Abstract: Implementations of the present specification provide a blockchain-based identity verification method and related hardware. The method includes: An agent client generates an identity verification request based on identity verification input information of a business platform, the identity verification input information indicating an identity verification parameter for identity verification and an identity verification platform that executes the identity verification. The agent client sends the identity verification request to the identity verification platform. The identity verification platform performs identity verification on the identity verification parameter to obtain a result of the identity verification. The identity verification platform submits a transaction including a verifiable credential of a result of the identity verification to a blockchain.

Abstract: Implementations of the present specification provide a blockchain-based identity verification method and related hardware. The method includes: An agent client generates an identity verification request based on identity verification input information of a business platform, the identity verification input information indicating an identity verification parameter for identity verification and an identity verification platform that executes the identity verification. The agent client sends the identity verification request to the identity verification platform. The identity verification platform performs identity verification on the identity verification parameter to obtain a result of the identity verification. The identity verification platform submits a transaction including a verifiable credential of a result of the identity verification to a blockchain.

Abstract: This disclosure relates to account management. In one aspect, a method includes receiving a permission query message from a service system. Verification information is obtained from a first client based on the permission query message. The verification information is associated with an identity of the current user. In response to determining that the verification information is valid, proxy permission information for the current user is obtained from a blockchain. The proxy permission information includes at least operation permission information of the current user for the enterprise account. The proxy permission information is sent to the service system. The proxy permission information configured to be usable by the service system to determine whether to authorize the current user to perform an operation on the enterprise account.

Abstract: Application information is received by a client and from a server, and the application information includes an application identifier corresponding to a digital certificate application request transmitted by the client to the server. The application information is delivered to a secure element associated with the client by the client. A public and private key pair are generated by the secure element. The application identifier is signed using the private key to generate terminal signature data. Specified format data is generated by encapsulating the terminal signature data and the public key into the specified format data. The specified format data is transmitted from the secure element to the client. The specified format data is transmitted by the client to the server.

Abstract: Application information is received by a client and from a server, and the application information includes an application identifier corresponding to a digital certificate application request transmitted by the client to the server. The application information is delivered to a secure element associated with the client by the client. A public and private key pair are generated by the secure element. The application identifier is signed using the private key to generate terminal signature data. Specified format data is generated by encapsulating the terminal signature data and the public key into the specified format data. The specified format data is transmitted from the secure element to the client. The specified format data is transmitted by the client to the server.

Abstract: Implementations of this disclosure provide for certificate application operations. An example method includes sending, from a terminal device, a subscription topic name to a gateway to establish a data transmission channel between the terminal device and the gateway; receiving by the terminal device, via the data transmission channel, a certificate installation instruction from a certificate server; generating, by the terminal device, a user certificate request based on the certificate installation instruction; sending the user certificate request to the certificate server; and receiving, via the data transmission channel, a user certificate from the certificate server.

Abstract: A mapping relationship of a device ID associated with a client, a certificate ID associated with a certificate to be applied by the client during a certificate application process, and identity verification methods to be used to verify the client is stored during the certificate application process. From the client, a request for a certificate to perform a service is received, and the request includes the device ID, an identification verification requirement associated with the service, and the identity verification requirement specifies at least one identity verification method. In response to receiving the request based on the mapping relationship, a certificate ID of an existing certificate that corresponds to the received device ID and satisfies the identity verification requirement is retrieved. In response to retrieving the certificate ID, a certificate response to the client including the retrieved certificate ID is sent.

Abstract: A computer-implemented method includes receiving, by an electronic device, a two-dimensional code generation request from a user operating the electronic device, the electronic device comprising secure element; obtaining, by the electronic device, two-dimensional code generation data, wherein the two-dimensional code generation data comprises account data of the user and timestamp data of the electronic device; obtaining, by the electronic device, signature data based on a predetermined signature algorithm stored in the secure element; and generating, by the electronic device, a target two-dimensional code based on the two-dimensional code generation data and the signature data.

Abstract: Disclosed herein are methods, systems, and apparatus for cross-chain authentication. One of the methods includes: obtaining an identity confirmation request and a first public key; obtaining an identity verification request and a corresponding identity verification identifier for identity verification of a user associated with the user terminal; sending the identity verification request and the first public key to the user terminal; obtaining digitally signed data, a second public key, and identity verification data; verifying an identity of the user based on the identity verification data; verifying that the first public key and the second public key correspond to the user; and recording authentication data comprising the digitally signed data and the identity verification identifier to a blockchain.

Abstract: Implementations of this disclosure provide for certificate application operations. An example method includes sending, from a terminal device, a subscription topic name to a gateway to establish a data transmission channel between the terminal device and the gateway; receiving by the terminal device, via the data transmission channel, a certificate installation instruction from a certificate server; generating, by the terminal device, a user certificate request based on the certificate installation instruction; sending the user certificate request to the certificate server; and receiving, via the data transmission channel, a user certificate from the certificate server.

Abstract: Implementations of this disclosure provide for certificate application operations. An example method includes sending, from a terminal device, a subscription topic name to a gateway to establish a data transmission channel between the terminal device and the gateway; receiving by the terminal device, via the data transmission channel, a certificate installation instruction from a certificate server; generating, by the terminal device, a user certificate request based on the certificate installation instruction; sending the user certificate request to the certificate server; and receiving, via the data transmission channel, a user certificate from the certificate server.

Abstract: Disclosed herein are methods, systems, and apparatus for cross-chain authentication. One of the methods includes: obtaining an identity confirmation request and a first public key; obtaining an identity verification request and a corresponding identity verification identifier for identity verification of a user associated with the user terminal; sending the identity verification request and the first public key to the user terminal; obtaining digitally signed data, a second public key, and identity verification data; verifying an identity of the user based on the identity verification data; verifying that the first public key and the second public key correspond to the user; and recording authentication data comprising the digitally signed data and the identity verification identifier to a blockchain.

Abstract: A computer-implemented method includes receiving, by an electronic device, a two-dimensional code generation request from a user operating the electronic device, the electronic device comprising secure element; obtaining, by the electronic device, two-dimensional code generation data, wherein the two-dimensional code generation data comprises account data of the user and timestamp data of the electronic device; obtaining, by the electronic device, signature data based on a predetermined signature algorithm stored in the secure element; and generating, by the electronic device, a target two-dimensional code based on the two-dimensional code generation data and the signature data.

Abstract: This disclosure relates to account management. In one aspect, a method includes receiving a permission query message from a service system. Verification information is obtained from a first client based on the permission query message. The verification information is associated with an identity of the current user. In response to determining that the verification information is valid, proxy permission information for the current user is obtained from a blockchain. The proxy permission information includes at least operation permission information of the current user for the enterprise account. The proxy permission information is sent to the service system. The proxy permission information configured to be usable by the service system to determine whether to authorize the current user to perform an operation on the enterprise account.

Abstract: A mapping relationship of a device ID associated with a client, a certificate ID associated with a certificate to be applied by the client during a certificate application process, and identity verification methods to be used to verify the client is stored during the certificate application process. From the client, a request for a certificate to perform a service is received, and the request includes the device ID, an identification verification requirement associated with the service, and the identity verification requirement specifies at least one identity verification method. In response to receiving the request based on the mapping relationship, a certificate ID of an existing certificate that corresponds to the received device ID and satisfies the identity verification requirement is retrieved. In response to retrieving the certificate ID, a certificate response to the client including the retrieved certificate ID is sent.

Abstract: A multi-leg transport system receives a transport request and determines a number of transfer locations between the origin location and the destination. The system selects a first provider to transport the user from the origin location to a transfer location and remotely monitors the position of the user as the user travels to the transfer location. In response to determining that the travel time to the transfer location is within a threshold, the system selects a second provider to transport the user from the transfer location to either the next transfer location or the destination for the transport request.

Abstract: Implementations of this disclosure provide for certificate application operations. An example method includes sending, from a terminal device, a subscription topic name to a gateway to establish a data transmission channel between the terminal device and the gateway; receiving by the terminal device, via the data transmission channel, a certificate installation instruction from a certificate server; generating, by the terminal device, a user certificate request based on the certificate installation instruction; sending the user certificate request to the certificate server; and receiving, via the data transmission channel, a user certificate from the certificate server.

Abstract: A content item generation system which implements techniques for selecting and identifying content items to return in response to a request is described. For example, the content item generation system may separate requirements included with a request into first and second sets of requirements. The first set of requirements may be used to identify which content items or content item campaigns may be suitable to respond to the request. The second set of requirements may be used to determine whether items associated with the selected content items or content item campaigns correspond to technical requirements specified in the request.

Abstract: This disclosure relates to account management. In one aspect, a method includes receiving a permission query message from a service system. Verification information is obtained from a first client based on the permission query message. The verification information is associated with an identity of the current user. In response to determining that the verification information is valid, proxy permission information for the current user is obtained from a blockchain. The proxy permission information includes at least operation permission information of the current user for the enterprise account. The proxy permission information is sent to the service system. The proxy permission information configured to be usable by the service system to determine whether to authorize the current user to perform an operation on the enterprise account.

Abstract: A multi-leg transport system receives a transport request and determines a number of transfer locations between the origin location and the destination. The system selects a first provider to transport the user from the origin location to a transfer location and remotely monitors the position of the user as the user travels to the transfer location. In response to determining that the travel time to the transfer location is within a threshold, the system selects a second provider to transport the user from the transfer location to either the next transfer location or the destination for the transport request.