIM卡对应的ICCID集成电路卡识别码，通过确定的分散算法生成第一密钥。基于第一密钥对报文进行加密。In this exemplary embodiment, when sending the generation factor to the SIM card, the message containing the generation factor may be encrypted and then sent, so as to improve the security of information transmission. For example, based on the ICCID corresponding to the SIM card, the first key is generated through a determined decentralized algorithm. The message is encrypted based on the first key.

在本示例性实施例中，还可以增加对应传输报文的MAC码校验，以进一步提高报文传输的安全性。例如，基于第一密钥以及报文生成第一MAC消息验证码。发送所述第一MAC消息验证码以及经第一密钥加密的报文至所述SIM卡。SIM卡获得报文和第一MAC消息验证码后，可对应生成第二MAC消息验证码，校验生成的第二MAC消息验证码是否与第一MAC消息验证码相同，以确定接收的报文是否被中途拦截串改过。In this exemplary embodiment, the MAC code check of the corresponding transmission message may also be added, so as to further improve the security of message transmission. For example, a first MAC message authentication code is generated based on the first key and the message. sending the first MAC message verification code and the message encrypted by the first key to the SIM card. After the SIM card obtains the message and the first MAC message verification code, it can generate a second MAC message verification code correspondingly, and check whether the generated second MAC message verification code is the same as the first MAC message verification code to determine the received message Whether it has been modified by the interception string halfway.

其中，基于第一密钥以及报文生成第一MAC消息验证码的方法包括：基于第一密钥和报文，通过在服务平台和SIM卡两端事先约定的消息认证码算法计算出第一MAC消息验证码。SIM卡在生成第二MAC消息验证码时，与服务平台生成第一MAC消息验证码的方式相同。Wherein, the method for generating the first MAC message authentication code based on the first key and the message includes: based on the first key and the message, calculate the first MAC message authentication code. When the SIM card generates the second MAC message verification code, it is in the same manner as the service platform generates the first MAC message verification code.

接收所述第一验证码后，基于所述第一密钥，生成不同于所述第一密钥的第二密钥；After receiving the first verification code, based on the first key, generate a second key different from the first key;

在本示例性实施例中，SIM卡内生成第一验证码供用户获取后，输入到应用平台的验证窗口，此时应用平台会将用户输入的第一验证码发送给服务平台，以供服务平台进行验证码验证，来确认应用平台获得的第一验证码是否是基于服务平台发送给SIM卡的生成因子生成的验证码，从而实现对应用户的身份验证。In this exemplary embodiment, after the first verification code is generated in the SIM card for the user to obtain, it is input to the verification window of the application platform. At this time, the application platform will send the first verification code input by the user to the service platform for service The platform verifies the verification code to confirm whether the first verification code obtained by the application platform is a verification code generated based on the generation factor sent by the service platform to the SIM card, so as to realize the identity verification of the corresponding user.

服务平台对第一验证码进行验证的方式为：基于相同的生成因子通过与SIM卡生成验证码的相同方式在服务平台生成第二验证码，以验证第一验证码是否是基于服务平台发送给SIM卡的生成因子生成。当第二验证码与第一验证码相同时，则可确定生成因子没有被窃取串改过。当第二验证码与第一验证码不相同，则可确定生成因子被窃取串改过，此时用户输入应用平台的第一验证码验证失败。The method for the service platform to verify the first verification code is: based on the same generation factor, the second verification code is generated on the service platform in the same way as the verification code generated by the SIM card, so as to verify whether the first verification code is sent to the user based on the service platform. The generation factor of the SIM card is generated. When the second verification code is the same as the first verification code, it can be determined that the generation factor has not been altered by the stolen string. When the second verification code is different from the first verification code, it can be determined that the generation factor has been stolen and altered, and at this time the verification of the first verification code input by the user to the application platform fails.

在服务平台基于生成因子生成第二验证码的过程为：基于第一密钥，生成不同于第一密钥的第二密钥；基于第二密钥对生成因子进行密钥加密得到与SIM卡生成的第一验证码相对应的第二验证码。第二密钥可以为会话密钥。会话密钥为一次性用于会话中加密用的对称式密钥，具有随机性和一次性，可进一步提高验证码生成的安全性。在生成第二密钥时，可通过对第一密钥进行加密得到第二密钥。The process of generating the second verification code based on the generation factor on the service platform is: based on the first key, a second key different from the first key is generated; The generated first verification code corresponds to the second verification code. The second key may be a session key. The session key is a one-time symmetric key used for encryption in the session, which is random and one-time, and can further improve the security of verification code generation. When generating the second key, the second key can be obtained by encrypting the first key.

在本示例性实施例中，应用平台需要输入的验证码可能是具有一个或多个定字符位数的字符串。但在SIM卡内通过第二密钥对生成因子加密得到的可能是字符长度超过验证码位数的字符串，此时可以根据服务平台和SIM卡预定在预定位置截取等于验证码位数的字符串来作为验证码，从而在服务平台生成等于验证码位数的第一验证码，在SIM卡得到验证码位数的第二验证码。In this exemplary embodiment, the verification code that the application platform needs to input may be a character string with one or more fixed-character digits. However, in the SIM card, the generation factor encrypted by the second key may be a character string whose character length exceeds the number of digits of the verification code. At this time, a character equal to the number of digits of the verification code can be intercepted at a predetermined position according to the service platform and the SIM card. The string is used as the verification code, so that the first verification code equal to the number of verification code digits is generated on the service platform, and the second verification code with the number of verification code digits is obtained on the SIM card.

当通过第二密钥对生成因子加密得到的验证码字符链的字符长度小于验证码位数时，可根据系统的默认设置，在获得的验证码字符链的后面自动补充预先设置的字符来得到等于验证码位数的字符串。具体的，获得的验证码字符链的字符位数比验证码位数少多少位字符，则在预先设置的字符中按照顺序从首到尾依次取多少位字符补充在验证码字符链的后面。例如，验证码位数为6位，通过第二密钥对生成因子加密得到的验证码字符链为qwer，预先设置的用来补充的字符为asdf，则此时可以取预先设置的字符as补充在验证码字符链qwer的后面来得到第二验证码qweras。When the character length of the character chain of the verification code obtained by encrypting the generation factor with the second key is less than the number of digits of the verification code, according to the default setting of the system, pre-set characters can be automatically added to the end of the obtained verification code character chain to obtain A string equal to the number of digits of the verification code. Specifically, the number of characters in the obtained verification code character chain is less than the number of characters in the verification code, and how many characters are selected from the beginning to the end of the preset characters to supplement the verification code character chain. For example, the number of digits of the verification code is 6 digits, the character chain of the verification code obtained by encrypting the generation factor with the second key is qwer, and the pre-set character for supplement is asdf, then the pre-set character as can be used to supplement at this time The second verification code qweras is obtained after the verification code character chain qwer.

在本示例性实施例中，当第二验证码与第一验证码相同时，则可确定生成因子没有被窃取串改过。当第二验证码与第一验证码不相同，则可确定生成因子被窃取串改过，此时用户输入应用平台的第一验证码验证失败。In this exemplary embodiment, when the second verification code is the same as the first verification code, it can be determined that the generation factor has not been altered by the stolen string. When the second verification code is different from the first verification code, it can be determined that the generation factor has been stolen and altered, and at this time the verification of the first verification code input by the user to the application platform fails.

另一方面，本公开还提供另一种验证码生成方法。图2是根据一示例性实施例示出的验证码生成方法流程图二。如图2所示，所述方法，应用于SIM卡，包括：On the other hand, the present disclosure also provides another verification code generation method. Fig. 2 is a second flowchart of a method for generating a verification code according to an exemplary embodiment. As shown in Figure 2, the method, applied to a SIM card, includes:

在本示例性实施例中，生成因子可以为用于生成验证码的基础信息，其是生成验证码的基础。例如，生成因子可以为根据发生的事务，形成与事务相关的事务信息。例如，事务ID标识，用于标识应用平台向服务平台发送请求信息的事务的标识信息；事务时间，用于记录服务平台接收应用平台发送的所述请求信息的时间信息等。其中，事务时间具有事务发生时时间上的唯一性，因此基于事务时间的生成因子也具有唯一性，供SIM卡生成的验证码便具有当前时间的唯一性。在本申请中，生成因子最终可以具体为一字符信息，其可以包含有数字、字母和特殊字符等。In this exemplary embodiment, the generation factor may be basic information for generating the verification code, which is the basis for generating the verification code. For example, the generation factor may be to generate transaction information related to the transaction according to the transaction that occurs. For example, the transaction ID is used to identify the identification information of the transaction that the application platform sends the request information to the service platform; the transaction time is used to record the time information when the service platform receives the request information sent by the application platform, etc. Wherein, the transaction time is unique in time when the transaction occurs, so the generation factor based on the transaction time is also unique, and the verification code generated by the SIM card has the uniqueness of the current time. In this application, the generating factor may finally be specifically a character information, which may contain numbers, letters, and special characters.

本公开实施例的验证码生成方法通过接收服务平台发送的生成因子，在SIM卡内基于生成因子采用与服务平台共同知晓验证码生成方式生成第一验证码。相对于传统的服务平台将在服务平台生成验证码，再将生成好的验证码传输给SIM卡而言，本申请不需要服务平台将生成好的验证码传输给SIM卡，仅需要传输验证码的生成因子即可。由于在服务平台传输信息给SIM卡的过程中，会存在信息被劫持或信息泄露的情况，而本申请中的生成因子不会直接用于身份验证，验证码生成是在SIM卡内直接生成。因此本申请中采用的接收服务平台传输的生成因子，在SIM卡内生成验证码的方法，能够有效减少验证码泄露的情况，提高身份验证安全性。The verification code generation method of the embodiment of the present disclosure receives the generation factor sent by the service platform, and generates the first verification code based on the generation factor in the SIM card by using a common knowledge of the verification code generation method with the service platform. Compared with the traditional service platform that will generate a verification code on the service platform and then transmit the generated verification code to the SIM card, this application does not require the service platform to transmit the generated verification code to the SIM card, but only needs to transmit the verification code The generation factor of . Since information may be hijacked or leaked during the process of the service platform transmitting information to the SIM card, the generation factor in this application will not be directly used for identity verification, and the verification code generation is directly generated in the SIM card. Therefore, the method of receiving the generation factor transmitted by the service platform in this application and generating the verification code in the SIM card can effectively reduce the leakage of the verification code and improve the security of identity verification.

在本示例性实施例中，第一验证码为用于在应用平台输入的用于账号登录时身份信息验证的验证码。SIM卡生成第一验证码后，供用户获取来在应用平台输入。同时为了对生成第一验证码的生成因子进行核验是否被劫持或泄露过，在生成所述第一验证码后，SIM卡发送生成的第一验证码至服务平台，供服务平台通过生成的第二验证码验证所述第二验证码是否与SIM生成的第一验证码相同。当第二验证码与第一验证码相同时，则可确定生成因子没有被窃取串改过。当第二验证码与第一验证码不相同，则可确定生成因子被窃取串改过，此时第一验证码输入应用平台进行验证时便会验证失败。In this exemplary embodiment, the first verification code is a verification code input on the application platform for identity information verification during account login. After the SIM card generates the first verification code, it can be obtained by the user and input on the application platform. At the same time, in order to check whether the generation factor for generating the first verification code has been hijacked or leaked, after generating the first verification code, the SIM card sends the generated first verification code to the service platform for the service platform to pass the generated first verification code. The second verification code verifies whether the second verification code is the same as the first verification code generated by the SIM. When the second verification code is the same as the first verification code, it can be determined that the generation factor has not been altered by the stolen string. When the second verification code is different from the first verification code, it can be determined that the generation factor has been stolen and modified. At this time, when the first verification code is input into the application platform for verification, the verification will fail.

在本示例性实施例中，当SIM卡上电后，SIM卡所在设备会驱使SIM卡向服务平台上报通信标识和ICCID，供服务平台根据通信标识确定出SIM卡，向SIM卡发送报文。ICCID用于供服务平台生成第一密钥。在接收到加密的报文后，SIM卡会根据相同的密钥生成方式通过与服务平台相同的分散算法生成第三密钥，对加密的报文进行解密得到生成因子。In this exemplary embodiment, when the SIM card is powered on, the device where the SIM card is located will drive the SIM card to report the communication identifier and ICCID to the service platform, so that the service platform can determine the SIM card according to the communication identifier and send a message to the SIM card. The ICCID is used for the service platform to generate the first key. After receiving the encrypted message, the SIM card will generate the third key through the same distributed algorithm as the service platform according to the same key generation method, and decrypt the encrypted message to obtain the generation factor.

在本示例性实施例中，SIM卡生成第四密钥的方式与服务平台生成第二密钥的方式相同。SIM卡生成的第四密钥也可以是与服务平台相同的会话密钥。通过第四密钥对生成因子进行密钥加密得到验证码字符链。在验证码字符链的与服务平台生成第二验证码时截取字符串相同位置处截取等于验证码位数的字符得到第一验证码，从而保证生成的第一验证码与第二验证码的一致性。In this exemplary embodiment, the manner in which the SIM card generates the fourth key is the same as the manner in which the service platform generates the second key. The fourth key generated by the SIM card may also be the same session key as that of the service platform. Encrypt the generating factor with the fourth key to obtain the verification code character chain. Intercept characters equal to the number of digits of the verification code at the same position in the verification code character chain as the intercepted string when the service platform generates the second verification code to obtain the first verification code, so as to ensure that the generated first verification code is consistent with the second verification code sex.

在本示例性实施例中，当服务平台发送过来的报文加了MAC码验证时，SIM卡会生成对应的MAC码来进行MAC码验证。例如，服务平台生成第一MAC消息验证码。SIM卡接收服务平台发送的第一MAC消息验证码后，基于第三密钥和报文采用与服务平台生成第一MAC消息验证码相同的计算方法得到第二MAC消息验证码，以验证第二MAC消息验证码与第一MAC消息验证码是否相同。当第二MAC消息验证码与第一MAC消息验证码相同时，说明报文完整，没有被劫持串改过。当第二MAC消息验证码与第一MAC消息验证码不相同，则说明报文被劫持串改过，此时报文作废。当第二MAC消息验证码与第一MAC消息验证码相同时，再对报文进行解密，获得生成因子来生成第一验证码。通过消息验证码验证报文完整性，有利于提高验证码生成安全性和身份验证安全性。In this exemplary embodiment, when MAC code verification is added to the message sent by the service platform, the SIM card will generate a corresponding MAC code for MAC code verification. For example, the service platform generates a first MAC message verification code. After receiving the first MAC message verification code sent by the service platform, the SIM card uses the same calculation method as the service platform to generate the first MAC message verification code based on the third key and message to obtain the second MAC message verification code to verify the second MAC message verification code. Whether the MAC message authentication code is the same as the first MAC message authentication code. When the second MAC message verification code is the same as the first MAC message verification code, it means that the message is complete and has not been altered by the hijacking string. When the verification code of the second MAC message is different from the verification code of the first MAC message, it means that the message has been hijacked and modified, and the message is now invalid. When the second MAC message verification code is the same as the first MAC message verification code, the message is decrypted to obtain a generation factor to generate the first verification code. The integrity of the message is verified by the message verification code, which is conducive to improving the security of verification code generation and identity verification.

在本示例性实施例中，PIN码为SIM卡的个人识别码，是防止别人盗用SIM卡的一种安全措施。用户在SIM卡所在设备的显示界面获取第一验证码时，SIM卡所在设备会根据SIM卡内置的主动式指令弹出一个PIN码验证窗口，供用户在PIN码验证窗口内输入对应的PIN码进行验证。当验证通过后，用户可获得第一验证码。当用户输入的错误次数达到预设次数时，停止PIN码验证，此时用户将无法获得第一验证码。如此，可有效减少验证泄露及被他人窃取的机率。In this exemplary embodiment, the PIN code is the personal identification code of the SIM card, which is a security measure to prevent others from stealing the SIM card. When the user obtains the first verification code on the display interface of the device where the SIM card is located, the device where the SIM card is located will pop up a PIN code verification window according to the built-in active command of the SIM card, for the user to enter the corresponding PIN code in the PIN code verification window for verification. verify. After the verification is passed, the user can obtain the first verification code. When the wrong number of times entered by the user reaches the preset number of times, the verification of the PIN code is stopped, and the user will not be able to obtain the first verification code at this time. In this way, it can effectively reduce the probability of verification leakage and being stolen by others.

在本示例性实施例中，提示文案包含有解释说明验证码的说明信息，用于供用户阅读。说明信息至少包括解释第一验证码的用途的信息。用户在SIM卡所在设备的显示界面获取第一验证码时，提示文案可自动弹出，供用户阅读。如此，有利于用户更详细的了解验证码的相关信息。In this exemplary embodiment, the prompt text includes explanatory information explaining the verification code for the user to read. The explanatory information at least includes information explaining the purpose of the first verification code. When the user obtains the first verification code on the display interface of the device where the SIM card is located, the prompt copy can automatically pop up for the user to read. In this way, it is beneficial for the user to understand the related information of the verification code in more detail.

又一方面，本公开还提供一种验证码生成装置。图3是根据一示例性实施例示出的验证码生成装置结构示意图一。如图3所示，所述装置包括：In yet another aspect, the present disclosure also provides a device for generating a verification code. Fig. 3 is a first structural schematic diagram of a verification code generation device according to an exemplary embodiment. As shown in Figure 3, the device includes:

第一处理单元31，用于接收应用平台发送的用于验证码生成的请求信息，所述请求信息至少包括验证码的生成因子、生成所述验证码SIM的通信标识；The first processing unit 31 is configured to receive request information for verification code generation sent by the application platform, where the request information includes at least a generation factor of the verification code and a communication identification for generating the verification code SIM;

第二处理单元32，用于根据所述通信标识，发送包含有所述生成因子的报文至所述SIM卡，其中，所述生成因子，用于供所述SIM卡采用与服务平台共同知晓验证码生成方式生成第一验证码。The second processing unit 32 is configured to send a message containing the generation factor to the SIM card according to the communication identifier, wherein the generation factor is used for the SIM card to be known jointly with the service platform The verification code generation method generates a first verification code.

在本示例性实施例中，通信标识为SIM卡具有的能够标识出自身的标识信息；通信标识与SIM卡具有一一对应的关系，根据确定好的通信标识能够确定出与该通信标识对应的唯一的SIM卡。In this exemplary embodiment, the communication identification is the identification information that the SIM card has that can identify itself; the communication identification and the SIM card have a one-to-one correspondence, and the communication identification corresponding to the communication identification can be determined according to the determined communication identification. Only SIM card.

生成因子可以为用于生成验证码的基础信息，其是生成验证码的基础。例如，生成因子可以为根据发生的事务，形成与事务相关的事务信息。例如，事务ID标识，用于标识应用平台向服务平台发送请求信息的事务的标识信息；事务时间，用于记录服务平台接收应用平台发送的所述请求信息的时间信息等。其中，事务时间具有事务发生时时间上的唯一性，因此基于事务时间的生成因子也具有唯一性，供SIM卡生成的验证码便具有当前时间的唯一性。在本申请中，生成因子最终可以具体为一字符信息，其可以包含有数字、字母和特殊字符等。The generation factor may be the basic information used to generate the verification code, which is the basis for generating the verification code. For example, the generation factor may be to generate transaction information related to the transaction according to the transaction that occurs. For example, the transaction ID is used to identify the identification information of the transaction that the application platform sends the request information to the service platform; the transaction time is used to record the time information when the service platform receives the request information sent by the application platform, etc. Wherein, the transaction time is unique in time when the transaction occurs, so the generation factor based on the transaction time is also unique, and the verification code generated by the SIM card has the uniqueness of the current time. In this application, the generating factor may finally be specifically a character information, which may contain numbers, letters, and special characters.

本公开实施例的验证码生成装置通过接收应用平台发送的用于验证码生成的请求信息，请求信息至少包括验证码的生成因子、生成验证码SIM的通信标识；根据通信标识，发送包含有生成因子的报文至SIM卡，其中，生成因子，用于供SIM卡采用与服务平台共同知晓验证码生成方式生成第一验证码。在申请中，服务平台根据接收的请求信息中的通信标识将验证码的生成因子发送给对应的SIM卡，供SIM卡根据接收到的生成因子在SIM卡内生成验证码。相对于传统的服务平台将在服务平台生成验证码，再将生成好的验证码传输给SIM卡而言，本申请不需要将生成好的验证码传输给SIM卡，仅需要传输验证码的生成因子即可。由于在服务平台传输信息给SIM卡的过程中，会存在信息被劫持或信息泄露的情况，而本申请中的生成因子不会直接用于身份验证，验证码生成是在SIM卡内直接生成。因此本申请中采用的服务平台传输生成因子，供SIM卡在SIM卡内生成验证码的方法，能够有效减少验证码泄露的情况，提高身份验证安全性。The verification code generation device in the embodiment of the present disclosure receives the request information sent by the application platform for verification code generation. The request information includes at least the generation factor of the verification code and the communication identification of the SIM that generates the verification code; according to the communication identification, the sending includes generating The message of the factor is sent to the SIM card, wherein the factor is generated for the SIM card to generate the first verification code in a verification code generation method known jointly with the service platform. In the application, the service platform sends the verification code generation factor to the corresponding SIM card according to the communication identification in the received request information, so that the SIM card can generate the verification code in the SIM card according to the received generation factor. Compared with the traditional service platform that will generate a verification code on the service platform and then transmit the generated verification code to the SIM card, this application does not need to transmit the generated verification code to the SIM card, only the generation of the verification code needs to be transmitted factor. Since information may be hijacked or leaked during the process of the service platform transmitting information to the SIM card, the generation factor in this application will not be directly used for identity verification, and the verification code generation is directly generated in the SIM card. Therefore, the service platform transmission generation factor used in this application and the method for the SIM card to generate a verification code in the SIM card can effectively reduce the leakage of the verification code and improve the security of identity verification.

其中，当服务平台确认应用平台发送的用户获取第一验证码时是否需要进行PIN码验证的请求为是时，用户在SIM卡所在设备的显示界面获取第一验证码时，SIM卡所在设备会根据SIM卡内置的主动式指令弹出一个PIN码验证窗口，供用户在PIN码验证窗口内输入对应的PIN码进行验证。当验证通过后，用户可获得第一验证码。当用户输入的错误次数达到预设次数时，停止PIN码验证，此时用户将无法获得第一验证码。如此，可有效减少验证泄露及被他人窃取的机率。Wherein, when the service platform confirms that the request sent by the application platform whether PIN code verification is required when the user acquires the first verification code is yes, when the user obtains the first verification code on the display interface of the device where the SIM card is located, the device where the SIM card is located will According to the built-in active command of the SIM card, a PIN code verification window pops up for the user to enter the corresponding PIN code in the PIN code verification window for verification. After the verification is passed, the user can obtain the first verification code. When the wrong number of times entered by the user reaches the preset number of times, the verification of the PIN code is stopped, and the user will not be able to obtain the first verification code at this time. In this way, it can effectively reduce the probability of verification leakage and being stolen by others.

在一些实施例中，如图3所示，所述装置还包括第三处理单元33，用于接收所述应用平台发送的由所述SIM卡生成的所述第一验证码；In some embodiments, as shown in FIG. 3 , the device further includes a third processing unit 33, configured to receive the first verification code sent by the application platform and generated by the SIM card;

在本示例性实施例中，应用平台需要输入的验证码可能是具有一定字符位数的字符串。但在SIM卡内通过第二密钥对生成因子加密得到的可能是字符长度超过验证码位数的字符串，此时可以根据服务平台和SIM卡预定在预定位置截取等于验证码位数的字符串来作为验证码，从而在服务平台生成等于验证码位数的第一验证码，在SIM卡得到验证码位数的第二验证码。In this exemplary embodiment, the verification code that the application platform needs to input may be a character string with a certain number of characters. However, in the SIM card, the generation factor encrypted by the second key may be a character string whose character length exceeds the number of digits of the verification code. At this time, a character equal to the number of digits of the verification code can be intercepted at a predetermined position according to the service platform and the SIM card. The string is used as the verification code, so that the first verification code equal to the number of verification code digits is generated on the service platform, and the second verification code with the number of verification code digits is obtained on the SIM card.

再一方面，本公开还提供另一种验证码生成装置，应用于SIM卡。图4是根据一示例性实施例示出的验证码生成装置结构示意图二。如图4所述，所述装置包括：In another aspect, the present disclosure also provides another device for generating a verification code, which is applied to a SIM card. Fig. 4 is a second structural schematic diagram of a device for generating a verification code according to an exemplary embodiment. As shown in Figure 4, the device includes:

第一处理单元41，用于接收服务平台发送的包含有验证码的生成因子的报文；The first processing unit 41 is configured to receive a message sent by the service platform that includes the generation factor of the verification code;

第二处理单元42，用于基于所述生成因子以与服务平台共同知晓验证码生成方式生成第一验证码。The second processing unit 42 is configured to generate the first verification code based on the generation factor in a way that the service platform and the service platform are jointly aware of the generation of the verification code.

在本示例性实施例中，生成因子可以为用于生成验证码的基础信息，其是生成验证码的基础。例如，生成因子可以为根据发生的事务，形成与事务相关的事务信息。例如，事务ID标识，用于标识应用平台向服务平台发送请求信息的事务的标识信息；事务时间，用于记录服务平台接收应用平台发送的所述请求信息的时间信息等。其中，事务时间具有事务发生时时间上的唯一性，因此基于事务时间的生成因子也具有唯一性，供SIM卡生成的验证码便具有当前时间的唯一性。在本申请中，生成因子最终可以具体为一字符信息，其可以包含有数字、字母和特殊字符等。In this exemplary embodiment, the generation factor may be basic information for generating the verification code, which is the basis for generating the verification code. For example, the generation factor may be to generate transaction information related to the transaction according to the transaction that occurs. For example, the transaction ID is used to identify the identification information of the transaction that the application platform sends the request information to the service platform; the transaction time is used to record the time information when the service platform receives the request information sent by the application platform, etc. Wherein, the transaction time is unique in time when the transaction occurs, so the generation factor based on the transaction time is also unique, and the verification code generated by the SIM card has the uniqueness of the current time. In this application, the generating factor may finally be specifically a character information, which may include numbers, letters, special characters, and the like.

在一些实施例中，如图4所示，所述装置还包括第三处理单元43，用于对用户提供的PIN码进行验证；In some embodiments, as shown in FIG. 4, the device further includes a third processing unit 43, configured to verify the PIN code provided by the user;

在本示例性实施例中，提示文案包含有解释说明验证码的说明信息，用于供用户阅读。用户在SIM卡所在设备的显示界面获取第一验证码时，提示文案可自动弹出，供用户阅读。如此，有利于用户更详细的了解验证码的相关信息。In this exemplary embodiment, the prompt text includes explanatory information explaining the verification code for the user to read. When the user obtains the first verification code on the display interface of the device where the SIM card is located, the prompt copy can automatically pop up for the user to read. In this way, it is beneficial for the user to understand the related information of the verification code in more detail.

图5是根据一示例性实施例示出的验证码校验流程图。如图5所示，包括：Fig. 5 is a flow chart showing verification code verification according to an exemplary embodiment. As shown in Figure 5, including:

步骤1：在SIM卡内基于ICCID分散生成密钥(第三密钥)，将生成的密钥预置在卡内；Step 1: In the SIM card, a key (the third key) is distributed based on the ICCID, and the generated key is preset in the card;

步骤2：SIM卡上电时，发生注册终端入网事件；Step 2: When the SIM card is powered on, a registered terminal network access event occurs;

步骤3：入网事件触发SIM卡上报通信标识和ICCID至服务平台；Step 3: The network access event triggers the SIM card to report the communication identification and ICCID to the service platform;

步骤4：应用平台发送包含有验证码的生成因子的请求信息及提示信息，生成因子包含有事务ID，提示信息包括第一提示信息和第二提示信息；Step 4: The application platform sends request information and prompt information including the generation factor of the verification code, the generation factor includes the transaction ID, and the prompt information includes the first prompt information and the second prompt information;

步骤5：服务平台基于ICCID分散生成密钥(第一密钥)；在生成因子中增加事务时间，对包含有生成因子的报文进行密钥(第一密钥)加密以及增加对报文的Mac码校验(第一MAC消息验证码)；Step 5: The service platform generates a key (first key) based on ICCID dispersal; adds transaction time to the generation factor, encrypts the message containing the generation factor with the key (first key) and increases the Mac code verification (first MAC message verification code);

步骤6：服务平台使用短信通道或BIP通道发送密文报文至SIM卡；Step 6: The service platform sends the ciphertext message to the SIM card through the SMS channel or the BIP channel;

步骤7：SIM卡校验MAC(通过生成的第二MAC消息验证码校验第一MAC消息验证码)，解密报文(通过生成的第三密钥解密)，提取生成因子，生成符合要求的验证码；Step 7: The SIM card checks the MAC (checks the first MAC message verification code through the generated second MAC message verification code), decrypts the message (decrypts through the generated third key), extracts the generation factor, and generates the required verification code;

步骤8：SIM卡使用主动式指令提示用户在设备的显示界面输入PIN密码；Step 8: The SIM card prompts the user to enter the PIN password on the display interface of the device using an active command;

步骤9：用户在设备的显示界面输入PIN密码；Step 9: The user enters the PIN password on the display interface of the device;

步骤10a：若用户输入PIN密码错误，且错误次数超过预设次数，则校验失败返回错误原因；Step 10a: If the user enters an incorrect PIN password, and the number of errors exceeds the preset number, the verification fails and the error reason is returned;

步骤11a：返回错误原因至应用平台；Step 11a: return the error reason to the application platform;

步骤10b：若用户输入PIN密码正确，校验成功；Step 10b: If the PIN password entered by the user is correct, the verification is successful;

步骤11b：校验成功后，SIM卡使用主动式指令弹出显示窗口显示验证码和提示文案；Step 11b: After the verification is successful, the SIM card uses active commands to pop up a display window to display the verification code and prompt copy;

步骤12：用户在显示窗口读取验证码，在应用平台关联的业务访问界面填入验证码；Step 12: The user reads the verification code in the display window, and fills in the verification code in the business access interface associated with the application platform;

步骤13：应用平台发送用户填入的验证码至服务平台；Step 13: The application platform sends the verification code filled in by the user to the service platform;

步骤14：服务平台基于生成因子，采用与SIM卡生成验证码相同的方式生成验证码，对用于填入的验证码进行校验；Step 14: Based on the generation factor, the service platform generates a verification code in the same way as the verification code generated by the SIM card, and verifies the verification code used for filling in;

步骤15：服务平台返回验证码校验结果至应用平台；Step 15: The service platform returns the verification code verification result to the application platform;

步骤16：应用平台根据验证码校验结果，处理后续业务步骤。Step 16: The application platform processes subsequent business steps according to the result of verification code verification.

本申请的验证码生成方法，通过SIM卡与SIM服务平台协商使用相同的验证码生成方式，使用会话密钥，通道传输过程中只传输验证码的生成因子，使验证码时刻处在安全区域，在SIM安全服务平台校验，无验证码拦截、盗窃风险；The verification code generation method of this application uses the same verification code generation method through negotiation between the SIM card and the SIM service platform, uses the session key, and only transmits the generation factor of the verification code during channel transmission, so that the verification code is always in a safe area, Verify on the SIM security service platform, no verification code interception, no risk of theft;

应用平台可根据业务需要，选择用户在第一终端阅读验证码前，输入用户PIN密码，校验用户身份通过后，才能阅读验证码，确认用户身份，提高业务的安全性；The application platform can select the user to enter the user PIN password before reading the verification code on the first terminal according to the business needs, and only after the verification of the user's identity is passed can the verification code be read, the user's identity can be confirmed, and the security of the business can be improved;

应用平台根据不同业务需求向SIM服务平台请求指定位数的验证码，验证码使用方式灵活；The application platform requests a verification code with a specified number of digits from the SIM service platform according to different business needs, and the verification code is used flexibly;

应用平台根据业务需要，将提示文案传输给SIM服务平台，SIM服务平台将提示文案传输给SIM卡，SIM卡使用主动式指令弹框将提示文案显示给用户阅读；The application platform transmits the reminder copy to the SIM service platform according to the business needs, and the SIM service platform transmits the reminder copy to the SIM card, and the SIM card uses an active command pop-up box to display the reminder copy for the user to read;

采用SIM卡终端入网注册事件，在终端入网事件发生时，SIM卡主动向SIM服务平台上报SIM卡信息，使SIM服务平台与SIM卡有相同的密钥分散因子(ICCID)，保护通道传输中的请求数据；The SIM card terminal network registration event is used. When the terminal network access event occurs, the SIM card actively reports the SIM card information to the SIM service platform, so that the SIM service platform and the SIM card have the same key dispersion factor (ICCID), protecting the channel transmission. request data;

采用SIM卡唯一标识符分散生成密钥，每张SIM卡都有唯一密钥；Use the unique identifier of the SIM card to disperse the key generation, and each SIM card has a unique key;

采用SIM卡服务平台和SIM卡内部共同协商生成相同的验证码，并且在SIM卡服务平台进行验证码校验，使验证码在传输过程的安全风险降为零；The same verification code is generated through mutual negotiation between the SIM card service platform and the SIM card, and the verification code is verified on the SIM card service platform, so that the security risk of the verification code in the transmission process is reduced to zero;

用户在阅读验证码前，先校验用户密码，对用户身份进行校验，校验通过方可阅读和使用验证码，大大降低SIM丢失验证码被不法分子利用的风险。Before reading the verification code, the user first checks the user password and verifies the user's identity. Only after the verification is passed can the user read and use the verification code, which greatly reduces the risk of the SIM lost verification code being used by criminals.

图6是根据一示例性实施例示出的终端结构示意图。如图6所示，本公开实施例提供的终端，包括：处理器330和用于存储能够在处理器上运行的计算机程序的存储器320，其中，所述处理器330用于运行所述计算机程序时，执行上述各实施例提供所述方法的步骤。Fig. 6 is a schematic structural diagram of a terminal according to an exemplary embodiment. As shown in FIG. 6 , the terminal provided by this embodiment of the present disclosure includes: a processor 330 and a memory 320 for storing a computer program that can run on the processor, wherein the processor 330 is used for running the computer program , execute the steps of the method provided in the foregoing embodiments.

本公开实施例提供的计算机可读存储介质，其上存储有计算机程序，其特征在于，该计算机程序被处理器执行时实现上述各实施例提供所述方法的步骤。The computer-readable storage medium provided by the embodiments of the present disclosure has a computer program stored thereon, and is characterized in that, when the computer program is executed by a processor, the steps of the methods provided in the foregoing embodiments are implemented.

在本申请所提供的几个实施例中，应该理解到，所揭露的设备和方法，可以通过其它的方式实现。以上所描述的设备实施例仅仅是示意性的，例如，所述单元的划分，仅仅为一种逻辑功能划分，实际实现时可以有另外的划分方式，如：多个单元或组件可以结合，或可以集成到另一个系统，或一些特征可以忽略，或不执行。另外，所显示或讨论的各组成部分相互之间的耦合、或直接耦合、或通信连接可以是通过一些接口，设备或单元的间接耦合或通信连接，可以是电性的、机械的或其它形式的。In the several embodiments provided in this application, it should be understood that the disclosed devices and methods may be implemented in other ways. The device embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods, such as: multiple units or components can be combined, or May be integrated into another system, or some features may be ignored, or not implemented. In addition, the coupling, or direct coupling, or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be electrical, mechanical or other forms of.

上述作为分离部件说明的单元可以是、或也可以不是物理上分开的，作为单元显示的部件可以是、或也可以不是物理单元，即可以位于一个地方，也可以分布到多个网络单元上；可以根据实际的需要选择其中的部分或全部单元来实现本实施例方案的目的。The units described above as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place or distributed to multiple network units; Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.

另外，在本发明各实施例中的各功能单元可以全部集成在一个处理模块中，也可以是各单元分别单独作为一个单元，也可以两个或两个以上单元集成在一个单元中；上述集成的单元既可以采用硬件的形式实现，也可以采用硬件加软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention can be integrated into one processing module, or each unit can be used as a single unit, or two or more units can be integrated into one unit; the above-mentioned integration The unit can be realized in the form of hardware or in the form of hardware plus software functional unit.

在一些情况下，上述任一两个技术特征不冲突的情况下，可以组合成新的方法技术方案。In some cases, if any two of the above technical features do not conflict, they can be combined into a new method and technical solution.

在一些情况下，上述任一两个技术特征不冲突的情况下，可以组合成新的设备技术方案。In some cases, if any two of the above-mentioned technical features do not conflict, they can be combined into a new equipment technical solution.

本领域普通技术人员可以理解：实现上述方法实施例的全部或部分步骤可以通过程序指令相关的硬件来完成，前述的程序可以存储于一计算机可读取存储介质中，该程序在执行时，执行包括上述方法实施例的步骤；而前述的存储介质包括：移动存储设备、只读存储器(Read-Only Memory，ROM)、随机存取存储器(Random Access Memory，RAM)、磁碟或者光盘等各种可以存储程序代码的介质。Those of ordinary skill in the art can understand that all or part of the steps for realizing the above-mentioned method embodiments can be completed by hardware related to program instructions, and the aforementioned program can be stored in a computer-readable storage medium. When the program is executed, the Including the steps of the foregoing method embodiments; and the aforementioned storage medium includes: various storage devices, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk A medium on which program code can be stored.

以上所述，仅为本发明的具体实施方式，但本发明的保护范围并不局限于此，任何熟悉本技术领域的技术人员在本发明揭露的技术范围内，可轻易想到变化或替换，都应涵盖在本发明的保护范围之内。因此，本发明的保护范围应以所述权利要求的保护范围为准。The above is only a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Anyone skilled in the art can easily think of changes or substitutions within the technical scope disclosed in the present invention. Should be covered within the protection scope of the present invention. Therefore, the protection scope of the present invention should be determined by the protection scope of the claims.

Claims

1. A verification code generation method is applied to a service platform, and comprises the following steps:

receiving request information which is sent by an application platform and used for generating a verification code, wherein the request information at least comprises a generation factor of the verification code and a communication identifier for generating the verification code SIM;

and sending a message containing the generation factor to the SIM card according to the communication identifier, wherein the generation factor is used for enabling the SIM card to generate a first verification code by adopting a verification code generation mode known by the SIM card and a service platform together.

2. The verification code generation method according to claim 1, wherein the generation factor of the verification code includes at least one of:

the transaction ID identification is used for identifying the transaction of the request information sent by the application platform to the service platform;

and the transaction time is used for recording the time when the service platform receives the request information sent by the application platform.

3. The captcha generation method of claim 1, wherein the request information further comprises at least one of:

a validation code digit for indicating a character digit number of the validation code;

the first prompt message is used for indicating the service platform to determine whether PIN code verification is required when the user acquires the first verification code;

and the second prompt information is used for indicating the service platform to determine whether a prompt document needs to be provided for the user to read when the user acquires the first verification code.

4. The method according to claim 1, wherein the sending the message including the generation factor to the SIM card comprises:

generating a first key through a determined dispersion algorithm based on the ICCID integrated circuit card identification code corresponding to the SIM card;

generating a first MAC message verification code based on the first secret key and the message;

encrypting the message by a first secret key;

and sending the first MAC message verification code and the message encrypted by the first key to the SIM card, wherein the first MAC message verification code is used for the SIM card to perform message verification on the integrity of the received message.

5. The verification code generation method according to claim 4, further comprising:

receiving the first verification code generated by the SIM card and sent by the application platform;

after receiving the first verification code, generating a second key different from the first key based on the first key;

and carrying out key encryption on the generation factor based on the second key to obtain a second verification code corresponding to the first verification code generated by the SIM card.

6. The method for generating the verification code according to claim 5, wherein the key encrypting the generation factor based on the second key to obtain a second verification code corresponding to the first verification code generated by the SIM card comprises:

carrying out key encryption on the generation factor based on a second key to obtain a verification code character chain;

and intercepting the characters with the number equal to the number of the verification codes at the determined position of the verification code character chain to obtain the second verification code.

7. The verification code generation method according to claim 5, further comprising:

verifying whether the generated second verification code is the same as the first verification code to obtain a verification result;

and feeding back the verification result to the application platform.

8. A verification code generation method is applied to a SIM card, and comprises the following steps:

receiving a message which is sent by a service platform and contains a generation factor of a verification code;

and generating a first verification code based on the generation factor in a verification code generation mode commonly known with the service platform.

9. The method of claim 8, wherein before receiving a message sent by a service platform and containing a generation factor of the verification code, the method comprises:

sending a communication identifier for generating the verification code SIM and an ICCID corresponding to the communication identifier to the service platform; the ICCID is used for the service platform to generate a first key for encrypting the message based on the ICCID;

after receiving a message which is sent by the service platform and contains a generation factor of the verification code, the method comprises the following steps:

generating a third key by a determined decentralized algorithm based on the ICCID integrated circuit card identification code, wherein the decentralized algorithm for generating the third key by the SIM card is the same as the decentralized algorithm for generating the first key by the service platform;

and decrypting the message encrypted by the first key based on the third key to obtain the generation factor.

10. The verification code generation method according to claim 9, wherein the generating the first verification code includes:

generating a fourth key different from the third key based on the third key, wherein the SIM card generates the fourth key in the same manner as the service platform generates the second key;

and carrying out key encryption on the generation factor based on the fourth key to obtain the first verification code.

11. The verification code generation method according to claim 9, further comprising:

receiving a first MAC message verification code sent by the service platform, wherein the first MAC message verification code is generated by the service platform based on the first secret key and is used for the SIM card to perform message verification on the integrity of the message;

generating a second MAC message verification code based on the third key, wherein the generation mode of the second MAC message verification code generated by the SIM card is the same as the mode of the first MAC message verification code generated by the service platform;

verifying whether the second MAC message verification code is the same as the first MAC message verification code.

12. The verification code generation method according to claim 8, further comprising:

verifying a PIN provided by a user;

and after the PIN is verified, displaying the first verification code through a display interface of the equipment where the SIM card is located.

13. The verification code generation method according to claim 12, further comprising:

and after the PIN code passes the verification, displaying a prompt document through a display interface of the equipment where the SIM card is located, wherein the prompt document is used for explaining the first verification code.

14. An authentication code generating apparatus, comprising:

the first processing unit is used for receiving request information which is sent by an application platform and used for generating a verification code, wherein the request information at least comprises a generation factor of the verification code and a communication identifier for generating the verification code SIM;

and the second processing unit is used for sending a message containing the generation factor to the SIM card according to the communication identifier, wherein the generation factor is used for enabling the SIM card to generate a first verification code by adopting a verification code generation mode which is known by a service platform together.

15. The verification code generation apparatus according to claim 14, wherein the generation factor of the verification code includes at least one of:

16. The captcha generating apparatus of claim 14, wherein the request information further comprises at least one of:

17. The captcha generation apparatus of claim 14, wherein the second processing unit is specifically configured to

encrypting the message by a first secret key;

18. The verification code generation apparatus of claim 17, further comprising a third processing unit configured to receive the first verification code generated by the SIM card and sent by the application platform;

19. The verification code generation apparatus of claim 18, wherein the third processing unit is further configured to

and intercepting characters equal to the number of the verification codes at the determined position of the verification code character chain to obtain the second verification code.

20. The apparatus according to claim 18, wherein the third processing unit is further configured to verify whether the generated second verification code is the same as the first verification code, so as to obtain a verification result;

and feeding back the verification result to the application platform.

21. An authentication code generation apparatus applied to a SIM card, the apparatus comprising:

the first processing unit is used for receiving a message which is sent by the service platform and contains a generation factor of the verification code;

and the second processing unit is used for generating the first verification code in a verification code generation mode known together with the service platform based on the generation factor.

22. The apparatus of claim 21, wherein the first processing unit is further configured to send a communication identifier for generating the authentication code SIM and an ICCID corresponding to the communication identifier to the service platform before receiving a packet sent by the service platform and containing a generation factor of the authentication code; the ICCID is used for the service platform to generate a first key for encrypting the message based on the ICCID; and

after receiving a message which is sent by the service platform and contains the generation factor of the verification code,

23. The captcha generation apparatus of claim 22, wherein the second processing unit is specifically configured to

Generating a fourth key different from the third key based on the third key, wherein the SIM card generates the fourth key in the same way as the service platform generates the second key;

24. The verification code generation apparatus of claim 22, wherein the first processing unit is further configured to generate the verification code

25. The captcha generating apparatus of claim 21, further comprising a third processing unit configured to

Verifying a PIN provided by a user;

26. The verification code generation apparatus of claim 25, wherein the third processing unit is further configured to

27. A terminal, comprising: a processor and a memory for storing a computer program operable on the processor, wherein the processor is operable to perform the steps of the method of claims 1 to 13 when executing the computer program.

28. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method of claims 1 to 13.