What is secondary certification?

Secondary authentication is set for the confidentiality and security of user data. First, the service password is used for primary authentication, and then the secondary authentication password is sent to the customer's mobile phone through random SMS, and the customer enters the secondary authentication password to confirm his identity.

Generally used for the first authentication when logging in, such as the website of 10086. If you need to operate more sensitive operations, such as checking the phone bill, you need to carry out stricter verification again, such as SMS dynamic password verification, which is called secondary authentication.

Extended data

When users log in to DSMP or use data services, secondary authentication is used. The service gateway or portal sends the message to DSMP to check the legality and validity of the users who use the data service (whether the status is activated or not). According to the different user access modes in the service gateway and portal, four user authentication modes are provided:

1. Authenticate according to the user's MSISDN number.

2. Authenticate according to the user's pseudo code.

3. Authenticate according to the user's MSISDN number and password.

4. Authenticate according to the user's pseudo code and password.

Different authentication modes, AuthType (authentication mode) fill in different values. For specific methods, please refer to the interface specification reference flow corresponding to each gateway device.

A method for authenticating a user attempting to access a service from a service provider in a communication network includes: allocating a plurality of service-specific identifiers for accessing various services to the user; Sending a request from a user, wherein the request identifies a service to be accessed and contains the user's public key;

At the certification authority, the request is authenticated, a public key certificate for binding the service-specific identifier with the public key in the request is issued, and the public key certificate is returned to the user.

Baidu encyclopedia-authentication