CN114944950A - Real-name authentication method and device - Google Patents

Real-name authentication method and device Download PDF

Info

Publication number
CN114944950A
CN114944950A CN202210536275.1A CN202210536275A CN114944950A CN 114944950 A CN114944950 A CN 114944950A CN 202210536275 A CN202210536275 A CN 202210536275A CN 114944950 A CN114944950 A CN 114944950A
Authority
CN
China
Prior art keywords
real
name
user
authenticated
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210536275.1A
Other languages
Chinese (zh)
Other versions
CN114944950B (en
Inventor
朱通
范丰麟
孙传亮
赵华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Digital Service Technology Co ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202210536275.1A priority Critical patent/CN114944950B/en
Publication of CN114944950A publication Critical patent/CN114944950A/en
Application granted granted Critical
Publication of CN114944950B publication Critical patent/CN114944950B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2465Query processing support for facilitating data mining operations in structured databases
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/36Creation of semantic tools, e.g. ontology or thesauri
    • G06F16/367Ontology
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Software Systems (AREA)
  • Animal Behavior & Ethology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Fuzzy Systems (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本说明书实施例提供实名认证方法以及装置,其中所述实名认证方法包括:接收待认证用户的待认证身份信息;从实名身份信息库中,获取与所述待认证用户的设备信息匹配的实名身份信息,其中,所述实名身份信息库中包括体系内外用户的设备信息与实名身份信息的对应关系,所述对应关系基于体系内外用户的实名行为数据与设备信息之间的关系挖掘而来;通过将所述待认证用户的实名身份信息与所述待认证身份信息进行比对,对所述待认证用户的待认证身份信息进行实名认证。

Figure 202210536275

The embodiments of this specification provide a real-name authentication method and device, wherein the real-name authentication method includes: receiving the to-be-authenticated identity information of the to-be-authenticated user; and obtaining a real-name identity matching the device information of the to-be-authenticated user from a real-name identity information database information, wherein the real-name identity information database includes the corresponding relationship between the device information of users inside and outside the system and the real-name identity information, and the corresponding relationship is mined based on the relationship between the real-name behavior data and device information of users inside and outside the system; The real-name identity information of the to-be-authenticated user is compared with the to-be-authenticated identity information, and real-name authentication is performed on the to-be-authenticated identity information of the to-be-authenticated user.

Figure 202210536275

Description

Real name authentication method and device
Technical Field
The embodiment of the specification relates to the technical field of computers, in particular to a real-name authentication method. One or more embodiments of the present specification also relate to a real-name authentication apparatus, a computing device, and a computer-readable storage medium.
Background
And (3) real-name authentication: real-name authentication is a kind of verification and verification for the authenticity of user data. The real-name authentication of the internet company for the user is not only a requirement of network order supervision and management, but also is beneficial for enterprises to determine the identity of the user. And a mutual perfect and reliable internet credit foundation is established, and the better business development of enterprises is facilitated.
However, the authentication process of the real-name authentication mode in the current internet industry is too complex, and the authentication process can be completed only by the user participating in the authentication link together, for example, binding a bank card, taking a picture by a handheld certificate, etc., which brings a certain trouble to the user and causes poor experience. Therefore, a new real-name authentication method is urgently needed at present to reduce user operations and improve user experience.
Disclosure of Invention
In view of this, the embodiments of the present disclosure provide a real-name authentication method. One or more embodiments of the present disclosure also relate to a real-name authentication apparatus, a computing device, and a computer-readable storage medium to address technical deficiencies in the prior art.
According to a first aspect of embodiments herein, there is provided a real-name authentication method including: receiving identity information to be authenticated of a user to be authenticated; acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base, wherein the real-name identity information base comprises a corresponding relation between the equipment information of the users inside and outside the system and the real-name identity information, and the corresponding relation is mined based on the relation between the real-name behavior data of the users inside and outside the system and the equipment information; and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the real-name identity information base includes a correspondence between personal device communication information of users inside and outside the system and the real name. The obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes: acquiring personal equipment communication information of the user to be authenticated; and acquiring a real name matched with the personal equipment communication information of the user to be authenticated from the real-name identity information base. The real-name authentication of the identity information to be authenticated of the user to be authenticated comprises the following steps of: and comparing the real name matched with the personal equipment communication information of the user to be authenticated with the name in the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the method further comprises the step of mining the correspondence between the personal device communication information of the users inside and outside the system and the real name by the following steps: forming a text data set by using equipment address lists of users inside and outside the system and consignee information and/or consignee information in transaction behavior data of the users inside and outside the system; and carrying out named entity recognition of the real name corresponding to the personal equipment communication information of the users inside and outside the system on the text data set in a named entity extraction mode in a knowledge graph system, and establishing the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name.
Optionally, the real-name identity information base includes a correspondence between the device environment information of the user in the system and the real-name identity information. The obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes: collecting the equipment environment information of the user to be authenticated; and acquiring real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base.
Optionally, the method further includes mining a correspondence between the device environment information of the user in the system and the real-name identity information by: responding to the payment behavior of users in a system, collecting equipment environment information of the users in the system, and acquiring payment identity information of the users in the system as real-name identity information; and establishing a corresponding relation between the real-name identity information of the users in the system and the equipment environment information.
Optionally, the real-name identity information base includes a correspondence between device operation information of a known real-name account user in the system and the real-name identity information. The obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes: collecting the equipment operation information of the user to be authenticated; identifying a known real-name account user which is regarded as the same person as the user to be authenticated by comparing the similarity of the equipment operation information of the user to be authenticated with the equipment operation information of the known real-name account user in the real-name identity information base; and acquiring the real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
Optionally, the method further includes mining a correspondence between the device operation information of the known real-name account user in the system and the real-name identity information by: responding to the login of a known real-name account user in a system, and collecting equipment operation information of the known real-name account user in the system; and establishing a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information.
Optionally, the method further comprises: verifying the name and the identity card number of the user to be authenticated through public security network data; and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated under the condition that the verification is passed.
Optionally, the method further comprises: judging whether the user to be authenticated is an abnormal identity risk user or not according to the real-name authentication historical behavior corresponding to the account used by the user to be authenticated and the real-name authentication historical behavior corresponding to the equipment used by the user to be authenticated; and if not, entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated.
Optionally, the method further comprises: carrying out malicious group mining on users participating in real-name authentication in advance; and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated if the user to be authenticated does not exist in the malicious group.
According to a second aspect of embodiments of the present specification, there is provided a real-name authentication apparatus including: the receiving module is configured to receive the identity information to be authenticated of the user to be authenticated. The real-name obtaining module is configured to obtain real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base, wherein the real-name identity information base comprises a corresponding relation between the equipment information of the users inside and outside the system and the real-name identity information, and the corresponding relation is mined based on the relation between the real-name behavior data of the users inside and outside the system and the equipment information. And the comparison module is configured to compare the real-name identity information of the user to be authenticated with the identity information to be authenticated, and perform real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the real-name identity information base includes a correspondence between personal device communication information of users inside and outside the system and the real name. The real name acquisition module comprises: and the communication information acquisition sub-module is configured to acquire the personal device communication information of the user to be authenticated. And the real name matching sub-module is configured to acquire a real name matched with the personal equipment communication information of the user to be authenticated from the real name identity information base. The comparison module is configured to compare the real name matched with the personal device communication information of the user to be authenticated with the name in the identity information to be authenticated, and perform real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the method further comprises: and the data collection module is configured to combine the equipment address lists of the users inside and outside the system and the information of the consignee and/or the consignee in the transaction behavior data of the users inside and outside the system into a text data set. And the communication relation mining module is configured to identify the named entity of the real name corresponding to the personal equipment communication information of the users inside and outside the system for the text data set in a named entity extraction mode in a knowledge graph system, and establish the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name.
Optionally, the real-name identity information base includes a correspondence between the device environment information of the user in the system and the real-name identity information. The real name acquisition module comprises: and the environment information acquisition submodule is configured to acquire the equipment environment information of the user to be authenticated. And the environment information matching sub-module is configured to acquire real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base.
Optionally, the method further comprises: the payment response module is configured to respond to payment behaviors of users in the system, collect equipment environment information of the users in the system, and acquire payment identity information of the users in the system as real-name identity information. And the environment relationship establishing module is configured to establish a corresponding relationship between the real-name identity information of the user in the system and the equipment environment information.
Optionally, the real-name identity information base includes a correspondence between device operation information of a known real-name account user in the system and real-name identity information. The real name acquisition module comprises: and the operation information acquisition submodule is configured to acquire the equipment operation information of the user to be authenticated. And the operation similarity comparison sub-module is configured to identify a known real-name account user which is regarded as the same person as the user to be authenticated by comparing the similarity of the equipment operation information of the user to be authenticated with the equipment operation information of the known real-name account user in the real-name identity information base. And the same-person real-name obtaining sub-module is configured to obtain real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
Optionally, the method further comprises: and the login response module is configured to respond to the login of the known real-name account user in the system and collect the equipment operation information of the known real-name account user in the system. And the operation relation establishing module is configured to establish a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information.
Optionally, the method further comprises: the public security verification module is configured to verify the name and the identity number of the user to be authenticated through public security network data; and triggering the real name acquisition module to execute under the condition that the verification is passed.
Optionally, the method further comprises: the authentication history behavior judging module is configured to judge whether the user to be authenticated is an abnormal identity risk user according to the real-name authentication history behavior corresponding to the account used by the user to be authenticated and the real-name authentication history behavior corresponding to the equipment used by the user to be authenticated; and if not, triggering the real name acquisition module to execute.
Optionally, the method further comprises: the malicious group mining module is configured to perform malicious group mining on the users participating in the real-name authentication in advance; and if the user to be authenticated does not exist in the malicious group, triggering the real name acquisition module to execute.
According to a third aspect of embodiments herein, there is provided a computing device comprising: a memory and a processor; the memory is to store computer-executable instructions, and the processor is to execute the computer-executable instructions to: receiving to-be-authenticated identity information of a to-be-authenticated user; acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base, wherein the real-name identity information base comprises a corresponding relation between the equipment information of the users inside and outside the system and the real-name identity information, and the corresponding relation is mined based on the relation between the real-name behavior data of the users inside and outside the system and the equipment information; and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
According to a fourth aspect of embodiments herein, there is provided a computer readable storage medium storing computer instructions which, when executed by a processor, implement the steps of the real-name authentication method according to any of the embodiments herein.
One embodiment of the present specification implements a real-name authentication method, which obtains real-name identity information matching device information of a user to be authenticated from a real-name identity information base after receiving the user to be authenticated, and performs real-name authentication on the user to be authenticated by comparing the real-name identity information of the user to be authenticated with the device information of the user to be authenticated, wherein the real-name identity information base includes a correspondence between device information of users inside and outside a system and real-name identity information, and the correspondence is mined based on a relationship between real-name behavior data of users inside and outside the system and device information, so that in a real-name authentication link, the matched real-name identity information can be directly obtained for comparison, thereby reducing operations of the user in the authentication link, and for the user, reducing complexity of an authentication process, the real-name authentication of the silent effect is realized, and the user experience is improved.
Drawings
Fig. 1 is a flowchart of a real-name authentication method according to an embodiment of the present disclosure;
fig. 2 is a flowchart illustrating a processing procedure of a real-name authentication method according to another embodiment of the present disclosure;
fig. 3 is a flowchart illustrating a processing procedure of a real-name authentication method according to another embodiment of the present disclosure;
FIG. 4 is a flowchart illustrating a real-name authentication method according to another embodiment of the present disclosure;
FIG. 5 is a schematic diagram of an interface shown in one embodiment of the present description;
fig. 6 is a schematic structural diagram of a real-name authentication device according to an embodiment of the present disclosure;
fig. 7a is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure;
fig. 7b is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure;
fig. 7c is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure;
fig. 7d is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure;
fig. 8 is a block diagram of a computing device according to an embodiment of the present disclosure.
Detailed Description
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present description. This description may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein, as those skilled in the art will be able to make and use the present disclosure without departing from the spirit and scope of the present disclosure.
The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in one or more embodiments of the present specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in one or more embodiments of the present specification refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It will be understood that, although the terms first, second, etc. may be used herein in one or more embodiments to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, a first can be termed a second and, similarly, a second can be termed a first without departing from the scope of one or more embodiments of the present description. The word "if," as used herein, may be interpreted as "at … …" or "when … …" or "in response to a determination," depending on the context.
In the present specification, a real-name authentication method is provided, and the present specification relates to a real-name authentication apparatus, a computing device, and a computer-readable storage medium, which are described in detail one by one in the following examples.
Fig. 1 shows a flowchart of a real-name authentication method provided according to an embodiment of the present disclosure, which includes steps 102 to 106.
Step 102: and receiving the identity information to be authenticated of the user to be authenticated.
For example, as shown in the interface diagram of fig. 5, the user to be authenticated may input a name and an identification card number through the interface 501 shown in fig. 5 to wait for authentication identity information. The content of the identity information to be authenticated, which is required to be input, can be determined according to the requirements of the implementation environment.
In an application scenario of the embodiment of the present specification, the real-name authentication method provided in the embodiment of the present specification may intervene after the identity information to be authenticated is verified through a public security network. For example, the name and the identification number of the user to be authenticated can be verified through public security network data; in case the verification passes, the following step is entered in order to continue the real-name authentication.
In order to prevent the real-name authentication channel from being attacked in batch by malicious black grey products, the generation of low-cost identity accounts is caused in batch. In an embodiment of this specification, it may also be determined whether the user to be authenticated is an abnormal identity risk user according to a real-name authentication historical behavior corresponding to an account used by the user to be authenticated and a real-name authentication historical behavior corresponding to a device used by the user to be authenticated, and if it is determined that the user to be authenticated is an abnormal identity risk user, the next step 104 is performed to continue to complete real-name authentication. In another embodiment of the present specification, malicious group mining may also be performed on users participating in real-name authentication in advance; if the user to be authenticated does not exist in a malicious group, the next step 104 is entered to continue to complete the real-name authentication.
It should be noted that the above embodiments of verification of the public security network, real-name authentication historical behavior, and malicious group mining may be implemented in the same scenario, or may be selectively implemented according to the implementation environment, which is not limited in this specification. For the users with risks, the users can not be subjected to a convenient silent authentication process, and are guided to perform real-name authentication modes such as binding a bank card and taking a picture of a handheld certificate, so that the risk of the whole authentication link is controllable. Through the implementation modes of verification of the public security network, real-name authentication historical behaviors and malicious group mining, the identity authenticity of the user is investigated in a multi-dimensional mode, and the follow-up real-name authentication process is provided under the condition of reducing the identity risk, so that the balance between risk and experience is realized.
Step 104: and acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base.
The real-name identity information base comprises a corresponding relation between equipment information of users inside and outside the system and real-name identity information, and the corresponding relation is mined based on the relation between real-name behavior data of the users inside and outside the system and the equipment information.
Wherein the system is determined according to an implementation environment, such as a pay for Bao system and the like. The intra-organizational and extra-organizational users may include, for example, full or partial users of the pay pal organizational system, and extra-organizational users may include, for example, users of an external organizational system associated with the pay pal organizational system. For a pay bank system, the real-name behavior data of users inside and outside the system may include data of real-name behaviors such as pay bank user payment behavior, transaction behavior, login behavior of known real-name account users, and the like. The scenes related to the login behavior, the payment behavior and the transaction behavior comprise charging and paying of a mobile phone number, booking of a ticket for traffic travel, insurance and financing purchase, verification of identity information of an external operator, ticket purchase of an external channel and the like.
When the corresponding relation between the equipment information and the real-name identity information of the users inside and outside the system is mined based on the relation between the real-name behavior data and the equipment information of the users inside and outside the system, a mining strategy can be determined according to the requirements of an implementation environment. For example, in the mining strategy according to an embodiment of the present specification, real-name identity information of users inside and outside the system is mined based on real-name behavior data of the users inside and outside the system and one or more of the device address book, the device environment information, and the device operation information, so as to form a real-name identity information base.
Step 106: and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
For example, the real-name identity information corresponding to any one of the personal communication information, the device environment information, or the device operation information of the user to be authenticated can be selected according to the implementation environment requirement to be compared with the identity information to be authenticated, and the real-name authentication is completed when the comparison result is consistent. For another example, multiple kinds of real-name identity information corresponding to each of the personal communication information, the device environment information, and the device operation information of the user to be authenticated may be selected according to the implementation environment requirements to be compared with the identity information to be authenticated, and the real-name authentication is completed when the comparison results are consistent.
It can be seen that, in the embodiment of the present description, the real-name identity information base includes the corresponding relationship between the device information of the users inside and outside the system and the real-name identity information, and the corresponding relationship is mined based on the relationship between the real-name behavior data of the users inside and outside the system and the device information, so that in the real-name authentication link, the matched real-name identity information can be directly obtained for comparison, the operations of the users in the authentication link are reduced, the complexity of the authentication process is reduced for the users, the real-name authentication with the silent effect is realized, and the user experience is improved.
After the comparison and the consistency authentication are passed, a real-name authentication label can be given to the account number of the user to be authenticated. For example, as shown in the interface schematic diagram shown in fig. 5, after the user to be authenticated inputs a name and an identification number through the identity verification interface 501 shown in fig. 5, the system determines, through the above-mentioned real-name authentication method with a silent effect, a tag that is given to the account by real-name authentication, so that the user can directly see, through the personal information interface 502 shown in fig. 5, that the tag given by the system by real-name authentication is "real-name".
In the following, referring to fig. 2, the real-name authentication method provided in this specification is further described by taking as an example that the real-name identity information base includes correspondence between personal device communication information of users inside and outside the system and a real name. Fig. 2 shows a flowchart of a processing procedure of a real-name authentication method according to another embodiment of the present specification, and specific steps include step 202 to step 206.
Step 202: and receiving the identity information to be authenticated of the user to be authenticated.
Step 204: and acquiring a real name matched with the personal equipment communication information of the user to be authenticated from a real name identity information base comprising the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name.
For example, in order to dig out the corresponding relationship between the personal device communication information of the users inside and outside the system and the real name in advance, because the transaction behavior belongs to the real name behavior, the device address lists of the users inside and outside the system, and the information of the receiver and/or the information of the sender in the transaction behavior data of the users inside and outside the system can be combined into a text data set; and carrying out named entity recognition of the real name corresponding to the personal equipment communication information of the users inside and outside the system on the text data set in a named entity extraction mode in a knowledge graph system, and establishing the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name. In the implementation mode, the real names of users are mined from unstructured data of an address book and a receiving/delivery address through data mining modeling based on a knowledge graph algorithm frame, data identification is achieved, the authenticity of the users corresponding to the back of personal equipment communication information such as telephone numbers is inferred and judged, the capability of data verification of identity of the user is greatly improved, user operation is reduced, and the user silent authentication experience is provided for the users.
For example, the consignee information and/or the shipper information may be extracted from transaction behavior data of users inside and outside the hierarchy. And the information of the receiver and/or the information of the sender comprise information of name, telephone, address and the like.
The knowledge map system is a structured semantic knowledge base and is used for describing concepts and mutual relations in the physical world, and a large amount of knowledge is aggregated by reducing data granularity from document level to data level, so that quick response and reasoning of the knowledge are realized.
The data stored in the device address book information is not usually a standard name, such as "intermediary lie xx", "wang xx teacher", etc. Relation learning mining can be carried out on a text data set consisting of information of a receiver and/or a sender and information of equipment address lists of users inside and outside the system through NER (named entity extraction) in a knowledge graph system. In the relation learning and mining process, aiming at the matching relation between personal equipment communication information in a text data set, such as a telephone number and name characters, a named entity extraction technology in a knowledge map system is applied to carry out common noun word segmentation on the name characters, for example, "Zhang three teacher" is purified into "Zhang three" and "teacher", and "Shu Gu Fu Wang Wu" is purified into "Shu Gu Fu" and "Wang Wu", so that the real name corresponding to the personal equipment communication information, such as the telephone number, is identified, and the identification of the corresponding relation between the personal equipment communication information and the real name is completed.
Step 206: and comparing the real name matched with the personal equipment communication information of the user to be authenticated with the name in the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Therefore, in the embodiment, because the corresponding relation between the personal device communication information of the users inside and outside the system and the real name is found out based on the real-name behavior data of the users inside and outside the system, when the real-name authentication is needed, the real name matched with the personal device communication information of the user to be authenticated can be directly obtained, and the real name is compared with the name in the identity information to be authenticated to complete the real-name authentication, so that the operation of the user in the authentication link is reduced, the complexity of the authentication process is reduced for the user, the real-name authentication with the silent effect is realized, and the user experience is improved.
In the following, with reference to fig. 3, the real-name authentication method provided in this specification is further described by taking the example that the real-name identity information base includes the correspondence between the device environment information of the user in the system and the real-name identity information. Fig. 3 is a flowchart illustrating a processing procedure of a real-name authentication method according to an embodiment of the present disclosure, where specific steps include step 302 to step 308.
Step 302: and receiving the identity information to be authenticated of the user to be authenticated.
Step 304: and collecting the equipment environment information of the user to be authenticated.
The device environment information may include umid (device unique identifier), apd id (device fingerprint), I p (internet protocol address), mac (physical address, for uniquely identifying a network card in a network), and the like.
Step 306: and acquiring real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base comprising the corresponding relation between the equipment environment information of the user in the system and the real-name identity information.
For example, in order to dig out the corresponding relationship between the device environment information of the user in the system and the real-name identity information in advance, the device environment information of the user in the system may be collected in response to the payment behavior of the user in the system, and the payment identity information of the user in the system may be acquired as the real-name identity information; and establishing a corresponding relation between the real-name identity information of the users in the system and the equipment environment information.
When a user in the system uses fixed equipment to carry out payment behavior, the payment identity of the user has a bound bank card, and the payment identity information of the user has real-name property, so that the user can be used as real-name identity information of real-name authentication.
Step 308: and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
It can be seen that, in this embodiment, since the corresponding relationship between the device environment information and the real-name identity information of the user in the system is found out in advance based on the real-name behavior data of the user in the system, when real-name authentication is required, the real-name identity information, such as name, phone, etc., matching with the device environment information of the user to be authenticated can be directly obtained, and compared with the identity information, such as name, phone, etc., to be authenticated to complete real-name authentication, thereby reducing the operation of the user in the authentication link, for the user, reducing the complexity of the authentication process, realizing the real-name authentication with a silent effect, and improving the user experience.
In the following, with reference to fig. 4, the real-name authentication method provided in this specification is further described by taking as an example that the real-name identity information base includes a correspondence between device operation information of a user with a known real-name account in the system and real-name identity information. Fig. 4 is a flowchart illustrating a processing procedure of a real-name authentication method according to an embodiment of the present specification, where specific steps include step 402 to step 410.
Step 402: and receiving the identity information to be authenticated of the user to be authenticated.
Step 404: and collecting the equipment operation information of the user to be authenticated.
The device operation information may include click force, manipulation range, sliding speed, and the like.
Step 406: and identifying the known real-name account user which is regarded as the same person as the user to be authenticated by comparing the similarity of the equipment operation information of the user to be authenticated with the equipment operation information of the known real-name account user in the real-name identity information base.
For example, in order to dig out the corresponding relationship between the device operation information of the known real-name account user in the system and the real-name identity information in advance, the device operation information of the known real-name account user in the system may be collected in response to the login of the known real-name account user in the system; and establishing a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information in the real-name identity information base.
Because the operation behaviors of different users on terminal equipment such as a mobile phone and app are different and have certain individuation, the equipment operation information of the known real-name account user in the system can be collected, so that when the user uses a new account, the operation behavior characteristics can be identified according to the equipment operation information, and under the condition that the operation of the same person is determined according to the similarity comparison, the real-name identity information is obtained to perform real-name authentication on the new account, the operation of the user in an authentication link is reduced, the complexity of an authentication process is reduced, the real-name authentication with a silent effect is realized, and the user experience is improved.
Step 408: and acquiring the real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
Step 410: and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Therefore, in the embodiment, the device operation information can be acquired through the device terminal, the similarity among different device operation information is analyzed and calculated, and an account with the similarity meeting a certain requirement can be considered to be operated by the same person, so that the identity authenticity of the user to be authenticated can be judged according to the comparison between the real-name identity information of the known real-name account user and the identity information to be authenticated of the current user to be authenticated, the operation of the user in the authentication link is reduced, the complexity of the authentication process is reduced for the user, the real-name authentication with the silent effect is realized, and the user experience is improved.
Corresponding to the method embodiment, the present specification also provides an embodiment of a real-name authentication device. Fig. 6 is a schematic structural diagram illustrating a real-name authentication apparatus according to an embodiment of the present disclosure. As shown in fig. 6, the apparatus includes: a receiving module 602, a real name obtaining module 604, and a comparing module 606.
The receiving module 602 may be configured to receive identity information to be authenticated of a user to be authenticated.
The real-name obtaining module 604 may be configured to obtain real-name identity information matched with the device information of the user to be authenticated from a real-name identity information base, where the real-name identity information base includes a correspondence between the device information of the users inside and outside the hierarchy and the real-name identity information, and the correspondence is mined based on a relationship between real-name behavior data of the users inside and outside the hierarchy and the device information.
The comparing module 606 may be configured to perform real-name authentication on the to-be-authenticated identity information of the to-be-authenticated user by comparing the real-name identity information of the to-be-authenticated user with the to-be-authenticated identity information.
For example, the alignment results may be consistent or inconsistent. If the authentication matches, the real-name authentication is determined to pass, and if the authentication does not match, the real-name authentication is determined to fail.
It can be seen that, in the embodiment of the present description, the real-name identity information base includes the corresponding relationship between the device information of the users inside and outside the system and the real-name identity information, and the corresponding relationship is mined based on the relationship between the real-name behavior data of the users inside and outside the system and the device information, so that in the real-name authentication link, the matched real-name identity information can be directly obtained for comparison, the operations of the users in the authentication link are reduced, the complexity of the authentication process is reduced for the users, the real-name authentication with the silent effect is realized, and the user experience is improved.
In the following, referring to fig. 7a, the real-name authentication device provided in this specification is further described with an example that the real-name identity information base includes a correspondence between personal device communication information of internal and external users and a real name. Fig. 7a is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure. As shown in fig. 7a, the real name obtaining module 604 of the apparatus may include: the communication information obtaining sub-module 6041 may be configured to obtain the personal device communication information of the user to be authenticated. The real name matching sub-module 6042 may be configured to obtain, from the real name identity information base, a real name matched with the personal device communication information of the user to be authenticated. The comparison module 606 may be configured to perform real-name authentication on the to-be-authenticated identity information of the to-be-authenticated user by comparing the real name matched with the personal device communication information of the to-be-authenticated user with the name in the to-be-authenticated identity information.
In the embodiment, because the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name is mined based on the real name behavior data of the users inside and outside the system, when real name authentication is required, the real name matched with the personal equipment communication information of the user to be authenticated can be directly acquired and compared with the name in the identity information to be authenticated to finish the real name authentication, so that the operation of the user in the authentication link is reduced, the complexity of the authentication process is reduced for the user, the real name authentication with a silent effect is realized, and the user experience is improved.
Optionally, as shown in fig. 7a, the apparatus may further include: the data collection module 608 may be configured to combine the device address lists of the users inside and outside the system, and the information of the consignee and/or the information of the shipper in the transaction behavior data of the users inside and outside the system into a text data set. The communication relationship mining module 6081 may be configured to perform named entity recognition of a real name corresponding to personal device communication information of users inside and outside the system on the text data set by a named entity extraction manner in the knowledge graph system, and establish a corresponding relationship between the personal device communication information of the users inside and outside the system and the real name.
In the embodiment, the real names of the users are mined from the unstructured data of the address book and the receiving/sending address based on a knowledge graph algorithm frame through data mining modeling, so that data identification is realized, the authenticity of the users corresponding to the back of the communication information of the personal equipment, such as a telephone number, is deduced and judged, the capability of data verification of identity of the user is greatly improved, user operation is reduced, and the user experience of silent authentication is provided for the users.
In the following, referring to fig. 7b, the real-name authentication apparatus provided in this specification will be further described with an example that the real-name identity information base includes a correspondence between the device environment information of the user in the system and the real-name identity information. Fig. 7b is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure. As shown in fig. 7b, the real name obtaining module 604 of the apparatus may include: the environment information obtaining sub-module 6043 may be configured to collect device environment information of the user to be authenticated. The environment information matching sub-module 6044 may be configured to obtain, from the real-name identity information library, real-name identity information corresponding to the device environment information of the user to be authenticated.
In the embodiment, because the corresponding relation between the equipment environment information and the real-name identity information of the user in the system is mined out in advance based on the real-name behavior data of the user in the system, when real-name authentication is required, the real-name identity information such as name, telephone and the like matched with the equipment environment information of the user to be authenticated can be directly acquired, and the real-name authentication is completed by comparing the acquired real-name identity information with the identity information such as name, telephone and the like to be authenticated, so that the operation of the user in an authentication link is reduced, the complexity of an authentication process is reduced for the user, the real-name authentication with a silencing effect is realized, and the user experience is improved.
Optionally, as shown in fig. 7b, the apparatus may further include: the payment response module 610 may be configured to collect device environment information of users in the system in response to payment behaviors of the users in the system, and acquire payment identity information of the users in the system as real-name identity information. The environment relationship establishing module 6101 may be configured to establish a correspondence between real-name identity information of users in the hierarchy and the device environment information.
When a user in the system uses fixed equipment to carry out payment behavior, the payment identity of the user has a bound bank card, and the payment identity information of the user has real-name property, so that the user can be used as real-name identity information of real-name authentication.
In the following, referring to fig. 7c, the real-name authentication apparatus provided in this specification will be further described with an example that the real-name identity information base includes a corresponding relationship between device operation information of a user with a known real-name account in the system and real-name identity information. Fig. 7c is a schematic structural diagram of a real-name authentication device according to another embodiment of the present disclosure. As shown in fig. 7c, the real name obtaining module 604 of the apparatus may include: an operation information obtaining sub-module 6045 may be configured to collect device operation information of the user to be authenticated. The operation similarity comparison submodule 6046 may be configured to identify a known real-name account user who is regarded as the same person as the user to be authenticated by comparing the device operation information of the user to be authenticated with the device operation information of the known real-name account user in the real-name identity information base. The same-person real-name obtaining sub-module 6047 may be configured to obtain real-name identity information of the known real-name account user regarded as the same person as the user to be authenticated.
Because different users have different operation behaviors on terminal equipment such as a mobile phone and app and have certain individuation, a model for identifying the operation behaviors of the equipment can be established in advance to identify operation behavior characteristics, the similarity between different equipment operation information is analyzed and calculated, and an account with the similarity meeting certain requirements can be regarded as the operation of the same person, so that the identity authenticity of the user to be authenticated can be judged according to the comparison between the real-name identity information of the known real-name account user and the identity information to be authenticated of the current user to be authenticated, the operation of the user in the authentication link is reduced, the complexity of the authentication process is reduced for the user, the real-name authentication with a silent effect is realized, and the user experience is improved.
Optionally, as shown in fig. 7c, the apparatus may further include: the login response module 612 may be configured to collect device operation information of known real-name account users within the hierarchy in response to a login of the known real-name account users within the hierarchy. The operation relationship establishing module 6121 may be configured to establish a corresponding relationship between the real-name identity information of the known real-name account user and the device operation information.
Because the operation behaviors of different users on terminal equipment such as a mobile phone and app are different and have certain individuation, the equipment operation information of the known real-name account user in the system can be collected, so that when the user uses a new account, the operation behavior characteristics can be identified according to the equipment operation information, and under the condition of determining the operation of the same person, the real-name identity information is obtained to perform real-name authentication on the new account, so that the operation of the user in an authentication link is reduced, the complexity of an authentication process is reduced, the real-name authentication with a silent effect is realized, and the user experience is improved.
In order to balance the risk and the experience, a schematic structure diagram of a real-name authentication device provided in another embodiment of the present specification shown in fig. 7d is described below.
Optionally, as shown in fig. 7d, the apparatus may further include: a public security verification module 608, which may be configured to verify the name and the identification number of the user to be authenticated through public security network data; and triggering the real name acquisition module 604 to execute if the verification is passed.
Optionally, as shown in fig. 7d, the apparatus may further include: the authentication history behavior determination module 610 may be configured to determine whether the user to be authenticated is an abnormal identity risk user according to a real-name authentication history behavior corresponding to an account used by the user to be authenticated and according to a real-name authentication history behavior corresponding to a device used by the user to be authenticated; if not, the real name obtaining module 604 is triggered to execute.
Optionally, as shown in fig. 7d, the apparatus may further include: a malicious group mining module 612, which may be configured to perform malicious group mining on users participating in real-name authentication in advance; and if the user to be authenticated does not exist in the malicious group partner, triggering the real name acquisition module 604 to execute.
It should be noted that the verification of the public security network, the real-name authentication historical behavior, and the malicious group mining may be implemented in the same scene, or may be selectively implemented according to the implementation environment, which is not limited in this specification. For users with risks, the users can not be subjected to a convenient silent authentication process, and are guided to perform real-name authentication modes such as binding a bank card and taking a picture by a handheld certificate, so that the risk of the whole authentication link is controllable. Through the implementation modes of verification of the public security network, real-name authentication historical behaviors and malicious group mining, the identity authenticity of the user is investigated in a multi-dimensional mode, and the follow-up real-name authentication process is provided under the condition of reducing the identity risk, so that the balance between risk and experience is realized.
The above is an exemplary scheme of a real-name authentication device of the present embodiment. It should be noted that the technical solution of the real-name authentication device is the same as the technical solution of the real-name authentication method, and for details that are not described in detail in the technical solution of the real-name authentication device, reference may be made to the description of the technical solution of the real-name authentication method.
FIG. 8 illustrates a block diagram of a computing device 800, according to one embodiment of the present description. The components of the computing device 800 include, but are not limited to, memory 810 and a processor 820. The processor 820 is coupled to the memory 810 via a bus 830, and the database 850 is used to store data.
Computing device 800 also includes access device 840, access device 840 enabling computing device 800 to communicate via one or more networks 860. Examples of such networks include the Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the internet. Access device 840 may include one or more of any type of network interface (e.g., a Network Interface Card (NIC)) whether wired or wireless, such as an ieee 802.11 Wireless Local Area Network (WLAN) wireless interface, a global microwave interconnect access (Wi-MAX) interface, an ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a bluetooth interface, a Near Field Communication (NFC) interface, and so forth.
In one embodiment of the present description, the above-described components of computing device 800, as well as other components not shown in FIG. 8, may also be connected to each other, such as by a bus. It should be understood that the block diagram of the computing device architecture shown in FIG. 8 is for purposes of example only and is not limiting as to the scope of the description. Other components may be added or replaced as desired by those skilled in the art.
Computing device 800 may be any type of stationary or mobile computing device, including a mobile computer or mobile computing device (e.g., tablet, personal digital assistant, laptop, notebook, netbook, etc.), a mobile phone (e.g., smartphone), a wearable computing device (e.g., smartwatch, smartglasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or PC. Computing device 800 may also be a mobile or stationary server.
Wherein, the processor 820 is configured to execute the following computer-executable instructions:
receiving to-be-authenticated identity information of a to-be-authenticated user;
acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base, wherein the real-name identity information base comprises a corresponding relation between the equipment information of the users inside and outside the system and the real-name identity information, and the corresponding relation is mined based on the relation between the real-name behavior data of the users inside and outside the system and the equipment information;
and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the real-name identity information base includes a corresponding relationship between personal device communication information of users inside and outside the system and the real name;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes: acquiring personal equipment communication information of the user to be authenticated; acquiring a real name matched with the personal equipment communication information of the user to be authenticated from the real-name identity information base;
the real-name authentication of the to-be-authenticated identity information of the to-be-authenticated user by comparing the real-name identity information of the to-be-authenticated user with the to-be-authenticated identity information comprises the following steps: and comparing the real name matched with the personal equipment communication information of the user to be authenticated with the name in the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the method further includes mining a correspondence between personal device communication information of users inside and outside the system and the real name by the following steps:
forming a text data set by using equipment address lists of users inside and outside the system and consignee information and/or consignee information in transaction behavior data of the users inside and outside the system;
and carrying out named entity recognition of the real name corresponding to the personal equipment communication information of the users inside and outside the system on the text data set in a named entity extraction mode in a knowledge graph system, and establishing the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name.
Optionally, the real-name identity information base includes a corresponding relationship between the device environment information of the user in the system and the real-name identity information;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment environment information of the user to be authenticated;
and acquiring real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base.
Optionally, the method further includes mining a correspondence between the device environment information of the user in the system and the real-name identity information by:
responding to the payment behavior of a user in a system, collecting equipment environment information of the user in the system, and acquiring payment identity information of the user in the system as real-name identity information;
and establishing a corresponding relation between the real-name identity information of the users in the system and the equipment environment information.
Optionally, the real-name identity information base includes a corresponding relationship between device operation information of a known real-name account user in the system and the real-name identity information;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment operation information of the user to be authenticated;
identifying a known real-name account user which is regarded as the same person as the user to be authenticated by comparing the similarity of the equipment operation information of the user to be authenticated with the equipment operation information of the known real-name account user in the real-name identity information base;
and acquiring the real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
Optionally, the method further includes mining a correspondence between the device operation information of the known real-name account user in the system and the real-name identity information by:
responding to the login of a known real-name account user in a system, and collecting equipment operation information of the known real-name account user in the system;
and establishing a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information.
Optionally, the method further comprises:
verifying the name and the identity card number of the user to be authenticated through public security network data;
and entering the slave real-name identity information base under the condition that the verification is passed, and acquiring real-name identity information matched with the equipment information of the user to be authenticated.
Optionally, the method further comprises:
judging whether the user to be authenticated is an abnormal identity risk user or not according to the real-name authentication historical behavior corresponding to the account used by the user to be authenticated and the real-name authentication historical behavior corresponding to the equipment used by the user to be authenticated;
and if not, entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated.
Optionally, the method further comprises:
carrying out malicious group mining on users participating in real-name authentication in advance;
and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated if the user to be authenticated does not exist in the malicious group.
The above is an illustrative scheme of a computing device of the present embodiment. It should be noted that the technical solution of the computing device belongs to the same concept as the technical solution of the real-name authentication method described above, and for details that are not described in detail in the technical solution of the computing device, reference may be made to the description of the technical solution of the real-name authentication method described above.
An embodiment of the present specification also provides a computer readable storage medium storing computer instructions that, when executed by a processor, are operable to:
receiving to-be-authenticated identity information of a to-be-authenticated user;
acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base, wherein the real-name identity information base comprises a corresponding relation between the equipment information of the users inside and outside the system and the real-name identity information, and the corresponding relation is mined based on the relation between the real-name behavior data of the users inside and outside the system and the equipment information;
and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the real-name identity information base includes a corresponding relationship between personal device communication information of users inside and outside the system and the real name;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes: acquiring personal equipment communication information of the user to be authenticated; acquiring a real name matched with the personal equipment communication information of the user to be authenticated from the real-name identity information base;
the real-name authentication of the to-be-authenticated identity information of the to-be-authenticated user by comparing the real-name identity information of the to-be-authenticated user with the to-be-authenticated identity information comprises the following steps: and comparing the real name matched with the personal equipment communication information of the user to be authenticated with the name in the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
Optionally, the method further includes mining a correspondence between personal device communication information of users inside and outside the system and the real name by the following steps:
forming a text data set by using equipment address lists of users inside and outside the system and consignee information and/or consignee information in transaction behavior data of the users inside and outside the system;
and carrying out named entity recognition of the real name corresponding to the personal equipment communication information of the users inside and outside the system on the text data set in a named entity extraction mode in a knowledge graph system, and establishing the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name.
Optionally, the real-name identity information base includes a corresponding relationship between the device environment information of the user in the system and the real-name identity information;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment environment information of the user to be authenticated;
and acquiring real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base.
Optionally, the method further includes mining a correspondence between the device environment information of the users in the system and the real-name identity information by:
responding to the payment behavior of a user in a system, collecting equipment environment information of the user in the system, and acquiring payment identity information of the user in the system as real-name identity information;
and establishing a corresponding relation between the real-name identity information of the users in the system and the equipment environment information.
Optionally, the real-name identity information base includes a corresponding relationship between device operation information of a known real-name account user in the system and the real-name identity information;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment operation information of the user to be authenticated;
identifying a known real-name account user which is regarded as the same person as the user to be authenticated by comparing the similarity of the equipment operation information of the user to be authenticated with the equipment operation information of the known real-name account user in the real-name identity information base;
and acquiring the real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
Optionally, the method further includes mining a correspondence between the device operation information of the known real-name account user in the system and the real-name identity information by the following steps:
responding to the login of a known real-name account user in a system, and collecting equipment operation information of the known real-name account user in the system;
and establishing a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information.
Optionally, the method further comprises:
verifying the name and the identity card number of the user to be authenticated through public security network data;
and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated under the condition that the verification is passed.
Optionally, the method further comprises:
judging whether the user to be authenticated is an abnormal identity risk user or not according to the real-name authentication historical behavior corresponding to the account used by the user to be authenticated and the real-name authentication historical behavior corresponding to the equipment used by the user to be authenticated;
and if not, entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated.
Optionally, the method further comprises:
carrying out malicious group mining on users participating in real-name authentication in advance;
and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated if the user to be authenticated does not exist in the malicious group partner.
The above is an illustrative scheme of a computer-readable storage medium of the present embodiment. It should be noted that the technical solution of the storage medium belongs to the same concept as the technical solution of the real-name authentication method, and for details that are not described in detail in the technical solution of the storage medium, reference may be made to the description of the technical solution of the real-name authentication method.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The computer instructions comprise computer program code which may be in source code form, object code form, an executable file or some intermediate form, or the like. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.
It should be noted that, for the sake of simplicity, the foregoing method embodiments are described as a series of acts, but those skilled in the art should understand that the present embodiment is not limited by the described acts, because some steps may be performed in other sequences or simultaneously according to the present embodiment. Further, those skilled in the art should also appreciate that the embodiments described in this specification are preferred embodiments and that acts and modules referred to are not necessarily required for an embodiment of the specification.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to the related descriptions of other embodiments.
The preferred embodiments of the present specification disclosed above are intended only to aid in the description of the specification. Alternative embodiments are not exhaustive and do not limit the invention to the precise embodiments described. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the embodiments and the practical application, to thereby enable others skilled in the art to best understand and utilize the embodiments. The specification is limited only by the claims and their full scope and equivalents.

Claims (22)

1. A real name authentication method, comprising:
receiving to-be-authenticated identity information of a to-be-authenticated user;
acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base, wherein the real-name identity information base comprises a corresponding relation between the equipment information of the users inside and outside the system and the real-name identity information, the corresponding relation is mined based on the relation between the real-name behavior data of the users inside and outside the system and the equipment information, and the equipment information comprises: one or more information of the equipment address list, the equipment environment information and the equipment operation information;
and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
2. The method of claim 1, wherein the real-name identity information base comprises a corresponding relationship between personal device communication information of users inside and outside a system and a real name;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes: acquiring personal equipment communication information of the user to be authenticated; acquiring a real name matched with the personal equipment communication information of the user to be authenticated from the real-name identity information base;
the real-name authentication of the to-be-authenticated identity information of the to-be-authenticated user by comparing the real-name identity information of the to-be-authenticated user with the to-be-authenticated identity information comprises the following steps: and comparing the real name matched with the personal equipment communication information of the user to be authenticated with the name in the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
3. The method of claim 2, further comprising mining the correspondence between the personal device communication information of the users inside and outside the hierarchy and the real name by:
forming a text data set by using equipment address lists of users inside and outside the system and consignee information and/or consignee information in transaction behavior data of the users inside and outside the system;
and carrying out named entity identification on the real names corresponding to the personal equipment communication information of the users inside and outside the system on the text data set in a named entity extraction mode in a knowledge graph system, and establishing the corresponding relation between the personal equipment communication information of the users inside and outside the system and the real names.
4. The method of claim 1, wherein the real-name identity information base includes a correspondence between device environment information of users in a hierarchy and real-name identity information, and the device environment information includes: a device unique identifier, a device fingerprint, an internet protocol address of the device, and/or a physical address of the device;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment environment information of the user to be authenticated;
and acquiring real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base.
5. The method of claim 4, further comprising mining correspondence of device environment information and real-name identity information for users within a hierarchy by:
responding to the payment behavior of a user in a system, collecting equipment environment information of the user in the system, and acquiring payment identity information of the user in the system as real-name identity information;
and establishing a corresponding relation between the real-name identity information of the users in the system and the equipment environment information.
6. The method according to claim 1, wherein the real-name identity information base comprises a corresponding relation between the device operation information of the known real-name account user in the hierarchy and the real-name identity information;
the obtaining of the real-name identity information matched with the device information of the user to be authenticated from the real-name identity information base includes:
collecting the equipment operation information of the user to be authenticated;
identifying a known real-name account user which is regarded as the same person as the user to be authenticated by comparing the similarity of the equipment operation information of the user to be authenticated with the equipment operation information of the known real-name account user in the real-name identity information base;
and acquiring the real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
7. The method of claim 6, further comprising mining a correspondence of device operation information and real-name identity information for known real-name account users within a hierarchy by:
responding to the login of a known real-name account user in a system, and collecting equipment operation information of the known real-name account user in the system;
and establishing a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information.
8. The method of claim 1, further comprising:
verifying the name and the identity card number of the user to be authenticated through public security network data;
and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated under the condition that the verification is passed.
9. The method of claim 1, further comprising:
judging whether the user to be authenticated is an abnormal identity risk user or not according to the real-name authentication historical behavior corresponding to the account used by the user to be authenticated and the real-name authentication historical behavior corresponding to the equipment used by the user to be authenticated;
and if not, entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated.
10. The method of claim 1, further comprising:
carrying out malicious group mining on users participating in real-name authentication in advance;
and entering the slave real-name identity information base to acquire real-name identity information matched with the equipment information of the user to be authenticated if the user to be authenticated does not exist in the malicious group.
11. A real-name authentication apparatus comprising:
the receiving module is configured to receive to-be-authenticated identity information of a to-be-authenticated user;
a real-name obtaining module configured to obtain real-name identity information matched with the device information of the user to be authenticated from a real-name identity information base, where the real-name identity information base includes a correspondence between device information of users inside and outside a system and real-name identity information, the correspondence is mined based on a relationship between real-name behavior data of users inside and outside the system and the device information, and the device information includes: one or more information of the equipment address list, the equipment environment information and the equipment operation information;
and the comparison module is configured to compare the real-name identity information of the user to be authenticated with the identity information to be authenticated and perform real-name authentication on the identity information to be authenticated of the user to be authenticated.
12. The apparatus of claim 11, wherein the real-name identity information base includes a correspondence between personal device communication information of users inside and outside a hierarchy and a real name;
the real name acquisition module comprises:
the communication information acquisition sub-module is configured to acquire personal equipment communication information of the user to be authenticated;
the real name matching submodule is configured to acquire a real name matched with the personal equipment communication information of the user to be authenticated from the real name identity information base;
the comparison module is configured to compare the real name matched with the personal device communication information of the user to be authenticated with the name in the identity information to be authenticated, and perform real-name authentication on the identity information to be authenticated of the user to be authenticated.
13. The apparatus of claim 12, further comprising:
the data collection module is configured to enable equipment address lists of users inside and outside the system and information of a receiver and/or a sender in transaction behavior data of the users inside and outside the system to form a text data set;
and the communication relation mining module is configured to perform named entity recognition of a real name corresponding to the personal equipment communication information of the users inside and outside the system on the text data set in a named entity extraction mode in the knowledge graph system, and establish a corresponding relation between the personal equipment communication information of the users inside and outside the system and the real name.
14. The apparatus according to claim 11, wherein the real-name identity information base includes a correspondence between device environment information of users in a hierarchy and real-name identity information;
the real name acquisition module comprises:
the environment information acquisition sub-module is configured to acquire the equipment environment information of the user to be authenticated;
and the environment information matching submodule is configured to acquire real-name identity information corresponding to the equipment environment information of the user to be authenticated from the real-name identity information base.
15. The apparatus of claim 14, further comprising:
the payment response module is configured to respond to payment behaviors of users in a system, collect equipment environment information of the users in the system, and acquire payment identity information of the users in the system as real-name identity information;
and the environment relationship establishing module is configured to establish a corresponding relationship between the real-name identity information of the user in the system and the equipment environment information.
16. The apparatus according to claim 11, wherein the real-name identity information base includes a corresponding relationship between device operation information of a known real-name account user in a hierarchy and real-name identity information;
the real name acquisition module comprises:
the operation information acquisition sub-module is configured to acquire the equipment operation information of the user to be authenticated;
the operation similarity comparison submodule is configured to compare the device operation information of the user to be authenticated with the device operation information of the known real-name account user in the real-name identity information base in a similarity manner, so as to identify the known real-name account user which is regarded as the same person as the user to be authenticated;
and the same-person real-name obtaining sub-module is configured to obtain real-name identity information of the known real-name account user which is regarded as the same person as the user to be authenticated.
17. The apparatus of claim 16, further comprising:
the login response module is configured to respond to the login of a known real-name account user in a system and collect the equipment operation information of the known real-name account user in the system;
and the operation relation establishing module is configured to establish a corresponding relation between the real-name identity information of the known real-name account user and the equipment operation information.
18. The apparatus of claim 11, further comprising:
the public security verification module is configured to verify the name and the identity number of the user to be authenticated through public security network data; and triggering the real name acquisition module to execute under the condition that the verification is passed.
19. The apparatus of claim 11, further comprising:
the authentication history behavior judging module is configured to judge whether the user to be authenticated is an abnormal identity risk user according to the real-name authentication history behavior corresponding to the account used by the user to be authenticated and the real-name authentication history behavior corresponding to the equipment used by the user to be authenticated; and if not, triggering the real name acquisition module to execute.
20. The apparatus of claim 11, further comprising:
the malicious group mining module is configured to perform malicious group mining on the users participating in the real-name authentication in advance; and if the user to be authenticated does not exist in the malicious group, triggering the real name acquisition module to execute.
21. A computing device, comprising:
a memory and a processor;
the memory to store computer-executable instructions, the processor to execute the computer-executable instructions:
receiving to-be-authenticated identity information of a to-be-authenticated user;
acquiring real-name identity information matched with the equipment information of the user to be authenticated from a real-name identity information base, wherein the real-name identity information base comprises a corresponding relation between the equipment information of the users inside and outside the system and the real-name identity information, the corresponding relation is mined based on the relation between the real-name behavior data of the users inside and outside the system and the equipment information, and the equipment information comprises: one or more information of the equipment address list, the equipment environment information and the equipment operation information;
and comparing the real-name identity information of the user to be authenticated with the identity information to be authenticated, and performing real-name authentication on the identity information to be authenticated of the user to be authenticated.
22. A computer readable storage medium storing computer instructions which, when executed by a processor, carry out the steps of the real name authentication method of any one of claims 1 to 10.
CN202210536275.1A 2019-10-31 2019-10-31 Real-name authentication method and device Active CN114944950B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210536275.1A CN114944950B (en) 2019-10-31 2019-10-31 Real-name authentication method and device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911056714.3A CN110808978B (en) 2019-10-31 2019-10-31 Real name authentication method and device
CN202210536275.1A CN114944950B (en) 2019-10-31 2019-10-31 Real-name authentication method and device

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201911056714.3A Division CN110808978B (en) 2019-10-31 2019-10-31 Real name authentication method and device

Publications (2)

Publication Number Publication Date
CN114944950A true CN114944950A (en) 2022-08-26
CN114944950B CN114944950B (en) 2024-06-11

Family

ID=69489953

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201911056714.3A Active CN110808978B (en) 2019-10-31 2019-10-31 Real name authentication method and device
CN202210536275.1A Active CN114944950B (en) 2019-10-31 2019-10-31 Real-name authentication method and device

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201911056714.3A Active CN110808978B (en) 2019-10-31 2019-10-31 Real name authentication method and device

Country Status (1)

Country Link
CN (2) CN110808978B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113657910B (en) * 2021-08-13 2023-09-15 平安消费金融有限公司 Real name authentication method, device, electronic equipment and readable storage medium

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103618604A (en) * 2013-11-26 2014-03-05 中国联合网络通信集团有限公司 Identity authentication method and system
US20140237570A1 (en) * 2013-02-15 2014-08-21 Rawllin International Inc. Authentication based on social graph transaction history data
CN104765994A (en) * 2015-04-17 2015-07-08 努比亚技术有限公司 User identity recognition method and device
US20150215304A1 (en) * 2014-01-28 2015-07-30 Alibaba Group Holding Limited Client authentication using social relationship data
WO2017059717A1 (en) * 2015-10-09 2017-04-13 腾讯科技(深圳)有限公司 Identification method and system for user information in social network
CN107294900A (en) * 2016-03-30 2017-10-24 阿里巴巴集团控股有限公司 Biometric-based identity registration method and device
CN108400971A (en) * 2018-01-25 2018-08-14 长春市万易科技有限公司 A kind of anti-fake system and method
CN108830592A (en) * 2018-06-12 2018-11-16 南京熊猫电子股份有限公司 A kind of subscriber authentication and authority recognition method and system
CN109635531A (en) * 2018-11-26 2019-04-16 北京金钝宏安科技有限公司 An information authentication method and device using identity information authentication as a carrier
CN109658103A (en) * 2018-10-25 2019-04-19 阿里巴巴集团控股有限公司 Method, device and equipment for identity authentication, number storage and sending and number binding
CN109801074A (en) * 2018-12-13 2019-05-24 平安科技(深圳)有限公司 Client identity verification mechanism, device, computer equipment and readable storage medium storing program for executing
CN109842582A (en) * 2017-11-24 2019-06-04 中国移动通信集团公司 A kind of real name service order method and apparatus
CN110391909A (en) * 2018-04-20 2019-10-29 武汉真元生物数据有限公司 Terminal unlock method and system based on living things feature recognition

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5398231B2 (en) * 2008-11-04 2014-01-29 キヤノン株式会社 Image processing apparatus, control method therefor, and program
CN102201919B (en) * 2011-06-17 2013-07-10 深圳一卡通新技术有限公司 System and method for realizing real-name information transmission of mobile terminal based on digital certificate
CN102271041B (en) * 2011-07-30 2013-08-14 杨勇 Root service system for personal identity authentication
US10623411B2 (en) * 2015-09-17 2020-04-14 Sony Corporation Information processing device, information processing method, and mapping server
CN106570365A (en) * 2016-10-28 2017-04-19 努比亚技术有限公司 Application management device, mobile terminal and method
CN109660484B (en) * 2017-10-10 2021-02-23 爱信诺征信有限公司 Enterprise real-name authentication method and authentication server
CN109961594A (en) * 2017-12-26 2019-07-02 阿里巴巴集团控股有限公司 Data object information processing method, device and system
CN108600162B (en) * 2018-03-13 2021-04-30 江苏通付盾科技有限公司 User authentication method and device, computing equipment and computer storage medium
CN109639719B (en) * 2019-01-07 2020-01-24 武汉稀云科技有限公司 Identity verification method and device based on temporary identifier

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140237570A1 (en) * 2013-02-15 2014-08-21 Rawllin International Inc. Authentication based on social graph transaction history data
CN103618604A (en) * 2013-11-26 2014-03-05 中国联合网络通信集团有限公司 Identity authentication method and system
US20150215304A1 (en) * 2014-01-28 2015-07-30 Alibaba Group Holding Limited Client authentication using social relationship data
CN104765994A (en) * 2015-04-17 2015-07-08 努比亚技术有限公司 User identity recognition method and device
WO2017059717A1 (en) * 2015-10-09 2017-04-13 腾讯科技(深圳)有限公司 Identification method and system for user information in social network
CN107294900A (en) * 2016-03-30 2017-10-24 阿里巴巴集团控股有限公司 Biometric-based identity registration method and device
CN109842582A (en) * 2017-11-24 2019-06-04 中国移动通信集团公司 A kind of real name service order method and apparatus
CN108400971A (en) * 2018-01-25 2018-08-14 长春市万易科技有限公司 A kind of anti-fake system and method
CN110391909A (en) * 2018-04-20 2019-10-29 武汉真元生物数据有限公司 Terminal unlock method and system based on living things feature recognition
CN108830592A (en) * 2018-06-12 2018-11-16 南京熊猫电子股份有限公司 A kind of subscriber authentication and authority recognition method and system
CN109658103A (en) * 2018-10-25 2019-04-19 阿里巴巴集团控股有限公司 Method, device and equipment for identity authentication, number storage and sending and number binding
CN109635531A (en) * 2018-11-26 2019-04-16 北京金钝宏安科技有限公司 An information authentication method and device using identity information authentication as a carrier
CN109801074A (en) * 2018-12-13 2019-05-24 平安科技(深圳)有限公司 Client identity verification mechanism, device, computer equipment and readable storage medium storing program for executing

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
徐祺;崔久强;: "个人网上身份多源认证服务研究", 软件, no. 03 *
胡开先;梁英;许洪波;毕晓迪;左遥;: "一种社会网络用户身份特征识别方法", 计算机研究与发展, no. 11 *
艾竹;忻贤文;凌力;: "网络实名体系模型中的用户实名度生成算法", 计算机应用与软件, no. 12 *

Also Published As

Publication number Publication date
CN114944950B (en) 2024-06-11
CN110808978A (en) 2020-02-18
CN110808978B (en) 2022-04-15

Similar Documents

Publication Publication Date Title
CN111815467A (en) Auditing method and device
WO2019200810A1 (en) User data authenticity analysis method and apparatus, storage medium and electronic device
CN111008592A (en) Analyzing facial recognition data and social network data for user authentication
CN105389488B (en) Identity identifying method and device
CN110992053B (en) Secure payment system and method based on finger vein recognition and blockchain technology
CN112150252A (en) Credit-based service processing method and device
CN111783144A (en) Blockchain-based data processing method and device
CN105703966A (en) Internet behavior risk identification method and apparatus
EP3361704A1 (en) User data sharing method and device
WO2024227184A1 (en) Universal authenticator apparatus for obtaining host services
CN110675263B (en) Risk identification method and device for transaction data
CN113887214A (en) Artificial intelligence based wish presumption method and related equipment thereof
US20240311658A1 (en) Dynamic prototype learning framework for non-homophilous graphs
CN111506486B (en) Data processing method and system
CN111428971A (en) Service data processing method and device and server
CN110808978B (en) Real name authentication method and device
CN109214801B (en) Electronic payment confirmation method, device and storage medium
CN112333708A (en) A method and system for telecommunication fraud detection based on bidirectional gated cyclic unit
CN114553738B (en) Abnormality detection method and device
US12189740B2 (en) Multi-biometric authentication system
US11204894B2 (en) Information read/write method and apparatus based on blockchain
CN117252429A (en) Risk user identification methods, devices, storage media and electronic equipment
CN116665315A (en) Training method of living body detection model, living body detection method and system
CN115150834A (en) Identification method, device and storage medium of fraudulent number
RU2820019C1 (en) Call classification method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 310000 Zhejiang Province, Hangzhou City, Xihu District, Xixi Road 543-569 (continuous odd numbers) Building 1, Building 2, 5th Floor, Room 518

Patentee after: Alipay (Hangzhou) Digital Service Technology Co.,Ltd.

Country or region after: China

Address before: 801-11, Section B, 8th floor, 556 Xixi Road, Xihu District, Hangzhou City, Zhejiang Province, 310013

Patentee before: Alipay (Hangzhou) Information Technology Co., Ltd.

Country or region before: China