[go: up one dir, main page]

CN1980129B - Authority identifying method and system - Google Patents

Authority identifying method and system Download PDF

Info

Publication number
CN1980129B
CN1980129B CN2005101275356A CN200510127535A CN1980129B CN 1980129 B CN1980129 B CN 1980129B CN 2005101275356 A CN2005101275356 A CN 2005101275356A CN 200510127535 A CN200510127535 A CN 200510127535A CN 1980129 B CN1980129 B CN 1980129B
Authority
CN
China
Prior art keywords
broadband
added service
platform
broadband value
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2005101275356A
Other languages
Chinese (zh)
Other versions
CN1980129A (en
Inventor
黄佳祥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN2005101275356A priority Critical patent/CN1980129B/en
Publication of CN1980129A publication Critical patent/CN1980129A/en
Application granted granted Critical
Publication of CN1980129B publication Critical patent/CN1980129B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Telephonic Communication Services (AREA)

Abstract

本发明公开了一种鉴权方法,包括:用户终端(11)向宽带增值服务平台(12)发送宽带增值服务验证请求;宽带增值服务平台(12)根据宽带增值服务验证请求获得其对应的电话号码,并通过服务提供商服务器(13)获得订单号;在消费服务前系统根据宽带增值服务平台(12)获得的订单号和宽带增值服务请求所对应的电话号码对用户终端(11)的声讯电话记录进行鉴权;所述声讯电话记录包括用户根据系统指定拨打声讯电话时使用的主叫电话号码以及输入的订单号。本发明还提供了一种鉴权系统。根据本发明,经过宽带帐号与声讯电话的双重验证,提高了利用宽带帐号进行消费的安全性。

Figure 200510127535

The invention discloses an authentication method, comprising: a user terminal (11) sends a broadband value-added service verification request to a broadband value-added service platform (12); the broadband value-added service platform (12) obtains its corresponding telephone number according to the broadband value-added service verification request number, and obtain the order number by the service provider server (13); before the consumer service, the system obtains the order number and the corresponding telephone number of the broadband value-added service platform (12) according to the broadband value-added service request. The phone record is authenticated; the audio call record includes the calling phone number and the input order number used by the user to make an audio call according to the system designation. The invention also provides an authentication system. According to the present invention, through the double authentication of the broadband account and the audio phone, the security of consumption by using the broadband account is improved.

Figure 200510127535

Description

一种鉴权方法和系统 An authentication method and system

技术领域technical field

本发明涉及一种鉴权技术,尤其涉及一种鉴权方法和系统。 The present invention relates to an authentication technology, in particular to an authentication method and system. the

背景技术Background technique

目前,各宽带运营商相继开发出宽带增值业务消费平台,用户可凭宽带帐号与密码,登录到消费平台上选择自己需要的服务进行消费,消费平台将相关费用记在用户的宽带帐单上。 At present, various broadband operators have developed broadband value-added service consumption platforms one after another. Users can log in to the consumption platform to choose the services they need for consumption with their broadband account number and password. The consumption platform will record the relevant fees on the user's broadband bill. the

在现有技术中,存在两种鉴权方式,一是非绑定方式,二是绑定方式。对于非绑定方式,用户每次消费服务时都需要检查一下宽带帐号和密码是否相符。对于绑定方式,用户只有在第一次消费某个SP(服务提供商)的服务时,才需要登录宽带帐号和密码,并对宽带帐号和密码进行鉴权,然后确认宽带帐号与服务帐号的绑定;用户在同一SP的第二次消费起,就不必再对该用户的消费进行鉴权,可直接由SP直接通过后台通讯向运营商发起扣费请求,并为该用户提供其所选择的服务。 In the prior art, there are two authentication modes, one is a non-binding mode, and the other is a binding mode. For the non-binding method, users need to check whether the broadband account and password match each time they consume services. For the binding method, the user only needs to log in the broadband account and password when consuming the service of a certain SP (service provider) for the first time, and authenticate the broadband account and password, and then confirm the connection between the broadband account and the service account. Binding; from the second consumption of the same SP by the user, there is no need to authenticate the consumption of the user, and the SP can directly initiate a deduction request to the operator through the background communication, and provide the user with the selected services. the

在上述的现有技术中,存在很多形式的宽带帐号盗用情况。 In the above prior art, there are many forms of broadband account theft. the

如很多情况下使用的是有规律的宽带帐号和密码,如:帐号名都用城市缩写加电话号码——sz86013388,密码默认用123456。盗号者可用这些有规律的宽带帐号、密码登录宽带增值服务平台12进行消费。为了解决这个问题,运营商将宽带增值服务平台12的消费限制为必须在该宽带帐号正在使用的IP上才可以消费。于是,盗用者又干脆用这些帐号密码拨通宽带接入服务,再进行消费。 For example, regular broadband accounts and passwords are used in many cases. For example, the account names use the city abbreviation plus the phone number—sz86013388, and the default password is 123456. Account hackers can use these regular broadband account numbers and passwords to log in to the broadband value-added service platform 12 for consumption. In order to solve this problem, the operator limits the consumption of the broadband value-added service platform 12 to the IP that the broadband account is using. Therefore, the thieves simply use these account passwords to dial broadband access services, and then consume. the

于是许多运营商又加大限制,宽带帐号限定在用户家中的物理线路上才可 以拨通宽带接入服务,或者在消费时必须验证在宽带上登录的各种信息。但是,盗号手段层出不穷,如用户的计算机中了木马后,还是很容易产生盗号的情况。 As a result, many operators have increased their restrictions. The broadband account is limited to the physical line in the user's home before they can dial in to the broadband access service, or they must verify various information logged in on the broadband when consuming. However, means of account theft emerge in an endless stream, such as after the user's computer has been hit by a Trojan horse, the situation of account theft is still easy to occur. the

发明内容Contents of the invention

本发明的目标是提供一种鉴权方法和系统,可防止宽带帐号消费被盗用的情况。 The object of the present invention is to provide an authentication method and system, which can prevent broadband account consumption from being stolen. the

本发明公开了一种鉴权方法,包括: The invention discloses an authentication method, including:

A、用户终端11向宽带增值服务平台12发送宽带增值服务验证请求;B、宽带增值服务平台12根据宽带增值服务验证请求获得其对应的电话号码,并通过服务提供商服务器13获得订单号;C、在消费服务前系统根据宽带增值服务平台(12)获得的订单号和宽带增值服务验证请求所对应的电话号码,对用户终端11的声讯电话记录进行鉴权;所述声讯电话记录包括用户根据系统指定拨打声讯电话时使用的主叫电话号码以及输入的订单号。 A, the user terminal 11 sends a broadband value-added service verification request to the broadband value-added service platform 12; B, the broadband value-added service platform 12 obtains its corresponding phone number according to the broadband value-added service verification request, and obtains the order number through the service provider server 13; C 1. Before consuming the service, the system authenticates the audio phone record of the user terminal 11 according to the order number obtained by the broadband value-added service platform (12) and the phone number corresponding to the broadband value-added service verification request; The system specifies the calling phone number to use when making an audio call and the order number entered. the

所述的宽带增值服务验证请求包括宽带帐号和密码。 The broadband value-added service verification request includes a broadband account number and password. the

所述的步骤B还包括:宽带增值服务平台12验证宽带帐号和密码是否相符,若相符,则允许用户终端11进一步选择服务,否则,进行错误处理。 The step B also includes: the broadband value-added service platform 12 verifies whether the broadband account number and the password match, and if they match, allow the user terminal 11 to further select services; otherwise, perform error handling. the

所述的步骤C进一步包括: Described step C further comprises:

C1、系统通知用户终端11使用指定电话拨打声讯电话并输入订单号; C1. The system notifies the user terminal 11 to use the designated phone to make an audio call and enter the order number;

C2、用户终端11通过拨打声讯电话向声讯平台15发送订单号,声讯平台15记录订单号和主叫电话号码以形成声讯记录; C2. The user terminal 11 sends the order number to the audio platform 15 by dialing the audio phone, and the audio platform 15 records the order number and the calling phone number to form an audio record;

C3、系统根据声讯记录和宽带增值服务平台12获得的电话号码和订单号进行鉴权。 C3. The system performs authentication according to the audio record and the telephone number and order number obtained by the broadband value-added service platform 12 . the

所述的步骤C3进一步包括:系统根据宽带增值服务平台12获得的订单号查找声讯平台15记录的订单号,若没有找到,则鉴权失败,若找到,则继续对比宽带增值服务平台12获得的电话号码与声讯台记录的主叫电话号码是否相符,相相符,则鉴权通过,若不相符,则鉴权失败。 Described step C3 further comprises: the system searches for the order number recorded by the audio platform 15 according to the order number obtained by the broadband value-added service platform 12, if not found, then authentication fails, if found, then continue to compare the order number obtained by the broadband value-added service platform 12 Whether the phone number is consistent with the calling phone number recorded by the audio station, if they match, the authentication will pass, if not, the authentication will fail. the

声讯验证的频度根据安全性策略而定。 The frequency of voice authentication depends on the security policy. the

在执行步骤A之前还执行: Before executing step A also execute:

用户终端11通过服务提供商服务器13选择服务项目; The user terminal 11 selects a service item through the service provider server 13;

服务提供商服务器13向宽带增值服务平台12发送服务订单,所述服务订单包括订单号; The service provider server 13 sends a service order to the broadband value-added service platform 12, and the service order includes an order number;

宽带增值服务平台12通知用户终端11输入宽带增值服务验证码。 The broadband value-added service platform 12 notifies the user terminal 11 to input the broadband value-added service verification code. the

本发明还公开了一种鉴权系统,所述的系统包括: The invention also discloses an authentication system, the system includes:

用户终端11,用于向宽带增值服务平台12发送宽带增值服务验证请求,拨打声讯电话并向声讯平台15发送订单号; The user terminal 11 is used to send a broadband value-added service verification request to the broadband value-added service platform 12, dial a voice call and send an order number to the voice platform 15;

宽带增值服务平台12,用于接收用户终端11的宽带增值服务验证请求和服务提供商服务器13的订单号,并根据宽带增值服务验证请求获得与其对应的电话号码; The broadband value-added service platform 12 is used to receive the broadband value-added service verification request of the user terminal 11 and the order number of the service provider server 13, and obtain the corresponding phone number according to the broadband value-added service verification request;

服务提供商服务器13,用于产生服务订单,并将服务订单发给宽带增值服务平台12,所述服务订单包括订单号; The service provider server 13 is used to generate a service order, and send the service order to the broadband value-added service platform 12, and the service order includes an order number;

声讯平台15,用于接收用户终端11的声讯记录,所述的声讯记录包括主叫电话号码和订单号; The audio platform 15 is used to receive the audio record of the user terminal 11, and the audio record includes the calling phone number and the order number;

鉴权单元14,其与声讯平台15和宽带增值服务平台12相连,用于根据声讯记录和宽带服务记录进行鉴权,并通知用户终端11拨打声讯电话和输入订单号。 The authentication unit 14 is connected with the audio platform 15 and the broadband value-added service platform 12, and is used for authenticating according to the audio record and the broadband service record, and notifying the user terminal 11 to make an audio call and enter an order number. the

所述的鉴权单元14设置在宽带增值服务平台12中,或设置在服务提供商服务器13中,或作为单独的部件存在。 The authentication unit 14 is set in the broadband value-added service platform 12, or set in the service provider server 13, or exists as a separate component. the

因此,根据本发明,经过宽带帐号与声讯电话的双重验证,提高了利用宽带帐号进行消费的安全性。 Therefore, according to the present invention, through double authentication of the broadband account and the audio phone, the security of consumption with the broadband account is improved. the

附图说明Description of drawings

图1示出了本发明的声讯电话鉴权的系统; Fig. 1 has shown the system of audio telephone authentication of the present invention;

图2示出了本发明的声讯电话鉴权的流程图。 FIG. 2 shows a flow chart of voice phone authentication of the present invention. the

具体实施方式Detailed ways

为了便于本领域一般技术人员理解和实现本发明,现结合附图描绘本发明的实施例。 In order to make it easier for those skilled in the art to understand and realize the present invention, the embodiments of the present invention are described in conjunction with the accompanying drawings. the

由于大部份ADSL(非对称数字用户环线)宽带帐号都是通过一条电话线虚拟拨号上网的,所以宽带帐号开通时都需要有对应的一个电话号码。本方案采用宽带帐号验证与声讯电话验证相结合的方式,以保证宽带帐号的安全,不被盗用消费。 Since most ADSL (Asymmetric Digital Subscriber Line) broadband accounts access the Internet through virtual dial-up through a telephone line, a corresponding telephone number is required when opening a broadband account. This solution adopts the combination of broadband account verification and audio phone verification to ensure the security of broadband accounts and prevent them from being stolen and consumed. the

如图1所示,本发明提供了一种鉴权系统,所述的系统包括:用户终端11,用于向宽带增值服务平台12发送宽带增值服务验证请求,拨打声讯电话并向声讯平台15发送订单号;宽带增值服务平台12,用于接收用户终端11的宽带增值服务验证请求和服务提供商服务器13的订单号,并根据宽带增值服务验证请求获得与其对应的电话号码;服务提供商服务器13,用于产生服务订单,并将服务订单发给宽带增值服务平台12,所述服务订单包括订单号;声讯平台15,用于接收用户终端11的声讯记录,所述的声讯记录包括主叫电话号码和订单号;鉴权单元14,其与声讯平台15和宽带增值服务平台12相连,用于根据声讯记录和宽带服务记录进行鉴权,并通知用户终端11拨打声讯电话和输入订单号。所述的鉴权单元14可以设置在宽带增值服务平台12中,或设置在服务提供商服务器13中,或作为单独的部件存在。 As shown in Fig. 1, the present invention provides a kind of authentication system, described system comprises: user terminal 11, is used for sending broadband value-added service verification request to broadband value-added service platform 12, dials the voice call and sends to voice platform 15 Order number; Broadband value-added service platform 12 is used to receive the broadband value-added service verification request of user terminal 11 and the order number of service provider server 13, and obtain the corresponding phone number according to the broadband value-added service verification request; Service provider server 13 , for generating a service order, and sending the service order to the broadband value-added service platform 12, the service order includes the order number; the audio platform 15 is used for receiving the audio record of the user terminal 11, and the described audio record includes the calling phone number Number and order number; authentication unit 14, which is connected with audio platform 15 and broadband value-added service platform 12, is used for authenticating according to audio records and broadband service records, and notifies user terminal 11 to dial audio calls and input order numbers. The authentication unit 14 can be set in the broadband value-added service platform 12, or set in the service provider server 13, or exist as a separate component. the

如图2所示,本发明还提供了一种鉴权方法,其基本思想是:在消费服务流程中,加入声讯电话验证环节。这个环节可以由SP来实现,也可以由运营商的宽带增值服务平台12来实现。下面通过参照图1详细描述本发明的声讯电话验证的鉴权方法。 As shown in FIG. 2 , the present invention also provides an authentication method, the basic idea of which is: in the consumer service process, an audio phone verification link is added. This link can be realized by the SP, or by the broadband value-added service platform 12 of the operator. The authentication method for voice phone verification of the present invention will be described in detail below with reference to FIG. 1 . the

步骤1、用户终端11通过服务提供商选择服务项目,服务提供商产生服务订单,并将服务订单发给宽带增值服务平台12,宽带增值服务平台12通知用户终端11输入宽带增值服务验证码,用户终端11向宽带增值服务平台12发送宽带增值服务验证请求。所述的宽带增值服务验证请求包括宽带帐号、宽带密码。所述的服务订单包括订单号。 Step 1, the user terminal 11 selects a service item through the service provider, the service provider generates a service order, and sends the service order to the broadband value-added service platform 12, and the broadband value-added service platform 12 notifies the user terminal 11 to input the broadband value-added service verification code, the user The terminal 11 sends a broadband value-added service verification request to the broadband value-added service platform 12 . The broadband value-added service verification request includes a broadband account number and a broadband password. Said service order includes an order number. the

步骤2、宽带增值服务平台12对宽带增值服务验证请求进行鉴权,即验证宽带帐号和宽带密码是否相符,若相符,则执行步骤3,否则,执行步骤7:出错处理,可向用户终端11发送“宽带帐号或密码错”的提示,或直接拒绝为该用户终端11提供服务。 Step 2, the broadband value-added service platform 12 authenticates the broadband value-added service verification request, namely verifying whether the broadband account number and the broadband password match, if they match, then perform step 3, otherwise, perform step 7: error handling, you can report to the user terminal 11 A prompt of "wrong broadband account or password" is sent, or the service for the user terminal 11 is directly refused. the

步骤3、宽带增值服务平台12订单号记录在宽带数据库中,所述宽带数据库设置在鉴权单元14中,也可设置在宽带增值服务平台12或SP中,其记录有宽带帐号、宽带帐号对应的电话号码、用户在SP的服务帐号及订单号(如下表中宽带数据库)。 Step 3, the broadband value-added service platform 12 order number is recorded in the broadband database, and the broadband database is set in the authentication unit 14, and can also be set in the broadband value-added service platform 12 or SP, which records the broadband account number and the corresponding broadband account number phone number, service account and order number of the user in the SP (broadband database in the table below). the

步骤4、在消费前的任何环节,鉴权单元14提示用户终端11用指定电话(宽带帐号对应电话号码)拨个某个声讯电话号码,然后通过声通过声讯电话输入订单号。 Step 4. At any link before consumption, the authentication unit 14 prompts the user terminal 11 to dial a certain voice phone number with a designated phone (the phone number corresponding to the broadband account), and then input the order number through the voice phone. the

步骤5、用户用指定的用户终端11(宽带帐号对应的电话)拨打声讯电话,并输入订单号;声讯平台15记录用户拨打的电话号码和其输入的订单号,然后将电话号码和订单号传给鉴权单元14,鉴权单元14将电话号码和订单号存储在如声讯数据库中,也可以将电话号码和订单号存储在表中。 Step 5, the user dials the audio phone with the specified user terminal 11 (the phone corresponding to the broadband account), and inputs the order number; the audio platform 15 records the phone number dialed by the user and the order number entered, and then sends the phone number and the order number For the authentication unit 14, the authentication unit 14 stores the phone number and the order number in, for example, a voice database, or stores the phone number and the order number in a table. the

步骤6、鉴权单元14对声讯记录和宽带记录进行鉴权。鉴权单元14查询两个数据库记录,判断同一订单号的声讯主叫号码与宽带帐号对应电话号码是否相同,相同则为安全,否则不安全。 Step 6, the authentication unit 14 authenticates the audio recording and the broadband recording. The authentication unit 14 queries the two database records to determine whether the audio calling number of the same order number is the same as the corresponding phone number of the broadband account, if they are the same, it is safe, otherwise it is not safe. the

宽带数据库 broadband database

  宽带帐号broadband account   对应电话Corresponding phone number   服务帐号service account   订单号 order number   sz136050sz136050   075581234567075581234567   1000110001   123001123001   gzDSL42356gzDSL42356   0208765432102087654321   1245612456   123002123002   132454343132454343   0108888123401088881234   8972389723   123003123003   AD234656AD234656   0218902789702189027897   4567245672   123004123004

声讯数据库 voice database

  电话号码 telephone number   订单号 order number   075581234567075581234567   123001123001   0208888432102088884321   123002123002   0218902789702189027897   123004123004

[0049] 由上表可以看出:在宽带数据库中,宽带帐号sz136050对应的接入电话为075581234567、订单号为123001,在声讯数据库中,订单号为123001的电话号码为075581234567,该电话号码与宽带号sz136050对应的接入电话号码相同,因此,宽带帐号sz136050可以进行本次消费。  As can be seen from the above table: in the broadband database, the access phone corresponding to the broadband account number sz136050 is 075581234567, the order number is 123001, and in the audio database, the phone number that the order number is 123001 is 075581234567, and this phone number is the same as The access phone number corresponding to the broadband number sz136050 is the same, therefore, the broadband account sz136050 can make this consumption.

在宽带数据库中,宽带帐号gzDSL42356对应的接入电话为02087654321、订单号为123002,在声讯数据库中,订单号为123002的电话号码为02088884321,因此,由于其宽带帐号对应的电话号码与声讯数据库中的电话号码不同,宽带帐号gzDSL42356不可以进行本次消费。 In the broadband database, the access phone number corresponding to the broadband account gzDSL42356 is 02087654321 and the order number is 123002. In the voice database, the phone number with the order number 123002 is 02088884321. Therefore, since the phone number corresponding to the broadband account is different from that in the voice database phone number is different, the broadband account gzDSL42356 cannot make this purchase. the

在宽带数据库中,宽带帐号132454343对应的接入电话为01088881234、订单号为123003,在声讯数据库中,没有订单号为123003的记录,因此,宽带帐号132454343不可以进行本次消费。 In the broadband database, the access phone number corresponding to the broadband account 132454343 is 01088881234, and the order number is 123003. In the audio database, there is no record of the order number 123003. Therefore, the broadband account 132454343 cannot make this purchase. the

在宽带数据库中,宽带帐号AD234656对应的接入电话为02189027897、订单号为123004,在声讯数据库中,订单号为123004的电话号码为02189027897,该电话号码与宽带号sz136050对应的接入电话相同,因此,宽带帐号AD234656可以进行本次消费。 In the broadband database, the access phone number corresponding to the broadband account AD234656 is 02189027897, and the order number is 123004. In the audio database, the phone number with the order number 123004 is 02189027897, which is the same as the access phone number corresponding to the broadband number sz136050. Therefore, broadband account AD234656 can make this consumption. the

根据本发明,声讯验证的频度视不同的安全性要求而定。 According to the present invention, the frequency of audio verification depends on different security requirements. the

对于安全性要求较低的宽带用户,可以宽带帐号第一次消费时要求声讯电话验证,以后对该宽带帐号的任何消费不验证;这是因为盗号现象往往发生在宽带帐号的户主并没有使用宽带帐号进行增值消费的习惯,如果户主平时就有宽带增值消费的习惯,可能会比较重视帐号的保护,这样会出现较少被盗的情况,因此,从降低用户使用门槛的角度考虑,也可以是宽带帐号第一次消费时,才要求声讯验证,经过验证后可认为用户是会保护自己帐号的老用户,因此,该用户可以任意消费,后面的消费不再需求每笔都声讯验证。 For broadband users with low security requirements, you can request voice phone verification when using the broadband account for the first time, and do not verify any subsequent consumption of the broadband account; this is because account theft often occurs when the owner of the broadband account does not use broadband Account value-added consumption habit, if the head of the household has the habit of broadband value-added consumption, he may pay more attention to the protection of the account number, so that there will be fewer cases of theft. Therefore, from the perspective of lowering the user threshold, it can also be The voice verification is only required when the broadband account is consumed for the first time. After the verification, the user can be considered as an old user who will protect his account. Therefore, the user can spend at will, and the subsequent consumption no longer requires voice verification for each transaction. the

对于安全性要求中等的宽带用户,也可以是宽带帐号对某SP的一个帐号第一次消费时声讯电话验证一次,以后对同一帐号的消费不验证,这是因为当宽 带帐号A1第一次给服务帐号B1消费时,已通过声讯电话验证其安全性,所以宽带帐号A1再次给服务帐号B1消费时,可认为是安全的,没有必要再验证;但带帐号帐号A1给服务帐号B2消费,则认为这个交易安全性没有经过验证; For broadband users with medium security requirements, it is also possible to use a voice phone to verify once when the broadband account consumes an account of a certain SP for the first time, and not verify the consumption of the same account in the future. This is because when the broadband account A1 is the first time When consuming to service account B1, its security has been verified through voice calls, so when broadband account A1 consumes to service account B1 again, it can be considered safe and there is no need to verify again; but with account A1 to service account B2, It is considered that the security of this transaction has not been verified;

对于安全性要求较高的宽带用户,也可以是每次消费都要求声讯电话验证,以确保每笔消费的安全性。 For broadband users with higher security requirements, voice phone verification may also be required for each consumption to ensure the security of each consumption. the

根据本发明,经过宽带帐号与声讯电话的双重验证,提高了利用宽带帐号进行消费的安全性。 According to the present invention, through the double authentication of the broadband account and the audio phone, the security of consumption by using the broadband account is improved. the

虽然通过实施例描绘了本发明,但本领域普通技术人员知道,在不脱离本发明的精神和实质的情况下,就可使本发明有许多变形和变化,本发明的范围由所附的权利要求来限定。 Although the present invention has been described by the embodiments, those of ordinary skill in the art know that, without departing from the spirit and essence of the present invention, the present invention can have many modifications and variations, and the scope of the present invention is defined by the appended rights Requirements to limit. the

Claims (9)

1. a method for authenticating is characterized in that, comprising:
A, user terminal (11) send broadband value-added service checking request to broadband value-added service platform (12);
B, broadband value-added service platform (12) obtain its corresponding telephone number according to broadband value-added service checking request, and obtain order number by service provider server (13);
C, system obtains according to broadband value-added service platform (12) before consumption service order number and the pairing telephone number of broadband value-added service checking request carry out authentication to the voice message phone record of user terminal (11); Described voice message phone record comprises that the user specifies the calling telephone number that uses when dialing voice message phone and the order number of input according to system.
2. method for authenticating according to claim 1 is characterized in that, described broadband value-added service checking request comprises broadband account number and password.
3. method for authenticating according to claim 2 is characterized in that, described step B also comprises: whether broadband value-added service platform (12) checking broadband account number conforms to password, if conform to, then allow user terminal (11) further to select service, otherwise, carry out fault processing.
4. method for authenticating according to claim 1 is characterized in that, described step C further comprises:
C1, notifications user terminal (11) use designated telephone to dial voice message phone and import order number;
C2, user terminal (11) send order number by dialing voice message phone to audio signal platform (15), and audio signal platform (15) record order number and calling telephone number are to form the audio communication record;
C3, system carry out authentication according to the telephone number and the order number of audio communication record and broadband value-added service platform (12) acquisition.
5. method for authenticating according to claim 4, it is characterized in that, described step C3 further comprises: the order number that system obtains according to broadband value-added service platform (12) is searched the order number of audio signal platform (15) record, if do not find, and failed authentication then, if find, whether the telephone number that then continues contrast broadband value-added service platform (12) acquisition conforms to the calling telephone number of audio signal platform record, if conform to, then authentication is passed through, if do not conform to, failed authentication then.
6. method for authenticating according to claim 1 is characterized in that, the frequency of audio communication checking is decided according to security policies.
7. method for authenticating according to claim 1 is characterized in that, also carries out before execution in step A:
User terminal (11) is selected service item by service provider server (13);
Service provider server (13) sends Service Order to broadband value-added service platform (12), and described Service Order comprises order number;
Broadband value-added service platform (12) informing user terminal (11) input broadband value-added service identifying code.
8. a right discriminating system is characterized in that, described system comprises:
User terminal (11) is used for sending broadband value-added service checking request to broadband value-added service platform (12), dials voice message phone and sends order number to audio signal platform (15);
Broadband value-added service platform (12) is used to receive the broadband value-added service checking request of user terminal (11) and the order number of service provider server (13), and obtains the telephone number corresponding with it according to broadband value-added service checking request;
Service provider server (13) is used to produce Service Order, and Service Order is issued broadband value-added service platform (12), and described Service Order comprises order number;
Audio signal platform (15) is used to receive the audio communication record of user terminal (11), and described audio communication record comprises calling telephone number and order number;
Authenticating unit (14), it links to each other with broadband value-added service platform (12) with audio signal platform (15), be used for carrying out authentication according to audio communication record and broadband service record, and informing user terminal (11) is dialed voice message phone and input order number.
9. right discriminating system according to claim 8 is characterized in that, described authenticating unit (14) is arranged in the broadband value-added service platform (12), or is arranged in the service provider server (13), or exists as independent parts.
CN2005101275356A 2005-12-05 2005-12-05 Authority identifying method and system Expired - Fee Related CN1980129B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2005101275356A CN1980129B (en) 2005-12-05 2005-12-05 Authority identifying method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2005101275356A CN1980129B (en) 2005-12-05 2005-12-05 Authority identifying method and system

Publications (2)

Publication Number Publication Date
CN1980129A CN1980129A (en) 2007-06-13
CN1980129B true CN1980129B (en) 2011-02-16

Family

ID=38131152

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2005101275356A Expired - Fee Related CN1980129B (en) 2005-12-05 2005-12-05 Authority identifying method and system

Country Status (1)

Country Link
CN (1) CN1980129B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0205095A2 (en) * 1985-06-07 1986-12-17 Siemens Aktiengesellschaft Method and arrangement for protecting the access to a computer
CN1303067A (en) * 2001-02-23 2001-07-11 北京北大天正科技发展有限公司 Transaction method based on Internet
CN1591503A (en) * 2003-08-28 2005-03-09 黄金富 Payment acknowledging safety method for network buying, speculation on stocks, etc. by dynamic cipher and cell phone

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0205095A2 (en) * 1985-06-07 1986-12-17 Siemens Aktiengesellschaft Method and arrangement for protecting the access to a computer
CN1303067A (en) * 2001-02-23 2001-07-11 北京北大天正科技发展有限公司 Transaction method based on Internet
CN1591503A (en) * 2003-08-28 2005-03-09 黄金富 Payment acknowledging safety method for network buying, speculation on stocks, etc. by dynamic cipher and cell phone

Also Published As

Publication number Publication date
CN1980129A (en) 2007-06-13

Similar Documents

Publication Publication Date Title
CN106797371B (en) Method and system for user authentication
US8646051B2 (en) Automated password reset via an interactive voice response system
CN103875211B (en) An Internet account management method, manager, server and system
EP3813403A1 (en) Mobile phone takeover protection system and method
JP2009515403A (en) Remote activation of user accounts in telecommunications networks
CN107113613B (en) Server, mobile terminal, network real-name authentication system and method
US8184811B1 (en) Mobile telephony content protection
JP6370771B2 (en) Method and system for providing secure transactions using cyber IDs
Du et al. {UCBlocker}: Unwanted call blocking using anonymous authentication
CN107623907A (en) ESIM clamping locks network method, terminal and lock network certificate server
JP4764339B2 (en) How to secure and verify electronic certificates
RU2439702C2 (en) Method to execute transaction between two servers with pre-check of validity by means of two mobile telephones
JP2002229951A (en) Personal authentication system
CN100362880C (en) A method for verifying the legitimacy of a mobile terminal user
JP6067005B2 (en) System and method for integrating OpenID into a telecommunications network
CN114422217B (en) A dial-up authentication method, device, equipment and storage medium
KR20140043071A (en) Authentication system and method for device attempting connection
CN101854357A (en) Method and system for monitoring network authentication
CN1980129B (en) Authority identifying method and system
KR20010007291A (en) Server for dialup connection
KR101331575B1 (en) Method and system blocking for detour hacking of telephone certification
CN100393166C (en) A method and device for realizing multi-level authentication of PHS wireless network positioning service
Brawerman et al. An anti-cloning framework for software defined radio mobile devices
CN100576868C (en) Network telephone using system and method for providing portable telephone number
KR100623293B1 (en) Mobile terminal subscriber authentication method using callback message

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20110216

CF01 Termination of patent right due to non-payment of annual fee