Detailed Description
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present description. This description may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein, as those skilled in the art will be able to make and use the present disclosure without departing from the spirit and scope of the present disclosure.
The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in one or more embodiments of the present specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in one or more embodiments of the present specification refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It will be understood that, although the terms first, second, etc. may be used herein in one or more embodiments to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, a first can be termed a second and, similarly, a second can be termed a first without departing from the scope of one or more embodiments of the present description. The word "if," as used herein, may be interpreted as "at … …" or "when … …" or "in response to a determination," depending on the context.
In the present specification, a real-name authentication method is provided, and the present specification relates to a real-name authentication apparatus, a computing device, and a computer-readable storage medium, which are described in detail one by one in the following examples.
Fig. 1 shows a flowchart of a real-name authentication method provided according to an embodiment of the present disclosure, which includes steps 102 to 106.
Step 102: and receiving the identity information to be authenticated of the user to be authenticated.
For example, as shown in the interface diagram of fig. 5, the user to be authenticated may input a name and an identification card number through the interface 501 shown in fig. 5 to wait for authentication identity information. The content of the identity information to be authenticated, which is required to be input, can be determined according to the requirements of the implementation environment.
In an application scenario of the embodiment of the present specification, the real-name authentication method provided in the embodiment of the present specification may intervene after the identity information to be authenticated is verified through a public security network. For example, the name and the identification number of the user to be authenticated can be verified through public security network data; in case the verification passes, the following step is entered in order to continue the real-name authentication.
In order to prevent the real-name authentication channel from being attacked in batch by malicious black grey products, the generation of low-cost identity accounts is caused in batch. In an embodiment of this specification, it may also be determined whether the user to be authenticated is an abnormal identity risk user according to a real-name authentication historical behavior corresponding to an account used by the user to be authenticated and a real-name authentication historical behavior corresponding to a device used by the user to be authenticated, and if it is determined that the user to be authenticated is an abnormal identity risk user, the next step 104 is performed to continue to complete real-name authentication. In another embodiment of the present specification, malicious group mining may also be performed on users participating in real-name authentication in advance; if the user to be authenticated does not exist in a malicious group, the next step 104 is entered to continue to complete the real-name authentication.
It should be noted that the above embodiments of verification of the public security network, real-name authentication historical behavior, and malicious group mining may be implemented in the same scenario, or may be selectively implemented according to the implementation environment, which is not limited in this specification. For the users with risks, the users can not be subjected to a convenient silent authentication process, and are guided to perform real-name authentication modes such as binding a bank card and taking a picture of a handheld certificate, so that the risk of the whole authentication link is controllable. Through the implementation modes of verification of the public security network, real-name authentication historical behaviors and malicious group mining, the identity authenticity of the user is investigated in a multi-dimensional mode, and the follow-up real-name authentication process is provided under the condition of reducing the identity risk, so that the balance between risk and experience is realized.
Step 104: and acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base.
The real-name identity information base comprises a corresponding relation between equipment information of users inside and outside the system and real-name identity information, and the corresponding relation is mined based on the relation between real-name behavior data of the users inside and outside the system and the equipment information.
Wherein the system is determined according to an implementation environment, such as a pay for Bao system and the like. The intra-organizational and extra-organizational users may include, for example, full or partial users of the pay pal organizational system, and extra-organizational users may include, for example, users of an external organizational system associated with the pay pal organizational system. For a pay bank system, the real-name behavior data of users inside and outside the system may include data of real-name behaviors such as pay bank user payment behavior, transaction behavior, login behavior of known real-name account users, and the like. The scenes related to the login behavior, the payment behavior and the transaction behavior comprise charging and paying of a mobile phone number, booking of a ticket for traffic travel, insurance and financing purchase, verification of identity information of an external operator, ticket purchase of an external channel and the like.
When the corresponding relation between the equipment information and the real-name identity information of the users inside and outside the system is mined based on the relation between the real-name behavior data and the equipment information of the users inside and outside the system, a mining strategy can be determined according to the requirements of an implementation environment. For example, in the mining strategy according to an embodiment of the present specification, real-name identity information of users inside and outside the system is mined based on real-name behavior data of the users inside and outside the system and one or more of the device address book, the device environment information, and the device operation information, so as to form a real-name identity information base.
Step 106: and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
For example, the real-name identity information corresponding to any one of the personal communication information, the device environment information, or the device operation information of the user to be authenticated can be selected according to the implementation environment requirement to be compared with the identity information to be authenticated, and the real-name authentication is completed when the comparison result is consistent. For another example, multiple kinds of real-name identity information corresponding to each of the personal communication information, the device environment information, and the device operation information of the user to be authenticated may be selected according to the implementation environment requirements to be compared with the identity information to be authenticated, and the real-name authentication is completed when the comparison results are consistent.
It can be seen that, in the embodiment of the present description, the real-name identity information base includes the corresponding relationship between the device information of the users inside and outside the system and the real-name identity information, and the corresponding relationship is mined based on the relationship between the real-name behavior data of the users inside and outside the system and the device information, so that in the real-name authentication link, the matched real-name identity information can be directly obtained for comparison, the operations of the users in the authentication link are reduced, the complexity of the authentication process is reduced for the users, the real-name authentication with the silent effect is realized, and the user experience is improved.
After the comparison and the consistency authentication are passed, a real-name authentication label can be given to the account number of the user to be authenticated. For example, as shown in the interface schematic diagram shown in fig. 5, after the user to be authenticated inputs a name and an identification number through the identity verification interface 501 shown in fig. 5, the system determines, through the above-mentioned real-name authentication method with a silent effect, a tag that is given to the account by real-name authentication, so that the user can directly see, through the personal information interface 502 shown in fig. 5, that the tag given by the system by real-name authentication is "real-name".
In the following, referring to fig. 2, the real-name authentication method provided in this specification is further described by taking as an example that the real-name identity information base includes correspondence between personal device communication information of users inside and outside the system and a real name. Fig. 2 shows a flowchart of a processing procedure of a real-name authentication method according to another embodiment of the present specification, and specific steps include step 202 to step 206.
Step 202: and receiving the identity information to be authenticated of the user to be authenticated.
Step 204: and acquiring a real name matched with the personal equipment communication information of the user to be authenticated from a real name identity information base comprising the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name.
For example, in order to dig out the corresponding relationship between the personal device communication information of the users inside and outside the system and the real name in advance, because the transaction behavior belongs to the real name behavior, the device address lists of the users inside and outside the system, and the information of the receiver and/or the information of the sender in the transaction behavior data of the users inside and outside the system can be combined into a text data set; and carrying out named entity recognition of the real name corresponding to the personal equipment communication information of the users inside and outside the system on the text data set in a named entity extraction mode in a knowledge graph system, and establishing the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name. In the implementation mode, the real names of users are mined from unstructured data of an address book and a receiving/delivery address through data mining modeling based on a knowledge graph algorithm frame, data identification is achieved, the authenticity of the users corresponding to the back of personal equipment communication information such as telephone numbers is inferred and judged, the capability of data verification of identity of the user is greatly improved, user operation is reduced, and the user silent authentication experience is provided for the users.
For example, the consignee information and/or the shipper information may be extracted from transaction behavior data of users inside and outside the hierarchy. And the information of the receiver and/or the information of the sender comprise information of name, telephone, address and the like.
The knowledge map system is a structured semantic knowledge base and is used for describing concepts and mutual relations in the physical world, and a large amount of knowledge is aggregated by reducing data granularity from document level to data level, so that quick response and reasoning of the knowledge are realized.
The data stored in the device address book information is not usually a standard name, such as "intermediary lie xx", "wang xx teacher", etc. Relation learning mining can be carried out on a text data set consisting of information of a receiver and/or a sender and information of equipment address lists of users inside and outside the system through NER (named entity extraction) in a knowledge graph system. In the relation learning and mining process, aiming at the matching relation between personal equipment communication information in a text data set, such as a telephone number and name characters, a named entity extraction technology in a knowledge map system is applied to carry out common noun word segmentation on the name characters, for example, "Zhang three teacher" is purified into "Zhang three" and "teacher", and "Shu Gu Fu Wang Wu" is purified into "Shu Gu Fu" and "Wang Wu", so that the real name corresponding to the personal equipment communication information, such as the telephone number, is identified, and the identification of the corresponding relation between the personal equipment communication information and the real name is completed.
Step 206: and comparing the real name matched with the personal equipment communication information of the user to be authenticated with the name in the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Therefore, in the embodiment, because the corresponding relation between the personal device communication information of the users inside and outside the system and the real name is found out based on the real-name behavior data of the users inside and outside the system, when the real-name authentication is needed, the real name matched with the personal device communication information of the user to be authenticated can be directly obtained, and the real name is compared with the name in the identity information to be authenticated to complete the real-name authentication, so that the operation of the user in the authentication link is reduced, the complexity of the authentication process is reduced for the user, the real-name authentication with the silent effect is realized, and the user experience is improved.
In the following, with reference to fig. 3, the real-name authentication method provided in this specification is further described by taking the example that the real-name identity information base includes the correspondence between the device environment information of the user in the system and the real-name identity information. Fig. 3 is a flowchart illustrating a processing procedure of a real-name authentication method according to an embodiment of the present disclosure, where specific steps include step 302 to step 308.
Step 302: and receiving the identity information to be authenticated of the user to be authenticated.
Step 304: and collecting the equipment environment information of the user to be authenticated.
The device environment information may include umid (device unique identifier), apd id (device fingerprint), I p (internet protocol address), mac (physical address, for uniquely identifying a network card in a network), and the like.
Step 306: and acquiring real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base comprising the corresponding relation between the equipment environment information of the user in the system and the real-name identity information.
For example, in order to dig out the corresponding relationship between the device environment information of the user in the system and the real-name identity information in advance, the device environment information of the user in the system may be collected in response to the payment behavior of the user in the system, and the payment identity information of the user in the system may be acquired as the real-name identity information; and establishing a corresponding relation between the real-name identity information of the users in the system and the equipment environment information.
When a user in the system uses fixed equipment to carry out payment behavior, the payment identity of the user has a bound bank card, and the payment identity information of the user has real-name property, so that the user can be used as real-name identity information of real-name authentication.
Step 308: and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
It can be seen that, in this embodiment, since the corresponding relationship between the device environment information and the real-name identity information of the user in the system is found out in advance based on the real-name behavior data of the user in the system, when real-name authentication is required, the real-name identity information, such as name, phone, etc., matching with the device environment information of the user to be authenticated can be directly obtained, and compared with the identity information, such as name, phone, etc., to be authenticated to complete real-name authentication, thereby reducing the operation of the user in the authentication link, for the user, reducing the complexity of the authentication process, realizing the real-name authentication with a silent effect, and improving the user experience.
In the following, with reference to fig. 4, the real-name authentication method provided in this specification is further described by taking as an example that the real-name identity information base includes a correspondence between device operation information of a user with a known real-name account in the system and real-name identity information. Fig. 4 is a flowchart illustrating a processing procedure of a real-name authentication method according to an embodiment of the present specification, where specific steps include step 402 to step 410.
Step 402: and receiving the identity information to be authenticated of the user to be authenticated.
Step 404: and collecting the equipment operation information of the user to be authenticated.
The device operation information may include click force, manipulation range, sliding speed, and the like.
Step 406: and identifying the known real-name account user which is regarded as the same person as the user to be authenticated by comparing the similarity of the equipment operation information of the user to be authenticated with the equipment operation information of the known real-name account user in the real-name identity information base.
For example, in order to dig out the corresponding relationship between the device operation information of the known real-name account user in the system and the real-name identity information in advance, the device operation information of the known real-name account user in the system may be collected in response to the login of the known real-name account user in the system; and establishing a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information in the real-name identity information base.
Because the operation behaviors of different users on terminal equipment such as a mobile phone and app are different and have certain individuation, the equipment operation information of the known real-name account user in the system can be collected, so that when the user uses a new account, the operation behavior characteristics can be identified according to the equipment operation information, and under the condition that the operation of the same person is determined according to the similarity comparison, the real-name identity information is obtained to perform real-name authentication on the new account, the operation of the user in an authentication link is reduced, the complexity of an authentication process is reduced, the real-name authentication with a silent effect is realized, and the user experience is improved.
Step 408: and acquiring the real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
Step 410: and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Therefore, in the embodiment, the device operation information can be acquired through the device terminal, the similarity among different device operation information is analyzed and calculated, and an account with the similarity meeting a certain requirement can be considered to be operated by the same person, so that the identity authenticity of the user to be authenticated can be judged according to the comparison between the real-name identity information of the known real-name account user and the identity information to be authenticated of the current user to be authenticated, the operation of the user in the authentication link is reduced, the complexity of the authentication process is reduced for the user, the real-name authentication with the silent effect is realized, and the user experience is improved.
Corresponding to the method embodiment, the present specification also provides an embodiment of a real-name authentication device. Fig. 6 is a schematic structural diagram illustrating a real-name authentication apparatus according to an embodiment of the present disclosure. As shown in fig. 6, the apparatus includes: a receiving module 602, a real name obtaining module 604, and a comparing module 606.
The receiving module 602 may be configured to receive identity information to be authenticated of a user to be authenticated.
The real-name obtaining module 604 may be configured to obtain real-name identity information matched with the device information of the user to be authenticated from a real-name identity information base, where the real-name identity information base includes a correspondence between the device information of the users inside and outside the hierarchy and the real-name identity information, and the correspondence is mined based on a relationship between real-name behavior data of the users inside and outside the hierarchy and the device information.
The comparing module 606 may be configured to perform real-name authentication on the to-be-authenticated identity information of the to-be-authenticated user by comparing the real-name identity information of the to-be-authenticated user with the to-be-authenticated identity information.
For example, the alignment results may be consistent or inconsistent. If the authentication matches, the real-name authentication is determined to pass, and if the authentication does not match, the real-name authentication is determined to fail.
It can be seen that, in the embodiment of the present description, the real-name identity information base includes the corresponding relationship between the device information of the users inside and outside the system and the real-name identity information, and the corresponding relationship is mined based on the relationship between the real-name behavior data of the users inside and outside the system and the device information, so that in the real-name authentication link, the matched real-name identity information can be directly obtained for comparison, the operations of the users in the authentication link are reduced, the complexity of the authentication process is reduced for the users, the real-name authentication with the silent effect is realized, and the user experience is improved.
In the following, referring to fig. 7a, the real-name authentication device provided in this specification is further described with an example that the real-name identity information base includes a correspondence between personal device communication information of internal and external users and a real name. Fig. 7a is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure. As shown in fig. 7a, the real name obtaining module 604 of the apparatus may include: the communication information obtaining sub-module 6041 may be configured to obtain the personal device communication information of the user to be authenticated. The real name matching sub-module 6042 may be configured to obtain, from the real name identity information base, a real name matched with the personal device communication information of the user to be authenticated. The comparison module 606 may be configured to perform real-name authentication on the to-be-authenticated identity information of the to-be-authenticated user by comparing the real name matched with the personal device communication information of the to-be-authenticated user with the name in the to-be-authenticated identity information.
In the embodiment, because the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name is mined based on the real name behavior data of the users inside and outside the system, when real name authentication is required, the real name matched with the personal equipment communication information of the user to be authenticated can be directly acquired and compared with the name in the identity information to be authenticated to finish the real name authentication, so that the operation of the user in the authentication link is reduced, the complexity of the authentication process is reduced for the user, the real name authentication with a silent effect is realized, and the user experience is improved.
Optionally, as shown in fig. 7a, the apparatus may further include: the data collection module 608 may be configured to combine the device address lists of the users inside and outside the system, and the information of the consignee and/or the information of the shipper in the transaction behavior data of the users inside and outside the system into a text data set. The communication relationship mining module 6081 may be configured to perform named entity recognition of a real name corresponding to personal device communication information of users inside and outside the system on the text data set by a named entity extraction manner in the knowledge graph system, and establish a corresponding relationship between the personal device communication information of the users inside and outside the system and the real name.
In the embodiment, the real names of the users are mined from the unstructured data of the address book and the receiving/sending address based on a knowledge graph algorithm frame through data mining modeling, so that data identification is realized, the authenticity of the users corresponding to the back of the communication information of the personal equipment, such as a telephone number, is deduced and judged, the capability of data verification of identity of the user is greatly improved, user operation is reduced, and the user experience of silent authentication is provided for the users.
In the following, referring to fig. 7b, the real-name authentication apparatus provided in this specification will be further described with an example that the real-name identity information base includes a correspondence between the device environment information of the user in the system and the real-name identity information. Fig. 7b is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure. As shown in fig. 7b, the real name obtaining module 604 of the apparatus may include: the environment information obtaining sub-module 6043 may be configured to collect device environment information of the user to be authenticated. The environment information matching sub-module 6044 may be configured to obtain, from the real-name identity information library, real-name identity information corresponding to the device environment information of the user to be authenticated.
In the embodiment, because the corresponding relation between the equipment environment information and the real-name identity information of the user in the system is mined out in advance based on the real-name behavior data of the user in the system, when real-name authentication is required, the real-name identity information such as name, telephone and the like matched with the equipment environment information of the user to be authenticated can be directly acquired, and the real-name authentication is completed by comparing the acquired real-name identity information with the identity information such as name, telephone and the like to be authenticated, so that the operation of the user in an authentication link is reduced, the complexity of an authentication process is reduced for the user, the real-name authentication with a silencing effect is realized, and the user experience is improved.
Optionally, as shown in fig. 7b, the apparatus may further include: the payment response module 610 may be configured to collect device environment information of users in the system in response to payment behaviors of the users in the system, and acquire payment identity information of the users in the system as real-name identity information. The environment relationship establishing module 6101 may be configured to establish a correspondence between real-name identity information of users in the hierarchy and the device environment information.
When a user in the system uses fixed equipment to carry out payment behavior, the payment identity of the user has a bound bank card, and the payment identity information of the user has real-name property, so that the user can be used as real-name identity information of real-name authentication.
In the following, referring to fig. 7c, the real-name authentication apparatus provided in this specification will be further described with an example that the real-name identity information base includes a corresponding relationship between device operation information of a user with a known real-name account in the system and real-name identity information. Fig. 7c is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure. As shown in fig. 7c, the real name obtaining module 604 of the apparatus may include: an operation information obtaining sub-module 6045 may be configured to collect device operation information of the user to be authenticated. The operation similarity comparison submodule 6046 may be configured to identify a known real-name account user who is regarded as the same person as the user to be authenticated by comparing the device operation information of the user to be authenticated with the device operation information of the known real-name account user in the real-name identity information base. The same-person real-name obtaining sub-module 6047 may be configured to obtain real-name identity information of the known real-name account user regarded as the same person as the user to be authenticated.
Because different users have different operation behaviors on terminal equipment such as a mobile phone and app and have certain individuation, a model for identifying the operation behaviors of the equipment can be established in advance to identify operation behavior characteristics, the similarity between different equipment operation information is analyzed and calculated, and an account with the similarity meeting certain requirements can be regarded as the operation of the same person, so that the identity authenticity of the user to be authenticated can be judged according to the comparison between the real-name identity information of the known real-name account user and the identity information to be authenticated of the current user to be authenticated, the operation of the user in the authentication link is reduced, the complexity of the authentication process is reduced for the user, the real-name authentication with a silent effect is realized, and the user experience is improved.
Optionally, as shown in fig. 7c, the apparatus may further include: the login response module 612 may be configured to collect device operation information of known real-name account users within the hierarchy in response to a login of the known real-name account users within the hierarchy. The operation relationship establishing module 6121 may be configured to establish a corresponding relationship between the real-name identity information of the known real-name account user and the device operation information.
Because the operation behaviors of different users on terminal equipment such as a mobile phone and app are different and have certain individuation, the equipment operation information of the known real-name account user in the system can be collected, so that when the user uses a new account, the operation behavior characteristics can be identified according to the equipment operation information, and under the condition of determining the operation of the same person, the real-name identity information is obtained to perform real-name authentication on the new account, so that the operation of the user in an authentication link is reduced, the complexity of an authentication process is reduced, the real-name authentication with a silent effect is realized, and the user experience is improved.
In order to balance the risk and the experience, a schematic structure diagram of a real-name authentication device provided in another embodiment of the present specification shown in fig. 7d is described below.
Optionally, as shown in fig. 7d, the apparatus may further include: a public security verification module 608, which may be configured to verify the name and the identification number of the user to be authenticated through public security network data; and triggering the real name acquisition module 604 to execute if the verification is passed.
Optionally, as shown in fig. 7d, the apparatus may further include: the authentication history behavior determination module 610 may be configured to determine whether the user to be authenticated is an abnormal identity risk user according to a real-name authentication history behavior corresponding to an account used by the user to be authenticated and according to a real-name authentication history behavior corresponding to a device used by the user to be authenticated; if not, the real name obtaining module 604 is triggered to execute.
Optionally, as shown in fig. 7d, the apparatus may further include: a malicious group mining module 612, which may be configured to perform malicious group mining on users participating in real-name authentication in advance; and if the user to be authenticated does not exist in the malicious group partner, triggering the real name acquisition module 604 to execute.
It should be noted that the verification of the public security network, the real-name authentication historical behavior, and the malicious group mining may be implemented in the same scene, or may be selectively implemented according to the implementation environment, which is not limited in this specification. For users with risks, the users can not be subjected to a convenient silent authentication process, and are guided to perform real-name authentication modes such as binding a bank card and taking a picture by a handheld certificate, so that the risk of the whole authentication link is controllable. Through the implementation modes of verification of the public security network, real-name authentication historical behaviors and malicious group mining, the identity authenticity of the user is investigated in a multi-dimensional mode, and the follow-up real-name authentication process is provided under the condition of reducing the identity risk, so that the balance between risk and experience is realized.
The above is an exemplary scheme of a real-name authentication device of the present embodiment. It should be noted that the technical solution of the real-name authentication device is the same as the technical solution of the real-name authentication method, and for details that are not described in detail in the technical solution of the real-name authentication device, reference may be made to the description of the technical solution of the real-name authentication method.
FIG. 8 illustrates a block diagram of a computing device 800, according to one embodiment of the present description. The components of the computing device 800 include, but are not limited to, memory 810 and a processor 820. The processor 820 is coupled to the memory 810 via a bus 830, and the database 850 is used to store data.
Computing device 800 also includes access device 840, access device 840 enabling computing device 800 to communicate via one or more networks 860. Examples of such networks include the Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the internet. Access device 840 may include one or more of any type of network interface (e.g., a Network Interface Card (NIC)) whether wired or wireless, such as an ieee 802.11 Wireless Local Area Network (WLAN) wireless interface, a global microwave interconnect access (Wi-MAX) interface, an ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a bluetooth interface, a Near Field Communication (NFC) interface, and so forth.
In one embodiment of the present description, the above-described components of computing device 800, as well as other components not shown in FIG. 8, may also be connected to each other, such as by a bus. It should be understood that the block diagram of the computing device architecture shown in FIG. 8 is for purposes of example only and is not limiting as to the scope of the description. Other components may be added or replaced as desired by those skilled in the art.
Computing device 800 may be any type of stationary or mobile computing device, including a mobile computer or mobile computing device (e.g., tablet, personal digital assistant, laptop, notebook, netbook, etc.), a mobile phone (e.g., smartphone), a wearable computing device (e.g., smartwatch, smartglasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or PC. Computing device 800 may also be a mobile or stationary server.
Wherein, the processor 820 is configured to execute the following computer-executable instructions:
receiving to-be-authenticated identity information of a to-be-authenticated user;
acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base, wherein the real-name identity information base comprises a corresponding relation between the equipment information of the users inside and outside the system and the real-name identity information, and the corresponding relation is mined based on the relation between the real-name behavior data of the users inside and outside the system and the equipment information;
and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the real-name identity information base includes a corresponding relationship between personal device communication information of users inside and outside the system and the real name;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes: acquiring personal equipment communication information of the user to be authenticated; acquiring a real name matched with the personal equipment communication information of the user to be authenticated from the real-name identity information base;
the real-name authentication of the to-be-authenticated identity information of the to-be-authenticated user by comparing the real-name identity information of the to-be-authenticated user with the to-be-authenticated identity information comprises the following steps: and comparing the real name matched with the personal equipment communication information of the user to be authenticated with the name in the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the method further includes mining a correspondence between personal device communication information of users inside and outside the system and the real name by the following steps:
forming a text data set by using equipment address lists of users inside and outside the system and consignee information and/or consignee information in transaction behavior data of the users inside and outside the system;
and carrying out named entity recognition of the real name corresponding to the personal equipment communication information of the users inside and outside the system on the text data set in a named entity extraction mode in a knowledge graph system, and establishing the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name.
Optionally, the real-name identity information base includes a corresponding relationship between the device environment information of the user in the system and the real-name identity information;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment environment information of the user to be authenticated;
and acquiring real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base.
Optionally, the method further includes mining a correspondence between the device environment information of the user in the system and the real-name identity information by:
responding to the payment behavior of a user in a system, collecting equipment environment information of the user in the system, and acquiring payment identity information of the user in the system as real-name identity information;
and establishing a corresponding relation between the real-name identity information of the users in the system and the equipment environment information.
Optionally, the real-name identity information base includes a corresponding relationship between device operation information of a known real-name account user in the system and the real-name identity information;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment operation information of the user to be authenticated;
identifying a known real-name account user which is regarded as the same person as the user to be authenticated by comparing the similarity of the equipment operation information of the user to be authenticated with the equipment operation information of the known real-name account user in the real-name identity information base;
and acquiring the real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
Optionally, the method further includes mining a correspondence between the device operation information of the known real-name account user in the system and the real-name identity information by:
responding to the login of a known real-name account user in a system, and collecting equipment operation information of the known real-name account user in the system;
and establishing a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information.
Optionally, the method further comprises:
verifying the name and the identity card number of the user to be authenticated through public security network data;
and entering the slave real-name identity information base under the condition that the verification is passed, and acquiring real-name identity information matched with the equipment information of the user to be authenticated.
Optionally, the method further comprises:
judging whether the user to be authenticated is an abnormal identity risk user or not according to the real-name authentication historical behavior corresponding to the account used by the user to be authenticated and the real-name authentication historical behavior corresponding to the equipment used by the user to be authenticated;
and if not, entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated.
Optionally, the method further comprises:
carrying out malicious group mining on users participating in real-name authentication in advance;
and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated if the user to be authenticated does not exist in the malicious group.
The above is an illustrative scheme of a computing device of the present embodiment. It should be noted that the technical solution of the computing device belongs to the same concept as the technical solution of the real-name authentication method described above, and for details that are not described in detail in the technical solution of the computing device, reference may be made to the description of the technical solution of the real-name authentication method described above.
An embodiment of the present specification also provides a computer readable storage medium storing computer instructions that, when executed by a processor, are operable to:
receiving to-be-authenticated identity information of a to-be-authenticated user;
acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base, wherein the real-name identity information base comprises a corresponding relation between the equipment information of the users inside and outside the system and the real-name identity information, and the corresponding relation is mined based on the relation between the real-name behavior data of the users inside and outside the system and the equipment information;
and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the real-name identity information base includes a corresponding relationship between personal device communication information of users inside and outside the system and the real name;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes: acquiring personal equipment communication information of the user to be authenticated; acquiring a real name matched with the personal equipment communication information of the user to be authenticated from the real-name identity information base;
the real-name authentication of the to-be-authenticated identity information of the to-be-authenticated user by comparing the real-name identity information of the to-be-authenticated user with the to-be-authenticated identity information comprises the following steps: and comparing the real name matched with the personal equipment communication information of the user to be authenticated with the name in the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the method further includes mining a correspondence between personal device communication information of users inside and outside the system and the real name by the following steps:
forming a text data set by using equipment address lists of users inside and outside the system and consignee information and/or consignee information in transaction behavior data of the users inside and outside the system;
and carrying out named entity recognition of the real name corresponding to the personal equipment communication information of the users inside and outside the system on the text data set in a named entity extraction mode in a knowledge graph system, and establishing the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name.
Optionally, the real-name identity information base includes a corresponding relationship between the device environment information of the user in the system and the real-name identity information;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment environment information of the user to be authenticated;
and acquiring real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base.
Optionally, the method further includes mining a correspondence between the device environment information of the users in the system and the real-name identity information by:
responding to the payment behavior of a user in a system, collecting equipment environment information of the user in the system, and acquiring payment identity information of the user in the system as real-name identity information;
and establishing a corresponding relation between the real-name identity information of the users in the system and the equipment environment information.
Optionally, the real-name identity information base includes a corresponding relationship between device operation information of a known real-name account user in the system and the real-name identity information;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment operation information of the user to be authenticated;
identifying a known real-name account user which is regarded as the same person as the user to be authenticated by comparing the similarity of the equipment operation information of the user to be authenticated with the equipment operation information of the known real-name account user in the real-name identity information base;
and acquiring the real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
Optionally, the method further includes mining a correspondence between the device operation information of the known real-name account user in the system and the real-name identity information by the following steps:
responding to the login of a known real-name account user in a system, and collecting equipment operation information of the known real-name account user in the system;
and establishing a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information.
Optionally, the method further comprises:
verifying the name and the identity card number of the user to be authenticated through public security network data;
and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated under the condition that the verification is passed.
Optionally, the method further comprises:
judging whether the user to be authenticated is an abnormal identity risk user or not according to the real-name authentication historical behavior corresponding to the account used by the user to be authenticated and the real-name authentication historical behavior corresponding to the equipment used by the user to be authenticated;
and if not, entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated.
Optionally, the method further comprises:
carrying out malicious group mining on users participating in real-name authentication in advance;
and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated if the user to be authenticated does not exist in the malicious group partner.
The above is an illustrative scheme of a computer-readable storage medium of the present embodiment. It should be noted that the technical solution of the storage medium belongs to the same concept as the technical solution of the real-name authentication method, and for details that are not described in detail in the technical solution of the storage medium, reference may be made to the description of the technical solution of the real-name authentication method.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The computer instructions comprise computer program code which may be in source code form, object code form, an executable file or some intermediate form, or the like. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.
It should be noted that, for the sake of simplicity, the foregoing method embodiments are described as a series of acts, but those skilled in the art should understand that the present embodiment is not limited by the described acts, because some steps may be performed in other sequences or simultaneously according to the present embodiment. Further, those skilled in the art should also appreciate that the embodiments described in this specification are preferred embodiments and that acts and modules referred to are not necessarily required for an embodiment of the specification.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to the related descriptions of other embodiments.
The preferred embodiments of the present specification disclosed above are intended only to aid in the description of the specification. Alternative embodiments are not exhaustive and do not limit the invention to the precise embodiments described. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the embodiments and the practical application, to thereby enable others skilled in the art to best understand and utilize the embodiments. The specification is limited only by the claims and their full scope and equivalents.