CN-122002292-A - Request verification method, apparatus, device, storage medium, and computer program product

Abstract

The application discloses a request verification method, a request verification device, a request verification storage medium and a request verification computer program product, which are used for solving the problems that a protection system is fragile due to single verification dimension in the existing real-name authentication scheme, and complex attack modes such as group partner fraud, cross-account collaborative crime and the like cannot be effectively identified and intercepted due to lack of association analysis and complex mode identification capability. The method comprises the steps of determining an initial risk image corresponding to a request to be authenticated according to acquired environment data and behavior data of a user corresponding to the request to be authenticated, determining a multi-dimensional cross-validation strategy according to the initial risk image, performing multi-dimensional cross-validation on the request to be authenticated according to the multi-dimensional cross-validation strategy to obtain a cross-validation result, performing association analysis on the request to be authenticated based on a pre-constructed risk knowledge graph to obtain an association analysis result, and determining a final validation result aiming at the request to be authenticated according to the cross-validation result and the association analysis result.

Inventors

• LIU HAOYU
• Hou Yuegang
• Yang Fukuan
• ZHANG HECAI

Assignees

• 中移智捷科技(北京)有限公司
• 中国移动通信集团有限公司

Dates

Publication Date

20260508

Application Date

20251219

Claims (10)

1. 1. A method of request authentication, comprising: according to the acquired environment data and behavior data of the user corresponding to the request to be authenticated, determining an initial risk portrait corresponding to the request to be authenticated; Determining a multi-dimensional cross-validation strategy corresponding to the request to be authenticated according to the initial risk portrait, and performing multi-dimensional cross-validation on the request to be authenticated according to the multi-dimensional cross-validation strategy to obtain a cross-validation result corresponding to the multi-dimensional cross-validation, wherein the multi-dimensional cross-validation strategy comprises at least two different types of identity validation factors; Performing association analysis on the request to be authenticated based on a pre-constructed risk knowledge graph to obtain an association analysis result corresponding to the request to be authenticated; And determining a final verification result aiming at the request to be authenticated according to the cross verification result and the association analysis result.
2. 2. The method according to claim 1, wherein said multi-dimensional cross-verifying said request to be authenticated according to said multi-dimensional cross-verifying policy, in particular comprises: Cross-verifying the logic consistency between the multi-dimension identity credential information according to the collected multi-dimension identity credential information of the user corresponding to the request to be authenticated, and/or Cross-verifying the consistency of the multi-dimensional biological characteristic information according to the collected multi-dimensional biological characteristic information of the user corresponding to the request to be authenticated, and/or And cross-verifying consistency among the multidimensional behavior features according to the collected multidimensional behavior features of the user corresponding to the request to be authenticated.
3. 3. The method according to claim 1, wherein the association analysis is performed on the request to be authenticated based on a pre-constructed risk knowledge graph, specifically comprising: acquiring at least one target entity corresponding to the request to be authenticated, wherein the target entity comprises at least one of a user identifier, a device identifier, a network address and a mobile phone number; respectively determining an entity relation network corresponding to each target entity based on the risk knowledge graph according to each target entity serving as a query node; And according to the entity relation network, judging whether the request to be authenticated has preset high-risk association or not, and completing association analysis of the request to be authenticated.
4. 4. A method according to claim 3, characterized in that said high risk association comprises in particular: The number of user identifications associated with the equipment identifications corresponding to the request to be authenticated is higher than a preset user number threshold value and/or The number of the high-risk requests sent by the network address corresponding to the request to be authenticated in the preset period is higher than a preset request number threshold.
5. 5. The method according to claim 1, wherein the determining a final verification result for the request to be authenticated according to the cross-verification result and the association analysis result specifically comprises: based on the privacy computing node, adopting a secure multiparty computing protocol to carry out identity verification on the user corresponding to the request to be authenticated by calling a third party data source, and obtaining an identity verification result; and determining a final verification result aiming at the request to be authenticated according to the identity verification result, the cross verification result and the association analysis result.
6. 6. The method of claim 1, wherein the determining a multidimensional cross-validation policy corresponding to the request to be authenticated based on the initial risk representation comprises: Determining a risk level corresponding to the request to be authenticated according to the initial risk portrait; and determining a verification factor combination corresponding to the risk level from a preset strategy matrix according to the risk level to obtain a multidimensional cross-verification strategy corresponding to the request to be authenticated.
7. 7. A request authentication apparatus, comprising: the initial risk portrait determining unit is used for determining an initial risk portrait corresponding to the request to be authenticated according to the acquired environment data and behavior data of the user corresponding to the request to be authenticated; The cross verification unit is used for determining a multi-dimensional cross verification strategy corresponding to the request to be authenticated according to the initial risk portrait, and carrying out multi-dimensional cross verification on the request to be authenticated according to the multi-dimensional cross verification strategy to obtain a cross verification result corresponding to the multi-dimensional cross verification, wherein the multi-dimensional cross verification strategy comprises at least two different types of identity verification factors; the association analysis unit is used for carrying out association analysis on the request to be authenticated based on a pre-constructed risk knowledge graph to obtain an association analysis result corresponding to the request to be authenticated; and the comprehensive verification unit is used for determining a final verification result aiming at the request to be authenticated according to the cross verification result and the association analysis result.
8. 8. A request verification device, comprising: processor, and A memory arranged to store computer executable instructions that, when executed, cause the processor to: according to the acquired environment data and behavior data of the user corresponding to the request to be authenticated, determining an initial risk portrait corresponding to the request to be authenticated; Determining a multi-dimensional cross-validation strategy corresponding to the request to be authenticated according to the initial risk portrait, and performing multi-dimensional cross-validation on the request to be authenticated according to the multi-dimensional cross-validation strategy to obtain a cross-validation result corresponding to the multi-dimensional cross-validation, wherein the multi-dimensional cross-validation strategy comprises at least two different types of identity validation factors; Performing association analysis on the request to be authenticated based on a pre-constructed risk knowledge graph to obtain an association analysis result corresponding to the request to be authenticated; And determining a final verification result aiming at the request to be authenticated according to the cross verification result and the association analysis result.
9. 9. A computer readable storage medium storing one or more programs, which when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform the request verification method of any of claims 1-6.
10. 10. A computer program product comprising a computer program which, when executed by a processor, implements the request verification method according to any one of claims 1-6.

Description

Request verification method, apparatus, device, storage medium, and computer program product Technical Field The present application relates to the field of wireless communications technologies, and in particular, to a request verification method, apparatus, device, storage medium, and computer program product. Background With the rapid development of internet and mobile communication technologies, various online services such as financial services, government services, communication services and the like generally need to adopt a real-name authentication mechanism during handling so as to ensure the true and credible identity of a user and prevent fraud and illegal behaviors. Common authentication modes of real-name systems mainly comprise verification based on identity certificates, such as identity card numbers and mobile phone numbers, comparison based on biological characteristics, such as face recognition, analysis based on user behaviors and equipment environments and the like. However, on one hand, the existing real-name identity authentication scheme often only depends on a single or a few verification factors to perform independent judgment and processing, verification results among the factors lack effective association analysis and comprehensive judgment, and once an attacker breaks through a certain verification link, such as blocking a trust verification code, the whole wind control system can be easily bypassed, so that the whole safety protection is easily broken through by the attack aiming at a specific verification mode, and the safety of the system is greatly influenced. On the other hand, the existing real-name identity authentication scheme is mainly used for risk analysis aiming at a single user or equipment which initiates a request at present, and complex relations among entities such as different users, equipment, network addresses and the like are difficult to effectively identify and associate, so that the identification and prevention capability of the existing system is insufficient for fraudulent activities which involve mutual coordination of a plurality of entities and are organized. Therefore, how to realize a real-name identity authentication scheme capable of performing multidimensional verification and realizing full-link privacy protection so as to improve comprehensive recognition precision and real-time defensive capability to complex risks becomes a technical problem to be solved in the prior art. Disclosure of Invention The embodiment of the application provides a request verification method which is used for solving the problems that the existing real-name authentication scheme is single in verification dimension, so that a protection system is fragile, and complex attack modes such as partner fraud, cross-account collaborative crimes and the like cannot be effectively identified and intercepted due to the lack of association analysis and complex pattern identification capability. The embodiment of the application also provides a request verification device which is used for solving the problems that the existing real-name authentication scheme is single in verification dimension, so that a protection system is fragile, and complex attack modes such as partner fraud, cross-account collaborative crimes and the like cannot be effectively identified and intercepted due to the lack of association analysis and complex mode identification capability. The embodiment of the application also provides a request verification device which is used for solving the problems that the existing real-name authentication scheme is single in verification dimension, so that a protection system is fragile, and complex attack modes such as partner fraud, cross-account collaborative crimes and the like cannot be effectively identified and intercepted due to the lack of association analysis and complex mode identification capability. The embodiment of the application also provides a computer readable storage medium which is used for solving the problems that the existing real-name authentication scheme has single verification dimension, so that a protection system is fragile, and complex attack modes such as partner fraud, cross-account collaborative crimes and the like cannot be effectively identified and intercepted due to lack of association analysis and complex pattern identification capability. A computer program product is used for solving the problems that the existing real-name authentication scheme has single verification dimension, so that a protection system is fragile, and the complex attack modes such as group partner fraud, cross-account collaborative crime and the like cannot be effectively identified and intercepted due to the lack of association analysis and complex pattern identification capability. The embodiment of the application adopts the following technical scheme: A request verification method comprises the steps of determining an initial risk image corresponding to