CN110059473A - Using account logon method, device, computer equipment and computer storage medium - Google Patents
Using account logon method, device, computer equipment and computer storage medium Download PDFInfo
- Publication number
- CN110059473A CN110059473A CN201910219130.7A CN201910219130A CN110059473A CN 110059473 A CN110059473 A CN 110059473A CN 201910219130 A CN201910219130 A CN 201910219130A CN 110059473 A CN110059473 A CN 110059473A
- Authority
- CN
- China
- Prior art keywords
- application account
- login information
- account
- login
- magnetic card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/352—Contactless payments by cards
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
本申请公开了一种应用账户登录方法、装置、计算机设备及计算机存储介质,涉及身份验证技术领域,可以降低应用账户登录的风险。所述方法包括:获取各个应用账户的登录信息;利用读取磁卡发送的加密密钥对所述各个应用账户的登录信息进行加密,并将加密后各个应用账户的登录信息保存至终端的安全区域;接收用户触发预设应用账户的登录指令,从所述安全区域查询加密后的各个账户的登录信息中与所述预设应用账户相匹配的加密后登录信息;利用读取所述磁卡发送的解密密钥对所述预设应用账户的加密后登录信息进行解密,并根据解密后预设应用账户的登录信息进入预设应用界面。
The application discloses an application account login method, device, computer equipment and computer storage medium, which relate to the technical field of identity verification and can reduce the risk of application account login. The method includes: acquiring login information of each application account; encrypting the login information of each application account by using an encryption key sent by reading a magnetic card, and saving the encrypted login information of each application account in a safe area of the terminal ; Receive the login instruction that the user triggers the preset application account, and query the encrypted login information from the encrypted login information of each account and the preset application account from the security area; The decryption key decrypts the encrypted login information of the preset application account, and enters the preset application interface according to the decrypted login information of the preset application account.
Description
技术领域technical field
本发明涉及身份验证技术领域,尤其是涉及应用账户登录方法、装置、计算机设备及计算机存储介质。The present invention relates to the technical field of identity verification, and in particular, to an application account login method, device, computer equipment and computer storage medium.
背景技术Background technique
随着智能手机和ipad等移动终端设备的普及,人们逐渐习惯了使用APP客户端上网的方式,例如,用户可以通过登录论坛、微博、网络游戏等与他人进行互动,还可以通过登录淘宝、京东商城购买日常用品,而账户就是用户在每个APP中进行相应活动的身份。With the popularization of mobile terminal devices such as smart phones and ipads, people have gradually become accustomed to using APP clients to surf the Internet. For example, users can interact with others by logging in to forums, Weibo, online games, etc. Jingdong Mall buys daily necessities, and the account is the identity of the user in each APP for the corresponding activities.
通常情况,用户在使用终端进入应用程序的时候,为了保证交易过程中用户个人钱财的安全性,越来越多的应用程序在登录应用账户的过程中需要输入密码,在进行交易的过程中同样需要输入密码。然而,为了提升用户的使用体验,降低用户的记忆负担,有些应用程序具有免登录功能,用户可以设置在一段时间内无需登录即可使用应用程序的功能。而这种免登录功能具有一定的安全隐患,会导致隐私泄露甚至丢失钱财。Usually, when a user uses a terminal to enter an application, in order to ensure the security of the user's personal money during the transaction process, more and more applications need to enter a password during the process of logging in to the application account, and the same is true during the transaction process. A password is required. However, in order to improve the user experience and reduce the user's memory burden, some applications have a login-free function, and the user can set the function of using the application without login for a period of time. This login-free function has certain security risks, which can lead to privacy leakage and even loss of money.
发明内容SUMMARY OF THE INVENTION
有鉴于此,本发明提供了一种应用账户登录方法、装置、计算机设备及计算机存储介质,主要目的在于解决目前相关技术中应用账户登录存在安全隐患的问题。In view of this, the present invention provides an application account login method, device, computer equipment and computer storage medium, the main purpose of which is to solve the problem of potential security risks in application account login in the current related art.
依据本发明一个方面,提供了一种应用账户登录方法,该方法包括:According to an aspect of the present invention, an application account login method is provided, the method comprising:
获取各个应用账户的登录信息;Obtain the login information of each application account;
利用读取磁卡发送的加密密钥对所述各个应用账户的登录信息进行加密,并将加密后各个应用账户的登录信息保存至终端的安全区域;Encrypt the login information of each application account by using the encryption key sent by the reading magnetic card, and save the encrypted login information of each application account in the security area of the terminal;
接收用户触发预设应用账户的登录指令,从所述安全区域查询加密后的各个账户的登录信息中与所述预设应用账户相匹配的加密后登录信息;receiving a login instruction from a user to trigger a preset application account, and querying the encrypted login information of each account from the security area for the encrypted login information that matches the preset application account;
利用读取所述磁卡发送的解密密钥对所述预设应用账户的加密后登录信息进行解密,并根据解密后预设应用账户的登录信息进入预设应用界面。The encrypted login information of the preset application account is decrypted by using the decryption key sent by reading the magnetic card, and the preset application interface is entered according to the decrypted login information of the preset application account.
进一步地,在所述获取各个应用账户的登录信息之后:Further, after obtaining the login information of each application account:
根据用户操作应用账户的行为数据,将所述各个应用账户的登录信息划分为不同安全等级的登录信息。According to the behavior data of the user operating the application account, the login information of each application account is divided into login information of different security levels.
进一步地,所述磁卡中配置有预先设置的为各个应用账户的登录信息分配加密密钥的分配规则,所述利用读取磁卡发送的加密密钥对所述各个应用账户的登录信息进行加密,并将加密后各个应用账户的登录信息保存至终端的安全区域包括:Further, the magnetic card is configured with a preset distribution rule for allocating encryption keys for the login information of each application account, and the encryption key sent by reading the magnetic card is used to encrypt the login information of each application account, And save the encrypted login information of each application account to the security area of the terminal, including:
利用读取磁卡中预先设置的分配规则为各个应用账户的登录信息分配加密密钥;Use the pre-set allocation rules in the read magnetic card to allocate encryption keys to the login information of each application account;
根据所述各个应用账户的登录信息对应的加密密钥,对各个应用账户的登录信息进行加密,得到加密后各个应用账户的登录信息;Encrypting the login information of each application account according to the encryption key corresponding to the login information of each application account, to obtain the encrypted login information of each application account;
将加密后的各个应用账户的登录信息与应用账户的标识信息进行绑定后,保存至终端的安全领域。After binding the encrypted login information of each application account with the identification information of the application account, it is stored in the security field of the terminal.
进一步地,当所述分配规则为按照应用账户的登录信息对应的安全等级进行分配时,所述利用读取磁卡中预先设置的分配规则为各个应用账户的登录信息分配加密密钥包括:Further, when the distribution rule is to distribute according to the security level corresponding to the login information of the application account, the distribution of the encryption key for the login information of each application account by using the distribution rule preset in the reading magnetic card includes:
利用读取磁卡中预先设置的分配规则,查询各个应用账户的登录信息对应的安全等级;Use the pre-set allocation rules in the read magnetic card to query the security level corresponding to the login information of each application account;
根据所述各个应用账户的登录信息对应的安全等级,为各个应用账户的登录信息分配加密密钥。According to the security level corresponding to the login information of each application account, an encryption key is allocated to the login information of each application account.
进一步地,当所述分配规则为按照生成应用账户的登录信息的时间顺序时,所述利用读取磁卡中预先设置的分配规则为各个应用账户的登录信息分配加密密钥包括:Further, when the distribution rules are in the chronological order of generating the login information of the application accounts, the distribution rules for the login information of each application account using the distribution rules preset in the reading magnetic card include:
利用读取磁卡中预先设置的分配规则,查询生成各个应用账户的登录信息对应的时间顺序;Use the pre-set allocation rules in the read magnetic card to query and generate the time sequence corresponding to the login information of each application account;
按照所述生成各个应用账户的登录信息对应的时间顺序,为各个应用账户的登录信息分配加密密钥。According to the time sequence corresponding to the generation of the login information of each application account, an encryption key is allocated to the login information of each application account.
进一步地,所述接收用户触发预设应用账户的登录指令,从所述安全区域查询加密后的各个账户的登录信息中与所述预设应用账户相匹配的加密后登录信息包括:Further, the receiving user triggers the login instruction of the preset application account, and the encrypted login information matching the preset application account from the encrypted login information of each account in the security area includes:
接收用户触发预设应用账户的登录指令,提取所述登录指令中携带的预设应用账户的标识信息;receiving a login instruction from a user to trigger a preset application account, and extracting the identification information of the preset application account carried in the login instruction;
根据所述预设应用账户的标识信息,从所述安全区域查询加密后的各个应用账户的登录信息中与所述预设应用账户的标识信息相匹配的加密后登录信息。According to the identification information of the preset application account, the encrypted login information that matches the identification information of the preset application account from the encrypted login information of each application account is queried from the security area.
进一步地,在所述利用读取磁卡发送的加密密钥对所述各个应用账户的登录信息进行加密,并将加密后各个应用账户的登录信息保存至终端的安全区域之前,所述方法还包括:Further, before using the encryption key sent by reading the magnetic card to encrypt the login information of each application account, and before saving the encrypted login information of each application account to the security area of the terminal, the method further includes: :
当检测到磁卡发送的感应信号时,通过终端预先配置的NFC模块读取所述磁卡中的加密密钥;When detecting the induction signal sent by the magnetic card, read the encryption key in the magnetic card through the NFC module preconfigured in the terminal;
在所述利用读取所述磁卡发送的解密密钥对所述预设应用账户的加密后登录信息进行解密,并根据解密后预设应用账户的登录信息进入预设应用界面之前,所述方法还包括:Before the decryption key sent by reading the magnetic card is used to decrypt the encrypted login information of the preset application account, and before entering the preset application interface according to the login information of the preset application account after decryption, the method Also includes:
当检测到磁卡发送的感应信号时,通过终端预先配置的NFC模块读取所述磁卡中的解密密钥。When the induction signal sent by the magnetic card is detected, the decryption key in the magnetic card is read through the NFC module preconfigured in the terminal.
依据本发明另一个方面,提供了一种应用账户登录装置,所述装置包括:According to another aspect of the present invention, an application account login device is provided, the device comprising:
获取单元,用于获取各个应用账户的登录信息;an obtaining unit, used to obtain the login information of each application account;
加密单元,用于利用读取磁卡发送的加密密钥对所述各个应用账户的登录信息进行加密,并将加密后各个应用账户的登录信息保存至终端的安全区域;an encryption unit, configured to encrypt the login information of each application account by using the encryption key sent by the reading magnetic card, and save the encrypted login information of each application account in the security area of the terminal;
查询单元,用于接收用户触发预设应用账户的登录指令,从所述安全区域查询加密后的各个账户的登录信息中与所述预设应用账户相匹配的加密后登录信息;a query unit, configured to receive a login instruction from a user to trigger a preset application account, and query the encrypted login information of each account from the secure area for the encrypted login information that matches the preset application account;
解密单元,用于利用读取所述磁卡发送的解密密钥对所述预设应用账户的加密后登录信息进行解密,并根据解密后预设应用账户的登录信息进入预设应用界面。The decryption unit is configured to decrypt the encrypted login information of the preset application account by using the decryption key sent by reading the magnetic card, and enter the preset application interface according to the login information of the preset application account after decryption.
进一步地,所述装置还包括:Further, the device also includes:
划分单元,用于在所述获取各个应用账户的登录信息之后:根据用户操作应用账户的行为数据,将所述各个应用账户的登录信息划分为不同安全等级的登录信息。The dividing unit is configured to divide the login information of each application account into login information of different security levels according to the behavior data of the user operating the application account after the acquisition of the login information of each application account.
进一步地,所述磁卡中配置有预先设置的为各个应用账户的登录信息分配加密密钥的分配规则,所述加密单元包括:Further, the magnetic card is configured with a preset distribution rule for allocating encryption keys for the login information of each application account, and the encryption unit includes:
分配模块,用于利用读取磁卡中预先设置的分配规则为各个应用账户的登录信息分配加密密钥;The distribution module is used to distribute encryption keys for the login information of each application account by using the distribution rules preset in the read magnetic card;
加密模块,用于根据所述各个应用账户的登录信息对应的加密密钥,对各个应用账户的登录信息进行加密,得到加密后各个应用账户的登录信息;an encryption module, configured to encrypt the login information of each application account according to the encryption key corresponding to the login information of each application account, and obtain the encrypted login information of each application account;
绑定模块,用于将加密后的各个应用账户的登录信息与应用账户的标识信息进行绑定后,保存至终端的安全领域。The binding module is used to bind the encrypted login information of each application account with the identification information of the application account and save it to the security field of the terminal.
进一步地,当所述分配规则为按照应用账户的登录信息对应的安全等级进行分配时,Further, when the allocation rule is to allocate according to the security level corresponding to the login information of the application account,
所述分配模块,具体用于利用读取磁卡中预先设置的分配规则,查询各个应用账户的登录信息对应的安全等级;The distribution module is specifically configured to query the security level corresponding to the login information of each application account by using the pre-set distribution rule in the reading magnetic card;
所述分配模块,具体还用于根据所述各个应用账户的登录信息对应的安全等级,为各个应用账户的登录信息分配加密密钥。The allocation module is further configured to allocate an encryption key to the login information of each application account according to the security level corresponding to the login information of each application account.
进一步地,当所述分配规则为按照生成应用账户的登录信息的时间顺序时,Further, when the distribution rule is in the chronological order of generating the login information of the application account,
所述分配模块,具体用于利用读取磁卡中预先设置的分配规则,查询生成各个应用账户的登录信息对应的时间顺序;The allocation module is specifically configured to use the pre-set allocation rules in the reading magnetic card to query and generate the corresponding time sequence of the login information of each application account;
所述分配模块,具体还用于按照所述生成各个应用账户的登录信息对应的时间顺序,为各个应用账户的登录信息分配加密密钥。The allocation module is further configured to allocate an encryption key to the login information of each application account according to the time sequence corresponding to the generation of the login information of each application account.
进一步地,所述查询单元包括:Further, the query unit includes:
提取模块,用于接收用户触发预设应用账户的登录指令,提取所述登录指令中携带的预设应用账户的标识信息;an extraction module, configured to receive a login instruction triggered by a user to trigger a preset application account, and extract the identification information of the preset application account carried in the login instruction;
查询模块,用于根据所述预设应用账户的标识信息,从所述安全区域查询加密后的各个应用账户的登录信息中与所述预设应用账户的标识信息相匹配的加密后登录信息。The query module is configured to, according to the identification information of the preset application account, query the encrypted login information of each application account from the security area for the encrypted login information that matches the identification information of the preset application account.
进一步地,所述装置还包括:Further, the device also includes:
第一读取单元,用于在所述利用读取磁卡发送的加密密钥对所述各个应用账户的登录信息进行加密,并将加密后各个应用账户的登录信息保存至终端的安全区域之前,当检测到磁卡发送的感应信号时,通过终端预先配置的NFC模块读取所述磁卡中的加密密钥;The first reading unit is used for encrypting the login information of each application account by using the encryption key sent by the reading magnetic card, and before saving the encrypted login information of each application account in the security area of the terminal, When detecting the induction signal sent by the magnetic card, read the encryption key in the magnetic card through the NFC module preconfigured in the terminal;
第二读取单元,用于在在所述利用读取所述磁卡发送的解密密钥对所述预设应用账户的加密后登录信息进行解密,并根据解密后预设应用账户的登录信息进入预设应用界面之前,当检测到磁卡发送的感应信号时,通过终端预先配置的NFC模块读取所述磁卡中的解密密钥。The second reading unit is configured to decrypt the encrypted login information of the preset application account by using the decryption key sent by reading the magnetic card, and enter the encrypted login information of the preset application account according to the decrypted login information. Before the application interface is preset, when the induction signal sent by the magnetic card is detected, the decryption key in the magnetic card is read through the NFC module preconfigured in the terminal.
依据本发明又一个方面,提供了一种计算机设备,包括存储器和处理器,所述存储器存储有计算机程序,所述处理器执行所述计算机程序时实现应用账户登录方法的步骤。According to yet another aspect of the present invention, a computer device is provided, comprising a memory and a processor, wherein the memory stores a computer program, and when the processor executes the computer program, the steps of the application account login method are implemented.
依据本发明再一个方面,提供了一种计算机存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现应用账户登录方法的步骤。According to yet another aspect of the present invention, a computer storage medium is provided, on which a computer program is stored, and when the computer program is executed by a processor, implements the steps of an application account login method.
借由上述技术方案,本发明提供一种应用账户登录方法及装置,通过获取各个应用账户的登录信息,利用读取磁卡发送的加密密钥对各个应用账户的登录信息进行加密,提高用户登录账户的安全性,从而在用户登录预设应用账户时,同样利用磁卡发送的解密密钥对预设应用账户进行解密,并根据预设应用账户的登录信息进入预设应用界面,用户无需手动填写登录密码,提高应用账户登录的可操作性。与现有技术中无需输入登录信息即可登录应用账户的应用账户登录方式相比,本发明实施例为了提高应用账户登录的便捷性,通过终端配置NFC模块读取的加密密钥对应用账户的登录信息进行加密,使得应用账户具有更高的安全性,而当用户在进入应用账户界面时,通过终端配置NFC模块读取的解密密钥对应用账户的登录信息进行解密,使得用户在登录和交易的过程无需手动操作,即可实现自动进入应用账户界面,提升用户操作的便捷性。With the above technical solutions, the present invention provides an application account login method and device. By acquiring the login information of each application account, and using the encryption key sent by reading the magnetic card to encrypt the login information of each application account, the user login account is improved. Therefore, when the user logs in to the preset application account, the decryption key sent by the magnetic card is also used to decrypt the preset application account, and the preset application interface is entered according to the login information of the preset application account, and the user does not need to fill in the login manually. Password to improve the operability of application account login. Compared with the application account login method in the prior art in which the application account can be logged in without inputting login information, in order to improve the convenience of the application account login in the embodiment of the present invention, the encryption key read by the terminal configuration NFC module is used for the application account login. The login information is encrypted, so that the application account has higher security, and when the user enters the application account interface, the login information of the application account is decrypted by the decryption key read by the terminal configuration NFC module, so that the user can log in and The transaction process can automatically enter the application account interface without manual operation, which improves the convenience of user operations.
附图说明Description of drawings
通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出优选实施方式的目的,而并不认为是对本发明的限制。而且在整个附图中,用相同的参考符号表示相同的部件。在附图中:Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are for the purpose of illustrating preferred embodiments only and are not to be considered limiting of the invention. Also, the same components are denoted by the same reference numerals throughout the drawings. In the attached image:
图1示出了本发明实施例提供的一种应用账户登录方法流程示意图;FIG. 1 shows a schematic flowchart of an application account login method provided by an embodiment of the present invention;
图2示出了本发明实施例提供的另一种应用账户登录方法流程示意图;FIG. 2 shows a schematic flowchart of another application account login method provided by an embodiment of the present invention;
图3示出了本发明实施例提供的另一种应用账户登录方法流程示意图;FIG. 3 shows a schematic flowchart of another application account login method provided by an embodiment of the present invention;
图4示出了本发明实施例提供的另一种应用账户登录方法流程示意图;FIG. 4 shows a schematic flowchart of another application account login method provided by an embodiment of the present invention;
图5示出了本发明实施例提供的一种应用账户登录装置的结构示意图;FIG. 5 shows a schematic structural diagram of an application account login device provided by an embodiment of the present invention;
图6示出了本发明实施例提供的另一种应用账户登录装置的结构示意图。FIG. 6 shows a schematic structural diagram of another device for logging in to an application account provided by an embodiment of the present invention.
具体实施方式Detailed ways
下面将参照附图更详细地描述本公开的示例性实施例。虽然附图中显示了本公开的示例性实施例,然而应当理解,可以以各种形式实现本公开而不应被这里阐述的实施例所限制。相反,提供这些实施例是为了能够更透彻地理解本公开,并且能够将本公开的范围完整的传达给本领域的技术人员。Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided so that the present disclosure will be more thoroughly understood, and will fully convey the scope of the present disclosure to those skilled in the art.
本发明实施例提供了一种应用账户登录方法,可以提高应用账户登录的便捷性,如图1所示,该方法包括:An embodiment of the present invention provides an application account login method, which can improve the convenience of application account login. As shown in FIG. 1 , the method includes:
101、获取各个应用账户的登录信息。101. Obtain login information of each application account.
其中,各个应用账户的登录信息为用户进入应用账户的用户名、密码、指纹、验证码等信息,为了保证应用系统的安全和记账方便,应用系统要求每个用户有单独的账户作为登录标识,应用系统还为每个用户制定了一个口令,用户在使用该应用系统之前要输入标识和口令,以便系统能识别该用户身份,从而保持该用户的使用习惯或使用数据。Among them, the login information of each application account is the user name, password, fingerprint, verification code and other information of the user entering the application account. In order to ensure the security of the application system and the convenience of accounting, the application system requires each user to have a separate account as a login identifier. , the application system also formulates a password for each user, the user needs to input the identification and password before using the application system, so that the system can identify the user's identity, so as to maintain the user's usage habits or usage data.
对于本发明实施例,具体可以通过设置应用接口向应用服务器请求的方式来获取各个应用账户的登录信息,还可以通过向用户索取的方式来获取各个应用账户的登录信息,这里对获取方式不进行限定。For the embodiment of the present invention, the login information of each application account can be acquired by setting the application interface to request the application server, and the login information of each application account can also be acquired by requesting the user, and the acquisition method is not carried out here. limited.
102、利用读取磁卡发送的加密密钥对所述各个应用账户的登录信息进行加密,并将加密后各个应用账户的登录信息保存至终端的安全区域。102. Encrypt the login information of each application account by using the encryption key sent by reading the magnetic card, and save the encrypted login information of each application account in a secure area of the terminal.
其中,磁卡可以用于NFC进行读取,并且磁卡中保存有加密密钥,该加密密钥可以为一个也可以为多个,这里对加密密钥个数不进行限定,由于应用账户的登录信息可能设置过于简单或者设置一段时间免登陆等情况,通过读取磁卡中的加密密钥可以实现对各个应用账户的登录信息进行加密,从而进一步提高各个应用账户的安全性。Among them, the magnetic card can be used for NFC reading, and the magnetic card stores an encryption key, which can be one or more. The number of encryption keys is not limited here, because the login information of the application account Maybe the setting is too simple or the setting is free from login for a period of time. By reading the encryption key in the magnetic card, the login information of each application account can be encrypted, thereby further improving the security of each application account.
具体应用的过程中,当磁卡发送的加密密钥为一个的情况,该加密密钥适用于对所有应用账户的登录信息进行加密,当磁卡发送的加密密钥为多个的情况,该加密密钥可以针对不同应用账户的登录信息进行加密,例如,针对不同安全级别应用账户的登录信息进行加密,针对不同应用类型应用账户的登录信息进行加密,当然还可以预先设置加密密钥的分配规则,从而根据读取此卡中加密密钥的分配规则为各个应用账户的登录信息分配加密密钥,以使得不同应用账户的登录信息可以匹配到合适的加密密钥。In the specific application process, when there is only one encryption key sent by the magnetic card, the encryption key is suitable for encrypting the login information of all application accounts. When there are multiple encryption keys sent by the magnetic card, the encryption key The key can be encrypted for the login information of different application accounts. For example, the login information of application accounts of different security levels is encrypted, and the login information of application accounts of different application types can be encrypted. Of course, the distribution rules of encryption keys can also be preset. Therefore, according to the distribution rules for reading the encryption key in the card, the encryption key is allocated to the login information of each application account, so that the login information of different application accounts can be matched with the appropriate encryption key.
对于本发明实施例,为了便于后续对加密后各个应用账户的登录信息进行查询,这里可以各个应用账户的登录信息与应用账户的标识信息进行绑定,至如应用图标、应用名称或者应用ID等,这里不进行限定。并将绑定后的映射关系存储安全区域,如应用A名称-应用A登录信息、应用B名称-应用B登录信息。For the embodiment of the present invention, in order to facilitate the subsequent query of the login information of each application account after encryption, the login information of each application account can be bound with the identification information of the application account, such as the application icon, application name or application ID, etc. , which is not limited here. The bound mapping relationship is stored in the security area, such as application A name - application A login information, application B name - application B login information.
103、接收用户触发预设应用账户的登录指令,从所述安全区域查询加密后的各个账户的登录信息中与所述预设应用账户相匹配的加密后登录信息。103. Receive a login instruction from a user to trigger a preset application account, and query the encrypted login information of each account from the secure area for encrypted login information that matches the preset application account.
对于本发明实施例,当用户进入预设应用账户登录界面时,由于预设应用账户的登录信息已经被加密密钥进行加密,直接使用登录信息无法登录进入应用账户界面,由于终端的安全区域中存储有加密后各个应用账户的登录信息,通过从安全区域查询加密后的各个账户的信息,可以得到与预设应用账户相匹配的加密后登录信息,具体可以利用预设应用账户的标识信息从安全区域中查询到预设应用账户的加密后登录信息。For this embodiment of the present invention, when the user enters the preset application account login interface, since the login information of the preset application account has been encrypted by the encryption key, the user cannot log in to the application account interface directly by using the login information. The encrypted login information of each application account is stored. By querying the encrypted information of each account from the security area, the encrypted login information that matches the preset application account can be obtained. Specifically, the identification information of the preset application account can be used from the The encrypted login information of the preset application account is queried in the security area.
104、利用读取所述磁卡发送的解密密钥对所述预设应用账户的加密后登录信息进行解密,并根据解密后预设应用账户的登录信息进入预设应用界面。104. Decrypt the encrypted login information of the preset application account by using the decryption key sent by reading the magnetic card, and enter a preset application interface according to the decrypted login information of the preset application account.
其中,磁卡中还保存有与加密密钥对应的解密密钥,该解密密钥的数量与加密密钥相同,通过解密密钥可以对预设应用账户的登录信息进行解密,从而实现应用账户的登录。The magnetic card also stores a decryption key corresponding to the encryption key, and the number of the decryption key is the same as that of the encryption key. The login information of the preset application account can be decrypted through the decryption key, thereby realizing the application account's login information. Log in.
对于本发明实施例,在读取磁卡发送的解密密钥时,可以直接将解密后的登录信息填入应用账户界面的登录输入框中进行用户身份验证,也可以在登录输入框中显示解密后的登录信息,以供用户确认后进行用户身份验证,从而在用户身份验证通过后进入应用账户界面。For the embodiment of the present invention, when reading the decryption key sent by the magnetic card, the decrypted login information can be directly filled in the login input box of the application account interface for user identity verification, or the decrypted login information can be displayed in the login input box. The login information for the user to confirm the user authentication, so as to enter the application account interface after the user authentication is passed.
需要说明的是,本发明实施例的磁卡中的解密密钥不仅可以用于用户在登录应用账户的时候使用,还可以用于用户在使用应用账户进行交易的过程中使用,这里的解密密钥不仅限于用户登录应用账户的使用。It should be noted that the decryption key in the magnetic card according to the embodiment of the present invention can not only be used when the user logs in to the application account, but also can be used by the user during the transaction using the application account. The decryption key here It is not limited to the use of the user's login application account.
本发明提供一种应用账户登录方法,通过获取各个应用账户的登录信息,利用读取磁卡发送的加密密钥对各个应用账户的登录信息进行加密,提高用户登录账户的安全性,从而在用户登录预设应用账户时,同样利用磁卡发送的解密密钥对预设应用账户进行解密,并根据预设应用账户的登录信息进入预设应用界面,用户无需手动填写登录密码,提高应用账户登录的可操作性。与现有技术中无需输入登录信息即可登录应用账户的应用账户登录方式相比,本发明实施例为了提高应用账户登录的便捷性,通过终端配置NFC模块读取的加密密钥对应用账户的登录信息进行加密,使得应用账户具有更高的安全性,而当用户在进入应用账户界面时,通过终端配置NFC模块读取的解密密钥对应用账户的登录信息进行解密,使得用户在登录和交易的过程无需手动操作,即可实现自动进入应用账户界面,提升用户操作的便捷性。The present invention provides an application account login method. By acquiring the login information of each application account, the login information of each application account is encrypted by using an encryption key sent by reading a magnetic card, so as to improve the security of the user login account, so that the user can log in to the account when the user logs in. When the application account is preset, the decryption key sent by the magnetic card is also used to decrypt the preset application account, and the preset application interface is entered according to the login information of the preset application account. operability. Compared with the application account login method in the prior art in which the application account can be logged in without inputting login information, in order to improve the convenience of the application account login in the embodiment of the present invention, the encryption key read by the terminal configuration NFC module is used for the application account login. The login information is encrypted, so that the application account has higher security, and when the user enters the application account interface, the login information of the application account is decrypted by the decryption key read by the terminal configuration NFC module, so that the user can log in and The transaction process can automatically enter the application account interface without manual operation, which improves the convenience of user operations.
本发明实施例提供了另一种应用账户登录方法,可以降低应用账户登录的风险,如图2所示,所述方法包括:The embodiment of the present invention provides another application account login method, which can reduce the risk of application account login. As shown in FIG. 2, the method includes:
201、获取各个应用账户的登录信息。201. Obtain login information of each application account.
对于本发明实施例,由于不同应用系统具有各自的应用接口,而每个应用账户的登录信息都存储在各自应用系统的服务器的用户数据账户存储区中,并非可以直接获取,具体可以通过各个应用账户的应用接口向应用系统的服务器请求访问用户数据账户存储区,进而获取用户账户存储区中应用账户的登录信息。For the embodiment of the present invention, since different application systems have their own application interfaces, and the login information of each application account is stored in the user data account storage area of the server of the respective application system, it cannot be obtained directly. Specifically, it can be obtained through each application The application interface of the account requests to the server of the application system to access the user data account storage area, and then obtains the login information of the application account in the user account storage area.
202、当检测到磁卡发送的感应信号时,通过终端预先配置的NFC模块读取所述磁卡中的加密密钥。202. When detecting the induction signal sent by the magnetic card, read the encryption key in the magnetic card through the NFC module preconfigured in the terminal.
对于本发明实施例,磁卡在距离终端预设通信范围内的时候,终端会检测到磁卡发送的感应信号,并且利用预先配置的NFC模块读取磁卡中的加密密钥。For the embodiment of the present invention, when the magnetic card is within the preset communication range from the terminal, the terminal will detect the induction signal sent by the magnetic card, and use the preconfigured NFC module to read the encryption key in the magnetic card.
203、利用读取磁卡中预先设置的分配规则为各个应用账户的登录信息分配加密密钥。203. Allocate an encryption key for the login information of each application account by using a pre-set allocation rule in the read magnetic card.
对于本发明实施例,磁卡中配置有预先设置的为各个应用账户的登录信息分配加密密钥的分配规则,根据分配规则为各个应用账户的登录信息分配加密密钥,该加密密钥通常符合应用账户的特征,从而保证每个应用账户的登录信息都可以分配到适合该应用系统的加密密钥。For the embodiment of the present invention, the magnetic card is configured with a preset distribution rule for allocating encryption keys for the login information of each application account, and according to the distribution rules, an encryption key is allocated for the login information of each application account, and the encryption key usually conforms to the application The characteristics of the account, so as to ensure that the login information of each application account can be assigned to the encryption key suitable for the application system.
当然这里的分配规则可以按照随机规则为各个各个iyingy账户的登录信息分配加密密钥,可以按照各个应用账户的登录信息对应的安全等级进行分配,可以按照生成各个应用账户对应的时间线后顺序进行分配,还可以按照各个应用账户对应的应用类型进行分配,这里对分配规则不进行限定。Of course, the allocation rules here can be based on random rules to allocate encryption keys for the login information of each iyingy account, can be allocated according to the security level corresponding to the login information of each application account, and can be performed according to the sequence after the timeline corresponding to each application account is generated. The allocation can also be allocated according to the application type corresponding to each application account, and the allocation rules are not limited here.
204、根据所述各个应用账户的登录信息对应的加密密钥,对各个应用账户的登录信息进行加密,得到加密后各个应用账户的登录信息。204. Encrypt the login information of each application account according to the encryption key corresponding to the login information of each application account, to obtain the encrypted login information of each application account.
对于本发明实施例,具体对各个应用账户的登录信息进行加密的方式不进行限定,可以采用Base64和MD5等常规加密算法。For the embodiment of the present invention, the specific method for encrypting the login information of each application account is not limited, and conventional encryption algorithms such as Base64 and MD5 may be used.
需要说明的是,利用读取磁卡发送的加密密钥对各个应用账户的登录信息进行加密的过程,可以是用户一次将所有应用账户的登录信息进行加密操作,也可以是每当用户完成设置应用账户的登录信息后执行加密操作,这里不进行限定。It should be noted that the process of encrypting the login information of each application account by using the encryption key sent by reading the magnetic card may be that the user encrypts the login information of all application accounts at one time, or it may be that each time the user completes setting the application. The encryption operation is performed after the login information of the account, which is not limited here.
205、将加密后的各个应用账户的登录信息与应用账户的标识信息进行绑定后,保存至终端的安全领域。205. After binding the encrypted login information of each application account with the identification information of the application account, save it to the security field of the terminal.
对于本发明实施例,为了便于用户对加密后各个应用账户的登录信息进行查找,可以将加密后各个应用账户的登录信息与应用账户的名称、ID或者图标进行绑定,这里不进行限定。For the embodiment of the present invention, in order to facilitate the user to search the encrypted login information of each application account, the encrypted login information of each application account may be bound with the name, ID or icon of the application account, which is not limited here.
例如,终端检测到用户在应用A登录界面输入登录信息B后,使用加密密钥对登录信息B进行加密,得到加密后登录信息C,并将加密后登录信息与应用A的标识信息进行绑定。For example, after detecting that the user enters login information B on the login interface of application A, the terminal encrypts the login information B with an encryption key, obtains the encrypted login information C, and binds the encrypted login information with the identification information of application A .
206、接收用户触发预设应用账户的登录指令,提取所述登录指令中携带的预设应用账户的标识信息。206. Receive a login instruction from a user that triggers a preset application account, and extract the identification information of the preset application account carried in the login instruction.
对于本发明实施例,用户在登录预设应用账户过程中需要输入登录信息才可以进入预设应用界面,而触发预设应用账户的登录指令中携带有预设应用账户的标识信息,如应用账户的名称、ID或者图标等用于区别其他应用账户的标识。For the embodiment of the present invention, the user needs to enter login information in the process of logging in to the preset application account before entering the preset application interface, and the login instruction triggering the preset application account carries the identification information of the preset application account, such as the application account The name, ID or icon used to distinguish other application accounts.
207、根据所述预设应用账户的标识信息,从所述安全区域查询加密后的各个应用账户的登录信息中与所述预设应用账户的标识信息相匹配的加密后登录信息。207. According to the identification information of the preset application account, query the encrypted login information from the encrypted login information of each application account that matches the identification information of the preset application account from the security area.
由于安全区域存储有加密后的各个应用账户的登录信息与应用账户的标识信息之间的映射关系,通过映射关系可以查找与预设应用账户的标识信息相对应的登录信息。Since the secure area stores the encrypted mapping relationship between the login information of each application account and the identification information of the application account, the login information corresponding to the identification information of the preset application account can be searched through the mapping relationship.
208、当检测到磁卡发送的感应信号时,通过终端预先配置的NFC模块读取所述磁卡中的解密密钥。208. When detecting the induction signal sent by the magnetic card, read the decryption key in the magnetic card through the NFC module preconfigured in the terminal.
对于本发明实施例,与步骤203中的读取过程类似,磁卡在距离终端预设通信范围内的时候,终端会检测到磁卡发送的感应信号,并且利用预先配置的NFC模块读取磁卡中的解密密钥。For the embodiment of the present invention, similar to the reading process in step 203, when the magnetic card is within the preset communication range from the terminal, the terminal will detect the induction signal sent by the magnetic card, and use the pre-configured NFC module to read the information in the magnetic card. decryption key.
209、利用读取所述磁卡发送的解密密钥对所述预设应用账户的加密后登录信息进行解密,并根据解密后预设应用账户的登录信息进入预设应用界面。209. Decrypt the encrypted login information of the preset application account by reading the decryption key sent by the magnetic card, and enter a preset application interface according to the decrypted login information of the preset application account.
当终端根据前台运行的应用账户或者显示的应用账户登录界面,从读取磁卡发送的解密密钥对预设应用账户的加密后登录信息进行解密,从而得到适用于预设应用账户的登录信息,从而根据该解密后预设应用账户的登录信息进入预设应用界面。When the terminal decrypts the encrypted login information of the preset application account according to the application account running in the foreground or the displayed application account login interface, from the decryption key sent by reading the magnetic card, so as to obtain the login information suitable for the preset application account, Thus, the preset application interface is entered according to the login information of the decrypted preset application account.
例如,终端检测到前台运行应用A后,根据应用A的标识,查询在登录信息加密阶段预先建立的绑定关系,得到与应用A的标识信息对应的加密后的登录信息C,使用从磁卡中读取到的解密密钥对加密后的登录信息C进行解密,得到登录信息B,将登录信息B自动输入到应用A的登录输入框中。For example, after detecting that application A is running in the foreground, the terminal queries the binding relationship pre-established in the login information encryption stage according to the identification of application A, and obtains the encrypted login information C corresponding to the identification information of application A, and uses it from the magnetic card. The read decryption key decrypts the encrypted login information C to obtain login information B, which is automatically input into the login input box of application A.
在具体应用过程中,为了保证各个应用账户的登录信息可以被分配到更合适的加密密钥,可以在获取各个应用账户的登录信息之后,根据用户操作应用账户的行为数据,将各个应用账户的登录信息划分为不同安全等级的登录信息。In the specific application process, in order to ensure that the login information of each application account can be allocated to a more appropriate encryption key, after obtaining the login information of each application account, according to the behavior data of the user operating the application account, the The login information is divided into login information of different security levels.
对于本发明实施例,由于各个应用账户在使用过程中涉及的行为数据有所不同,例如,有涉及购物类的应用账户会存在支付行为数据,有涉及游戏类的应用账户会存在互动行为数据,当然现在很多类应用账户在使用过程中都会涉及到金钱交易的行为数据,从而使得应用账户的登录信息存在不同安全等级,进一步根据用户操作应用账户的行为数据,将各个应用账户的登录信息划分为不同安全等级的登录信息。通常情况下,生活类应用账户的行为操作一般不涉及安全风险,该类应用账户的登录信息具有较低的安全等级,社交类应用账户只有在交易操作行为会涉及安全风险,该类应用账户的登录信息具有中等的安全等级,而财务类应用在登录后的行为操作会涉及安全风险,该类应用账户的登录信息具有较高的安全等级,For the embodiment of the present invention, since the behavior data involved in the use of each application account is different, for example, an application account involving shopping may have payment behavior data, and an application account involving games may have interactive behavior data. Of course, many types of application accounts will involve the behavior data of money transactions in the process of use, so that the login information of the application account has different security levels. Further, according to the behavior data of the user operating the application account, the login information of each application account is divided into Login information for different security levels. Under normal circumstances, the behavior and operation of life application accounts generally do not involve security risks. The login information of such application accounts has a lower security level. Social application accounts only involve security risks in transaction operations. The login information has a medium security level, and the behavior and operation of financial applications after login will involve security risks. The login information of this type of application account has a high security level.
具体可以将风险级别划分为低级风险,中级风险以及高级风险,或者可以划分为一级风险、二级风险和三级风险,如果用户按照个人习惯在相同时间范围内,使用相同的IP地址登录APP账户进行操作,即在用户的使用习惯未发生改变时,用户的个人信息没有被更改并且用户账户余额小于第一预定金额,例如,用户的支付宝账户余额小于100,则判定应用账户的登录信息对应的风险级别为低级风险,或者三级风险;当用户的登录习惯发生变化,例如,用户在预定时间内没有登录过账户,用户登录的IP地址发生改变,用户更改个人信息,或者用户的账户余额超过第一预定金额,则判定应用账户的登录信息对应的风险级别为中级风险,或者二级风险;当用户账户余的额超过第二预定金额,或者当用户的账户密码被修改时,则判定应用账户的登录信息对应的风险级别为高级风险,或者一级风险,可以根据具体应用场景设置第一预订金额和第二预定金额,这里不进行限定。Specifically, the risk level can be divided into low-level risk, medium-level risk and high-level risk, or can be divided into first-level risk, second-level risk and third-level risk. If users log in to the APP with the same IP address within the same time range according to their personal habits The account is operated, that is, when the user's usage habits have not changed, the user's personal information has not been changed and the user's account balance is less than the first predetermined amount, for example, the user's Alipay account balance is less than 100, then it is determined that the login information of the application account corresponds to The risk level is low-level risk, or third-level risk; when the user's login habits change, for example, the user has not logged into the account within a predetermined time, the user's login IP address changes, the user changes personal information, or the user's account balance If it exceeds the first predetermined amount, it is determined that the risk level corresponding to the login information of the application account is intermediate risk or second-level risk; when the balance of the user's account exceeds the second predetermined amount, or when the user's account password is modified, it is determined that The risk level corresponding to the login information of the application account is a high-level risk or a first-level risk, and the first predetermined amount and the second predetermined amount can be set according to specific application scenarios, which are not limited here.
在具体应用过程中,如图3所示,磁卡中配置有预先设置的为各个应用账户的登录信息分配加密密钥的分配规则,当分配规则为按照应用账户的登录信息对应的安全等级进行分配时,具体利用读取磁卡中预先设置的分配规则为各个应用账户的登录信息分配加密密钥可以包括如下步骤:In the specific application process, as shown in Figure 3, the magnetic card is configured with a preset allocation rule for allocating encryption keys for the login information of each application account, when the allocation rule is to allocate according to the security level corresponding to the login information of the application account At the time of reading, using the pre-set allocation rules in the reading magnetic card to allocate encryption keys to the login information of each application account may include the following steps:
301、利用读取磁卡中预先设置的分配规则,查询各个应用账户的登录信息对应的安全等级。301. Use a pre-set allocation rule in the read magnetic card to query the security level corresponding to the login information of each application account.
对于本发明实施例,磁卡中配置的加密密钥同样是针对各个应用账户的登录信息对应的安全等级,各个应用账户的登录信息对应的安全等级通常为根据各个应用账户操作过程中涉及的金额数量来确定,通常应用账户的安全等级越高,可以分配到磁卡中读取安全等级越高的加密密钥。For the embodiment of the present invention, the encryption key configured in the magnetic card is also the security level corresponding to the login information of each application account, and the security level corresponding to the login information of each application account is usually based on the amount of money involved in the operation process of each application account. To determine, generally the higher the security level of the application account, the higher the security level can be assigned to the magnetic card to read the encryption key.
302、根据所述各个应用账户的登录信息对应的安全等级,为各个应用账户的登录信息分配加密密钥。302. Allocate an encryption key for the login information of each application account according to the security level corresponding to the login information of each application account.
对于本发明实施例,在对应用账户的登录信息进行加密的过程中,利用读取磁卡中配置的与不同安全等级的登录信息相匹配的加密密钥,针对不同安全等级应用账户的登录信息分别获取与安全等级相匹配的加密密钥。For the embodiment of the present invention, in the process of encrypting the login information of the application account, the encryption key configured in the read magnetic card that matches the login information of different security levels is used to separate the login information of the application account for different security levels. Get the encryption key that matches the security level.
在具体应用过程中,如图4所示,磁卡中配置有预先设置的为各个应用账户的登录信息分配加密密钥的分配规则,当分配规则为按照生成应用账户的登录信息的时间顺序时,具体利用读取磁卡中预先设置的分配规则为各个应用账户的登录信息分配加密密钥可以包括如下步骤:In the specific application process, as shown in Figure 4, the magnetic card is configured with a preset distribution rule for allocating encryption keys for the login information of each application account. Specifically, allocating encryption keys to the login information of each application account by using the pre-set allocation rules in the reading magnetic card may include the following steps:
401、利用读取磁卡中预先设置的分配规则,查询生成各个应用账户的登录信息对应的时间顺序。401. Using a pre-set allocation rule in the read magnetic card, query and generate a time sequence corresponding to the login information of each application account.
对于本发明实施例,磁卡中配置的加密密钥同样是针对生成各个应用账户的登录信息对应的时间顺序,生成各个应用账户的登录信息对应的时间顺序通常为用户注册应用账户的时间,具体可以通过查询用户注册应用账户的时间来查询各个应用账户的登录信息的时间顺序,通常注册应用账户的时间越早,可以优先分配磁卡中读取的加密密钥。For the embodiment of the present invention, the encryption key configured in the magnetic card is also the time sequence corresponding to the generation of the login information of each application account, and the time sequence corresponding to the generation of the login information of each application account is usually the time when the user registers the application account. The chronological order of the login information of each application account can be queried by querying the time when the user registered the application account. Usually, the earlier the time of registering the application account is, the encryption key read in the magnetic card can be preferentially allocated.
402、按照所述生成各个应用账户的登录信息对应的时间顺序,为各个应用账户的登录信息分配加密密钥。402. Allocate an encryption key to the login information of each application account according to the time sequence corresponding to the generation of the login information of each application account.
这里具体对各个应用账户的登录信息进行加密过程同步骤302类似,在此不进行赘述。The process of encrypting the login information of each application account here is similar to step 302, and details are not described here.
进一步地,作为图1所述方法的具体实现,本发明实施例提供了一种应用账户登录装置,如图5所示,所述装置包括:获取单元51、加密单元52、查询单元53、解密单元54。Further, as a specific implementation of the method described in FIG. 1 , an embodiment of the present invention provides an application account login device. As shown in FIG. 5 , the device includes: an acquisition unit 51 , an encryption unit 52 , a query unit 53 , and a decryption unit 53 . unit 54.
获取单元51,可以用于获取各个应用账户的登录信息;The obtaining unit 51 can be used to obtain the login information of each application account;
加密单元52,可以用于利用读取磁卡发送的加密密钥对所述各个应用账户的登录信息进行加密,并将加密后各个应用账户的登录信息保存至终端的安全区域;The encryption unit 52 can be used to encrypt the login information of each application account by using the encryption key sent by the reading magnetic card, and save the encrypted login information of each application account to the security area of the terminal;
查询单元53,可以用于接收用户触发预设应用账户的登录指令,从所述安全区域查询加密后的各个账户的登录信息中与所述预设应用账户相匹配的加密后登录信息;The query unit 53 may be configured to receive a login instruction from a user to trigger a preset application account, and query the encrypted login information of each account from the secure area for the encrypted login information that matches the preset application account;
解密单元54,可以用于利用读取所述磁卡发送的解密密钥对所述预设应用账户的加密后登录信息进行解密,并根据解密后预设应用账户的登录信息进入预设应用界面。The decryption unit 54 can be configured to decrypt the encrypted login information of the preset application account by using the decryption key sent by reading the magnetic card, and enter the preset application interface according to the decrypted login information of the preset application account.
本发明提供一种应用账户登录装置,通过获取各个应用账户的登录信息,利用读取磁卡发送的加密密钥对各个应用账户的登录信息进行加密,提高用户登录账户的安全性,从而在用户登录预设应用账户时,同样利用磁卡发送的解密密钥对预设应用账户进行解密,并根据预设应用账户的登录信息进入预设应用界面,用户无需手动填写登录密码,提高应用账户登录的可操作性。与现有技术中无需输入登录信息即可登录应用账户的应用账户登录方式相比,本发明实施例为了提高应用账户登录的便捷性,通过终端配置NFC模块读取的加密密钥对应用账户的登录信息进行加密,使得应用账户具有更高的安全性,而当用户在进入应用账户界面时,通过终端配置NFC模块读取的解密密钥对应用账户的登录信息进行解密,使得用户在登录和交易的过程无需手动操作,即可实现自动进入应用账户界面,提升用户操作的便捷性。The invention provides an application account login device. By acquiring the login information of each application account, the login information of each application account is encrypted by using an encryption key sent by reading a magnetic card, so as to improve the security of the user login account, so that when the user logs in When the application account is preset, the decryption key sent by the magnetic card is also used to decrypt the preset application account, and the preset application interface is entered according to the login information of the preset application account. operability. Compared with the application account login method in the prior art in which the application account can be logged in without inputting login information, in order to improve the convenience of the application account login in the embodiment of the present invention, the encryption key read by the terminal configuration NFC module is used for the application account login. The login information is encrypted, so that the application account has higher security, and when the user enters the application account interface, the login information of the application account is decrypted by the decryption key read by the terminal configuration NFC module, so that the user can log in and The transaction process can automatically enter the application account interface without manual operation, which improves the convenience of user operations.
在具体的应用场景中,作为图5中所示应用账户登录装置的进一步说明,如图6所示,所述装置还包括:In a specific application scenario, as a further description of the application account login device shown in FIG. 5 , as shown in FIG. 6 , the device further includes:
划分单元55,可以用于在所述获取各个应用账户的登录信息之后:根据用户操作应用账户的行为数据,将所述各个应用账户的登录信息划分为不同安全等级的登录信息;The dividing unit 55 may be configured to, after obtaining the login information of each application account: according to the behavior data of the user operating the application account, divide the login information of each application account into login information of different security levels;
第一读取单元56,可以用于在所述利用读取磁卡发送的加密密钥对所述各个应用账户的登录信息进行加密,并将加密后各个应用账户的登录信息保存至终端的安全区域之前,当检测到磁卡发送的感应信号时,通过终端预先配置的NFC模块读取所述磁卡中的加密密钥;The first reading unit 56 can be used to encrypt the log-in information of each application account by using the encryption key sent by the read magnetic card, and save the encrypted log-in information of each application account to the security area of the terminal Before, when detecting the induction signal sent by the magnetic card, read the encryption key in the magnetic card through the NFC module preconfigured in the terminal;
第二读取单元57,可以用于在在所述利用读取所述磁卡发送的解密密钥对所述预设应用账户的加密后登录信息进行解密,并根据解密后预设应用账户的登录信息进入预设应用界面之前,当检测到磁卡发送的感应信号时,通过终端预先配置的NFC模块读取所述磁卡中的解密密钥。The second reading unit 57 can be configured to decrypt the encrypted login information of the preset application account by using the decryption key sent by reading the magnetic card, and log in according to the decrypted preset application account. Before the information enters the preset application interface, when the induction signal sent by the magnetic card is detected, the decryption key in the magnetic card is read through the NFC module preconfigured in the terminal.
进一步地,磁卡中配置有预先设置的为各个应用账户的登录信息分配加密密钥的分配规则,所述加密单元52包括:Further, the magnetic card is configured with a preset distribution rule for allocating encryption keys for the login information of each application account, and the encryption unit 52 includes:
分配模块521,可以用于利用读取磁卡中预先设置的分配规则为各个应用账户的登录信息分配加密密钥;The distribution module 521 can be used to distribute encryption keys for the login information of each application account by using the distribution rules preset in the reading magnetic card;
加密模块522,可以用于根据所述各个应用账户的登录信息对应的加密密钥,对各个应用账户的登录信息进行加密,得到加密后各个应用账户的登录信息;The encryption module 522 can be configured to encrypt the login information of each application account according to the encryption key corresponding to the login information of each application account, and obtain the encrypted login information of each application account;
绑定模块523,可以用于将加密后的各个应用账户的登录信息与应用账户的标识信息进行绑定后,保存至终端的安全领域。The binding module 523 may be configured to bind the encrypted login information of each application account with the identification information of the application account, and then save it to the security field of the terminal.
进一步地,当所述分配规则为按照应用账户的登录信息对应的安全等级进行分配时,Further, when the allocation rule is to allocate according to the security level corresponding to the login information of the application account,
所述分配模块521,具体可以用于利用读取磁卡中预先设置的分配规则,查询各个应用账户的登录信息对应的安全等级;The allocation module 521 can specifically be used to query the security level corresponding to the login information of each application account by using the pre-set allocation rules in the reading magnetic card;
所述分配模块521,具体还可以用于根据所述各个应用账户的登录信息对应的安全等级,为各个应用账户的登录信息分配加密密钥。The assigning module 521 may be further configured to assign an encryption key to the login information of each application account according to the security level corresponding to the login information of each application account.
进一步地,当所述分配规则为按照生成应用账户的登录信息的时间顺序时,Further, when the distribution rule is in the chronological order of generating the login information of the application account,
所述分配模块521,具体可以用于利用读取磁卡中预先设置的分配规则,查询生成各个应用账户的登录信息对应的时间顺序;The allocation module 521 can be specifically configured to use the pre-set allocation rules in the reading magnetic card to query and generate the corresponding time sequence of the login information of each application account;
所述分配模块521,具体还可以用于按照所述生成各个应用账户的登录信息对应的时间顺序,为各个应用账户的登录信息分配加密密钥。The assigning module 521 may be further configured to assign encryption keys to the login information of each application account according to the time sequence corresponding to the generation of the login information of each application account.
进一步地,所述查询单元53包括:Further, the query unit 53 includes:
提取模块531,可以用于接收用户触发预设应用账户的登录指令,提取所述登录指令中携带的预设应用账户的标识信息;The extraction module 531 may be configured to receive a login instruction from a user to trigger a preset application account, and extract the identification information of the preset application account carried in the login instruction;
查询模块532,可以用于根据所述预设应用账户的标识信息,从所述安全区域查询加密后的各个应用账户的登录信息中与所述预设应用账户的标识信息相匹配的加密后登录信息。The query module 532 can be configured to query the encrypted login information that matches the identification information of the preset application account from the secure area according to the identification information of the preset application account. information.
需要说明的是,本实施例提供的一种应用账户登录装置所涉及各功能单元的其他相应描述,可以参考图1至图4中的对应描述,在此不再赘述。It should be noted that, for other corresponding descriptions of the functional units involved in an application account login device provided in this embodiment, reference may be made to the corresponding descriptions in FIG. 1 to FIG. 4 , which will not be repeated here.
基于上述如图1至图4所示方法,相应的,本实施例还提供了一种存储介质,其上存储有计算机程序,该程序被处理器执行时实现上述如图1至图4所示的应用账户登录方法。Based on the above methods shown in FIGS. 1 to 4 , correspondingly, the present embodiment further provides a storage medium on which a computer program is stored, and when the program is executed by a processor, the above-mentioned shown in FIGS. 1 to 4 is realized. application account login method.
基于这样的理解,本申请的技术方案可以以软件产品的形式体现出来,该软件产品可以存储在一个非易失性存储介质(可以是CD-ROM,U盘,移动硬盘等)中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施场景所述的方法。Based on this understanding, the technical solution of the present application can be embodied in the form of a software product, and the software product can be stored in a non-volatile storage medium (which may be CD-ROM, U disk, mobile hard disk, etc.), including several The instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in various implementation scenarios of this application.
基于上述如图1至图4所示的方法,以及图5至图6所示的虚拟装置实施例,为了实现上述目的,本申请实施例还提供了一种计算机设备,具体可以为个人计算机、服务器、网络设备等,该实体设备包括存储介质和处理器;存储介质,用于存储计算机程序;处理器,用于执行计算机程序以实现上述如图1至图4所示的应用账户登录方法。Based on the foregoing methods shown in FIGS. 1 to 4 and the virtual device embodiments shown in FIGS. 5 to 6 , in order to achieve the foregoing purpose, an embodiment of the present application further provides a computer device, which may specifically be a personal computer, A server, a network device, etc., the physical device includes a storage medium and a processor; the storage medium is used to store a computer program; the processor is used to execute the computer program to implement the above-mentioned application account login method shown in FIG. 1 to FIG. 4 .
可选地,该计算机设备还可以包括用户接口、网络接口、摄像头、射频(RadioFrequency,RF)电路,传感器、音频电路、WI-FI模块等等。用户接口可以包括显示屏(Display)、输入单元比如键盘(Keyboard)等,可选用户接口还可以包括USB接口、读卡器接口等。网络接口可选的可以包括标准的有线接口、无线接口(如蓝牙接口、WI-FI接口)等。Optionally, the computer device may further include a user interface, a network interface, a camera, a radio frequency (Radio Frequency, RF) circuit, a sensor, an audio circuit, a WI-FI module, and the like. The user interface may include a display screen (Display), an input unit such as a keyboard (Keyboard), etc., and the optional user interface may also include a USB interface, a card reader interface, and the like. Optional network interfaces may include standard wired interfaces, wireless interfaces (such as Bluetooth interfaces, WI-FI interfaces), and the like.
本领域技术人员可以理解,本实施例提供的应用账户登录实体设备结构并不构成对该实体设备的限定,可以包括更多或更少的部件,或者组合某些部件,或者不同的部件布置。Those skilled in the art can understand that the application account login entity device structure provided in this embodiment does not constitute a limitation on the entity device, and may include more or less components, or combine some components, or arrange different components.
存储介质中还可以包括操作系统、网络通信模块。操作系统是管理上述计算机设备硬件和软件资源的程序,支持信息处理程序以及其它软件和/或程序的运行。网络通信模块用于实现存储介质内部各组件之间的通信,以及与该实体设备中其它硬件和软件之间通信。The storage medium may also include an operating system and a network communication module. An operating system is a program that manages the hardware and software resources of the above-mentioned computer equipment, and supports the operation of information processing programs and other software and/or programs. The network communication module is used to realize the communication between various components in the storage medium, as well as the communication with other hardware and software in the physical device.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到本申请可以借助软件加必要的通用硬件平台的方式来实现,也可以通过硬件实现。通过应用本申请的技术方案,与目前现有技术相比,本发明实施例通过终端配置NFC模块读取的加密密钥对应用账户的登录信息进行加密,使得应用账户具有更高的安全性,而当用户在进入应用账户界面时,通过终端配置NFC模块读取的解密密钥对应用账户的登录信息进行解密,使得用户在登录和交易的过程无需手动操作,即可实现自动进入应用账户界面,提升用户操作的便捷性。From the description of the above embodiments, those skilled in the art can clearly understand that the present application can be implemented by means of software plus a necessary general hardware platform, and can also be implemented by hardware. By applying the technical solution of the present application, compared with the current prior art, the embodiment of the present invention encrypts the login information of the application account through the encryption key read by the NFC module configured on the terminal, so that the application account has higher security, When the user enters the application account interface, the login information of the application account is decrypted by the decryption key read by the NFC module configured on the terminal, so that the user can automatically enter the application account interface without manual operation in the process of login and transaction. , to improve the convenience of user operation.
本领域技术人员可以理解附图只是一个优选实施场景的示意图,附图中的模块或流程并不一定是实施本申请所必须的。本领域技术人员可以理解实施场景中的装置中的模块可以按照实施场景描述进行分布于实施场景的装置中,也可以进行相应变化位于不同于本实施场景的一个或多个装置中。上述实施场景的模块可以合并为一个模块,也可以进一步拆分成多个子模块。Those skilled in the art can understand that the accompanying drawing is only a schematic diagram of a preferred implementation scenario, and the modules or processes in the accompanying drawing are not necessarily necessary to implement the present application. Those skilled in the art can understand that the modules in the device in the implementation scenario may be distributed in the device in the implementation scenario according to the description of the implementation scenario, or may be located in one or more devices different from the implementation scenario with corresponding changes. The modules of the above implementation scenarios may be combined into one module, or may be further split into multiple sub-modules.
上述本申请序号仅仅为了描述,不代表实施场景的优劣。以上公开的仅为本申请的几个具体实施场景,但是,本申请并非局限于此,任何本领域的技术人员能思之的变化都应落入本申请的保护范围。The above serial numbers in this application are only for description, and do not represent the pros and cons of the implementation scenarios. The above disclosures are only a few specific implementation scenarios of the present application, however, the present application is not limited thereto, and any changes that can be conceived by those skilled in the art should fall within the protection scope of the present application.
Claims (10)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910219130.7A CN110059473A (en) | 2019-03-21 | 2019-03-21 | Using account logon method, device, computer equipment and computer storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910219130.7A CN110059473A (en) | 2019-03-21 | 2019-03-21 | Using account logon method, device, computer equipment and computer storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110059473A true CN110059473A (en) | 2019-07-26 |
Family
ID=67317402
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910219130.7A Pending CN110059473A (en) | 2019-03-21 | 2019-03-21 | Using account logon method, device, computer equipment and computer storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110059473A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111241499A (en) * | 2020-01-07 | 2020-06-05 | 腾讯科技(深圳)有限公司 | Application program login method, device, terminal and storage medium |
| CN115206034A (en) * | 2022-07-15 | 2022-10-18 | 中国银行股份有限公司 | Bank card data processing method and device, terminal equipment and storage medium |
| CN119577719A (en) * | 2024-11-11 | 2025-03-07 | 中移(杭州)信息技术有限公司 | An authentication method, device, equipment, storage medium and program product |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW200513087A (en) * | 2003-09-19 | 2005-04-01 | Hui Lin | Mail server login security authentication system and method, and IC card authentication hardware |
| US20070094512A1 (en) * | 2005-10-26 | 2007-04-26 | Masatsugu Nomiya | Storage media issuing method |
| CN103237305A (en) * | 2013-03-27 | 2013-08-07 | 公安部第三研究所 | Password protection method for smart card on mobile terminals |
| CN105210073A (en) * | 2012-11-28 | 2015-12-30 | 豪沃克有限公司 | A method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors |
| US20160057136A1 (en) * | 2014-08-20 | 2016-02-25 | Chi-Pei Wang | Computer network system with single-key quick secure login function |
| CN106682900A (en) * | 2015-11-10 | 2017-05-17 | 阿里巴巴集团控股有限公司 | Method and device for determining safety of transaction |
| CN106789086A (en) * | 2017-01-25 | 2017-05-31 | 中钞信用卡产业发展有限公司北京智能卡技术研究院 | A kind of digital signature method and its device for mobile terminal |
| CN107451441A (en) * | 2017-07-04 | 2017-12-08 | 广东欧珀移动通信有限公司 | Application program account information acquisition method and device |
| CN108471403A (en) * | 2018-02-27 | 2018-08-31 | 平安科技(深圳)有限公司 | A kind of method, apparatus, terminal device and the storage medium of account migration |
| CN108764891A (en) * | 2018-05-28 | 2018-11-06 | 深圳市零度智控科技有限公司 | Secured mobile payment method, device, terminal device and readable storage medium storing program for executing |
-
2019
- 2019-03-21 CN CN201910219130.7A patent/CN110059473A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW200513087A (en) * | 2003-09-19 | 2005-04-01 | Hui Lin | Mail server login security authentication system and method, and IC card authentication hardware |
| US20070094512A1 (en) * | 2005-10-26 | 2007-04-26 | Masatsugu Nomiya | Storage media issuing method |
| CN105210073A (en) * | 2012-11-28 | 2015-12-30 | 豪沃克有限公司 | A method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors |
| CN103237305A (en) * | 2013-03-27 | 2013-08-07 | 公安部第三研究所 | Password protection method for smart card on mobile terminals |
| US20160057136A1 (en) * | 2014-08-20 | 2016-02-25 | Chi-Pei Wang | Computer network system with single-key quick secure login function |
| CN106682900A (en) * | 2015-11-10 | 2017-05-17 | 阿里巴巴集团控股有限公司 | Method and device for determining safety of transaction |
| CN106789086A (en) * | 2017-01-25 | 2017-05-31 | 中钞信用卡产业发展有限公司北京智能卡技术研究院 | A kind of digital signature method and its device for mobile terminal |
| CN107451441A (en) * | 2017-07-04 | 2017-12-08 | 广东欧珀移动通信有限公司 | Application program account information acquisition method and device |
| CN108471403A (en) * | 2018-02-27 | 2018-08-31 | 平安科技(深圳)有限公司 | A kind of method, apparatus, terminal device and the storage medium of account migration |
| CN108764891A (en) * | 2018-05-28 | 2018-11-06 | 深圳市零度智控科技有限公司 | Secured mobile payment method, device, terminal device and readable storage medium storing program for executing |
Non-Patent Citations (2)
| Title |
|---|
| 叶志华;王彬;: "基于NFC芯片的防伪溯源系统的设计", 物联网技术, no. 03, 20 March 2016 (2016-03-20) * |
| 张航;吴灏;许蓉;: "IE8.0登录信息保护机制的缺陷分析与利用", 计算机工程, no. 01, 15 January 2013 (2013-01-15) * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111241499A (en) * | 2020-01-07 | 2020-06-05 | 腾讯科技(深圳)有限公司 | Application program login method, device, terminal and storage medium |
| CN111241499B (en) * | 2020-01-07 | 2023-05-05 | 腾讯科技(深圳)有限公司 | Application program login method, device, terminal and storage medium |
| CN115206034A (en) * | 2022-07-15 | 2022-10-18 | 中国银行股份有限公司 | Bank card data processing method and device, terminal equipment and storage medium |
| CN115206034B (en) * | 2022-07-15 | 2024-07-02 | 中国银行股份有限公司 | Bank card data processing method and device, terminal equipment and storage medium |
| CN119577719A (en) * | 2024-11-11 | 2025-03-07 | 中移(杭州)信息技术有限公司 | An authentication method, device, equipment, storage medium and program product |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10873573B2 (en) | Authenticating a user and registering a wearable device | |
| CN111917773B (en) | Service data processing method and device and server | |
| US20230291571A1 (en) | Dynamic management and implementation of consent and permissioning protocols using container-based applications | |
| US10621326B2 (en) | Identity authentication method, server, and storage medium | |
| US20220094678A1 (en) | Systems and methods for user authentication based on multiple devices | |
| US10009179B2 (en) | Trusted platform module (TPM) protected device | |
| US9705879B2 (en) | Efficient and reliable attestation | |
| AU2013308905B2 (en) | Protecting assets on a device | |
| US11044604B2 (en) | Method and system for protecting and utilizing internet identity, using smartphone | |
| US20170324736A1 (en) | Securing biometric data through template distribution | |
| US10382428B2 (en) | Systems and methods for providing single sign-on authentication services | |
| CN110059473A (en) | Using account logon method, device, computer equipment and computer storage medium | |
| CN110224851B (en) | Account information merging method and device, computer equipment and computer storage medium | |
| CN106487758A (en) | A kind of data safety endorsement method, service terminal and private key backup server | |
| CN106685945B (en) | Service request processing method, service handling number verification method and terminal thereof | |
| CN107438057A (en) | Method and apparatus for the login of application program | |
| KR20180051618A (en) | How to manage your application | |
| CN106886891A (en) | A kind of near field payment method, relevant device and system | |
| KR101156102B1 (en) | Memory card reader apparatus having security features and the method thereof | |
| KR101980432B1 (en) | Apparatus and method for managing personal information | |
| CN118590306A (en) | Service request verification method, device, equipment, storage medium and program product | |
| TW201437840A (en) | Method of performing validation through comparison of files | |
| HK1213378A1 (en) | Authorization method, permission setting method and devices thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190726 |