Identity authentication method and device and storage medium

US 10,305,889 B2
Filed: 05/16/2016
Issued: 05/28/2019
Est. Priority Date: 11/19/2013
Status: Active Grant

First Claim

Patent Images

1. An identity authentication method comprising:

generating a plurality of CAPTCHA codes;

generating, for each of the plurality of CAPTCHA codes, one or more corresponding passwords;

storing the plurality of CAPTCHA codes and the corresponding passwords, wherein generating a first CAPTCHA code of the plurality of CAPTCHA codes comprises;

selecting a plurality of pieces of prompt information from a database;

selecting a plurality of sub-images corresponding respectively to the plurality of pieces of prompt information; and

splicing the plurality of sub-images into a CAPTCHA image according to a preset splicing rule,wherein the first CAPTCHA code includes the CAPTCHA image and the plurality of pieces of prompt information;

receiving a first request from a user equipment; and

in response to receiving the first request;

randomly selecting a CAPTCHA code from the plurality of CAPTCHA codes based on the first request, wherein the selected CAPTCHA code includes a first CAPTCHA image formed by a plurality of spliced sub-imagesrandomly selecting one of the one or more passwords corresponding to the selected CAPTCHA code, wherein the selected password includes a preset processing rule for the plurality of spliced sub-images;

sending the selected CAPTCHA code and the selected password to the user equipment to cause the user equipment to (i) rearrange positions of the plurality of spliced sub-images of the first CAPTCHA image in the selected CAPTCHA code to form a second CAPTCHA image according to the preset processing rule contained in the selected password and (ii) present the second CAPTCHA image to a user;

receiving, from the user equipment, authentication response information inputted by the user according to the second CAPTCHA image; and

in response to receiving the authentication response information, (i) authenticating an identity of the user according to the authentication response information and (ii) returning an authentication result to the user equipment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An identity authentication method and device and a storage medium are disclosed, and the method includes: receiving a CAPTCHA code acquiring request from a user equipment; randomly selecting a CAPTCHA code and a password corresponding thereto as per the request, the CAPTCHA code comprising a first CAPTCHA image formed by a plurality of spliced sub-images, and the password comprising a preset processing rule for the sub-images; sending the CAPTCHA code and password to the user equipment, so that the user equipment rearranges positions of the sub-images to form a second CAPTCHA image and presents the second CAPTCHA image to a user; and receiving, from the user equipment, authentication response information inputted by a user according to the second CAPTCHA image, authenticating an identity of the user according to the authentication response information, and returning an authentication result to the user equipment.

9 Citations

16 Claims

1. An identity authentication method comprising:
- generating a plurality of CAPTCHA codes;
  
  generating, for each of the plurality of CAPTCHA codes, one or more corresponding passwords;
  
  storing the plurality of CAPTCHA codes and the corresponding passwords, wherein generating a first CAPTCHA code of the plurality of CAPTCHA codes comprises;
  
  selecting a plurality of pieces of prompt information from a database;
  
  selecting a plurality of sub-images corresponding respectively to the plurality of pieces of prompt information; and
  
  splicing the plurality of sub-images into a CAPTCHA image according to a preset splicing rule,wherein the first CAPTCHA code includes the CAPTCHA image and the plurality of pieces of prompt information;
  
  receiving a first request from a user equipment; and
  
  in response to receiving the first request;
  
  randomly selecting a CAPTCHA code from the plurality of CAPTCHA codes based on the first request, wherein the selected CAPTCHA code includes a first CAPTCHA image formed by a plurality of spliced sub-imagesrandomly selecting one of the one or more passwords corresponding to the selected CAPTCHA code, wherein the selected password includes a preset processing rule for the plurality of spliced sub-images;
  
  sending the selected CAPTCHA code and the selected password to the user equipment to cause the user equipment to (i) rearrange positions of the plurality of spliced sub-images of the first CAPTCHA image in the selected CAPTCHA code to form a second CAPTCHA image according to the preset processing rule contained in the selected password and (ii) present the second CAPTCHA image to a user;
  
  receiving, from the user equipment, authentication response information inputted by the user according to the second CAPTCHA image; and
  
  in response to receiving the authentication response information, (i) authenticating an identity of the user according to the authentication response information and (ii) returning an authentication result to the user equipment.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method according to claim 1, wherein the preset processing rule contained in the selected password comprises a dividing rule and an arranging rule for the plurality of spliced sub-images.
  - 3. The method according to claim 1, wherein the sending the selected CAPTCHA code and the selected password to the user equipment comprises:
    - marking the selected password as sent to the user equipment; and
      
      sending the selected CAPTCHA code and the selected password to the user equipment.
  - 4. The method according to claim 3, further comprising:
    - in response to receiving the authentication response information, receiving the selected password from the user equipment,wherein the authenticating the identity of the user according to the authentication response information includes;
      
      searching for the received password in a buffer pool;
      
      checking whether the received password has been marked as sent to the user equipment if the password is searched out, authenticating the identity of the user based on preset authentication answer information and the received authentication response information and deleting the received password from the buffer pool, if the received password has been marked as sent to the user equipment, and stop authenticating the identity of the user if the received password has not been marked as sent to the user equipment; and
      
      stop authenticating the identity of the user if the received password is not searched out.
  - 5. The method according to claim 1, wherein:
    - each of the plurality of CAPTCHA codes further includes prompt information related to the plurality of sub-images of the first CAPTCHA image; and
      
      the authentication response information includes information of one or more sub-images selected by the user according to the prompt information.
  - 6. The method according to claim 5, wherein the authenticating the identity of the user according to the authentication response information comprises:
    - computing an authentication passing value T0 according to information of the selected one or more sub-images and a predetermined rule, anddetermining that the authentication is passed if the authentication passing value T0 is above a first threshold value T1, otherwise, determining that the authentication is not passed.

7. An identity authentication method that is performed by a system comprising a user equipment and a server, the method comprising:
- generating, by the server, a plurality of CAPTCHA codes;
  
  generating, by the server, for each of the plurality of CAPTCHA codes, one or more corresponding passwords;
  
  storing, by the server, the plurality of CAPTCHA codes and the corresponding passwords into a buffer pool,wherein generating a first CAPTCHA code of the plurality of CAPTCHA codes comprises;
  
  selecting, by the server, a plurality of pieces of prompt information from a database,selecting, by the server, a plurality of sub-images corresponding respectively the plurality of pieces of prompt information; and
  
  splicing, by the server, the plurality of sub-images into a CAPTCHA image according to a preset splicing rule,wherein the first CAPTCHA code includes the CAPTCHA image and the plurality of pieces of prompt information;
  
  receiving, by the server, a first request; and
  
  in response to receiving the first request;
  
  randomly selecting, by the server, a CAPTCHA code from the plurality of CAPTCHA codes based on the first request, wherein the selected CAPTCHA code includes a first CAPTCHA image formed by a plurality of spliced sub-imagesrandomly selecting, by the server, one of the one or more passwords corresponding to the selected CAPTCHA code, wherein the selected password includes a preset processing rule for the plurality of spliced sub-images;
  
  rearranging, by the user equipment, positions of the plurality of spliced sub-images of the first CAPTCHA image in the selected CAPTCHA code to form a second CAPTCHA image according to the preset processing rule contained in the selected password and presenting the second CAPTCHA image to a user; and
  
  sending, by the user equipment, authentication response information inputted by the user according to the second CAPTCHA image to the server for authenticating.
- View Dependent Claims (8)
- - 8. The method according to claim 7, wherein:
    - the preset processing rule contained in the selected password comprises a dividing rule and an arranging rule for the plurality of spliced sub-images; and
      
      the rearranging positions of the plurality of spliced sub-images of the first CAPTCHA image in the selected CAPTCHA code to form the second CAPTCHA image according to the preset processing rule contained in the selected password comprises;
      
      dividing, by the user equipment, the plurality of spliced sub-images of the first CAPTCHA image in the CAPTCHA code according to the dividing rule, andrearranging, by the user equipment, the plurality of divided sub-images according to the arranging rule to form the second CAPTCHA image.

9. An identity authentication device, running on a server, the device comprising:
- a CAPTCHA code generating module configured to generate a plurality of CAPTCHA codes and one or more passwords corresponding to each of the CAPTCHA codes and store the plurality of CAPTCHA codes and the corresponding passwords into a buffer pool, wherein the CAPTCHA code generating module comprises;
  
  a selecting sub-module configured to select a plurality of pieces of prompt information from a database, and select a plurality of sub-images corresponding to each of the plurality of pieces of prompt information; and
  
  a splicing sub-module configured to splice the plurality of sub-images corresponding to each of the plurality of pieces of prompt information into one or more first CAPTCHA images according to a preset splicing rule, wherein each of the CAPTCHA codes comprises a first CAPTCHA image and the prompt information corresponding to the first CAPTCHA image;
  
  a request receiving module configured to receive a CAPTCHA code acquiring request from a user equipment;
  
  a CAPTCHA code selecting module configured to randomly select a CAPTCHA code and a password corresponding to the selected CAPTCHA code based on the CAPTCHA code acquiring request, wherein the CAPTCHA code comprises the first CAPTCHA image formed by the plurality of spliced sub-images, and the password comprises a preset processing rule for the plurality of sub-images;
  
  a CAPTCHA code sending module configured to send the selected CAPTCHA code and password to the user equipment, so that the user equipment rearranges positions of the plurality of sub-images of the first CAPTCHA image in the CAPTCHA code to form a second CAPTCHA image according to the preset processing rule contained in the password and presents the second CAPTCHA image to a user; and
  
  a CAPTCHA authenticating module configured to receive, from the user equipment, authentication response information inputted by the user according to the second CAPTCHA image, authenticate an identity of the user according to the authentication response information, and return an authentication result to the user equipment.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The device according to claim 9, wherein the preset processing rule contained in the password comprises a dividing rule and an arranging rule for the plurality of sub-images.
  - 11. The device according to claim 9, wherein the CAPTCHA code sending module comprises:
    - a marking sub-module configured to mark the selected password as sent to the user equipment; and
      
      a sending sub-module configured to send the selected CAPTCHA code and password to the user equipment.
  - 12. The device according to claim 11, wherein the CAPTCHA authenticating module comprises:
    - a receiving sub-module configured to receive the authentication response information and the password returned from the user equipment;
      
      a searching sub-module configured to search for the returned password in the buffer pool, and check whether the password has been marked as sent to the user equipment if the password is searched out; and
      
      an authenticating sub-module configured to;
      
      authenticate the identity of the user based on preset authentication answer information and the received authentication response information and delete the password from the buffer pool if the password searched out by the searching sub-module has been marked as sent to the user equipment;
      
      stop authenticating the identity of the user if the password searched out by the searching sub-module has not been marked as sent to the user equipment; and
      
      stop authenticating the identity of the user if the password is not searched out.
  - 13. The device according to claim 9, wherein each CAPTCHA code further comprises prompt information related to the plurality of sub-images of the first CAPTCHA image in the CAPTCHA code, and the authentication response information comprises information of one or more sub-images selected by the user according to the prompt information.
  - 14. The device according to claim 13, wherein the CAPTCHA authenticating module is configured to:
    - compute an authentication passing value T0 according to information of the selected sub-images and a predetermined rule; and
      
      in response to the authentication passing value T0 being above a first threshold value T1, determine that the authentication is passed, and otherwise determine that the authentication is not passed.

15. A non-transitory storage medium comprising computer-executable instructions configured to perform an identity authentication method when executed by at least one computer processor, wherein the identity authentication method comprises:
- generating a plurality of CAPTCHA codes and one or more passwords corresponding to each of the CAPTCHA codes, and storing the plurality of CAPTCHA codes and the corresponding passwords into a buffer pool, wherein the generating the plurality of CAPTCHA codes comprises;
  
  selecting a plurality of pieces of prompt information from a database, and selecting a plurality of sub-images corresponding to each of the plurality of pieces of prompt information; and
  
  splicing the plurality of sub-images corresponding to each of the plurality of pieces of prompt information into one or more first CAPTCHA images according to a preset splicing rule, wherein each of the CAPTCHA codes comprises a first CAPTCHA image and the prompt information corresponding to the first CAPTCHA image;
  
  receiving a CAPTCHA code acquiring request from a user equipment;
  
  randomly selecting a CAPTCHA code and a password corresponding to the selected CAPTCHA code based on the CAPTCHA code acquiring request, wherein the CAPTCHA code comprises the first CAPTCHA image formed by the plurality of spliced sub-images, and the password comprises a preset processing rule for the plurality of sub-images;
  
  sending the selected CAPTCHA code and password to the user equipment, so that the user equipment rearranges positions of the plurality of sub-images of the first CAPTCHA image in the CAPTCHA code to form a second CAPTCHA image according to the preset processing rule contained in the password and presents the second CAPTCHA image to a user; and
  
  receiving, from the user equipment, authentication response information inputted by the user according to the second CAPTCHA image, authenticating an identity of the user according to the authentication response information, and returning an authentication result to the user equipment.

16. An identity authentication system comprising a user equipment and a server, wherein the server is configured to:
- generate a plurality of CAPTCHA codes and one or more passwords corresponding to each of the CAPTCHA codes, and store the plurality of CAPTCHA codes and the corresponding passwords into a buffer pool, wherein the server is configured to generate the plurality of CAPTCHA codes by;
  
  selecting a plurality of pieces of prompt information from a database, and selecting a plurality of sub-images corresponding to each of the plurality of pieces of prompt information; and
  
  splicing the plurality of sub-images corresponding to each of the plurality of pieces of prompt information into one or more first CAPTCHA images according to a preset splicing rule, wherein each of the CAPTCHA codes comprises a first CAPTCHA image and the prompt information corresponding to the first CAPTCHA image;
  
  receive a CAPTCHA code acquiring request from the user equipment;
  
  randomly select a CAPTCHA code and a password corresponding to the selected CAPTCHA code based on the CAPTCHA code acquiring request, wherein the CAPTCHA code comprises the first CAPTCHA image formed by the plurality of spliced sub-images, and the password comprises a preset processing rule for the plurality of sub-images;
  
  send the selected CAPTCHA code and password to the user equipment, so that the user equipment rearranges positions of the plurality of sub-images of the first CAPTCHA image in the CAPTCHA code to form a second CAPTCHA image according to the preset processing rule contained in the password and presents the second CAPTCHA image to a user; and
  
  receive, from the user equipment, authentication response information inputted by the user according to the second CAPTCHA image, authenticate an identity of the user according to the authentication response information, and return an authentication result to the user equipment, wherein the user equipment is configured to;
  
  send the CAPTCHA code acquiring request to the server;
  
  receive the CAPTCHA code and the password corresponding to the CAPTCHA code from the server;
  
  rearrange positions of the plurality of sub-images of the first CAPTCHA image in the CAPTCHA code to form the second CAPTCHA image according to the preset processing rule contained in the password and present the second CAPTCHA image to the user; and
  
  send authentication response information inputted by the user according to the second CAPTCHA image to the server for authenticating.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tencent Technology Company Limited (Tencent Holdings Limited)
Original Assignee
Tencent Technology Company Limited (Tencent Holdings Limited)
Inventors
Huang, Liang, Wang, Yuye
Primary Examiner(s)
Chang, Kenneth W

Application Number

US15/155,303
Publication Number

US 20160261586A1
Time in Patent Office

1,107 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2133   Verifying human interaction...

G06F 3/023   Arrangements for converting...

G06F 3/041   Digitisers, e.g. for touch ...

G06F 3/167   Audio in a user interface, ...

G06T 11/60   Editing figures and text; C...

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

Identity authentication method and device and storage medium

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

9 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Identity authentication method and device and storage medium

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links