CN110599190B

CN110599190B - Identity authentication method and device based on block chain

Info

Publication number: CN110599190B
Application number: CN201910922180.1A
Authority: CN
Inventors: 张超; 朱通; 孙传亮; 赵华
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2019-09-27
Filing date: 2019-09-27
Publication date: 2022-10-21
Anticipated expiration: 2039-09-27
Also published as: CN110599190A

Abstract

The application provides an identity authentication method and device based on a block chain, wherein the identity authentication method based on the block chain is applied to block chain link points in the block chain, and comprises the following steps: receiving an identity authentication request sent by an authentication server, performing identity authentication on a user to be authenticated by calling an intelligent contract deployed by a blockchain node, returning an identity authentication result to the authentication server, receiving a confirmation instruction submitted by the authentication server aiming at the identity authentication result under the condition that the authentication is passed, and finally uploading authentication information of the user to be authenticated to the blockchain according to the confirmation instruction.

Description

Identity authentication method and device based on block chain

Technical Field

The present application relates to the field of identity authentication technologies, and in particular, to an identity authentication method and apparatus based on a block chain.

Background

With the continuous development of internet technology, electronic payment has been popularized in the daily life of users, under the condition, once the identity of a user is falsely used, not only can the normal payment of the user be affected, but also the electronic fund account of the user can be stolen possibly, so that higher requirements are provided for the safety of the user account.

The current real-name authentication mainly comprises two types of bank card authentication and identity card authentication, wherein the bank card authentication is not friendly to partial minors without bank cards, and has higher threshold and poorer experience; the experience of the identity card authentication on the user whose certificate is not around for various reasons is poor, and therefore, the two existing real-name authentication modes have certain defects.

Disclosure of Invention

In view of this, embodiments of the present application provide an identity authentication method based on a block chain, so as to solve technical defects in the prior art. The embodiment of the application also provides an identity authentication device based on the blockchain, another identity authentication method and device based on the blockchain, two kinds of computing equipment and two kinds of computer readable storage media.

The application provides an identity authentication method based on a block chain, which is applied to block chain link points in the block chain and comprises the following steps:

receiving an identity authentication request sent by an authentication server; the identity authentication request comprises the social relationship between an authentication initiator and a user to be authenticated and the identity information of the user to be authenticated;

performing identity authentication on the user to be authenticated contained in the identity authentication request by calling an intelligent contract deployed by the block chain nodes;

obtaining the identity authentication result of the intelligent contract on the user to be authenticated and returning the identity authentication result to the authentication server;

receiving a confirmation instruction which is sent by the authentication server and submitted by the authentication initiator aiming at the identity authentication result under the condition that the identity authentication result is authenticated;

and uploading the authentication information of the user to be authenticated to the block chain according to the confirmation instruction.

Optionally, before the step of receiving the identity authentication request sent by the authentication server is executed, the method includes:

broadcasting the identity authentication clauses submitted by the authentication server to all blockchain nodes in the blockchain;

writing the identity authentication clauses confirmed by the block chain link points and agreed into the block chain as the intelligent contract;

the intelligent contract comprises an identity authentication protocol for performing identity authentication on a user to be authenticated on the premise that an authentication initiator serves as a security party.

Optionally, the intelligent contract performs identity authentication on the user to be authenticated by adopting the following method:

analyzing historical interaction data of the authentication initiator and the user to be authenticated to obtain an interaction relation between the authentication initiator and the user to be authenticated;

judging whether the interaction relation is matched with the social relation contained in the identity authentication request;

if so, judging whether the identity information of the user to be authenticated contained in the identity authentication request meets a preset identity information authentication standard or not;

and if so, determining that the identity authentication result of the user to be authenticated is authentication passing.

Optionally, after the obtaining of the identity authentication result of the intelligent contract for the user to be authenticated and the returning to the authentication server, the method includes:

receiving authentication resistant material which is sent by the authentication server and submitted by the authentication initiator aiming at the identity authentication result which is not authenticated under the condition that the identity authentication result is not authenticated;

calling the intelligent contract to perform secondary identity authentication on the user to be authenticated based on the authentication dialectical material;

acquiring a secondary identity authentication result of the intelligent contract for performing secondary identity authentication on the user to be authenticated and returning the secondary identity authentication result to the authentication server;

receiving a confirmation instruction which is sent by the authentication server and submitted by the authentication initiator aiming at the secondary identity authentication result under the condition that the secondary identity authentication result is authenticated;

and uploading the authentication information of the user to be authenticated to the block chain according to a confirmation instruction submitted aiming at the secondary identity authentication result.

The application provides an identity authentication device based on block chain, the block chain link point of operation in the block chain includes:

the identity authentication request receiving module is configured to receive an identity authentication request sent by an authentication server; the identity authentication request comprises the social relationship between an authentication initiator and a user to be authenticated and identity information of the user to be authenticated;

the identity authentication module is configured to perform identity authentication on the user to be authenticated contained in the identity authentication request by calling an intelligent contract deployed by the block chain nodes;

the identity authentication result acquisition module is configured to acquire the identity authentication result of the intelligent contract on the user to be authenticated and return the identity authentication result to the authentication server;

a confirmation instruction receiving module configured to receive a confirmation instruction submitted by the authentication initiator for the identity authentication result sent by the authentication server if the identity authentication result is that authentication is passed;

and the authentication information uploading module is configured to upload the authentication information of the user to be authenticated to the block chain according to the confirmation instruction.

Optionally, the identity authentication apparatus based on a block chain further includes:

an identity authentication clause broadcasting module configured to broadcast the identity authentication clauses submitted by the authentication server to all blockchain nodes in the blockchain;

a writing module configured to write an identity authentication term confirmed by the block link point and agreed into the block chain as the intelligent contract;

Optionally, the intelligent contract performs identity authentication on the user to be authenticated by operating the following sub-modules:

the interactive relation analysis module is configured to analyze historical interactive data of the authentication initiator and the user to be authenticated to obtain the interactive relation between the authentication initiator and the user to be authenticated;

a matching module configured to determine whether the interaction relationship matches the social relationship included in the identity authentication request;

if yes, operating an identity information judgment module; the identity information judging module is configured to judge whether the identity information of the user to be authenticated, which is contained in the identity authentication request, meets a preset identity information authentication standard; and if so, determining that the identity authentication result of the user to be authenticated is authentication passing.

Optionally, the identity authentication apparatus based on a blockchain further includes:

the authentication and anti-dialectic material receiving module is configured to receive the authentication and anti-dialectic material which is sent by the authentication server and submitted by the authentication initiator according to the identity authentication result which is not passed under the condition that the identity authentication result is not passed;

the secondary identity authentication module is configured to call the intelligent contract to perform secondary identity authentication on the user to be authenticated based on the authentication dialectical material;

the secondary identity authentication result returning module is configured to obtain a secondary identity authentication result of the intelligent contract for performing secondary identity authentication on the user to be authenticated and return the secondary identity authentication result to the authentication server;

the confirmation module is configured to receive a confirmation instruction which is sent by the authentication server and submitted by the authentication initiator aiming at the secondary identity authentication result under the condition that the secondary identity authentication result is authenticated;

and the uploading module is configured to upload the authentication information of the user to be authenticated to the block chain according to a confirmation instruction submitted aiming at the secondary identity authentication result.

The application provides another identity authentication method based on a block chain, which comprises the following steps:

performing identity verification on the authentication initiator;

receiving the social relationship with the user to be authenticated and the identity information of the user to be authenticated, which are submitted by the authentication initiator, under the condition that the identity verification is passed;

sending an identity authentication request containing the social relationship and identity information of the user to be authenticated to a block chain node in a block chain;

receiving an identity authentication result of the user to be authenticated, which is returned by the block chain node, and pushing the identity authentication result to the authentication initiator;

and under the condition that the identity authentication result is authenticated, receiving a confirmation instruction submitted by the authentication initiator aiming at the identity authentication result and sending the confirmation instruction to the blockchain node.

Optionally, before the step of performing identity verification on the authentication initiator is performed, the method includes:

and submitting identity authentication terms to the blockchain node.

Optionally, after the step of receiving the identity authentication result of the user to be authenticated, which is returned by the blockchain node, and pushing the identity authentication result to the authentication initiator is executed, the method includes:

receiving authentication resistant materials submitted by the authentication initiator according to the identity authentication result which is not authenticated under the condition that the identity authentication result is not authenticated;

sending the authentication resistant material to the block link points;

receiving a secondary identity authentication result of the user to be authenticated, which is returned by the block chain node, and pushing the secondary identity authentication result to the authentication initiator;

and under the condition that the secondary identity authentication result is authenticated, receiving a confirmation instruction submitted by the authentication initiator aiming at the secondary identity authentication result and sending the confirmation instruction to the blockchain node.

The application provides another kind of identity authentication device based on block chain, includes:

an identity verification module configured to perform identity verification on the authentication initiator;

the identity information receiving module is configured to receive the social relationship with the user to be authenticated and the identity information of the user to be authenticated, which are submitted by the authentication initiator, under the condition that the identity verification is passed;

the identity authentication request sending module is configured to send an identity authentication request containing the social relationship and the identity information of the user to be authenticated to the block chain nodes in the block chain;

the identity authentication result receiving module is configured to receive the identity authentication result of the user to be authenticated, which is returned by the block chain node, and push the identity authentication result to the authentication initiator;

and the confirmation instruction sending module is configured to receive a confirmation instruction submitted by the authentication initiator according to the identity authentication result and send the confirmation instruction to the blockchain node under the condition that the identity authentication result is authenticated.

an authentication clause submission module configured to submit an authentication clause to the blockchain node.

the authentication and anti-dialect material receiving module is configured to receive authentication and anti-dialect material submitted by the authentication initiator according to the identity authentication result which is not authenticated under the condition that the identity authentication result is not authenticated;

an authentication forensic material sending module configured to send the authentication forensic material to the block link points;

the receiving module is configured to receive a secondary identity authentication result of the user to be authenticated, which is returned by the block link node, and push the secondary identity authentication result to the authentication initiator;

and the sending module is configured to receive a confirmation instruction submitted by the authentication initiator according to the secondary identity authentication result and send the confirmation instruction to the blockchain node under the condition that the secondary identity authentication result is authenticated.

The present application provides a computing device comprising:

a memory and a processor;

the memory is to store computer-executable instructions, the processor is to execute the computer-executable instructions at block link points in a block chain:

receiving an identity authentication request sent by an authentication server; the identity authentication request comprises the social relationship between an authentication initiator and a user to be authenticated and identity information of the user to be authenticated;

The present application provides another computing device comprising:

a memory and a processor;

the memory is to store computer-executable instructions, and the processor is to execute the computer-executable instructions to:

performing identity verification on the authentication initiator;

and receiving a confirmation instruction submitted by the authentication initiator aiming at the identity authentication result and sending the confirmation instruction to the block chain node under the condition that the identity authentication result is authenticated.

The present application provides a computer readable storage medium storing computer instructions that, when executed by a processor, perform the steps of the blockchain-based identity authentication method.

Another computer-readable storage medium is provided that stores computer instructions that, when executed by a processor, perform the steps of the other blockchain-based identity authentication method.

Compared with the prior art, the method has the following advantages:

according to the identity authentication method based on the block chain, the characteristics of non-tamper property and high safety of the block chain are utilized, on the basis that an authentication initiator who completes identity authentication carries out identity authentication guarantee on a user to be authenticated, the social relation between the authentication initiator and the user to be authenticated is utilized, and an intelligent contract deployed by a block chain node in the block chain is called to carry out identity authentication on the user to be authenticated, so that the quality of the user to be authenticated is guaranteed, the connection between the user to be authenticated and the user who initiates the authentication is enhanced, and a safe, convenient and efficient identity authentication mode is provided for the user while low risk and high user experience are considered.

According to the block chain-based identity authentication method, the characteristics of tamper resistance and high safety of the block chain are utilized, on the basis that an authentication initiator who completes identity authentication carries out identity authentication guarantee on a user to be authenticated, the social relationship between the authentication initiator and the user to be authenticated is utilized, and the block chain link point in the block chain is matched for carrying out identity authentication on the user to be authenticated, so that the quality of the user to be authenticated is ensured, the connection between the user to be authenticated and the user who initiates the authentication is enhanced, and a safe, convenient and efficient identity authentication mode is provided for the user while low risk and high user experience are considered.

Drawings

Fig. 1 is a processing flow diagram of an identity authentication method based on a block chain according to an embodiment of the present application;

fig. 2 is a schematic diagram of an identity authentication apparatus based on a block chain according to an embodiment of the present application;

fig. 3 is a flowchart of another identity authentication method based on a blockchain according to an embodiment of the present disclosure;

fig. 4 is a schematic diagram of another identity authentication apparatus based on a blockchain according to an embodiment of the present application;

FIG. 5 is a block diagram of a computing device according to an embodiment of the present disclosure;

fig. 6 is a block diagram of another computing device according to an embodiment of the present disclosure.

Detailed Description

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application. This application is capable of implementation in many different ways than those herein set forth and of similar import by those skilled in the art without departing from the spirit of this application and is therefore not limited to the specific implementations disclosed below.

The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in one or more embodiments of the present specification refers to and encompasses any and all possible combinations of one or more of the associated listed items.

It will be understood that, although the terms first, second, etc. may be used herein in one or more embodiments to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, a first can also be referred to as a second and, similarly, a second can also be referred to as a first without departing from the scope of one or more embodiments of the present description. The word "if," as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination," depending on the context.

The application provides an identity authentication method based on a block chain, and also provides an identity authentication device based on the block chain, another identity authentication method and device based on the block chain, two kinds of computing equipment and two kinds of computer readable storage media. The following is a detailed description of the embodiments provided in this application, and the steps of the method are described in detail below.

The embodiment of the identity authentication method based on the block chain provided by the application is as follows:

referring to fig. 1, it shows a processing flow chart of an identity authentication method based on a blockchain according to this embodiment.

Step S102, receiving an identity authentication request sent by an authentication server.

In practical application, a capital loss case of a user capital account is often caused by falsely using a user identity after the user capital account is stolen, so as to reduce the risk of the user capital account being stolen and also reduce the occurrence rate of the capital loss case caused by falsely using the user identity.

In practical application, before identity authentication is performed on a block chain, intelligent contracts for realizing identity authentication need to be deployed on block chain link points in the block chain, and corresponding identity authentication is realized by using the intelligent contracts on the basis of deploying the intelligent contracts; in an optional implementation manner provided by the embodiment of the present application, before receiving an identity authentication request sent by an authentication server, an intelligent contract is deployed on a block link point in a block chain, specifically, in a deployment process, an authentication server first submits an identity authentication term to the block chain node, and after receiving the identity authentication term submitted by the authentication server, the block chain node broadcasts the identity authentication term submitted by the authentication server to all block chain nodes in the block chain, and writes the identity authentication term confirmed by the block chain node and agreed into the block chain as an intelligent contract for identity authentication; the intelligent contract comprises an identity authentication protocol for performing identity authentication on a user to be authenticated on the premise that an authentication initiator serves as a security party.

For example, the payment platform is provided with a risk control engine for risk detection and control, an authentication server in the risk control engine broadcasts an intelligent contract used as real-name authentication to blockchain nodes in the form of blockchain transaction, and the intelligent contract becomes a consensus achieved on the blockchain through confirmation of other blockchain nodes in the chain;

the main contents of the intelligent contract after consensus are as follows: the real-name authenticated user who has undergone real-name authentication and has been recorded by the blockchain can be used as an authentication initiator to perform real-name guarantee on users who do not complete authentication or cannot complete authentication (identity card missing, bank card missing, etc.), and the users can also be real-name authenticated users through the guarantee. Therefore, the intelligent contract achieving the consensus in the block chain carries out real-name authentication on the user who does not finish authentication or cannot finish authentication in a guarantee mode, and an effective authentication mode is provided for the user who cannot finish authentication.

And step S104, performing identity authentication on the user to be authenticated contained in the identity authentication request by calling an intelligent contract deployed by the block chain nodes.

In specific implementation, after receiving an identity authentication request sent by an authentication server, for any one block chain node in a block chain, performing identity authentication on a user to be authenticated included in the identity authentication request by calling the intelligent contract deployed by the block chain node, where in an optional implementation provided in the embodiment of the present application, the intelligent contract specifically performs identity authentication on the user to be authenticated by using the following method:

1) Analyzing historical interaction data of the authentication initiator and the user to be authenticated to obtain an interaction relation between the authentication initiator and the user to be authenticated;

2) Judging whether the interaction relation is matched with the social relation contained in the identity authentication request;

if so, indicating that the authentication initiator is used as a guarantee party of the user to be authenticated, and the interactive relationship between the user to be authenticated and the interactive relationship submitted to the blockchain is consistent with the interactive relationship obtained according to the historical interactive data analysis of the user to be authenticated, and executing the following step 3);

if not, the authentication initiator is used as a guarantee party of the user to be authenticated, the social relationship between the user to be authenticated and the social relationship submitted to the blockchain is inconsistent with the interactive relationship obtained according to the historical interactive data analysis of the user to be authenticated, the possible reason is that the authentication initiator submits a false social relationship, and the authentication initiator can be issued with reminding information of identity guarantee failure through the authentication server;

correspondingly, after receiving the reminding information of the identity guarantee failure, the authentication initiator can perform anti-dialectic by submitting corresponding identity guarantee proving materials, and specific anti-dialectic processes can refer to the anti-dialectic flow provided below, which is not described herein again.

3) Judging whether the identity information of the user to be authenticated contained in the identity authentication request meets a preset identity information authentication standard or not;

if the identity authentication result meets the identity authentication result, the identity authentication result is determined to be passed through, and the identity authentication result meets the identity information authentication standard specified by the intelligent contract deployed on the block chain node;

if the identity authentication result does not meet the requirement, the authentication initiator is used as a guarantee party of the user to be authenticated, the identity information of the user to be authenticated, submitted in the process of identity authentication of the user to be authenticated, does not meet the identity information authentication standard specified by the intelligent contract deployed on the block link point, and the identity authentication result of the user to be authenticated is determined to be authentication failure.

Through the implementation mode, the social relationship between the user identity and the user identity is verified by means of the historical interaction data of the user identity and the user identity, so that the social relationship serving as a guarantee basis of the user identity and the user identity is more credible, the guarantee of the user identity and the user identity is more credible, and meanwhile, the accuracy and the reliability of the whole identity authentication process are improved.

According to the above embodiment, a user a who has completed real-name authentication serves as an authentication initiator, and guarantees real-name authentication of a user B to be authenticated who has lost an identity card or lost a passport and cannot perform real-name authentication, after a real-name authentication request initiated by the authentication initiator (user a) for the user B to be authenticated is sent to a block link point in a block chain by an authentication server, and after the block link point receives the real-name authentication request sent by the authentication server, the real-name authentication of the user B to be authenticated is performed by calling an intelligent contract deployed on the block chain according to an identity of the authentication initiator a and an identity and real-name authentication material of the user B to be authenticated, and the following three steps are respectively:

firstly, according to the identity of an authentication initiator A and the identity of a user B to be authenticated, which are contained in a real-name authentication request, historical interaction data generated by the past message interaction or transaction of the authentication initiator A and the user B to be authenticated are obtained, and historical interaction data generated by the message interaction or transaction of the authentication initiator A and the user B to be authenticated are analyzed, for example, chat records of the authentication initiator A and the user B to be authenticated indicate that the name of the user B to be authenticated to the authentication initiator A is teacher, so that the interaction relationship between the authentication initiator A and the user B to be authenticated can be 'teacher-student relationship';

then, comparing the interactive relationship of the teacher-student relationship obtained by analysis with the social relationship submitted by the authentication initiator A in the real-name authentication request, and if the social relationship submitted by the authentication initiator A in the real-name authentication request is also the teacher-student relationship, verifying that the social relationship submitted by the authentication initiator A in the real-name authentication request is real;

on the contrary, if the social relationship submitted by the authentication initiator a in the real-name authentication request is not the teacher-student relationship, the verification result is that the social relationship submitted by the authentication initiator a in the real-name authentication request is false or inappropriate;

finally, under the condition that the interactive relationship between the authentication initiator A and the user B to be authenticated, which is obtained by analysis, is consistent with the social relationship submitted in the real-name authentication request, further judging whether the real-name authentication material of the user B to be authenticated, which is submitted in the real-name authentication request, meets the real-name authentication material authentication standard which is agreed in advance in the intelligent contract;

if the real-name authentication result meets the requirement, the authentication initiator A is used as a guarantee party of the user B to be authenticated, the real-name authentication material submitted by the user B to be authenticated in the process of real-name authentication of the user B to be authenticated meets the real-name authentication material authentication standard specified by the intelligent contract, and the real-name authentication result of the user B to be authenticated is authentication passing;

if the real-name authentication result does not meet the requirement, the authentication initiator A is used as a guarantee party of the user B to be authenticated, the real-name authentication material submitted by the user B to be authenticated in the process of real-name authentication of the user B to be authenticated does not meet the real-name authentication material authentication standard specified by the intelligent contract, and the real-name authentication result of the user B to be authenticated is authentication failure.

And step S106, obtaining the identity authentication result of the intelligent contract on the user to be authenticated and returning the identity authentication result to the authentication server.

In step S104, after the identity authentication of the user to be authenticated is performed by calling the intelligent contract deployed at the block link point, and after an identity authentication result for performing the identity authentication on the user to be authenticated is obtained, in this step, an identity authentication result for performing the identity authentication on the user to be authenticated by the intelligent contract is obtained and returned to the authentication server, and after the authentication server receives the identity authentication result, the identity authentication result is pushed to the authentication initiator.

Step S108, receiving a confirmation instruction which is sent by the authentication server and submitted by the authentication initiator aiming at the identity authentication result under the condition that the identity authentication result is authenticated.

As described in the step S104, there are two kinds of results of performing identity authentication on the user to be authenticated, one of the results is authentication pass, and the other is authentication fail, and in the step S106, the identity authentication result that passes or fails is returned to the authentication server, the authentication server pushes the identity authentication result to the authentication initiator, and after the authentication initiator receives the pushed identity authentication result of the user to be authenticated, if the identity authentication result of the user to be authenticated is authentication pass, the authentication initiator confirms the identity authentication result by submitting a confirmation instruction to the authentication server; after the confirmation instruction submitted by the authentication initiator aiming at the identity authentication result is submitted to the authentication server, the confirmation instruction submitted by the authentication initiator is sent to a block chain node by the authentication server, and here, the confirmation instruction submitted by the authentication initiator aiming at the identity authentication result and sent by the authentication server is received.

And step S110, uploading the authentication information of the user to be authenticated to the block chain according to the confirmation instruction.

After receiving the confirmation instruction, the authentication of the identity authentication of the user to be authenticated under the guarantee of the authentication initiator is passed, and the identity authentication result is also confirmed by the authentication initiator, in this case, the authentication information of the user to be authenticated is uploaded to the block chain, so that the authentication information of the user to be authenticated, which successfully passes the identity authentication, is broadcasted to all block chain nodes in the block chain, and in the process of performing corresponding service processing on the user to be authenticated by any block chain node in the subsequent block chain, the user to be authenticated has the identity and the authority of the authenticated user.

According to the above example, when the authentication result of the real-name authentication of the user B to be authenticated is that the authentication is passed, aiming at the authentication result issued by the authentication server in the risk control engine, after the confirmation instruction submitted by the authentication initiator a to the authentication server is received by the block chain link point in the block chain, the real-name authentication information of the user B to be authenticated is written into the block of the block chain link point in the block chain, and after the real-name authentication information is written, the account of the user B to be authenticated becomes the real-name authentication account, so that the payment platform can enjoy the function of the real-name authentication user and has the authority of the real-name authentication user; meanwhile, other accounts can also see the real-name authentication information of the user B to be authenticated, and other users cannot modify the real-name authentication information of the user B to be authenticated according to the characteristic that the blockchain cannot be tampered, so that the safety of the real-name authentication information of the user is ensured.

In addition, as described in step S104, there are two kinds of results of performing identity authentication on the user to be authenticated, one of which is authentication pass and the other is authentication fail, and step S106 returns the identity authentication result that is authentication pass or authentication fail to the authentication server, the authentication server pushes the identity authentication result to the authentication initiator, and the authentication initiator enters an anti-authentication execution process if the identity authentication result of the user to be authenticated is authentication fail after receiving the pushed identity authentication result of the user to be authenticated. In an optional implementation manner provided by the embodiment of the present application, the robust execution flow is implemented in the following manner:

The provided anti-dialectic mechanism provides remedial measures under the condition that the identity authentication fails, and perfects a processing mechanism under the condition that the identity authentication fails, so that the identity authentication process is further perfected, and the user experience can be greatly improved.

To sum up, the block link-based identity authentication method provided by the application utilizes the characteristics of tamper resistance and high security of the block link, and utilizes the social relationship between an authentication initiator and a user to be authenticated on the basis of identity authentication guarantee of the user to be authenticated by the authentication initiator who has completed identity authentication, and invokes an intelligent contract deployed by a block link node in the block link to perform identity authentication on the user to be authenticated, thereby not only ensuring the quality of the user to be authenticated, but also enhancing the connection between the user to be authenticated and the user who is the authentication initiator, and providing a safe, convenient and efficient identity authentication mode for the user while taking low risk and high user experience into account.

The embodiment of the identity authentication device based on the block chain provided by the application is as follows:

in the foregoing embodiment, an identity authentication method based on a block chain is provided, and correspondingly, an identity authentication apparatus based on a block chain is also provided in the present application, which is described below with reference to the accompanying drawings.

Referring to fig. 2, a schematic diagram of an embodiment of an identity authentication apparatus based on a block chain according to the present application is shown.

Since the apparatus embodiments are substantially similar to the method embodiments, they are described in a relatively simple manner, and reference may be made to the corresponding description of the method embodiments provided above for relevant portions. The device embodiments described below are merely illustrative.

an identity authentication request receiving module 202 configured to receive an identity authentication request sent by an authentication server; the identity authentication request comprises the social relationship between an authentication initiator and a user to be authenticated and identity information of the user to be authenticated;

the identity authentication module 204 is configured to perform identity authentication on the user to be authenticated included in the identity authentication request by calling an intelligent contract deployed by the block chain nodes;

an identity authentication result obtaining module 206 configured to obtain an identity authentication result of the intelligent contract for the user to be authenticated and return the identity authentication result to the authentication server;

a confirmation instruction receiving module 208 configured to receive, when the identity authentication result is that authentication is passed, a confirmation instruction submitted by the authentication initiator for the identity authentication result, where the confirmation instruction is sent by the authentication server;

an authentication information uploading module 210 configured to upload the authentication information of the user to be authenticated to the blockchain according to the confirmation instruction.

if so, operating an identity information judgment module; the identity information judging module is configured to judge whether the identity information of the user to be authenticated, which is contained in the identity authentication request, meets a preset identity information authentication standard; and if so, determining that the identity authentication result of the user to be authenticated is authentication passing.

the authentication and anti-dialect material receiving module is configured to receive the authentication and anti-dialect material which is sent by the authentication server and submitted by the authentication initiator according to the identity authentication result which is not passed under the condition that the identity authentication result is not passed;

the confirmation module is configured to receive a confirmation instruction which is sent by the authentication server and submitted by the authentication initiator according to the secondary identity authentication result under the condition that the secondary identity authentication result is authenticated;

The embodiment of another identity authentication method based on the block chain provided by the application is as follows:

in the above embodiment, an identity authentication method based on a block chain is provided, and in cooperation with the identity authentication method, another identity authentication method based on a block chain is also provided in the present application, which is described below with reference to the accompanying drawings.

Referring to fig. 3, it shows a process flow diagram of an embodiment of the identity authentication method based on a blockchain provided in the present application.

and step S302, performing identity verification on the authentication initiator.

In practical application, the fund damage cases of the user's fund account are often caused by falsely using the user's identity after the user's fund account is stolen, and in order to reduce the risk of the user's fund account being stolen and also reduce the rate of the fund damage cases caused by falsely using the user's identity, the block link-based identity authentication method provided by the present application utilizes the characteristics of non-tamper-resistance and high security of the block link by means of the block link and an intelligent contract to authenticate the user's identity.

In specific implementation, in order to prevent illegal operations, such as embezzlement, fraud, identity impersonation and the like, in the identity authentication process, the identity verification is performed on the authentication initiator performing the identity authentication, and whether the currently initiated identity authentication operation is the operation of the authentication initiator, and the common identity verification mode includes static information such as certificates and bank cards, dynamic information such as short messages and security problems, and biological verification body information such as fingerprints, voiceprints and human faces;

after the identity verification is carried out on the authentication initiator, if the identity verification result indicates that the authentication initiator has risks, the identity authentication operation initiated by the authentication initiator can be intercepted, the identity authentication process is interrupted, and the authentication initiator is allowed to further submit corresponding verification information;

and if the identity verification result indicates that the authentication initiator has no risk, confirming that the authentication initiator passes the identity verification, and executing the following steps S302 to S310.

In practical application, before receiving the identity authentication of a user to be authenticated initiated by the authentication initiator, specifically before performing identity verification on the authentication initiator, identity authentication terms are submitted to block chain nodes in a block chain to perform deployment of an intelligent contract, after the identity authentication terms are submitted to the block chain nodes, the block chain nodes broadcast the identity authentication terms to all the block chain nodes in the block chain, and the identity authentication terms confirmed by the block chain nodes in the block chain and achieving consensus are written into the block chain to serve as the intelligent contract; the intelligent contract comprises an identity authentication protocol for performing identity authentication on a user to be authenticated on the premise that an authentication initiator serves as a security party.

Step S304, receiving the social relationship with the user to be authenticated submitted by the authentication initiator and the identity information of the user to be authenticated under the condition that the identity verification is passed.

Specifically, under the condition that the identity verification of the authentication initiator passes, the authentication initiator submits the identity information of the user to be authenticated and the social relationship between the identity information and the social relationship, for example, the authentication initiator (user a) receives the relevant user identity information (such as name, sex, place of birth, mobile phone number and the like) of the user to be authenticated and the social relationship between the user and the social relationship (such as father and son, mother and daughter, colleagues, teachers and students and the like) of the user to be authenticated, which are uploaded by the terminal device of the authentication initiator (user a).

Step S306, sending an identity authentication request containing the social relationship and the identity information of the user to be authenticated to the block chain nodes in the block chain.

After the identity authentication request including the social relationship and the identity information of the user to be authenticated is sent to the block link point in the block chain, the block link point performs identity authentication on the user to be authenticated included in the identity authentication request by calling the intelligent contract deployed by the block link point, which is specifically described in steps S104 to S106 of the method embodiment.

Step S308, receiving the identity authentication result of the user to be authenticated returned by the block link node, and pushing the identity authentication result to the authentication initiator.

Receiving an identity authentication result of the user to be authenticated, which is returned by the block chain nodes in the block chain, and pushing the identity authentication result of the user to be authenticated to the authentication initiator initiating the identity authentication, wherein after the authentication initiator receives the pushed identity authentication result of the user to be authenticated, if the identity authentication result of the user to be authenticated is authentication pass, the following step S310 is executed on the basis that the authentication initiator confirms the identity authentication result;

in addition, if the identity authentication result of the user to be authenticated is that authentication fails, a resistant execution process is entered, and in an optional implementation manner provided by the embodiment of the present application, the resistant execution process is implemented in the following manner:

receiving authentication resistant material submitted by the authentication initiator according to the identity authentication result which fails in the authentication;

sending the authentication resistant material to the block link points;

The provided anti-discrimination mechanism provides a remedial measure under the condition of failed identity authentication, and perfects a processing mechanism under the condition of failed identity authentication, so that the identity authentication process is further perfected, and the user experience can be greatly improved.

Step S310, receiving a confirmation instruction submitted by the authentication initiator aiming at the identity authentication result and sending the confirmation instruction to the block chain node under the condition that the identity authentication result is authenticated.

To sum up, the block chain-based identity authentication method provided by the application utilizes the characteristics of tamper resistance and high security of the block chain, and utilizes the social relationship between the authentication initiator and the user to be authenticated on the basis of identity authentication guarantee of the user to be authenticated by the authentication initiator who has completed identity authentication, and matches with the block chain link point in the block chain to perform identity authentication on the user to be authenticated, so that the quality of the user to be authenticated is ensured, the connection between the user to be authenticated and the user who is the authentication initiator is enhanced, and a safe, convenient and efficient identity authentication mode is provided for the user while low risk and high user experience are considered.

The embodiment of another identity authentication device based on a block chain provided by the application is as follows:

in the foregoing embodiment, another identity authentication method based on a blockchain is provided, and correspondingly, another identity authentication apparatus based on a blockchain is also provided in the present application, which is described below with reference to the accompanying drawings.

Referring to fig. 4, a schematic diagram of another embodiment of the identity authentication apparatus based on a blockchain provided in the present application is shown.

an identity verification module 402 configured to perform identity verification on the authentication initiator;

an identity information receiving module 404 configured to receive, if the identity verification passes, the social relationship with the user to be authenticated and the identity information of the user to be authenticated, which are submitted by the authentication initiator;

an identity authentication request sending module 406, configured to send an identity authentication request containing the social relationship and the identity information of the user to be authenticated to a blockchain node in a blockchain;

an identity authentication result receiving module 408, configured to receive an identity authentication result of the user to be authenticated, which is returned by the blockchain node, and push the identity authentication result to the authentication initiator;

and a confirmation instruction sending module 410 configured to receive a confirmation instruction submitted by the authentication initiator for the identity authentication result and send the confirmation instruction to the blockchain node if the identity authentication result is that the authentication is passed.

the receiving module is configured to receive a secondary identity authentication result of the user to be authenticated, which is returned by the block chain node, and push the secondary identity authentication result to the authentication initiator;

The embodiment of the computing device provided by the application is as follows:

FIG. 5 is a block diagram illustrating a configuration of a computing device 500 according to an embodiment of the present description. The components of the computing device 500 include, but are not limited to, a memory 510 and a processor 520. Processor 520 is coupled to memory 510 via bus 530, and database 550 is used to store data.

Computing device 500 also includes access device 540, access device 540 enabling computing device 500 to communicate via one or more networks 560. Examples of such networks include the Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the internet. The access device 540 may include one or more of any type of network interface, e.g., a Network Interface Card (NIC), wired or wireless, such as an IEEE802.11 Wireless Local Area Network (WLAN) wireless interface, a worldwide interoperability for microwave access (Wi-MAX) interface, an ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a bluetooth interface, a Near Field Communication (NFC) interface, and so forth.

In one embodiment of the present description, the above-described components of computing device 500, as well as other components not shown in FIG. 5, may also be connected to each other, such as by a bus. It should be understood that the block diagram of the computing device architecture shown in FIG. 5 is for purposes of example only and is not limiting as to the scope of the present description. Other components may be added or replaced as desired by those skilled in the art.

Computing device 500 may be any type of stationary or mobile computing device, including a mobile computer or mobile computing device (e.g., tablet, personal digital assistant, laptop, notebook, netbook, etc.), mobile phone (e.g., smartphone), wearable computing device (e.g., smartwatch, smartglasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or PC. Computing device 500 may also be a mobile or stationary server.

The present application provides a computing device comprising a memory 510, a processor 520, and computer instructions stored on the memory and executable on the processor, the processor 520 being configured to execute the following computer-executable instructions at block link points in a block chain:

Another embodiment of a computing device provided by the present application is as follows:

fig. 6 is a block diagram illustrating a configuration of a computing device 600 according to an embodiment of the present description. The components of the computing device 600 include, but are not limited to, a memory 610 and a processor 620. The processor 620 is coupled to the memory 610 via a bus 630 and a database 650 is used to store data.

Computing device 600 also includes access device 640, access device 640 enabling computing device 600 to communicate via one or more networks 660. Examples of such networks include the Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the internet. Access device 640 may include one or more of any type of network interface (e.g., a Network Interface Card (NIC)) whether wired or wireless, such as an IEEE802.11 Wireless Local Area Network (WLAN) wireless interface, a worldwide interoperability for microwave access (Wi-MAX) interface, an ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a bluetooth interface, a Near Field Communication (NFC) interface, and so forth.

In one embodiment of the present description, the above-described components of computing device 600, as well as other components not shown in FIG. 6, may also be connected to each other, such as by a bus. It should be understood that the block diagram of the computing device structure shown in FIG. 6 is for illustration purposes only and is not intended to limit the scope of the present description. Those skilled in the art may add or replace other components as desired.

Computing device 600 may be any type of stationary or mobile computing device, including a mobile computer or mobile computing device (e.g., tablet, personal digital assistant, laptop, notebook, netbook, etc.), mobile phone (e.g., smartphone), wearable computing device (e.g., smartwatch, smartglasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or PC. Computing device 600 may also be a mobile or stationary server.

The present application provides another computing device comprising a memory 610, a processor 620, and computer instructions stored on the memory and executable on the processor, the processor 620 being configured to execute the following computer-executable instructions:

performing identity verification on the authentication initiator;

The embodiment of a computer-readable storage medium provided by the application is as follows:

Another embodiment of a computer-readable storage medium provided by the present application is as follows:

another computer-readable storage medium is provided that stores computer instructions that, when executed by a processor, perform the steps of the blockchain-based identity authentication method.

The above is an illustrative scheme of a computer-readable storage medium of the present embodiment. It should be noted that the technical solution of the storage medium belongs to the same concept as the technical solution of the identity authentication method based on the block chain, and details of the technical solution of the storage medium, which are not described in detail, can be referred to the description of the technical solution of the identity authentication method based on the block chain.

The computer instructions comprise computer program code which may be in the form of source code, object code, an executable file or some intermediate form, or the like. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, read-Only Memory (ROM), random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.

It should be noted that, for the sake of simplicity, the above-mentioned method embodiments are described as a series of acts or combinations, but those skilled in the art should understand that the present application is not limited by the described order of acts, as some steps may be performed in other orders or simultaneously according to the present application. Further, those skilled in the art will appreciate that the embodiments described in this specification are presently considered to be preferred embodiments and that acts and modules are not required in the present application.

In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

The preferred embodiments of the present application disclosed above are intended only to aid in the explanation of the application. Alternative embodiments are not exhaustive and do not limit the invention to the precise embodiments described. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the application and the practical application, to thereby enable others skilled in the art to best understand and utilize the application. The application is limited only by the claims and their full scope and equivalents.

Claims

1. An identity authentication method based on a block chain is applied to block chain link points in the block chain, and comprises the following steps:

verifying the social relationship between the block link point and the user to be authenticated by calling the intelligent contract deployed by the block link point and utilizing the historical interaction data of the authentication initiator and the user to be authenticated, and performing identity authentication on the user to be authenticated contained in the identity authentication request under the condition that the verification is passed;

2. The blockchain-based identity authentication method according to claim 1, wherein before the step of receiving the identity authentication request sent by the authentication server is executed, the method includes:

writing the identity authentication clauses which are confirmed by the block link points and reach consensus into the block chain to serve as the intelligent contract;

3. The method for identity authentication based on block chains according to claim 1, wherein the method for verifying the social relationship between the authentication initiator and the user to be authenticated by using historical interaction data of the authentication initiator and the user to be authenticated by invoking an intelligent contract deployed on the block chain nodes, and if the verification is passed, authenticating the user to be authenticated contained in the identity authentication request comprises:

4. The identity authentication method based on the blockchain according to claim 1, after the steps of obtaining the identity authentication result of the intelligent contract on the user to be authenticated and returning the identity authentication result to the authentication server are executed, the method comprises:

5. An identity authentication device based on a block chain, which operates at block chain link points in the block chain, comprises:

the identity authentication request receiving module is configured to receive an identity authentication request sent by an authentication server; the identity authentication request comprises the social relationship between an authentication initiator and a user to be authenticated and the identity information of the user to be authenticated;

the identity authentication module is configured to verify the social relationship between the block link point and the user to be authenticated by using historical interaction data of an authentication initiator and the user to be authenticated through calling the intelligent contract deployed by the block link point, and perform identity authentication on the user to be authenticated contained in the identity authentication request under the condition that the verification is passed;

6. The blockchain-based identity authentication device of claim 5, further comprising:

7. The blockchain-based identity authentication device according to claim 5, wherein the intelligent contract performs identity authentication on the user to be authenticated by operating the following sub-modules:

8. The blockchain-based identity authentication device of claim 5, further comprising:

9. An identity authentication method based on a block chain comprises the following steps:

performing identity verification on the authentication initiator;

receiving an identity authentication result of the user to be authenticated, which is returned by the block link node, and pushing the identity authentication result to the authentication initiator, wherein the block link node verifies the social relationship between the block link node and the user to be authenticated by using historical interaction data of the authentication initiator and the user to be authenticated by calling an intelligent contract deployed by the block link node, and performs identity authentication on the user to be authenticated, which is contained in the identity authentication request, under the condition that the verification is passed, so as to obtain an identity authentication result;

10. The identity authentication method based on the blockchain according to claim 9, before the step of performing the identity verification on the authentication initiator is performed, comprising:

and submitting identity authentication terms to the blockchain node.

11. The identity authentication method based on the blockchain according to claim 9, after the step of receiving the identity authentication result of the user to be authenticated, which is returned by the blockchain node, and pushing the identity authentication result to the authentication initiator is executed, the method includes:

sending the authentication resistant material to the block link points;

receiving a secondary identity authentication result of the user to be authenticated, which is returned by the block link node, and pushing the secondary identity authentication result to the authentication initiator;

12. An identity authentication device based on a blockchain, comprising:

an identity authentication result receiving module configured to receive an identity authentication result of the user to be authenticated, which is returned by the block chain node, and push the identity authentication result to the authentication initiator, wherein the block chain node verifies a social relationship between the block chain node and the user to be authenticated by using historical interaction data of the authentication initiator and the user to be authenticated by calling an intelligent contract deployed by the block chain node, and performs identity authentication on the user to be authenticated included in the identity authentication request to obtain an identity authentication result when the verification passes;

13. The blockchain-based identity authentication device of claim 12, further comprising:

14. The blockchain-based identity authentication device of claim 12, further comprising:

the authentication and anti-dialectic material receiving module is configured to receive the authentication and anti-dialectic material submitted by the authentication initiator aiming at the identity authentication result which is not passed under the condition that the identity authentication result is not passed;

15. A computing device, comprising:

a memory and a processor;

16. A computing device, comprising:

a memory and a processor;

performing identity verification on the authentication initiator;

receiving an identity authentication result of the user to be authenticated, which is returned by the block link node, and pushing the identity authentication result to the authentication initiator, wherein the block link node verifies the social relationship between the block link node and the user to be authenticated by using historical interaction data of the authentication initiator and the user to be authenticated by calling an intelligent contract deployed by the block link node, and performs identity authentication on the user to be authenticated, which is contained in the identity authentication request, under the condition that the social relationship passes the verification, so as to obtain an identity authentication result;

17. A computer readable storage medium storing computer instructions which, when executed by a processor, implement the steps of the blockchain based identity authentication method of any one of claims 1 to 4.

18. A computer readable storage medium storing computer instructions which, when executed by a processor, carry out the steps of the blockchain based identity authentication method of any one of claims 9 to 11.