CN102158488A - Dynamic countersign generation method and device and authentication method and system - Google Patents
Dynamic countersign generation method and device and authentication method and system Download PDFInfo
- Publication number
- CN102158488A CN102158488A CN2011100854395A CN201110085439A CN102158488A CN 102158488 A CN102158488 A CN 102158488A CN 2011100854395 A CN2011100854395 A CN 2011100854395A CN 201110085439 A CN201110085439 A CN 201110085439A CN 102158488 A CN102158488 A CN 102158488A
- Authority
- CN
- China
- Prior art keywords
- transaction information
- customer transaction
- dynamic password
- user
- generating apparatus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention relates to a dynamic countersign generation method and device and an authentication method and system. The authentication method comprises the following steps: the dynamic countersign generating device displays one piece or more pieces of stored user transaction information on a display screen for user selection, generates a challenge code according to user transaction information corresponding to the current transaction selected by a user and generates a dynamic countersign of an authenticated party by using the generated challenge code; a transaction system acquires the user transaction information corresponding to the current transaction, generates a challenge code according to the acquired user transaction information and generates a dynamic countersign of an authentication party by using the generated challenge code; and the transaction system receives the dynamic countersign of the authenticated party and then compares the dynamic countersign of the authenticated party with the dynamic countersign of the authentication party to finish the authentication.
Description
Technical field
The present invention relates to information security field, especially a kind of dynamic password formation method and device, authentication method and system.
Background technology
In recent years, follow the fast development of the Internet and Financial Informationization, Web bank obtains the generally high praise of user and bank's industry rapidly with its facility, advantage such as efficient.In order to overcome the safety defect based on the authentication mode of static password, a lot of Web banks have adopted the authentication mode based on the dynamic password technology.
The dynamic password technology is called one-time password (One Time Password, be called for short OTP) technology again, according to the difference of password generating mode, can be divided into time-based dynamic password technology and based on the dynamic password technology of challenging/replying.
When adopting time-based dynamic password technology, dynamic password generating apparatus and server are synchronous in time, and store identical key seed; Dynamic password generating apparatus and server use this key seed dynamic password of (for example, 60 seconds) generation at set intervals; In the time of need carrying out authentification of user, after the user is known the present dynamic password by the display screen of dynamic password generating apparatus, import this dynamic password at transaction terminal, transaction terminal sends to server with information such as this dynamic password and user name, static passwords and authenticates.
Employing is during based on the dynamic password technology challenging/reply, and the dynamic password generating apparatus has identical key seed with server stores; In the time of need carrying out authentification of user, server sends transaction terminal from a challenge code to user or mobile phone, after the user obtains challenge code, challenge code is imported the dynamic password generating apparatus; The dynamic password generating apparatus uses the challenge code of key seed and user's input to generate answer back code (being dynamic password), after the user is known the present dynamic password by the display screen of dynamic password generating apparatus, import this dynamic password at transaction terminal, transaction terminal sends to server with information such as this dynamic password and user name, static passwords and authenticates.
Above-mentioned employing has overcome the changeless defective of password information in the static password checking based on the authentication mode of the dynamic password technology of challenging/replying, but also there are the following problems:
When (1) adopting based on the dynamic password technology challenging/reply, the user must import the challenge code of server transmission in the dynamic password generating apparatus; Carry for the ease of the user, the size of dynamic password generating apparatus is less usually, so the user imports very inconvenience of challenge code in the dynamic password generating apparatus.
(2) because challenge code is that server produces at random, irrelevant with Transaction Information and user profile (can be referred to as customer transaction information), if this challenge code is oversize, can causes the user to import inconvenience, and cause input error easily, user experience is relatively poor.
Summary of the invention
Technical problem to be solved by this invention is to overcome the deficiencies in the prior art, the dynamic password formation method and device, authentication method and the system that provide a kind of user of need not to import the challenge code character by hand.
In order to address the above problem, the invention provides a kind of authentication method, this method comprises:
The dynamic password generating apparatus is presented on the display screen one or more customer transaction information of its storage for user's selection, this that select according to the user pairing customer transaction information of concluding the business generates challenge code, and uses the challenge code of its generation to generate certified side's dynamic password;
Transaction system is obtained this pairing customer transaction information of concluding the business, and generates challenge code according to the customer transaction information of obtaining, and uses the dynamic password of the challenge code generation authenticating party of its generation;
After transaction system receives described certified side's dynamic password, compare by dynamic password and to finish authentication itself and described authenticating party.
In addition, comprise following one or more field in the described customer transaction information: address name, number of the account, trading limit.
In addition, also store in the described dynamic password generating apparatus and the pairing index code of each bar customer transaction information;
When user inputs character, the customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that the character of index code and the current input of user is complementary.
In addition, described index code is mnemonic(al) character string or sequence number;
When user inputs character, the customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that comprises all characters of the current input of user in mnemonic(al) character string or the sequence number.
In addition, comprise in the described mnemonic(al) character string: the part or all of character of the phonetic of address name.
In addition, described index code is a classification number;
When the user imported described classification number, described dynamic password generating apparatus showed that on display screen all have the customer transaction information of same category number.
In addition, described transaction system is obtained this pairing customer transaction information of concluding the business in the following way:
Described transaction system is extracted described this pairing customer transaction information of concluding the business from the transaction message of this transaction of receiving; Or
Described transaction system is extracted user ID from the transaction message of this transaction of receiving, use described user ID to obtain described this pairing customer transaction information of concluding the business.
In addition, in described dynamic password generating apparatus, store customer transaction information in the following way:
Customer transaction information management terminal sends to described dynamic password generating apparatus with user input or editor's customer transaction information by the data-interface between itself and the described dynamic password generating apparatus;
After receiving customer transaction information, described dynamic password generating apparatus is presented at it on display screen to be confirmed for the user;
After receiving user's affirmation indication, the described customer transaction information that receives of described dynamic password generating apparatus storage.
The present invention also provides a kind of dynamic password formation method, and this method comprises:
The dynamic password generating apparatus is presented on the display screen one or more customer transaction information of its storage for user's selection, this that select according to the user pairing customer transaction information of concluding the business generates challenge code, and uses the challenge code of its generation to generate certified side's dynamic password;
Transaction system is obtained this pairing customer transaction information of concluding the business, and generates challenge code according to the customer transaction information of obtaining, and uses the dynamic password of the challenge code generation authenticating party of its generation.
In addition, comprise following one or more field in the described customer transaction information: address name, number of the account, trading limit.
In addition, also store in the described dynamic password generating apparatus and the pairing index code of each bar customer transaction information;
When user inputs character, the customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that the character of index code and the current input of user is complementary.
In addition, described index code is mnemonic(al) character string or sequence number;
When user inputs character, the customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that comprises all characters of the current input of user in mnemonic(al) character string or the sequence number.
In addition, comprise in the described mnemonic(al) character string: the part or all of character of the phonetic of address name.
In addition, described index code is a classification number;
When the user imported described classification number, described dynamic password generating apparatus showed that on display screen all have the customer transaction information of same category number.
In addition, described transaction system is obtained this pairing customer transaction information of concluding the business in the following way:
Described transaction system is extracted described this pairing customer transaction information of concluding the business from the transaction message of this transaction of receiving; Or
Described transaction system is extracted user ID from the transaction message of this transaction of receiving, use described user ID to obtain described this pairing customer transaction information of concluding the business.
In addition, in described dynamic password generating apparatus, store customer transaction information in the following way:
Customer transaction information management terminal sends to described dynamic password generating apparatus with user input or editor's customer transaction information by the data-interface between itself and the described dynamic password generating apparatus;
After receiving customer transaction information, described dynamic password generating apparatus is presented at it on display screen to be confirmed for the user;
After receiving user's affirmation indication, the customer transaction information that described dynamic password generating apparatus storage receives.
The present invention also provides a kind of Verification System, and this system comprises: dynamic password generating apparatus and transaction system, wherein:
Described dynamic password generating apparatus is used for one or more customer transaction information of its storage is presented on the display screen for user's selection, this that select according to the user pairing customer transaction information of concluding the business generates challenge code, and uses the challenge code of its generation to generate certified side's dynamic password;
Described transaction system is used to obtain this pairing customer transaction information of concluding the business, and generates challenge code according to the customer transaction information of obtaining, and uses the dynamic password of the challenge code generation authenticating party of its generation;
Described transaction system also is used for after receiving described certified side's dynamic password, compares by the dynamic password with itself and described authenticating party and finishes authentication.
In addition, described dynamic password generating apparatus also is used for storage and the pairing index code of each bar customer transaction information;
Described dynamic password generating apparatus also is used to receive the character of user's input, after receiving the character of described user's input, the described customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that the character of index code and the current input of user is complementary.
In addition, described transaction system is obtained this pairing customer transaction information of concluding the business in the following way:
Described transaction system is extracted described this pairing customer transaction information of concluding the business from the transaction message of this transaction of receiving; Or
Described transaction system is extracted user ID from the transaction message of this transaction of receiving, use described user ID to obtain described this pairing customer transaction information of concluding the business.
In addition, also comprise customer transaction information management terminal in the described Verification System; Described customer transaction information management terminal links to each other with described dynamic password generating apparatus by data-interface;
Described customer transaction information management terminal is used for user's input or editor's customer transaction information is sent to described dynamic password generating apparatus by described data-interface;
Described dynamic password generating apparatus also is used for after the customer transaction information that receives described customer transaction information management terminal transmission, it is presented on the display screen confirms for the user; And after the affirmation indication that receives the user, store the described customer transaction information that receives.
The present invention also provides a kind of dynamic password generating apparatus, comprising: the dynamic password generation module, and display module, this device also comprises: memory module, main control module, user's input module; Wherein:
Described memory module is used to store one or more customer transaction information;
Described display module is used to the information that shows that described main control module sends;
Described main control module is used for extracting from described memory module the customer transaction information of its storage, and sends it to described display module and show;
Described user's input module is used for when the user carries out the button operation of selecting customer transaction information button operation corresponding key signal being sent to described main control module;
Described main control module also is used for judging user-selected fixed customer transaction information according to the push button signalling that receives, and user-selected fixed customer transaction information is sent to described dynamic password generation module;
Described dynamic password generation module is used for generating challenge code according to the customer transaction information that receives, and uses the challenge code of its generation to generate certified side's dynamic password, and the certified side's that will generate dynamic password sends to described main control module;
Described main control module also is used for sending it to described display module and showing behind the certified side's who receives described dynamic password generation module transmission dynamic password.
In addition, described memory module also is used for storage and the pairing index code of each bar customer transaction information;
Described user's input module also is used to receive the character that the user imports, and the pairing push button signalling of character of user's input is sent to described main control module;
Described main control module, also be used for behind the pairing push button signalling of character that receives described user input, the customer transaction information that is stored in the described memory module and the character of index code and the current input of user is complementary sent to described display module show.
In addition, also comprise data-interface in the described dynamic password generating apparatus; Described data-interface links to each other with described main control module with customer transaction information management terminal, is used for transmitting data between customer transaction information management terminal and described main control module;
Described main control module also is used for sending it to described display screen and showing after the customer transaction information that receives described customer transaction information management terminal transmission by described data-interface;
Described user's input module also is used for when the user carries out the button operation of the customer transaction information be used to confirm current demonstration, and the affirmation push button signalling of button operation correspondence is sent to described main control module;
Described main control module also is used for after receiving described affirmation push button signalling, the described customer transaction information that receives is sent to described memory module store.
In sum, owing to all adopt this pairing customer transaction information of concluding the business to generate challenge code in dynamic password generating apparatus and the transaction system among the present invention, and according to this challenge code generation dynamic password, make the information that comprises this transaction in the challenge code, can more effectively protect transaction; In addition, also adopt customer transaction information to generate challenge code just because of the present invention, therefore can in the dynamic password generating apparatus, store all customer transaction information that may be used in advance, so that when needs generate dynamic password, it is shown to the user, select for the user, and, saved the user and imported the challenge code step by hand according to the customer transaction information generation challenge code that the user selects.
In addition, the present invention in conjunction with the index code of customer transaction information binding, can allow the user more quickly customer transaction information be selected.
Description of drawings
Fig. 1 is the structural representation of Verification System of the present invention;
Fig. 2 is the flow chart of embodiment of the invention dynamic password formation method;
Fig. 3 is an embodiment of the invention dynamic password formation method flow chart;
Fig. 4 is the structural representation of embodiment of the invention dynamic password generating apparatus.
Embodiment
Core of the present invention is, in the dynamic password generating apparatus, store the customer transaction information list in advance, when needs generate dynamic password, the user selects (for example to conclude the business corresponding customer transaction information with this in the customer transaction information list of dynamic password generating apparatus storage, the address name of this transaction and number of the account), the customer transaction information that the dynamic password generating apparatus is selected according to the user generates challenge code, and and then generate dynamic password according to challenge code; At the transaction system end, transaction system is obtained the customer transaction information of this transaction according to the transaction message that receives, and generates challenge code according to this customer transaction information, and then generates dynamic password according to challenge code.
Describe the present invention below in conjunction with drawings and Examples.
Fig. 1 is the structural representation of Verification System of the present invention; As shown in Figure 1, this Verification System comprises: transaction system, dynamic password generating apparatus (token as shown in Figure 1); Wherein:
Transaction system can comprise: transaction terminal and certificate server; Certainly, transaction terminal and certificate server also can be merged into an entity device.
Above-mentioned transaction terminal can be the ATM (Automated Teller Machine, ATM) of bank, also can be equipment such as PC.
Transaction system is used for obtaining according to the transaction message of this transaction the customer transaction information of this transaction, uses this customer transaction information to generate challenge code, and generates the dynamic password of transaction system end according to this challenge code; Behind the dynamic password that receives dynamic password generating apparatus end, transaction system compares by the dynamic password with itself and transaction system end and finishes authentication.
Specifically, the transaction terminal in the transaction system is used for the transaction message that certificate server sends this transaction.For example, transaction terminal receives the user ID of user's input, and it is encapsulated in sends to certificate server in the transaction message.
Certificate server in the transaction system is used for obtaining the customer transaction information of this transaction according to the transaction message of this transaction that receives, and uses this customer transaction information to generate challenge code, and generates the dynamic password of transaction system end according to this challenge code.
The dynamic password generating apparatus is used for explicit user Transaction Information tabulation to be selected for the user, and the customer transaction information of this transaction of selecting according to the user generates challenge code, generates and show the dynamic password of dynamic password generating apparatus end according to this challenge code.
So far, the user can authenticate (comprising: authentication and/or transaction authentication) with the dynamic password input transaction system of dynamic password generating apparatus end.
In addition, when the dynamic password generating apparatus is provided with data-interface (for example, USB interface), the transaction terminal in the transaction system (for example, PC) also can be used for generating customer transaction information, and sends to the dynamic password generating apparatus by above-mentioned data-interface; Be the customer transaction information that transaction terminal receives user's input, and send it to the dynamic password generating apparatus by above-mentioned data-interface, the dynamic password generating apparatus with the customer transaction information stores that receives in the customer transaction information list of this locality.
Independent user Transaction Information office terminal (for example, PC) also can be set in the Verification System of the present invention carry out the operation of above-mentioned generation customer transaction information.
The concrete function of above-mentioned Verification System is described in more detail below.
Fig. 2 is the flow chart of embodiment of the invention dynamic password formation method.As shown in Figure 2, this method comprises the steps:
Generation/the management of customer transaction information:
201, the user is input/compiles user Transaction Information in transaction terminal or the independent customer transaction information management terminal that is provided with (below be referred to as customer transaction information management terminal); Customer transaction information management terminal sends to the dynamic password generating apparatus one by one with user input/editor's customer transaction information;
Each the bar customer transaction information that sends to the dynamic password generating apparatus can comprise following one or more field: address name, number of the account, trading limit.
Trading limit can be and the amount of money value of address name/number of the account binding that for example, for the number of the account of certain advanced level user, trading limit can be: 10000, and for the number of the account of certain domestic consumer, trading limit is: 5000.
In addition, the user can also be that each bar customer transaction information generates an index code by customer transaction information management terminal, and itself and corresponding customer transaction information are sent to the dynamic password generating apparatus in the lump.
Index code can be the combination of one of following form or following two kinds or various ways: sequence number, mnemonic(al) character string, classification number.
The mnemonic(al) character string is used for helping the user to select required customer transaction information fast at the customer transaction information list that comprises many customer transaction information.The mnemonic(al) character string can be the phonetic of address name, or the abbreviated character of phonetic (for example, consonant character string); For example, the user is called " Zhang San ", and the mnemonic(al) character string can be " zhangsan ", " zhangs ", " zs " (consonant character string).
Classification number is used for customer transaction information is classified, so that the user selects required customer transaction information fast in comprising the customer transaction information list of many customer transaction information.For example, according to the address name in the customer transaction information, customer transaction information is divided into following classification: my (can with ' 1 ' expression), relatives (can with ' 2 ' expression), friend (can with ' 3 ' expression), colleague (can with ' 4 ' expression) etc.When the user enables the classification searching function of customer transaction information, the classification number that input is corresponding, the dynamic password generating apparatus promptly shows such other all customer transaction information in regular turn, selects for the user.
Index code can be the combination of classification number and sequence number.For example, when index code length is 3 characters, the 1st character representation classification number, the 2nd and the 3rd character representation sequence number.For example, ' 402 ' is the 2nd colleague's customer transaction information index sign indicating number.
202, the dynamic password generating apparatus is presented at it on display screen of dynamic password generating apparatus, so that the user confirms after receiving the customer transaction information of customer transaction information management terminal transmission.
203, after the user confirms that one or more customer transaction information of current demonstration is correct, send the affirmation indication to the dynamic password generating apparatus by pressing modes such as acknowledgement key; After the dynamic password generating apparatus receives the confirmation indication, customer transaction information is stored in the local customer transaction information list one by one.
If the dynamic password generating apparatus receives customer transaction information index sign indicating number, then it can be deposited in the customer transaction information list in the lump with corresponding customer transaction information.
Certainly, the user also can directly be each the bar customer transaction information generation index code in the customer transaction information list in the dynamic password generating apparatus.
The selection of customer transaction information:
204, the user starts the challenge code input function by the function button that is provided with in the dynamic password generating apparatus, and the dynamic password generating apparatus shows that the customer transaction information list of local storage supplies the user to select.
205, the user selects this pairing customer transaction information of concluding the business by button operation from the customer transaction information list;
The user one of can be in the following way selects customer transaction information from the customer transaction information list:
Mode one: the user by mobile button (comprising: move up button and move down button) moving cursor between each clauses and subclauses of the tabulation that comprises all customer transaction information that the dynamic password generating apparatus shows, and by determining the selected pairing customer transaction information of current cursor of key;
Mode two: the user imports the part or all of character of the pairing index code of customer transaction information, the customer transaction information that the part or all of character of the index code of importing with the user in the tabulation of dynamic password generating apparatus explicit user Transaction Information is complementary, if many customer transaction information that are complementary are arranged, the user can be by mobile button moving cursor between each clauses and subclauses of current demonstration, and by determining the selected pairing customer transaction information of current cursor of key.For example:
1) when index code is sequence number, when the user imported each character of sequence number in regular turn, the dynamic password generating apparatus demonstrated all customer transaction information that comprise input character or character string in the sequence number; For example, when user input ' 1 ', the dynamic password generating apparatus shows that sequence number is: 1, customer transaction information such as 10,11,21.
2) when index code is the mnemonic(al) character string, mnemonic(al) character string with the address name full form is an example, after user's input " zhang ", the dynamic password generating apparatus demonstrates in the index code the pairing customer transaction information of all users of comprising " zhang " (for example, all surnames " are opened " and the user of " chapter ") and selects for the user.
3) when index code be classification number or when comprising classification number, behind user's input category number, the dynamic password generating apparatus demonstrates all customer transaction information that belong to this classification and selects for users.
The dynamic password generating apparatus generates dynamic password:
206, the dynamic password generating apparatus generates challenge code according to the customer transaction information that the user selectes;
Above-mentioned step according to customer transaction information generation challenge code can be:
206x, dynamic password generating apparatus extract all or part of information from customer transaction information, and this information is carried out Hash operation, obtain cryptographic Hash H;
206y, the dynamic password generating apparatus extracts all or part of data as challenge code with preset rule from above-mentioned cryptographic Hash H;
Above-mentioned preset rule can be: begin to extract continuously the individual bit of n (n is the integer greater than 1) from highest order.
In addition, the dynamic password generating apparatus also can be directly generates challenge codes with several character combinations of several characters in the pairing Chinese character encoding of address name in the customer transaction information and number of the account.The part or all of character that can also comprise in addition, the trading limit of this user's correspondence in the challenge code.
207, the key seed of the local storage of dynamic password generating apparatus use is carried out cryptographic calculation to the challenge code of its generation, obtains the dynamic password (being certified side's dynamic password) of dynamic password generating apparatus end, and shows.
Transaction system generates dynamic password:
208, the certificate server in the transaction system obtains corresponding customer transaction information according to the transaction message of this transaction that receives, and uses customer transaction information to generate challenge code;
Equally, can comprise following one or more field in the customer transaction information that certificate server obtains: address name, number of the account, trading limit.
All fields that can comprise the customer transaction information that is used to generate challenge code in the transaction message, transaction system are directly extracted customer transaction information from transaction message; Perhaps only comprise the user ID that is used to obtain the customer transaction information field in the transaction message, transaction system can be obtained the required field of the customer transaction information that is used to generate challenge code according to this user ID.
Transaction system is obtained customer transaction information according to transaction message, and the step of generation challenge code can be:
208a, the user is at transaction terminal input user ID and optional static password, and transaction terminal is encapsulated in it and sends to certificate server in transaction message.
208b, certificate server extract user ID from transaction message, obtain the customer transaction information corresponding with this user ID (for example, address name, number of the account and trading limit) that is stored in this locality or other server according to user ID.
208c, certificate server generates challenge code according to the customer transaction information that gets access to.
The mode that certificate server generates challenge code is identical with the mode that the dynamic password generating apparatus generates challenge code.
209, the key seed of the local storage of certificate server use is carried out cryptographic calculation to the challenge code of its generation, obtains the dynamic password (dynamic password of authentication authorization and accounting side) of certificate server end;
It should be noted that owing to preserve identical key seed in dynamic password generating apparatus and the certificate server, and adopt identical challenge code, therefore the dynamic password of generation is identical.
Step 208~209 can with step 206~207 executed in parallel.
The authentication of dynamic password:
210, the user reads the dynamic password of its demonstration from the dynamic password generating apparatus after, with the transaction terminal of its input transaction system.
211, transaction terminal sends to certificate server with the dynamic password of the dynamic password generating apparatus end of user input and authenticates, and after authentication was passed through, transaction terminal was finished follow-up authentication and/or trading processing.
Fig. 3 is an embodiment of the invention dynamic password formation method flow chart.As shown in Figure 3, the embodiment of the embodiment of dynamic password formation method of the present invention and authentication method shown in Figure 2 is basic identical, and difference only is that the embodiment of dynamic password formation method has omitted step 210 and 211.
Fig. 4 is the structural representation of embodiment of the invention dynamic password generating apparatus; As shown in Figure 4, this device comprises: memory module, display module (display screen), main control module, user's input module, dynamic password generation module; Wherein:
Memory module is used to store one or more customer transaction information;
Display module is used to the information that shows that main control module sends;
Main control module is used for extracting from memory module the customer transaction information of its storage, and sends it to display module and show;
User's input module is used for when the user carries out the button operation of selecting customer transaction information button operation corresponding key signal being sent to main control module;
Main control module also is used for judging user-selected fixed customer transaction information according to the push button signalling that receives, and user-selected fixed customer transaction information is sent to the dynamic password generation module;
The dynamic password generation module is used for generating challenge code according to the customer transaction information that receives, and uses the challenge code of its generation to generate certified side's dynamic password, and the certified side's that will generate dynamic password sends to main control module;
Main control module also is used for sending it to display module and showing behind the certified side's who receives the transmission of dynamic password generation module dynamic password.
In addition, memory module also is used for storage and the pairing index code of each bar customer transaction information;
User's input module also is used to receive the character that the user imports, and the pairing push button signalling of character of user's input is sent to main control module;
Main control module, also be used for behind the pairing push button signalling of character that receives user's input that user's input module sends, the customer transaction information that is stored in the memory module, the character of index code and the current input of user is complementary sent to display module show.
Can also comprise data-interface in the dynamic password generating apparatus; Data-interface is used for linking to each other with main control module with customer transaction information management terminal;
Main control module also is used for sending it to display screen and showing after the customer transaction information that receives the transmission of customer transaction information management terminal by data-interface;
User's input module also is used for when the user carries out the button operation of the customer transaction information be used to confirm current demonstration, and the affirmation push button signalling of button operation correspondence is sent to main control module;
Main control module also is used for the customer transaction information that receives being sent to memory module storing behind the affirmation push button signalling that receives the transmission of user's input module.
According to basic principle of the present invention, the foregoing description can have multiple mapping mode, for example:
(1) user can by button input, modification, the compiles user Transaction Information of dynamic password generating apparatus, and generate the customer transaction information list that comprises one or more customer transaction information directly in the dynamic password generating apparatus.
In this case, for the ease of user's input, customer transaction information can only comprise following field: number of the account and/or trading limit.
In addition, the user can also directly be each the bar customer transaction information generation index code in the customer transaction information list in the dynamic password generating apparatus.
(2) customer transaction information is except comprising address name, and number of the account outside the fields such as trading limit, can also comprise other relevant information, for example, and bank of deposit's information of user, associated account number etc.
In sum, owing to all adopt this pairing customer transaction information of concluding the business to generate challenge code in dynamic password generating apparatus and the transaction system among the present invention, and according to this challenge code generation dynamic password, make the information that comprises this transaction in the challenge code, can more effectively protect transaction; In addition, also adopt customer transaction information to generate challenge code just because of the present invention, therefore can in the dynamic password generating apparatus, store all customer transaction information that may be used in advance, so that when needs generate dynamic password, it is shown to the user, select for the user, and, saved the user and imported the challenge code step by hand according to the customer transaction information generation challenge code that the user selects.
In addition, the present invention in conjunction with the index code of customer transaction information binding, can allow the user more quickly customer transaction information be selected.
Claims (23)
1. an authentication method is characterized in that, this method comprises:
The dynamic password generating apparatus is presented on the display screen one or more customer transaction information of its storage for user's selection, this that select according to the user pairing customer transaction information of concluding the business generates challenge code, and uses the challenge code of its generation to generate certified side's dynamic password;
Transaction system is obtained this pairing customer transaction information of concluding the business, and generates challenge code according to the customer transaction information of obtaining, and uses the dynamic password of the challenge code generation authenticating party of its generation;
After transaction system receives described certified side's dynamic password, compare by dynamic password and to finish authentication itself and described authenticating party.
2. the method for claim 1 is characterized in that,
Comprise following one or more field in the described customer transaction information: address name, number of the account, trading limit.
3. method as claimed in claim 1 or 2 is characterized in that,
Also store in the described dynamic password generating apparatus and the pairing index code of each bar customer transaction information;
When user inputs character, the customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that the character of index code and the current input of user is complementary.
4. method as claimed in claim 3 is characterized in that,
Described index code is mnemonic(al) character string or sequence number;
When user inputs character, the customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that comprises all characters of the current input of user in mnemonic(al) character string or the sequence number.
5. method as claimed in claim 4 is characterized in that,
Comprise in the described mnemonic(al) character string: the part or all of character of the phonetic of address name.
6. method as claimed in claim 3 is characterized in that,
Described index code is a classification number;
When the user imported described classification number, described dynamic password generating apparatus showed that on display screen all have the customer transaction information of same category number.
7. method as claimed in claim 1 or 2 is characterized in that,
Described transaction system is obtained this pairing customer transaction information of concluding the business in the following way:
Described transaction system is extracted described this pairing customer transaction information of concluding the business from the transaction message of this transaction of receiving; Or
Described transaction system is extracted user ID from the transaction message of this transaction of receiving, use described user ID to obtain described this pairing customer transaction information of concluding the business.
8. method as claimed in claim 1 or 2 is characterized in that,
In described dynamic password generating apparatus, store customer transaction information in the following way:
Customer transaction information management terminal sends to described dynamic password generating apparatus with user input or editor's customer transaction information by the data-interface between itself and the described dynamic password generating apparatus;
After receiving customer transaction information, described dynamic password generating apparatus is presented at it on display screen to be confirmed for the user;
After receiving user's affirmation indication, the described customer transaction information that receives of described dynamic password generating apparatus storage.
9. a dynamic password formation method is characterized in that, this method comprises:
The dynamic password generating apparatus is presented on the display screen one or more customer transaction information of its storage for user's selection, this that select according to the user pairing customer transaction information of concluding the business generates challenge code, and uses the challenge code of its generation to generate certified side's dynamic password;
Transaction system is obtained this pairing customer transaction information of concluding the business, and generates challenge code according to the customer transaction information of obtaining, and uses the dynamic password of the challenge code generation authenticating party of its generation.
10. method as claimed in claim 9 is characterized in that,
Comprise following one or more field in the described customer transaction information: address name, number of the account, trading limit.
11. as claim 9 or 10 described methods, it is characterized in that,
Also store in the described dynamic password generating apparatus and the pairing index code of each bar customer transaction information;
When user inputs character, the customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that the character of index code and the current input of user is complementary.
12. method as claimed in claim 11 is characterized in that,
Described index code is mnemonic(al) character string or sequence number;
When user inputs character, the customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that comprises all characters of the current input of user in mnemonic(al) character string or the sequence number.
13. method as claimed in claim 12 is characterized in that,
Comprise in the described mnemonic(al) character string: the part or all of character of the phonetic of address name.
14. method as claimed in claim 11 is characterized in that,
Described index code is a classification number;
When the user imported described classification number, described dynamic password generating apparatus showed that on display screen all have the customer transaction information of same category number.
15. as claim 9 or 10 described methods, it is characterized in that,
Described transaction system is obtained this pairing customer transaction information of concluding the business in the following way:
Described transaction system is extracted described this pairing customer transaction information of concluding the business from the transaction message of this transaction of receiving; Or
Described transaction system is extracted user ID from the transaction message of this transaction of receiving, use described user ID to obtain described this pairing customer transaction information of concluding the business.
16. method as claimed in claim 1 or 2 is characterized in that,
In described dynamic password generating apparatus, store customer transaction information in the following way:
Customer transaction information management terminal sends to described dynamic password generating apparatus with user input or editor's customer transaction information by the data-interface between itself and the described dynamic password generating apparatus;
After receiving customer transaction information, described dynamic password generating apparatus is presented at it on display screen to be confirmed for the user;
After receiving user's affirmation indication, the customer transaction information that described dynamic password generating apparatus storage receives.
17. a Verification System is characterized in that, this system comprises: dynamic password generating apparatus and transaction system, wherein:
Described dynamic password generating apparatus is used for one or more customer transaction information of its storage is presented on the display screen for user's selection, this that select according to the user pairing customer transaction information of concluding the business generates challenge code, and uses the challenge code of its generation to generate certified side's dynamic password;
Described transaction system is used to obtain this pairing customer transaction information of concluding the business, and generates challenge code according to the customer transaction information of obtaining, and uses the dynamic password of the challenge code generation authenticating party of its generation;
Described transaction system also is used for after receiving described certified side's dynamic password, compares by the dynamic password with itself and described authenticating party and finishes authentication.
18. system as claimed in claim 17 is characterized in that,
Described dynamic password generating apparatus also is used for storage and the pairing index code of each bar customer transaction information;
Described dynamic password generating apparatus also is used to receive the character of user's input, after receiving the character of described user's input, the described customer transaction information that described dynamic password generating apparatus shows on display screen is: the customer transaction information that the character of index code and the current input of user is complementary.
19. system as claimed in claim 17 is characterized in that,
Described transaction system is obtained this pairing customer transaction information of concluding the business in the following way:
Described transaction system is extracted described this pairing customer transaction information of concluding the business from the transaction message of this transaction of receiving; Or
Described transaction system is extracted user ID from the transaction message of this transaction of receiving, use described user ID to obtain described this pairing customer transaction information of concluding the business.
20. system as claimed in claim 17 is characterized in that,
Also comprise customer transaction information management terminal in the described Verification System; Described customer transaction information management terminal links to each other with described dynamic password generating apparatus by data-interface;
Described customer transaction information management terminal is used for user's input or editor's customer transaction information is sent to described dynamic password generating apparatus by described data-interface;
Described dynamic password generating apparatus also is used for after the customer transaction information that receives described customer transaction information management terminal transmission, it is presented on the display screen confirms for the user; And after the affirmation indication that receives the user, store the described customer transaction information that receives.
21. a dynamic password generating apparatus comprises: the dynamic password generation module, display module is characterized in that, this device also comprises: memory module, main control module, user's input module; Wherein:
Described memory module is used to store one or more customer transaction information;
Described display module is used to the information that shows that described main control module sends;
Described main control module is used for extracting from described memory module the customer transaction information of its storage, and sends it to described display module and show;
Described user's input module is used for when the user carries out the button operation of selecting customer transaction information button operation corresponding key signal being sent to described main control module;
Described main control module also is used for judging user-selected fixed customer transaction information according to the push button signalling that receives, and user-selected fixed customer transaction information is sent to described dynamic password generation module;
Described dynamic password generation module is used for generating challenge code according to the customer transaction information that receives, and uses the challenge code of its generation to generate certified side's dynamic password, and the certified side's that will generate dynamic password sends to described main control module;
Described main control module also is used for sending it to described display module and showing behind the certified side's who receives described dynamic password generation module transmission dynamic password.
22. device as claimed in claim 21 is characterized in that,
Described memory module also is used for storage and the pairing index code of each bar customer transaction information;
Described user's input module also is used to receive the character that the user imports, and the pairing push button signalling of character of user's input is sent to described main control module;
Described main control module, also be used for behind the pairing push button signalling of character that receives described user input, the customer transaction information that is stored in the described memory module and the character of index code and the current input of user is complementary sent to described display module show.
23. device as claimed in claim 21 is characterized in that,
Also comprise data-interface in the described dynamic password generating apparatus; Described data-interface links to each other with described main control module with customer transaction information management terminal, is used for transmitting data between customer transaction information management terminal and described main control module;
Described main control module also is used for sending it to described display screen and showing after the customer transaction information that receives described customer transaction information management terminal transmission by described data-interface;
Described user's input module also is used for when the user carries out the button operation of the customer transaction information be used to confirm current demonstration, and the affirmation push button signalling of button operation correspondence is sent to described main control module;
Described main control module also is used for after receiving described affirmation push button signalling, the described customer transaction information that receives is sent to described memory module store.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110085439.5A CN102158488B (en) | 2011-04-06 | 2011-04-06 | Dynamic countersign generation method and device and authentication method and system |
| CN201310412564.1A CN103475658B (en) | 2011-04-06 | 2011-04-06 | Dynamic password generating method and device and authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110085439.5A CN102158488B (en) | 2011-04-06 | 2011-04-06 | Dynamic countersign generation method and device and authentication method and system |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310412564.1A Division CN103475658B (en) | 2011-04-06 | 2011-04-06 | Dynamic password generating method and device and authentication method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102158488A true CN102158488A (en) | 2011-08-17 |
| CN102158488B CN102158488B (en) | 2014-03-12 |
Family
ID=44439671
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110085439.5A Active CN102158488B (en) | 2011-04-06 | 2011-04-06 | Dynamic countersign generation method and device and authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102158488B (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102664736A (en) * | 2012-04-13 | 2012-09-12 | 天地融科技股份有限公司 | Electronic cipher generating method, device and equipment and electronic cipher authentication system |
| CN102752115A (en) * | 2012-07-04 | 2012-10-24 | 北京天龙融和软件有限公司 | Challenge code generation method and device, dynamic password authentication method and system |
| CN102843237A (en) * | 2012-09-13 | 2012-12-26 | 天地融科技股份有限公司 | Authorization token, operation token, and method and system for remotely authorizing dynamic password token |
| CN102868527A (en) * | 2012-08-17 | 2013-01-09 | 天地融科技股份有限公司 | Dynamic password generation system and device |
| CN102983975A (en) * | 2012-11-12 | 2013-03-20 | 天地融科技股份有限公司 | Dynamic password display method |
| CN103078738A (en) * | 2012-11-22 | 2013-05-01 | 天地融科技股份有限公司 | Dynamic password generation device and adapter |
| CN103236009A (en) * | 2013-03-26 | 2013-08-07 | 上海众人网络安全技术有限公司 | Dynamic token, trade information preset method and trade method based on dynamic password |
| CN103944732A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive method |
| CN103944730A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive system |
| WO2014161438A1 (en) * | 2013-04-03 | 2014-10-09 | 天地融科技股份有限公司 | Dynamic password token, and data transmission method and system for dynamic password token |
| CN104852899A (en) * | 2015-04-03 | 2015-08-19 | 北京云安世纪科技有限公司 | System and method for exchange of OTP seed |
| CN106506143A (en) * | 2016-09-27 | 2017-03-15 | 天地融科技股份有限公司 | A kind of dynamic cipher generating method and device |
| CN107690667A (en) * | 2015-06-08 | 2018-02-13 | 亿贝韩国有限公司 | Use the payment system and its method for user's non-repudiation of user terminal |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101163014A (en) * | 2007-11-30 | 2008-04-16 | 中国电信股份有限公司 | Dynamic password identification authenticating system and method |
| US20090063850A1 (en) * | 2007-08-29 | 2009-03-05 | Sharwan Kumar Joram | Multiple factor user authentication system |
| CN101540031A (en) * | 2009-05-04 | 2009-09-23 | 李勇 | Confirmation method for ensuring data validity in network electronic trade |
| CN101567073A (en) * | 2008-04-24 | 2009-10-28 | 李东声 | Method, device and system for realizing batch electronic transaction |
-
2011
- 2011-04-06 CN CN201110085439.5A patent/CN102158488B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090063850A1 (en) * | 2007-08-29 | 2009-03-05 | Sharwan Kumar Joram | Multiple factor user authentication system |
| CN101163014A (en) * | 2007-11-30 | 2008-04-16 | 中国电信股份有限公司 | Dynamic password identification authenticating system and method |
| CN101567073A (en) * | 2008-04-24 | 2009-10-28 | 李东声 | Method, device and system for realizing batch electronic transaction |
| CN101540031A (en) * | 2009-05-04 | 2009-09-23 | 李勇 | Confirmation method for ensuring data validity in network electronic trade |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102664736A (en) * | 2012-04-13 | 2012-09-12 | 天地融科技股份有限公司 | Electronic cipher generating method, device and equipment and electronic cipher authentication system |
| WO2013152735A1 (en) * | 2012-04-13 | 2013-10-17 | 天地融科技股份有限公司 | Electronic cipher generation method, apparatus and device, and electronic cipher authentication system |
| CN102752115B (en) * | 2012-07-04 | 2015-09-16 | 北京天龙融和软件有限公司 | Challenge code generating method and device, dynamic password authentication method and system |
| CN102752115A (en) * | 2012-07-04 | 2012-10-24 | 北京天龙融和软件有限公司 | Challenge code generation method and device, dynamic password authentication method and system |
| CN102868527A (en) * | 2012-08-17 | 2013-01-09 | 天地融科技股份有限公司 | Dynamic password generation system and device |
| CN102868527B (en) * | 2012-08-17 | 2016-01-20 | 天地融科技股份有限公司 | A kind of dynamic password generation and device |
| CN102843237A (en) * | 2012-09-13 | 2012-12-26 | 天地融科技股份有限公司 | Authorization token, operation token, and method and system for remotely authorizing dynamic password token |
| WO2014040436A1 (en) * | 2012-09-13 | 2014-03-20 | 天地融科技股份有限公司 | Authorization token, operation token, and method and system for remotely authorizing dynamic password token |
| CN102983975A (en) * | 2012-11-12 | 2013-03-20 | 天地融科技股份有限公司 | Dynamic password display method |
| CN102983975B (en) * | 2012-11-12 | 2016-02-24 | 天地融科技股份有限公司 | Dynamic password display method |
| CN103078738A (en) * | 2012-11-22 | 2013-05-01 | 天地融科技股份有限公司 | Dynamic password generation device and adapter |
| CN103236009A (en) * | 2013-03-26 | 2013-08-07 | 上海众人网络安全技术有限公司 | Dynamic token, trade information preset method and trade method based on dynamic password |
| WO2014161438A1 (en) * | 2013-04-03 | 2014-10-09 | 天地融科技股份有限公司 | Dynamic password token, and data transmission method and system for dynamic password token |
| CN103944730A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive system |
| CN103944732A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive method |
| CN104852899A (en) * | 2015-04-03 | 2015-08-19 | 北京云安世纪科技有限公司 | System and method for exchange of OTP seed |
| CN104852899B (en) * | 2015-04-03 | 2019-05-14 | 北京奇虎科技有限公司 | A kind of exchange system and method for OTP seed |
| CN107690667A (en) * | 2015-06-08 | 2018-02-13 | 亿贝韩国有限公司 | Use the payment system and its method for user's non-repudiation of user terminal |
| CN106506143A (en) * | 2016-09-27 | 2017-03-15 | 天地融科技股份有限公司 | A kind of dynamic cipher generating method and device |
| CN106506143B (en) * | 2016-09-27 | 2019-10-22 | 天地融科技股份有限公司 | A kind of dynamic cipher generating method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102158488B (en) | 2014-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102158488B (en) | Dynamic countersign generation method and device and authentication method and system | |
| US8407463B2 (en) | Method of authentication of users in data processing systems | |
| CN104599408B (en) | Third party's account ATM withdrawal method and system based on dynamic two-dimension code | |
| EP2949094B1 (en) | Method for authenticating a user with respect to a machine | |
| CN104464117B (en) | Based on dynamic two-dimension code ATM (automatic teller machine) withdrawal method and system | |
| CN102752115B (en) | Challenge code generating method and device, dynamic password authentication method and system | |
| CN105225359B (en) | Based on Quick Response Code without card withdrawal method and finger print identifying server | |
| CN102696212A (en) | Compact security device with transaction risk level approval capability | |
| CN102075547A (en) | Dynamic password generating method and device and authentication method and system | |
| CN101611588A (en) | Secure access for limited resources | |
| KR101025807B1 (en) | Authentication method and authentication server | |
| CN102868527A (en) | Dynamic password generation system and device | |
| CN105610865A (en) | Method and device for authenticating identity of user based on transaction data | |
| CN101916478A (en) | Method for automatically acquiring, verifying and inputting dynamic password in normal short message by client | |
| KR20130107188A (en) | Server and method for authentication using sound code | |
| KR20060102456A (en) | System and method for authenticating user, server for authenticating user and recording medium | |
| CN102170437A (en) | System and method for realizing Phishing identification based on challenge password token | |
| CN104657860A (en) | Mobile banking security authentication method | |
| KR20070065863A (en) | Apparatus, system, method and computer program recorded medium for providing electronic waller service by using usim (universal subscriber identity module) card | |
| CN106355496A (en) | Method, system and device for realizing batch electronic transactions as well as electronic signature tool | |
| KR101024370B1 (en) | Integrated Messenger Banking Method by Using Personal Financial Management System | |
| TWI600308B (en) | System for using valid certificate to apply mobile certificate online and method thereof | |
| CN104769621A (en) | Financial transactions with a varying pin | |
| CN103475658B (en) | Dynamic password generating method and device and authentication method and system | |
| KR102140708B1 (en) | Method and server for providing financial service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 102211 Beijing city Changping District Baishan town 100 Ge Road No. 9 Building No. 2 hospital Applicant after: Tendyron Technology Co., Ltd. Address before: 100083, B, block 17, golden building, No. 1810 Qinghua East Road, Beijing, Haidian District Applicant before: Beijing Tendyron Technology Co., Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |