[go: up one dir, main page]

CN113315639A - Identity authentication system and method - Google Patents

Identity authentication system and method Download PDF

Info

Publication number
CN113315639A
CN113315639A CN202110760327.9A CN202110760327A CN113315639A CN 113315639 A CN113315639 A CN 113315639A CN 202110760327 A CN202110760327 A CN 202110760327A CN 113315639 A CN113315639 A CN 113315639A
Authority
CN
China
Prior art keywords
fingerprint
identification code
personal identification
upper computer
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110760327.9A
Other languages
Chinese (zh)
Inventor
李晓风
许金林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Zhongke Lattice Technology Co ltd
Original Assignee
Anhui Zhongke Lattice Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Zhongke Lattice Technology Co ltd filed Critical Anhui Zhongke Lattice Technology Co ltd
Priority to CN202110760327.9A priority Critical patent/CN113315639A/en
Publication of CN113315639A publication Critical patent/CN113315639A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Collating Specific Patterns (AREA)

Abstract

The invention belongs to the technical field of block chains, and discloses an identity authentication system and method. The system has the advantages that through fingerprint and personal identification code dual identity authentication, after fingerprint identification is added, the whole equipment is safer in the application process, when the personal identification code is stolen by a person, the information of the fingerprint cannot be input, and no influence is caused, so that the use safety of the equipment is improved. The use of the block chain identity authenticator can solve the authenticity and non-repudiation of some file signatures on the network and ensure more convenient application.

Description

Identity authentication system and method
Technical Field
The invention relates to the technical field of block chains, in particular to an identity authentication system and method.
Background
At present, a hardware wallet is mainly used on a block chain, and a PIN is mainly used as a unique identity authentication means in the hardware wallet, so that a series of problems caused by loss of the PIN easily occur in the use process, and data security accidents are easily caused after the PIN is stolen by people.
The above is only for the purpose of assisting understanding of the technical aspects of the present invention, and does not represent an admission that the above is prior art.
Disclosure of Invention
The invention mainly aims to provide an identity authentication system and method, and aims to solve the technical problem of how to improve the safety during identity authentication in the prior art.
In order to achieve the above object, the present invention provides an identity authentication system, comprising: the system comprises an upper computer and an identity authenticator;
the upper computer is used for acquiring an account address of the identity authenticator and sending a signature page request to the identity authenticator according to the account address;
the identity authenticator is used for receiving the signature page request and sending a signature page instruction to the upper computer according to the signature page request;
the upper computer is further used for receiving the signature page instruction, displaying a signature page, receiving a selection instruction of a user, determining target file data on the signature page according to the selection instruction, displaying a personal identification code verification page on the signature page after receiving the signature instruction of the user on the target file data, receiving a personal identification code input by the user based on the personal identification code verification page, and sending the personal identification code to the identity authenticator;
the identity authenticator is also used for receiving the personal identification code, comparing the personal identification code with a preset personal identification code, prompting the user to perform fingerprint verification through voice after the comparison is passed, signing the target file data by using a private key after the fingerprint verification is passed to obtain signed file data, and sending the signed file data to the upper computer;
the upper computer is further used for receiving the signature file data and uploading the signature file data to a block chain so as to finish identity authentication when the target file data is signed.
Optionally, the identity authenticator is further configured to receive a registration request, determine a registration page instruction according to the registration request, and send the registration page instruction to the upper computer;
the upper computer is also used for receiving the page registration instruction, determining an account address according to the page registration instruction and sending the account address to the identity authenticator;
the identity authenticator is also used for sending a personal identification code setting instruction to the upper computer after receiving the account address;
and the upper computer is also used for acquiring a preset personal identification code input by a user after receiving the personal identification code setting instruction, and sending the preset personal identification code to the identity authentication device so as to complete user identity registration.
Optionally, the upper computer is further configured to receive user information input by a user based on a registration page, and send the user information to the identity authenticator;
the identity authenticator is also used for playing a preset voice prompt after receiving the user information so as to enable the user to perform fingerprint input;
the identity authenticator is also used for generating a public and private key pair after finishing fingerprint input, sending the public key to the upper computer and storing the private key into a chip of the identity authenticator;
and the upper computer is also used for receiving the public key, generating an account address according to the public key and sending the account address to the identity authenticator.
Optionally, the upper computer is further configured to display a personal identification code setting window after receiving a personal identification code setting instruction, so that the user inputs a preset personal identification code;
the upper computer is further used for sending the preset personal identification code and the instruction for generating the mnemonic words to the identity authenticator when the preset personal identification code is received;
and the identity authenticator is also used for generating a mnemonic word according to the command for generating the mnemonic word after receiving the preset personal identification code and the command for generating the mnemonic word, displaying the mnemonic word so as to enable a user to back up the mnemonic word, and clicking a confirmation button when the backup is finished so as to finish the identity registration of the user.
Optionally, the identity authenticator comprises: the system comprises a password comparison module, a fingerprint feature acquisition module, a fingerprint matching module and a data signature module;
the password comparison module is used for receiving the personal identification code and comparing the personal identification code with a preset personal identification code;
the fingerprint feature acquisition module is used for acquiring the fingerprint of the user after the personal identification code passes the comparison with the preset personal identification code, and acquiring the fingerprint feature according to the fingerprint;
the fingerprint matching module is used for matching the fingerprint features with preset fingerprint features;
and the data signature module is used for signing the target file data by using a private key to obtain signature file data after the matching is successful, and sending the signature file data to an upper computer.
Optionally, the fingerprint feature obtaining module includes: the fingerprint acquisition module, the fingerprint preprocessing module and the fingerprint feature extraction module;
the fingerprint acquisition module is used for acquiring a fingerprint image of the user after the personal identification code passes the comparison with a preset personal identification code;
the fingerprint preprocessing module is used for eliminating the noise of the fingerprint image and obtaining a target fingerprint image;
the fingerprint feature extraction module is used for converting the target fingerprint image into a gray-scale fingerprint image, obtaining a fingerprint directional diagram according to the gray-scale fingerprint image, obtaining a fingerprint binary diagram according to the fingerprint directional diagram, and determining fingerprint features according to the fingerprint binary diagram.
Optionally, the fingerprint matching module comprises: the coincidence fingerprint determining module and the matching degree calculating module;
the coincident fingerprint determining module is used for acquiring preset fingerprint characteristics and determining a fingerprint coincident part according to the fingerprint characteristics and the preset fingerprint characteristics;
and the matching degree calculation module is used for determining a similarity matching score according to the fingerprint overlapping part, and if the similarity matching score is greater than a preset threshold value, judging that the fingerprint features are successfully matched with the preset fingerprint features.
Optionally, the identity authenticator is further configured to send a connection request message to the upper computer;
the upper computer is also used for distributing connection resources after receiving the connection request message and sending a first connection confirmation message to the identity authenticator;
and the identity authenticator is also used for distributing connection resources after receiving the first connection confirmation message and sending a second connection confirmation message to the upper computer so as to complete the communication connection between the identity authenticator and the upper computer.
In addition, in order to achieve the above object, the present invention further provides an identity authentication method, which is applied to an identity authentication system, and the system includes: the system comprises an upper computer and an identity authenticator;
the identity authentication method comprises the following steps:
the upper computer acquires an account address of the identity authenticator and sends a signature page request to the identity authenticator according to the account address;
the identity authenticator receives the signature page request and sends a signature page instruction to the upper computer according to the signature page request;
the upper computer receives the signature page instruction and displays a signature page, receives a selection instruction of a user, determines target file data on the signature page according to the selection instruction, displays a personal identification code verification page on the signature page after receiving the signature instruction of the user on the target file data, receives a personal identification code input by the user based on the personal identification code verification page, and sends the personal identification code to the identity authenticator;
the identity authenticator receives the personal identification code, compares the personal identification code with a preset personal identification code, prompts the user to perform fingerprint verification through voice after the comparison is passed, signs the target file data through a private key after the fingerprint verification is passed to obtain signature file data, and sends the signature file data to the upper computer;
and the upper computer receives the signature file data and uploads the signature file data to a block chain so as to finish identity authentication when a private key is used for signing the target file data.
Optionally, before the step of obtaining the account address of the identity authenticator and sending the signature page request to the identity authenticator according to the account address, the upper computer further includes:
the identity authenticator receives a registration request, determines a registration page instruction according to the registration request and sends the registration page instruction to the upper computer;
the upper computer receives the page registration instruction, determines an account address according to the page registration instruction, and sends the account address to the identity authenticator;
after receiving the account address, the identity authenticator sends a personal identification code setting instruction to the upper computer;
and after receiving the personal identification code setting instruction, the upper computer acquires a preset personal identification code input by a user and sends the preset personal identification code to the identity authentication device so as to complete user identity registration.
In the invention, the upper computer is used for acquiring the account address of the identity authenticator and sending a signature page request to the identity authenticator according to the account address; the identity authenticator is used for receiving the signature page request and sending a signature page instruction to the upper computer according to the signature page request; the upper computer is further used for receiving the signature page instruction, displaying the signature page, receiving a selection instruction of a user, determining target file data on the signature page according to the selection instruction, displaying a personal identification code verification page on the signature page after receiving the signature instruction of the user on the target file data, receiving a personal identification code input by the user based on the personal identification code verification page, and sending the personal identification code to the identity authenticator; the identity authenticator is also used for receiving the personal identification code, comparing the personal identification code with a preset personal identification code, prompting the user to perform fingerprint verification through voice after the comparison is passed, signing the target file data by using a private key after the fingerprint verification is passed to obtain signed file data, and sending the signed file data to the upper computer; the upper computer is further used for receiving the signature file data and uploading the signature file data to a block chain so as to finish identity authentication when the target file data is signed. Through above-mentioned mode, use fingerprint and the dual authentication of personal identification code, after having added fingerprint identification, can make whole equipment more safe in application process, but also can not cause any influence when the information of personal identification code stolen back but fingerprint can't be input into, has improved the security of equipment use. The use of the block chain identity authenticator can solve the authenticity and non-repudiation of some file signatures on the network and ensure more convenient application.
Drawings
FIG. 1 is a block diagram of the first, second and fourth embodiments of the identity authentication system of the present invention;
FIG. 2 is a diagram of an identity authenticator according to an embodiment of the present invention;
FIG. 3 is a block diagram of a third embodiment of the identity authentication system of the present invention;
FIG. 4 is a template feature diagram of an embodiment of the identity authentication system and method of the present invention;
fig. 5 is a flowchart illustrating an identity authentication method according to a first embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, fig. 1 is a block diagram illustrating a first embodiment of an identity authentication system according to the present invention. The identity authentication system comprises an upper computer 10 and an identity authenticator 20.
It should be noted that the upper computer 10 may be a computer capable of sending a specific control command, and the command is transmitted to the identity authenticator 20 by operating a preset command, and each operation is completed by the identity authenticator 20.
As shown in fig. 2, the identity authenticator 20 includes: the device comprises a screen display 1, a voice prompt unit 2, a control button 3, a fingerprint identification unit 4 and a serial port communication socket 5. The upper computer 10 and the identity authentication device 20 are connected and communicated through a serial port communication socket, and after the identity authentication device 20 is connected with the upper computer 10, the initialization is firstly carried out, and the communication with the upper computer is established.
Further, the upper computer 10 is configured to obtain an account address of the identity authenticator 20, and send a signature page request to the identity authenticator 20 according to the account address.
It can be understood that, after the upper computer 10 establishes the communication connection with the identity authenticator 20, the account address of the identity authenticator 20 is obtained, and the upper computer 10 first sends a signature page request to the identity authenticator 20 if it needs to access the account address and sign the data selected by the user.
Further, the identity authenticator 20 is configured to receive the signature page request, and send a signature page instruction to the upper computer 10 according to the signature page request.
It should be understood that, after receiving the signature page request, the identity authenticator 20 sends a signature page instruction to the upper computer, and the upper computer 10 receives the signature page instruction to display the signature page on the screen, where the signature page displays data and files to be signed.
Further, the upper computer 10 is further configured to receive the signature page command, display the signature page, receive a selection command of a user, determine target document data on the signature page according to the selection command, display a personal identification code verification page on the signature page after receiving the signature command of the user on the target document data, receive a personal identification code input by the user based on the personal identification code verification page, and send the personal identification code to the identity authenticator 20.
In the specific implementation, the upper computer 10 displays a signature page on a screen, data and files needing to be signed are displayed on the signature page, a user selects the files or the data needing to be signed, a selection instruction is generated when the user performs a selection operation on the upper computer 10, the upper computer 10 determines target file data selected by the user according to the selection instruction, a signature button is arranged on the signature page, the user clicks the signature button to generate a signature instruction, after receiving the signature instruction, the upper computer 10 displays a Personal Identification Number (PIN) verification page on the signature page, the user inputs a Personal Identification Number on the Personal Identification Number verification page, and the Personal Identification Number of the user is sent to the identity authenticator 20.
Further, the identity authenticator 20 is further configured to receive the personal identification code, compare the personal identification code with a preset personal identification code, after the comparison is passed, prompt the user to perform fingerprint verification by voice, sign the target file data by using a private key after the fingerprint verification is passed, obtain signature file data, and send the signature file data to the upper computer 10.
It can be understood that, the personal identification code is compared with the preset personal identification code by the identity authenticator 20, the comparison is wrong, then the personal identification code needs to be input again, after the comparison is passed, the voice prompting unit of the identity authenticator 20 can play voice prompting the user to verify the fingerprint, the fingerprint identification unit collects the fingerprint of the user, according to the fingerprint obtains fingerprint characteristics, the fingerprint characteristics are matched with the preset fingerprint characteristics, after the matching is successful, a popup window on a screen on the identity authenticator 20 jumps out to confirm whether to sign, and after the user presses a confirmation button, the identity authenticator 20 uses a private key to correct the target file data to sign so as to obtain signature file data, and the signature file data is sent to the upper computer 10.
Further, the upper computer 10 is further configured to receive the signature file data, and upload the signature file data to a block chain, so as to complete identity authentication when the target file data is signed.
It can be understood that the signature file data is uploaded to the block chain, so that the characteristics of ' unforgeable ', ' full-course trace ', traceable ', ' transparent disclosure ' and the like of the signature file data can be ensured.
It should be noted that, when the identity authenticator 20 communicates with the upper computer 10, the data to be communicated is encrypted by the key of the AES to obtain a ciphertext, and the ciphertext is transmitted to the upper computer 10 through serial communication. After receiving the ciphertext, the upper computer 10 obtains the plaintext by using the decryption function, and operates according to a corresponding instruction in the plaintext. And the personal identification number at the time of generating the identity account and the entered fingerprint information are stored in the chip of the identity authenticator 20 by encryption which needs to be performed by AES. The identity authenticator 20 adopts STM32L5 series chip, and TrustZone is integrated in the chip, so that the security information can be effectively isolated. The obtained communication data is processed and analyzed correspondingly, the processed data is displayed on a screen or a required communication result is transmitted to the upper computer 10, and the upper computer 10 processes and analyzes the data.
In this embodiment, the upper computer is configured to obtain an account address of the identity authenticator, and send a signature page request to the identity authenticator according to the account address; the identity authenticator is used for receiving the signature page request and sending a signature page instruction to the upper computer according to the signature page request; the upper computer is further used for receiving the signature page instruction, displaying the signature page, receiving a selection instruction of a user, determining target file data on the signature page according to the selection instruction, displaying a personal identification code verification page on the signature page after receiving the signature instruction of the user on the target file data, receiving a personal identification code input by the user based on the personal identification code verification page, and sending the personal identification code to the identity authenticator; the identity authenticator is also used for receiving the personal identification code, comparing the personal identification code with a preset personal identification code, prompting the user to perform fingerprint verification through voice after the comparison is passed, signing the target file data by using a private key after the fingerprint verification is passed to obtain signed file data, and sending the signed file data to the upper computer; the upper computer is further used for receiving the signature file data and uploading the signature file data to a block chain so as to finish identity authentication when the target file data is signed. Through above-mentioned mode, use fingerprint and the dual authentication of personal identification code, after having added fingerprint identification, can make whole equipment more safe in application process, but also can not cause any influence when the information of personal identification code stolen back but fingerprint can't be input into, has improved the security of equipment use. The use of the block chain identity authenticator can solve the authenticity and non-repudiation of some file signatures on the network and ensure more convenient application.
Referring to fig. 1, fig. 1 is a block diagram illustrating an identity authentication system according to a second embodiment of the present invention.
Further, the identity authenticator 20 is further configured to receive a registration request, determine a registration page instruction according to the registration request, and send the registration page instruction to the upper computer 10.
It should be noted that the user needs to perform identity registration before the document is signed by the identity authenticator 20. When the identity authenticator 20 is first accessed to the upper computer 10, the upper computer 10 sends a registration request to the identity authenticator 20, and after receiving the registration request, the identity authenticator 20 sends a registration page instruction to the upper computer 10. Or when the identity authenticator 20 is registered but is accessed to the upper computer 10 for the first time, the identity authenticator 20 directly sends the registered information to the upper computer 10.
Further, the upper computer 10 is further configured to receive the page registration instruction, determine an account address according to the page registration instruction, and send the account address to the identity authenticator 20.
In a specific implementation, the upper computer 10 is further configured to receive user information input by a user based on a registration page, and send the user information to the identity authenticator 20; the identity authenticator 20 is further configured to play a preset voice prompt after receiving the user information, so that the user performs fingerprint input; the identity authenticator 20 is further configured to generate a public and private key pair after completing fingerprint entry, and send the public key to the upper computer 10, and store the private key in a chip of the identity authenticator 20; the upper computer 10 is further configured to receive the public key, generate an account address according to the public key, and send the account address to the identity authenticator 20.
After receiving the register page command, the upper computer 10 displays the register page on the screen, and prompts the user to enter user information on the register page, where the user information includes information such as a name. After the user inputs, after clicking a confirmation button on the registration page, the upper computer 10 sends the user information to the identity authenticator 20, after the identity authenticator 20 receives the user information, the voice prompt unit on the identity authenticator 20 reminds the user of performing fingerprint input on the fingerprint identification unit on the identity authenticator 20, in the input process, voice prompt is performed on input success or input failure, and the display screen on the identity authenticator 20 also performs corresponding display.
It should be understood that, when the fingerprint entry is successful, the identity authenticator 20 generates a public key and sends the public key to the upper computer 10, and after receiving the public key, the upper computer 10 generates an account address of the identity authenticator 20 according to the public key and sends the account address to the identity authenticator 20 for storage.
Further, the identity authenticator 20 is further configured to send a personal identification code setting instruction to the upper computer 10 after receiving the account address.
It should be noted that, in order to ensure the security of the account of the user, a personal identification code needs to be set, and the identity authenticator 20 sends a personal identification code instruction to the upper computer 10.
Further, the upper computer 10 is further configured to obtain a preset personal identification code input by the user after receiving the personal identification code setting instruction, and send the preset personal identification code to the identity authenticator 20, so as to complete user identity registration.
In a specific implementation, the upper computer 10 is further configured to display a personal identification code setting window after receiving a personal identification code setting instruction, so that the user inputs a preset personal identification code; the upper computer 10 is further configured to send the preset personal identification code and the instruction for generating the mnemonic word to the identity authenticator 20 when receiving the preset personal identification code; the identity authenticator 20 is further configured to generate a mnemonic word according to the instruction for generating a mnemonic word after receiving the preset personal identification code and the instruction for generating a mnemonic word, and display the mnemonic word so that the user backs up the mnemonic word, and clicks a confirmation button when the backup is completed so as to complete the user identity registration.
It can be understood that, after receiving the personal identification code setting instruction, the upper computer 10 displays a personal identification code setting window on the registration page, the user is prompted to input a preset personal identification code on the personal identification code setting window, after the input is completed, the user clicks the confirmation button, the upper computer 10 sends the personal identification code to the identity authenticator 20, the upper computer 10 also sends a generated mnemonic word instruction to the identity authenticator 20, the identity authenticator 20 generates a mnemonic word according to the generated mnemonic word instruction, and displays the mnemonic word on the screen, and the mnemonic word is used for helping the user to recover the account.
It should be understood that, after the user confirms the mnemonic words displayed on the identity authenticator 20, the identity authenticator 20 prompts the user to backup the mnemonic words, thereby completing the identity registration process of the whole user.
Referring to fig. 3, fig. 3 is a block diagram of an identity authentication system according to a third embodiment of the present invention. The identity authenticator 20 includes: the system comprises a password comparison module 21, a fingerprint feature acquisition module 22, a fingerprint matching module 23 and a data signature module 24.
Further, the password comparing module 21 is configured to receive the personal identification code, and compare the personal identification code with a preset personal identification code.
It should be understood that when a user desires to sign selected target document data, the personal identification code is first verified. The password comparison module 21 compares the personal identification code input by the user with a preset personal identification code set when the user registers.
Further, the fingerprint feature obtaining module 22 is configured to collect the fingerprint of the user after the personal identification code passes comparison with a preset personal identification code, and obtain a fingerprint feature according to the fingerprint.
In a specific implementation, the fingerprint feature obtaining module 22 includes: a fingerprint acquisition module 221, a fingerprint preprocessing module 222 and a fingerprint feature extraction module 223; the fingerprint acquisition module 221 is configured to acquire a fingerprint image of the user after the personal identification code passes comparison with a preset personal identification code; the fingerprint preprocessing module 222 is configured to eliminate noise of the fingerprint image to obtain a target fingerprint image; the fingerprint feature extraction module 223 is configured to convert the target fingerprint image into a grayscale fingerprint image, obtain a fingerprint directional diagram according to the grayscale fingerprint image, obtain a fingerprint binary diagram according to the fingerprint directional diagram, and determine a fingerprint feature according to the fingerprint binary diagram.
It should be noted that, after the personal identification code input by the user is compared with the preset personal identification code, the identity authenticator 20 prompts the user to input a fingerprint, the fingerprint image of the user is collected by the fingerprint collecting module 221, the fingerprint collecting module 221 is a semiconductor fingerprint sensor, the fingerprint preprocessing module 222 eliminates noise in the existing fingerprint image, converts the collected fingerprint image into a clear fingerprint image, i.e. a target fingerprint image, and recovers the ridge line structure of the fingerprint, so that the correct fingerprint feature can be extracted subsequently and reliably.
It can be understood that the fingerprint feature extraction module 223 obtains some feature points that are distinguishable, stable, and can show different fingerprint differences from a target fingerprint image containing a large amount of information. The fingerprint feature extraction steps are as follows:
(1) and converting the target fingerprint image into a gray-scale fingerprint image.
(2) And acquiring a fingerprint directional diagram from the gray-scale fingerprint image, wherein the fingerprint directional diagram comprises a direction field and a frequency field so as to reflect the texture structure of the fingerprint.
(3) And enhancing the fingerprint directional diagram, and obtaining a binary image of the fingerprint, namely a fingerprint binary image, in the enhanced image through binarization operation and ridge line tracking.
(4) And extracting and obtaining a tip point and a bifurcation point from the fingerprint binary image as minutiae points to be matched.
And a minutiae 8 domain template feature extraction algorithm is used. And (3) taking the ridge line as the width of a single pixel in the fingerprint thinning map, constructing a template of pixels 3 x 3 in the fingerprint thinning map, and forming a window of 3 x 3 by taking each pixel point with the value of 1 as the center. The domain structure around all normal ridges, bifurcations and end points is found according to the template features of fig. 4.
According to the characteristics of the three templates in fig. 4, the gray value sequence change times cn (p) are obtained in the established characteristic template, so as to determine the type of the central pixel point. The formula of judgment is as follows:
Figure BDA0003148050760000111
Figure BDA0003148050760000112
wherein, P9 in the formula one is P1, and P is a pixel point to be detected; i is the number of pixel points; pi is the field of P; in the second formula, sn (p) is the number of pixels of 1 in 8-domain pixels; cn (p) is the number of times that the gray scale value of the adjacent pixel of the 8 domain pixels changes from 0 to 1 or from 1 to 0.
For the pixel on the back ridge, the state of the pixel to be measured P can be determined according to Cn (P) and Sn (P), and the values of Cn (P) and Sn (P) are only the following 3 cases:
(1) point P is a point on the ridge line, and cn (P) is 2, sn (P) is 1, then P is the tip point.
(2) Point P is a point on the ridge line, and cn (P) is 6, sn (P) is 3, then P is a bifurcation point.
(3) Point P is a point on the ridge line, and cn (P) is 4, sn (P) is 2,3, or 4, then P is a continuous point on the ridge line, i.e., P is not a feature point.
Through the fingerprint feature extraction algorithm, the tip points and the bifurcation points are respectively recorded, and the pseudo feature points are removed, so that the feature points, namely the fingerprint features, required in the matching process are extracted.
Further, the fingerprint matching module 23 is configured to match the fingerprint features with preset fingerprint features.
In a specific implementation, the fingerprint matching module 23 includes: a coincidence fingerprint determination module 231 and a matching degree calculation module 232; the overlapped fingerprint determining module 231 is configured to obtain a preset fingerprint feature, and determine a fingerprint overlapped portion according to the fingerprint feature and the preset fingerprint feature; the matching degree calculating module 232 is configured to determine a similarity matching score according to the fingerprint overlapping portion, and if the similarity matching score is greater than a preset threshold, determine that the fingerprint feature is successfully matched with the preset fingerprint feature.
It should be noted that the fingerprint characteristics (i.e. the preset fingerprint characteristics) of the previously recorded fingerprint are compared with the fingerprint characteristics of the input fingerprint. And the degree of similarity or correspondence of the two fingerprint images depends on the similarity matching scores of the two fingerprint images calculated by extracting the features, namely, the threshold set by the minutiae data is found in the range of the overlapping area. If the matching score of the two is larger than the preset threshold value of the system, matching; and if the matching score is smaller than the preset threshold value of the system, the matching score is not matched.
Referring to fig. 1, fig. 1 is a block diagram illustrating a fourth embodiment of an identity authentication system according to the present invention. The identity authenticator 20 is further configured to send a connection request message to the upper computer 10.
It should be noted that, when the identity authenticator 20 needs to establish communication with the upper computer 10, the identity authenticator 20 first sends a connection request message to the upper computer 10.
Further, the upper computer 10 is further configured to allocate connection resources after receiving the connection request message, and send a first connection confirmation message to the identity authenticator 20.
The identity authenticator 20 is further configured to allocate connection resources after receiving the first connection confirmation message, and send a second connection confirmation message to the upper computer 10, so as to complete communication connection between the identity authenticator 20 and the upper computer 10.
It should be noted that, the communication connection is established between the identity authenticator 20 and the upper computer 10 through the handshake protocol, when the identity authenticator 20 sends the handshake protocol for more than 3 times and the upper computer 10 does not respond, the reinsertion is prompted on the screen of the identity authenticator 20, and the user can disconnect the connection line between the identity authenticator 20 and the upper computer 10 and then reinsert.
An embodiment of the present invention provides an identity authentication method, and referring to fig. 5, fig. 5 is a schematic flow chart of a first embodiment of an identity authentication method according to the present invention.
In this embodiment, the identity authentication method is applied to an identity authentication system, and the system includes: the system comprises an upper computer and an identity authenticator; the identity authentication method comprises the following steps:
step S10: and the upper computer acquires the account address of the identity authenticator and sends a signature page request to the identity authenticator according to the account address.
It should be noted that the upper computer may be a computer capable of sending a specific control command, and the command is transmitted to the identity authenticator by operating a preset command, and each operation is completed by the identity authenticator.
As shown in fig. 2, the identity authenticator includes: the device comprises a screen display, a voice prompt unit, two control buttons, a fingerprint identification unit and a serial port communication socket. The upper computer and the identity authentication device are connected and communicated through a serial port communication socket, and after the identity authentication device is connected with the upper computer, the identity authentication device is initialized firstly and is communicated with the upper computer.
It can be understood that after the upper computer establishes communication connection with the identity authenticator, the account address of the identity authenticator is obtained, and if the upper computer needs to access the account address and sign data selected by a user, a signature page request is sent to the identity authenticator.
Step S20: and the identity authenticator receives the signature page request and sends a signature page instruction to the upper computer according to the signature page request.
It should be understood that after the identity authenticator receives the signature page request, the identity authenticator sends a signature page instruction to the upper computer, the upper computer receives the signature page instruction and displays the signature page on the screen, and data and files needing to be signed are displayed on the signature page.
Step S30: the upper computer receives the signature page command and displays the signature page, receives a selection command of a user, determines target file data on the signature page according to the selection command, displays a personal identification code verification page on the signature page after receiving the signature command of the user on the target file data, receives a personal identification code input by the user based on the personal identification code verification page, and sends the personal identification code to the identity authenticator.
In the specific implementation, a signature page is displayed on a screen by an upper computer, data and files needing to be signed are displayed on the signature page, a user selects the files or the data needing to be signed, a selection instruction is generated when the user performs selection operation on the upper computer, the upper computer determines target file data selected by the user according to the selection instruction, a signature button is arranged on the signature page, the user clicks the signature button to generate a signature instruction, after receiving the signature instruction, a Personal Identification Number (PIN) verification page can be displayed on the signature page, the user inputs the Personal Identification Number on the Personal Identification Number verification page, and the Personal Identification Number of the user is sent to an identity authenticator.
Step S40: the identity authentication device receives the personal identification code, compares the personal identification code with a preset personal identification code, prompts the user to carry out fingerprint verification after the comparison is passed, signs the target file data by using a private key after the fingerprint verification is passed, obtains signature file data, and sends the signature file data to the upper computer.
It can be understood that, the personal identification code is compared with the preset personal identification code by the identity authentication device, the personal identification code is compared wrongly, then the personal identification code needs to be input again, after the comparison is passed, the voice prompting unit of the identity authentication device can play the voice prompting the user to verify the fingerprint, the fingerprint identification unit collects the fingerprint of the user, according to the fingerprint obtains the fingerprint characteristic, will the fingerprint characteristic is matched with the preset fingerprint characteristic, after the matching is successful, the popup window on the screen on the identity authentication device is popped out to confirm whether to sign, and after the user presses the confirmation button, the identity authentication device uses the private key to be right thereby the target file data is signed to obtain the signature file data, and will the signature file data is sent to the upper computer.
Step S50: and the upper computer receives the signature file data and uploads the signature file data to a block chain so as to finish identity authentication when a private key is used for signing the target file data.
When the identity authenticator communicates with the upper computer, the data to be communicated is encrypted by the key of the AES to obtain a ciphertext, and the ciphertext is transmitted to the upper computer through serial communication. And after receiving the ciphertext, the upper computer obtains a plaintext by using a decryption function, and operates according to a corresponding instruction in the plaintext. And the personal identification code when the identity account is generated and the input fingerprint information are stored in the identity authentication chip through AES encryption. The identity authentication device adopts STM32L5 series chips, and TrustZone is integrated in the chips, so that the security information can be effectively isolated. And correspondingly processing and analyzing the obtained communication data, displaying the processed data on a screen or transmitting a required communication result to an upper computer, and processing and analyzing by the upper computer.
Further, before step S10, the method further includes: the identity authenticator receives a registration request, determines a registration page instruction according to the registration request and sends the registration page instruction to the upper computer; the upper computer receives the page registration instruction, determines an account address according to the page registration instruction, and sends the account address to the identity authenticator; after receiving the account address, the identity authenticator sends a personal identification code setting instruction to the upper computer; and after receiving the personal identification code setting instruction, the upper computer acquires a preset personal identification code input by a user and sends the preset personal identification code to the identity authentication device so as to complete user identity registration.
It should be noted that, before the document is signed by the identity authenticator, the user needs to perform identity registration. When the identity authenticator is accessed to the upper computer for the first time, the upper computer sends a registration request to the identity authenticator, and after the identity authenticator receives the registration request, a registration page instruction is sent to the upper computer. Or when the identity authenticator is registered but is accessed to the upper computer for the first time, the identity authenticator directly sends the registered information to the upper computer.
In a specific implementation, the upper computer is further configured to receive user information input by a user based on a registration page, and send the user information to the identity authenticator; the identity authenticator is also used for playing a preset voice prompt after receiving the user information so as to enable the user to perform fingerprint input; the identity authenticator is also used for generating a public and private key pair after finishing fingerprint input and sending the public key to the upper computer, and the private key is stored in a chip of the identity authenticator; and the upper computer is also used for receiving the public key, generating an account address according to the public key and sending the account address to the identity authenticator.
It should be noted that, after receiving the instruction of the registration page, the upper computer displays the registration page on the screen, and prompts the user to enter user information on the registration page, where the user information includes information such as a name. After the user inputs, after a confirming button on a registration page is clicked, the upper computer sends the user information to the identity authentication device, after the identity authentication device receives the user information, the voice prompt unit on the identity authentication device can remind the user of carrying out fingerprint input on the fingerprint identification unit on the identity authentication device, in the input process, voice prompt is carried out on input success or input failure, and a display screen on the identity authentication device can also carry out corresponding display.
It should be understood that, after the fingerprint is successfully recorded, the identity authenticator generates a public and private key pair and sends the public key to the upper computer, and after the upper computer receives the public key, the upper computer generates an account address of the identity authenticator according to the public key and sends the account address to the identity authenticator for storage.
It should be noted that, in order to ensure the security of the account of the user, a personal identification code needs to be set, and the identity authenticator sends a personal identification code instruction to the upper computer.
In a specific implementation, after receiving a personal identification code setting instruction, the upper computer displays a personal identification code setting window so that the user inputs a preset personal identification code; when the upper computer receives the preset personal identification code, the upper computer sends the preset personal identification code and the instruction for generating the mnemonic words to the identity authenticator; after receiving the preset personal identification code and the command for generating the mnemonic words, the identity authentication device generates the mnemonic words according to the command for generating the mnemonic words and displays the mnemonic words so that the user can back up the mnemonic words, and clicks a confirmation button when the backup is finished so as to finish the identity registration of the user.
It can be understood that after receiving the personal identification code setting instruction, the upper computer displays a personal identification code setting window on the registration page, the personal identification code setting window can prompt a user to input a preset personal identification code, after the input is completed, the user clicks the confirmation button, the upper computer sends the personal identification code to the identity authentication device, the upper computer can also send a word-aid instruction to the identity authentication device, the identity authentication device generates a word-aid according to the word-aid instruction, and displays the word-aid on the screen, and the word-aid is used for helping the user to restore the account.
It should be understood that, after the user confirms the mnemonic words displayed on the identity authenticator, the identity authenticator reminds the user to back up the mnemonic words, thereby completing the identity registration process of the whole user.
In this embodiment, the upper computer obtains an account address of the identity authenticator, and sends a signature page request to the identity authenticator according to the account address; the identity authenticator receives the signature page request and sends a signature page instruction to the upper computer according to the signature page request; the upper computer receives the signature page instruction and displays the signature page, receives a selection instruction of a user, determines target file data on the signature page according to the selection instruction, displays a personal identification code verification page on the signature page after receiving the signature instruction of the user on the target file data, receives a personal identification code input by the user based on the personal identification code verification page, and sends the personal identification code to the identity authenticator; comparing the personal identification code with a preset personal identification code, after the comparison is passed, prompting the user to perform fingerprint verification through voice, signing the target file data by using a private key after the fingerprint verification is passed to obtain signed file data, and sending the signed file data to the upper computer; and the upper computer receives the signature file data and uploads the signature file data to a block chain so as to finish identity authentication when the target file data is signed. Through above-mentioned mode, use fingerprint and the dual authentication of personal identification code, after having added fingerprint identification, can make whole equipment more safe in application process, but also can not cause any influence when the information of personal identification code stolen back but fingerprint can't be input into, has improved the security of equipment use. The use of the block chain identity authenticator can solve the authenticity and non-repudiation of some file signatures on the network and ensure more convenient application.
Further, it is to be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention or portions thereof that contribute to the prior art may be embodied in the form of a software product, where the computer software product is stored in a storage medium (e.g. Read Only Memory (ROM)/RAM, magnetic disk, optical disk), and includes several instructions for enabling a terminal device (e.g. a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. An identity authentication system, comprising: the system comprises an upper computer and an identity authenticator;
the upper computer is used for acquiring an account address of the identity authenticator and sending a signature page request to the identity authenticator according to the account address;
the identity authenticator is used for receiving the signature page request and sending a signature page instruction to the upper computer according to the signature page request;
the upper computer is further used for receiving the signature page instruction, displaying a signature page, receiving a selection instruction of a user, determining target file data on the signature page according to the selection instruction, displaying a personal identification code verification page on the signature page after receiving the signature instruction of the user on the target file data, receiving a personal identification code input by the user based on the personal identification code verification page, and sending the personal identification code to the identity authenticator;
the identity authenticator is also used for receiving the personal identification code, comparing the personal identification code with a preset personal identification code, prompting the user to perform fingerprint verification through voice after the comparison is passed, signing the target file data by using a private key after the fingerprint verification is passed to obtain signed file data, and sending the signed file data to the upper computer;
the upper computer is further used for receiving the signature file data and uploading the signature file data to a block chain so as to finish identity authentication when the target file data is signed.
2. The identity authentication system of claim 1, wherein the identity authenticator is further configured to receive a registration request, determine a registration page command according to the registration request, and send the registration page command to the host computer;
the upper computer is also used for receiving the page registration instruction, determining an account address according to the page registration instruction and sending the account address to the identity authenticator;
the identity authenticator is also used for sending a personal identification code setting instruction to the upper computer after receiving the account address;
and the upper computer is also used for acquiring a preset personal identification code input by a user after receiving the personal identification code setting instruction, and sending the preset personal identification code to the identity authentication device so as to complete user identity registration.
3. The identity authentication system of claim 2, wherein the upper computer is further configured to receive user information input by a user based on a registration page, and send the user information to the identity authenticator;
the identity authenticator is also used for playing a preset voice prompt after receiving the user information so as to enable the user to perform fingerprint input;
the identity authenticator is also used for generating a public and private key pair after finishing fingerprint input, sending a public key to the upper computer and storing the private key into a chip of the identity authenticator;
and the upper computer is also used for receiving the public key, generating an account address according to the public key and sending the account address to the identity authenticator.
4. The identity authentication system of claim 2, wherein the upper computer is further configured to display a personal identification code setting window after receiving a personal identification code setting instruction, so that the user inputs a preset personal identification code;
the upper computer is further used for sending the preset personal identification code and the instruction for generating the mnemonic words to the identity authenticator when the preset personal identification code is received;
and the identity authenticator is also used for generating a mnemonic word according to the command for generating the mnemonic word after receiving the preset personal identification code and the command for generating the mnemonic word, displaying the mnemonic word so as to enable a user to back up the mnemonic word, and clicking a confirmation button when the backup is finished so as to finish the identity registration of the user.
5. The identity authentication system of claim 1, wherein the identity authenticator comprises: the system comprises a password comparison module, a fingerprint feature acquisition module, a fingerprint matching module and a data signature module;
the password comparison module is used for receiving the personal identification code and comparing the personal identification code with a preset personal identification code;
the fingerprint feature acquisition module is used for acquiring the fingerprint of the user after the personal identification code passes the comparison with the preset personal identification code, and acquiring the fingerprint feature according to the fingerprint;
the fingerprint matching module is used for matching the fingerprint features with preset fingerprint features;
and the data signature module is used for signing the target file data by using a private key to obtain signature file data after the matching is successful, and sending the signature file data to an upper computer.
6. The identity authentication system of claim 5, wherein the fingerprint feature acquisition module comprises: the fingerprint acquisition module, the fingerprint preprocessing module and the fingerprint feature extraction module;
the fingerprint acquisition module is used for acquiring a fingerprint image of the user after the personal identification code passes the comparison with a preset personal identification code;
the fingerprint preprocessing module is used for eliminating the noise of the fingerprint image and obtaining a target fingerprint image;
the fingerprint feature extraction module is used for converting the target fingerprint image into a gray-scale fingerprint image, obtaining a fingerprint directional diagram according to the gray-scale fingerprint image, obtaining a fingerprint binary diagram according to the fingerprint directional diagram, and determining fingerprint features according to the fingerprint binary diagram.
7. The identity authentication system of claim 5, wherein the fingerprint matching module comprises: the coincidence fingerprint determining module and the matching degree calculating module;
the coincident fingerprint determining module is used for acquiring preset fingerprint characteristics and determining a fingerprint coincident part according to the fingerprint characteristics and the preset fingerprint characteristics;
and the matching degree calculation module is used for determining a similarity matching score according to the fingerprint overlapping part, and if the similarity matching score is greater than a preset threshold value, judging that the fingerprint features are successfully matched with the preset fingerprint features.
8. The identity authentication system of any one of claims 1-7, wherein the identity authenticator is further configured to send a connection request message to the upper computer;
the upper computer is also used for distributing connection resources after receiving the connection request message and sending a first connection confirmation message to the identity authenticator;
and the identity authenticator is also used for distributing connection resources after receiving the first connection confirmation message and sending a second connection confirmation message to the upper computer so as to complete the communication connection between the identity authenticator and the upper computer.
9. An identity authentication method, wherein the identity authentication method is applied to an identity authentication system, and the system comprises: the system comprises an upper computer and an identity authenticator;
the identity authentication method comprises the following steps:
the upper computer acquires an account address of the identity authenticator and sends a signature page request to the identity authenticator according to the account address;
the identity authenticator receives the signature page request and sends a signature page instruction to the upper computer according to the signature page request;
the upper computer receives the signature page instruction and displays the signature page, receives a selection instruction of a user, determines target file data on the signature page according to the selection instruction, displays a personal identification code verification page on the signature page after receiving the signature instruction of the user on the target file data, receives a personal identification code input by the user based on the personal identification code verification page, and sends the personal identification code to the identity authenticator;
the identity authenticator receives the personal identification code, compares the personal identification code with a preset personal identification code, prompts the user to perform fingerprint verification through voice after the comparison is passed, signs the target file data through a private key after the fingerprint verification is passed to obtain signature file data, and sends the signature file data to the upper computer;
and the upper computer receives the signature file data and uploads the signature file data to a block chain so as to finish identity authentication when a private key is used for signing the target file data.
10. The method of claim 9, wherein before the step of the host computer obtaining an account address of the identity authenticator and sending a signature page request to the identity authenticator based on the account address, the method further comprises:
the identity authenticator receives a registration request, determines a registration page instruction according to the registration request and sends the registration page instruction to the upper computer;
the upper computer receives the page registration instruction, determines an account address according to the page registration instruction, and sends the account address to the identity authenticator;
after receiving the account address, the identity authenticator sends a personal identification code setting instruction to the upper computer;
and after receiving the personal identification code setting instruction, the upper computer acquires a preset personal identification code input by a user and sends the preset personal identification code to the identity authentication device so as to complete user identity registration.
CN202110760327.9A 2021-07-05 2021-07-05 Identity authentication system and method Pending CN113315639A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110760327.9A CN113315639A (en) 2021-07-05 2021-07-05 Identity authentication system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110760327.9A CN113315639A (en) 2021-07-05 2021-07-05 Identity authentication system and method

Publications (1)

Publication Number Publication Date
CN113315639A true CN113315639A (en) 2021-08-27

Family

ID=77381866

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110760327.9A Pending CN113315639A (en) 2021-07-05 2021-07-05 Identity authentication system and method

Country Status (1)

Country Link
CN (1) CN113315639A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113794953A (en) * 2021-09-14 2021-12-14 蚌埠凯盛工程技术有限公司 Quartz ore remote data monitoring wireless alarm system based on 5G network
CN117715031A (en) * 2023-05-29 2024-03-15 荣耀终端有限公司 A method and electronic device for protecting fingerprint information

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101350723A (en) * 2008-06-20 2009-01-21 北京天威诚信电子商务服务有限公司 USB Key equipment and method for implementing verification thereof
CN103116720A (en) * 2011-11-16 2013-05-22 航天信息股份有限公司 Universal serial bus (USB) Key device and account management method and authentication application method thereof
CN104639315A (en) * 2013-11-10 2015-05-20 航天信息股份有限公司 Dual-authentication method and device based on identity passwords and fingerprint identification
CN109447606A (en) * 2018-12-06 2019-03-08 上海欢昶网络科技有限公司 A kind of storage of great master's wallet block chain private key and encryption method
CN110210855A (en) * 2019-05-08 2019-09-06 北京大学 Hardware wallet illegal method and system based on biological identification technology
CN111656732A (en) * 2017-12-14 2020-09-11 库珀索尼克公司 Device for storing a digital key for signing transactions on a blockchain

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101350723A (en) * 2008-06-20 2009-01-21 北京天威诚信电子商务服务有限公司 USB Key equipment and method for implementing verification thereof
CN103116720A (en) * 2011-11-16 2013-05-22 航天信息股份有限公司 Universal serial bus (USB) Key device and account management method and authentication application method thereof
CN104639315A (en) * 2013-11-10 2015-05-20 航天信息股份有限公司 Dual-authentication method and device based on identity passwords and fingerprint identification
CN111656732A (en) * 2017-12-14 2020-09-11 库珀索尼克公司 Device for storing a digital key for signing transactions on a blockchain
CN109447606A (en) * 2018-12-06 2019-03-08 上海欢昶网络科技有限公司 A kind of storage of great master's wallet block chain private key and encryption method
CN110210855A (en) * 2019-05-08 2019-09-06 北京大学 Hardware wallet illegal method and system based on biological identification technology

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
赵小川: "《MATLAB图像处理能力提高与应用案例》", 31 January 2014 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113794953A (en) * 2021-09-14 2021-12-14 蚌埠凯盛工程技术有限公司 Quartz ore remote data monitoring wireless alarm system based on 5G network
CN117715031A (en) * 2023-05-29 2024-03-15 荣耀终端有限公司 A method and electronic device for protecting fingerprint information

Similar Documents

Publication Publication Date Title
CN110557376B (en) Electronic contract signing method, electronic contract signing device, computer equipment and storage medium
US9946865B2 (en) Document authentication based on expected wear
US9049191B2 (en) Biometric authentication system, communication terminal device, biometric authentication device, and biometric authentication method
EP3525181B1 (en) Identity validity verification method and electronic terminal
CN111753271A (en) Account opening identity verification method, account opening identity verification device, account opening identity verification equipment and account opening identity verification medium based on AI identification
CN104598796A (en) Method and system for identifying identity
CN111831995A (en) Trusted identity authentication method and system based on eID and human body biological information
CN107729852A (en) Facial information register method, apparatus and system
EP3594879A1 (en) System and method for authenticating transactions from a mobile device
CN107302434B (en) Method and system for checking electronic signature
CN113315639A (en) Identity authentication system and method
CN110490026A (en) The methods, devices and systems of identifying object
TWI779823B (en) Authentication method and authentication device with fast anti-counterfeiting function
CN106650657A (en) Authentication method and device based on full face binary matching
CN106599841A (en) Full face matching-based identity verifying method and device
CN111353144A (en) Identity authentication method and device
CN111091387A (en) Authentication method, device and system
CN111985913A (en) Card-free transaction method and device and server
CN112052711B (en) Fingerprint input method, identity verification method and device
KR20040028210A (en) Apparatus for Identifying a Person through Recognizing a Face and Method thereof
CN112053148B (en) Method, device, equipment and storage medium for self-service terminal account transfer verification
EP3607722B1 (en) Online verification method and system for verifying the identity of a subject
Haron et al. SAFe: a secure and fast auto filling form system
JP2004005619A (en) Fingerprint authentication device and fingerprint authentication method
CN116112174B (en) A face recognition authentication processing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210827

RJ01 Rejection of invention patent application after publication