TW201828188A - Electronic wallet system and method thereof effectively improve the safety of using the electronic wallet - Google Patents

Electronic wallet system and method thereof effectively improve the safety of using the electronic wallet Download PDF

Info

Publication number
TW201828188A
TW201828188A TW106103360A TW106103360A TW201828188A TW 201828188 A TW201828188 A TW 201828188A TW 106103360 A TW106103360 A TW 106103360A TW 106103360 A TW106103360 A TW 106103360A TW 201828188 A TW201828188 A TW 201828188A
Authority
TW
Taiwan
Prior art keywords
card
server
card data
user device
information
Prior art date
Application number
TW106103360A
Other languages
Chinese (zh)
Inventor
潘同勇
莊為文
Original Assignee
臺灣行動支付股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 臺灣行動支付股份有限公司 filed Critical 臺灣行動支付股份有限公司
Priority to TW106103360A priority Critical patent/TW201828188A/en
Publication of TW201828188A publication Critical patent/TW201828188A/en

Links

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention provides an electronic wallet system and a method thereof, which comprises a proxy server that transmits the encryption key and generates an application program to the user device. The user device then inputs the card information as required by the application program, and uses the encryption key for encryption to generate the encrypted card data to the merchant server, and transmits it to an authorization switching center server, and sends it back to the proxy server. The encrypted card data can then be decrypted and transmitted to the card issuing server to authenticate the card information and generate a successful authentication message to the proxy server. The corresponding card transaction information is generated according to the card data displayed on the user device so as to provide payment by selecting the transaction card data and requesting the payment. According to the invention, encryption processing can be performed when the card information is transmitted, so that the safety of using the electronic wallet can be effectively improved.

Description

建立電子錢包系統及其方法Establishing electronic wallet system and method thereof

本發明係有關一種建立電子錢包之技術,特別是指一種具有高安全性之建立電子錢包系統及其方法。The invention relates to a technology for establishing an electronic wallet, in particular to a method for establishing an electronic wallet with high security and a method thereof.

由於智慧型的攜帶裝置(如智慧型手機或平板電腦)近年來蓬勃發展,讓消費者們對於智慧型手機及平板電腦等行動通訊裝置的依賴度上升,因此商家們看準了此商機,也開始陸續推出行動通訊裝置的商務服務。As smart portable devices (such as smart phones or tablets) have prospered in recent years, consumers have become more dependent on mobile devices such as smart phones and tablets, so merchants have seen this opportunity. Business services for mobile communication devices began to be launched.

其中一種商務服務即係為行動支付(Mobile Payment),行動支付係一種使用行動裝置進行付款的服務,在不需使用現金、支票或信用卡的情況下,消費者可使用行動電話支付各項服務或數位及實體商品的費用,使消費者只要攜帶智慧型手機出門,不再需要攜帶實體的金錢便能應付生活的食衣住行育樂。One type of business service is Mobile Payment, which is a service that uses mobile devices to make payments. Consumers can use mobile phones to pay for services or without using cash, checks or credit cards. The cost of digital and physical goods allows consumers to go out with their smart phones and no longer need to carry physical money to cope with the life of food and clothing.

然而,現有的行動商務服務提供者與行動支付服務提供者多為各自獨立的營運企業,因此消費者須在行動通訊裝置內分別安裝行動支付服務的應用程式,以及對應付款商店行動商務服務的應用程式,使用時必須先透過執行行動商務服務的應用程式取得相關服務後,再轉而執行行動支付服務的應用程式完成付款動作,不但增加了消費者行動通訊裝置儲存空間的負擔,且繁複的步驟更使消費者感受不佳,因此目前有許多行動商務服務提供者與行動支付服務提供者積極進行整合,或企業本身同時扮演兩個角色,以提供使用者僅下載單一應用程式,操作單一應用程式即可完成商務服務及支付服務。但若行動商務服務提供者與行動支付服務提供者並未合作,就還是無法使用單一應用程式進行付款,相當不便。However, existing mobile business service providers and mobile payment service providers are mostly independent operating companies. Therefore, consumers must install mobile payment service applications in mobile communication devices and applications corresponding to payment store mobile business services. The program must first obtain the relevant services through the application that implements the mobile business service, and then execute the payment payment service application to complete the payment action, which not only increases the burden of the storage space of the consumer mobile communication device, but also complicated steps. It also makes consumers feel bad, so there are many active business service providers and mobile payment service providers actively integrating, or the company itself plays two roles at the same time, to provide users to download only a single application, operate a single application Business services and payment services can be completed. However, if the mobile business service provider does not cooperate with the mobile payment service provider, it is still inconvenient to use a single application for payment.

再者,每一個商家的所建立的安全機制皆相當不完整,商家多半僅單純在綁定信用卡時,進行信用卡卡號以及辨識碼輸入的驗證,並未完整地核對輸入卡片資料者是否為持卡者本人,因此容易被不肖人士使用,進行盜刷等行為,因此造成很多安全上的問題。Moreover, the security mechanism established by each merchant is quite incomplete. Most of the merchants only perform the verification of the credit card number and the identification code input when the credit card is bound, and it is not completely checked whether the card input card is the card holder. Because of this, it is easy for people who are used by unscrupulous people to perform acts such as stealing and brushing, which causes many safety problems.

有鑑於此,本發明遂針對上述習知技術之缺失,提出一種建立電子錢包系統及其方法,以有效克服上述之該等問題。In view of the above, the present invention proposes an electronic wallet system and a method thereof to effectively overcome the above problems in view of the above-mentioned shortcomings of the prior art.

本發明之主要目的係在提供一種建立電子錢包系統及其方法,其在登入申請信用卡時可對信用卡的卡號進行加密後,再傳送出去,避免卡號外洩,且登入信用卡時係透過發卡銀行直接對使用者進行身分核對,可強化申請卡片時的安全性,避免卡號被盜用的風險,有效提高使用電子錢包的安全性。The main object of the present invention is to provide an electronic wallet system and a method thereof, which can encrypt a card number of a credit card after being applied for a credit card, and then transmit the card number to avoid leakage of the card number, and the credit card is directly sent through the card issuing bank. Checking the user's identity can enhance the security of the application card, avoid the risk of the card number being stolen, and effectively improve the security of using the electronic wallet.

本發明之另一目的係在提供一種建立電子錢包系統及其方法,可整合多種信用卡格式,發卡銀行以及多種付款的使用平台,能提高使用的機動性。Another object of the present invention is to provide an electronic wallet system and a method thereof, which can integrate various credit card formats, a card issuing bank, and a plurality of payment using platforms, thereby improving the mobility of use.

為達上述之目的,本發明係提供一種建立電子錢包方法,首先,在一使用者裝置輸入至少一卡片資料;接著使用者裝置利用一加密金鑰加密卡片資料並產生一加密卡片資料,其包含有一核身指令,使用者裝置將加密卡片資料傳送至一卡片管理系統;卡片管理系統對加密卡片資料進行解密,產生卡片資料與核身指令,使卡片管理系統根據核身指令認證卡片資料;在卡片資料認證成功後,更產生一認證成功資訊;卡片管理系統更可產生一驗證碼至使用者裝置中,提供使用者輸入驗證碼至使用者裝置後,卡片管理系統根據卡片資料產生對應之交易卡片資料,並傳送交易卡片資料至使用者裝置並顯示交易卡片資料,提供使用者選擇交易卡片資料請求付款。For the above purposes, the present invention provides a method for establishing an electronic wallet. First, at least one card data is input to a user device; then the user device encrypts the card data with an encryption key and generates an encrypted card data, which includes There is a core command, the user device transmits the encrypted card data to a card management system; the card management system decrypts the encrypted card data, generates card data and a nuclear body command, so that the card management system authenticates the card data according to the nuclear body instruction; After the card data is successfully authenticated, a verification success message is generated; the card management system can generate a verification code to the user device, and after the user inputs the verification code to the user device, the card management system generates a corresponding transaction according to the card data. The card data, and the transaction card data is transmitted to the user device and the transaction card data is displayed, and the user is selected to select the transaction card data to request payment.

為達上述之目的,本發明亦提供一種建立電子錢包系統,包括一代理機構伺服器產生一申請程式以及至少一加密金鑰至一使用者裝置,使用者裝置接收加密金鑰以及申請程式後,根據申請程式需求輸入至少一卡片資料,接著使用者裝置再利用加密金鑰加密卡片資料,產生包括一核身指令的一加密卡片資料,以將加密卡片資料傳遞至至少一商家伺服器,商家伺服器接收加密卡片資料後再將加密卡片資料傳送至一授權轉接中心伺服器,授權轉接中心伺服器接收商家伺服器之加密卡片資料後,再將加密卡片資料傳遞到代理機構伺服器,以利用代理機構伺服器對加密卡片資料進行解密,產生卡片資料與核身指令至至少一發卡伺服器,使發卡伺服器根據核身指令認證進行認證卡片資料,卡片資料認證成功後產生一認證成功資訊至代理機構伺服器,使代理機構伺服器根據卡片資料產生對應之交易卡片資料至使用者裝置顯示,提供使用者選擇交易卡片資料請求付款。For the above purposes, the present invention also provides an electronic wallet system, comprising: an agent server generating an application program and at least one encryption key to a user device, the user device receiving the encryption key and applying the program, Entering at least one card data according to the application program requirement, and then the user device encrypts the card data by using the encryption key to generate an encrypted card data including a core command to transmit the encrypted card data to at least one merchant server, the merchant servo After receiving the encrypted card data, the device transmits the encrypted card data to an authorized transfer center server, and the authorized transfer center server receives the encrypted card data of the merchant server, and then transmits the encrypted card data to the agent server, The agent server is used to decrypt the encrypted card data, and the card data and the kernel command are generated to at least one card issuing server, so that the card issuing server authenticates the card data according to the nuclear body command authentication, and the card data is successfully authenticated and generates an authentication success information. To the agency server to make the agency Server means to the user generates a transaction card corresponding to the card information according to display information, providing information requests the user to select a payment card transactions.

其中發卡伺服器認證卡片資料成功後,更產生一驗證碼至使用者裝置顯示,提供使用者輸入驗證碼至代理機構伺服器,代理機構伺服器接收到驗證碼後,才將交易卡片資料傳送至使用者裝置顯示。After the card issuing server authenticates the card data successfully, a verification code is generated to the user device display, and the user inputs the verification code to the agency server, and the agent server receives the verification code before transmitting the transaction card data to User device display.

當代理機構伺服器在交易卡片資料傳送至使用者裝置顯示後,會產生一交易卡片資料下載完成資訊至授權轉接中心伺服器,再將交易卡片資料下載完成資訊傳送至商家伺服器,通知卡片下載完成。After the agent server transmits the transaction card data to the user device display, a transaction card data download completion information is generated to the authorized transfer center server, and the transaction card data download completion information is transmitted to the merchant server, and the notification card is sent. Download completed.

底下藉由具體實施例詳加說明,當更容易瞭解本發明之目的、技術內容、特點及其所達成之功效。The purpose, technical content, features and effects achieved by the present invention will be more readily understood by the detailed description of the embodiments.

請參照第一圖,如圖所示,以說明本發明系統架構圖,如圖所示,建立電子錢包系統1包括一使用者裝置10,其可為攜帶型通訊裝置,如智慧型手機或平板電腦等裝置;一卡片管理系統20信號連接使用者裝置10,以處理卡片的登入、驗證、付款等服務,其中卡片管理系統20包括有一代理機構伺服器22、商家伺服器24、授權轉接中心伺服器26以及發卡伺服器28。其中使用者裝置10信號連接代理機構伺服器22、商家伺服器24、授權轉接中心伺服器26以及發卡伺服器28,商家伺服器24則信號連接授權轉接中心伺服器26;代理機構伺服器22則信號連接授權轉接中心伺服器26以及發卡伺服器28。Please refer to the first figure, as shown in the figure, to illustrate the system architecture diagram of the present invention. As shown, the electronic wallet system 1 includes a user device 10, which can be a portable communication device, such as a smart phone or tablet. A card management system 20 is connected to the user device 10 to process the card login, verification, payment, etc., wherein the card management system 20 includes an agency server 22, a merchant server 24, and an authorized transfer center. The server 26 and the card issuing server 28. The user device 10 signals the proxy server 22, the merchant server 24, the authorized transfer center server 26, and the card issuer server 28. The merchant server 24 signals the authorized transfer center server 26; the proxy server 22 then signals the authorized transfer center server 26 and the card issuer server 28.

其中商家伺服器24係為網路商店、網路購物中心、網路商城等商家的付費管理電子錢包例如google wallet;代理機構伺服器22係為本發明主要核心,視為一數位錢包的管理者,以透過代理機構伺服器22進行電子錢包的連線與訊息傳遞與統整等;發卡伺服器28則為使用者所持有卡片之發行者,例如各家銀行業者,其主要係用以核對卡片資訊以及交易等相關的檢核作業,並且依據使用者之交易行為進行後續的授權作業審核;授權轉接中心伺服器26則係為處理信用卡交易的組織,如聯合信用卡處理中心(National Credit Card Center,NCCC),或者授權轉接中心伺服器26亦可為金融機構,如處理帳單的收單銀行等,本實施例的授權轉接中心伺服器26僅作為接受卡片目前狀態以記錄卡片目前狀態,並做為連絡聯絡商家伺服器24的媒介,以接收或傳送卡片狀態。The merchant server 24 is a payment management electronic wallet of a merchant such as an online store, an online shopping mall, an online shopping mall, etc., such as a google wallet; the agency server 22 is the main core of the invention, and is regarded as a manager of a digital wallet. The e-wallet is connected and transmitted and integrated through the proxy server 22; the card-issuing server 28 is the issuer of the card held by the user, for example, each banker, which is mainly used for checking Card information and transaction related check operations, and subsequent authorization operations review based on the user's transaction behavior; authorized transfer center server 26 is an organization that handles credit card transactions, such as the United Credit Card Processing Center (National Credit Card) Center, NCCC), or authorized transfer center server 26 may also be a financial institution, such as an acquiring bank that processes bills, etc. The authorized transfer center server 26 of this embodiment only serves as the current status of the accepted card to record the card at present. The status is used as a medium to contact the merchant server 24 to receive or transmit the card status.

在解釋完本發明實施例系統架構中的各個角色後,本發明接續針對使用者操作與交易流程之間的搭配進行更詳盡的說明。首先說明代理機構伺服器22與發卡伺服器28簽訂協議合作時的方法流程圖,請一併參閱第一圖以及第二圖,如圖所示,首先進入步驟S10,使用者在申請電子錢包時,係由使用者對使用者裝置10輸入一申請指令,使用者裝置10再將申請指令傳送至代理機構伺服器22,使代理機構伺服器22產生一申請程式以及至少一加密金鑰至使用者裝置10,使用者裝置10接著提出請求給代理機構伺服器22,代理機構伺服器22產生一組新的五個加密金鑰給使用者裝置10。代理機構伺服器22產生一申請程式以及加密金鑰至使用者裝置10後,進入步驟S12,使用者裝置10顯示申請程式,提供使用者根據申請程式需求輸入至少一卡片資料,本實施例舉例的卡片係為信用卡,且可輸入複數個卡片資料,而本實施例係以輸入一卡片資料作為實施例說明,其中卡片資料包括至少一信用卡的信用卡號或使用者個人資料,當然亦可利用使用者裝置10來拍攝卡片影像,提供使用者裝置10自行判斷卡片資料影像上的卡片資料,卡號或使用者個人資料等。接著進入步驟S14,在輸入完卡片資料後,使用者裝置10再利用加密金鑰加密卡片資料,同時夾帶一核身指令以產生一加密卡片資料,因此加密卡片資料中會包括有卡片資料與核身指令;使用者裝置10產生加密卡片資料後傳送至商家伺服器24,商家伺服器24再將加密卡片資料傳遞至授權轉接中心伺服器26;其中當商家伺服器24為複數個時,使用者裝置10會事先設定應該將加密卡片資料傳送至哪一個商家伺服器24,提供使用者裝置10將加密卡片資料傳送至對應的商家伺服器24中。接下來進入步驟S16,授權轉接中心伺服器26再將加密卡片資料傳遞至代理機構伺服器22,代理機構伺服器22再將加密卡片資料進行解密,產生卡片資料與核身指令,並將解密後的卡片資料與核身指令傳遞至發卡伺服器28,使發卡伺服器28根據核身指令開始認證卡片資料,認證卡片資料是否為持有人申請,認證時係發卡銀行的行員可透過資料校對或利用通訊裝置,如電話、網路電話,除此之外更可直接面談持卡者,以進行身分的驗證。接著進入步驟S18,當卡片資料認證成功後,發卡伺服器28會產生一認證成功資訊至代理機構伺服器22,代理機構伺服器22接收到認證成功資訊後,代理機構伺服器22產生一進行製卡通知資訊至授權轉接中心伺服器26,其再將進行製卡通知資訊傳送給商家伺服器24,通知授權轉接中心伺服器26以及商家伺服器24此信用卡驗證成功,等待使用者進行開卡使用,同時,發卡伺服器28會發出一驗證碼至使用者裝置10,使用者裝置10再將驗證碼顯示。最後進入步驟S20,使用者在使用者裝置10輸入顯示的驗證碼,使用者裝置10再將驗證碼傳遞至代理機構伺服器22,使其根據卡片資料產生對應的交易卡片資料至使用者裝置10顯示,其中交易卡片資料可以信用卡卡片圖形的態樣或是編號表示,在此僅係為實施例說明並不為用來限定交易卡片資料在使用者裝置10螢幕中所顯示的態樣;之後代理機構伺服器22在交易卡片資料傳送至使用者裝置10顯示後,產生一交易卡片資料下載完成資訊至授權轉接中心伺服器26,授權轉接中心伺服器26將交易卡片資料下載完成資訊傳送至商家伺服器24,以通知信用卡已經下載至使用者裝置10中,使用者可開始選擇使用者裝置10中所顯示的交易卡片資料請求付款。申請完一張信用卡為電子錢包後,更可申請另外複數張不同的信用卡為電子錢包,使使用者裝置10可同時使用複數張的信用卡付款,申請步驟皆與上述相同。After explaining the various roles in the system architecture of the embodiments of the present invention, the present invention provides a more detailed description of the collocation between the user operation and the transaction process. First, a flow chart of the method when the agency server 22 and the card issuance server 28 are signed, please refer to the first figure and the second figure. As shown in the figure, first proceed to step S10, when the user applies for the electronic wallet. The user enters an application command to the user device 10, and the user device 10 transmits the application command to the agency server 22, so that the agency server 22 generates an application program and at least one encryption key to the user. Device 10, user device 10 then makes a request to agency server 22, which generates a new set of five encryption keys to user device 10. After the agent server 22 generates an application program and encrypts the key to the user device 10, the process proceeds to step S12, and the user device 10 displays the application program, and provides the user with at least one card data according to the application program requirement. The card is a credit card, and a plurality of card materials can be input. In this embodiment, the card data is input as an embodiment. The card data includes at least one credit card number of the credit card or the user profile, and of course, the user can also use the card. The device 10 captures the card image and provides the user device 10 to determine the card data, the card number or the user profile of the card data image. Then, proceeding to step S14, after inputting the card data, the user device 10 encrypts the card data by using the encryption key, and simultaneously entrains a core command to generate an encrypted card data, so the card data and the core are included in the encrypted card data. The user device 10 generates the encrypted card data and transmits it to the merchant server 24, and the merchant server 24 transmits the encrypted card data to the authorized transfer center server 26; wherein when the merchant server 24 is plural, the user device 24 The device 10 will pre-set which merchant server 24 the encrypted card data should be transmitted to, and the user device 10 is provided to transmit the encrypted card data to the corresponding merchant server 24. Next, proceeding to step S16, the authorization transfer center server 26 transfers the encrypted card data to the agency server 22, and the agent server 22 decrypts the encrypted card data to generate card data and the body command, and decrypts the card data. The card data and the body command are transmitted to the card issuing server 28, so that the card issuing server 28 starts to authenticate the card data according to the body command, and whether the card data is the holder's application, and the card issuing bank can be proofread by the card issuing bank during the authentication. Or use communication devices, such as telephones and Internet telephony, in addition to directly interviewing cardholders for identity verification. Then, proceeding to step S18, after the card data is successfully authenticated, the card issuing server 28 generates an authentication success message to the agency server 22. After the agent server 22 receives the authentication success information, the agent server 22 generates a system. The card notification information is sent to the authorized transfer center server 26, which then transmits the card making notification information to the merchant server 24, notifying the authorized transfer center server 26 and the merchant server 24 that the credit card verification is successful, waiting for the user to open. The card is used, and at the same time, the card issuing server 28 sends a verification code to the user device 10, and the user device 10 displays the verification code again. Finally, in step S20, the user inputs the displayed verification code in the user device 10, and the user device 10 transmits the verification code to the agency server 22 to generate corresponding transaction card data according to the card data to the user device 10. Display, wherein the transaction card data can be represented by the aspect or number of the credit card graphic, and is merely for the description of the embodiment and is not intended to limit the manner in which the transaction card data is displayed on the screen of the user device 10; After the transaction card data is transmitted to the user device 10 for display, the mechanism server 22 generates a transaction card data download completion information to the authorized transfer center server 26, and the authorization transfer center server 26 transmits the transaction card data download completion information to the The merchant server 24 notifies that the credit card has been downloaded to the user device 10, and the user can start to select the transaction card information displayed in the user device 10 to request payment. After applying for a credit card as an electronic wallet, it is also possible to apply for a plurality of different credit cards as electronic wallets, so that the user device 10 can simultaneously use a plurality of credit cards to pay, and the application steps are the same as above.

接下來請參照第三圖,以詳細說明信用卡認證完成後,使用者操作使用者裝置10進行付款時使用的系統架構圖,如圖所示,建立電子錢包系統1包括一使用者裝置10,其可為攜帶型通訊裝置,如智慧型手機或平板電腦等裝置;一卡片管理系統20信號連接使用者裝置10,以處理卡片的登入、驗證、付款等服務,其中卡片管理系統20包括有一代理機構伺服器22、商家伺服器24、授權轉接中心伺服器26以及發卡伺服器28。其中使用者裝置10信號連接代理機構伺服器22、商家伺服器24、授權轉接中心伺服器26,商家伺服器24則信號連接授權轉接中心伺服器26;代理機構伺服器22則信號連接授權轉接中心伺服器26以及發卡伺服器28;授權轉接中心伺服器26則信號連接發卡伺服器28。Next, please refer to the third figure to explain in detail the system architecture diagram used by the user to operate the user device 10 to perform payment after the credit card authentication is completed. As shown, the electronic wallet system 1 is configured to include a user device 10, It can be a portable communication device, such as a smart phone or a tablet computer; a card management system 20 signals the user device 10 to handle card login, verification, payment, etc., wherein the card management system 20 includes an agent. The server 22, the merchant server 24, the authorized transfer center server 26, and the card issuer server 28. The user device 10 signals the proxy server 22, the merchant server 24, and the authorized transfer center server 26. The merchant server 24 signals the authorized transfer center server 26; the agent server 22 signals the authorization. The transfer center server 26 and the card issuer server 28; the authorized transfer center server 26 is coupled to the card issuer server 28.

接著請配合參照第三圖與第四圖,以說明行付款時的詳細步驟流程,首先,進入步驟S22,使用者挑選完商家伺服器24的商品欲進行付帳時,根據所想要付款的信用卡,在使用者裝置10選擇對應的交易卡片資料之後,會產生一付款資訊。接著進入步驟S24,使用者裝置10利用先前從代理機構伺服器22中所下載的加密金鑰將付款資訊進行加密,產生一加密付款資訊,並將加密付款資訊傳送至授權轉接中心伺服器26。接著進入步驟S26,授權轉接中心伺服器26通知代理機構伺服器22,向代理機構伺服器22請求解碼加密付款資訊,以解碼產生付款資訊至發卡伺服器28。接著進入步驟S28,發卡伺服器28認證付款資訊成功後,會產生一授權通知資訊至授權轉接中心伺服器26,最後進入步驟S30,授權轉接中心伺服器26再將授權通知資訊傳送至使用者裝置10,告知使用者付款成功,並將授權通知資訊傳送至商家伺服器24,商家伺服器24可向授權轉接中心伺服器26進行請款。Then, please refer to the third figure and the fourth figure to explain the detailed steps of the line payment. First, proceed to step S22, when the user selects the goods of the merchant server 24 to pay the bill, according to the desired payment. The credit card generates a payment information after the user device 10 selects the corresponding transaction card data. Next, proceeding to step S24, the user device 10 encrypts the payment information by using the encryption key previously downloaded from the agency server 22, generates an encrypted payment information, and transmits the encrypted payment information to the authorized transfer center server. . Next, proceeding to step S26, the authorization transfer center server 26 notifies the agency server 22 to request the proxy server 22 to decode the encrypted payment information to decode the generated payment information to the card issuing server 28. Then, proceeding to step S28, after the card issuance server 28 verifies that the payment information is successful, an authorization notification message is generated to the authorized transfer center server 26, and finally proceeds to step S30, and the transfer center server 26 is authorized to transmit the authorization notification information to the use. The device 10 informs the user that the payment is successful, and transmits the authorization notification information to the merchant server 24, and the merchant server 24 can make a payment to the authorized transfer center server 26.

除此之外,使用者裝置10更可信號連接一電腦裝置(圖中未示),本發明在電腦裝置上選購商品後,透過使用者裝置10進行付款,詳細方法流程請參照第三圖與第五圖,如圖所示,首先進入步驟S32,使用者要求使用者裝置10產生一電子錢包碼。接著進入步驟S34,使用者根據使用者裝置10顯示的電子錢包碼輸入一電腦裝置中。接著進入步驟S36,使用者即可在使用者裝置10中選擇預付款信用卡所對應的交易卡片資料,以產生一付款資訊。步驟S38,使用者裝置10再利用先前載入的加密金鑰,將付款資訊加密,以產生一加密付款資訊至授權轉接中心伺服器26。接著進入步驟S40,授權轉接中心伺服器26向代理機構伺服器22請求進行解碼加密付款資訊,以解碼產生付款資訊,並將付款資訊傳送至發卡伺服器28。接著進入步驟S42,發卡伺服器28對付款資訊進行認證,當付款資訊認證成功後,發卡伺服器28會產生一授權通知資訊至授權轉接中心伺服器26,最後進入步驟S44,授權轉接中心伺服器26再將授權通知資訊傳送至使用者裝置10,告知使用者付款成功,並將授權通知資訊傳送至商家伺服器24,商家伺服器24可向授權轉接中心伺服器26進行請款。In addition, the user device 10 can be connected to a computer device (not shown). After the product is purchased on the computer device, the user device 10 performs payment through the user device 10. For the detailed method flow, please refer to the third figure. As shown in the fifth figure, as shown in the figure, first, the process proceeds to step S32, and the user requests the user device 10 to generate an electronic wallet code. Then, proceeding to step S34, the user inputs the electronic wallet code displayed by the user device 10 into a computer device. Then, proceeding to step S36, the user can select the transaction card data corresponding to the prepaid credit card in the user device 10 to generate a payment information. In step S38, the user device 10 re-uses the previously loaded encryption key to encrypt the payment information to generate an encrypted payment information to the authorized transfer center server 26. Next, proceeding to step S40, the authorization transfer center server 26 requests the proxy server 22 to perform decoding of the encrypted payment information to decode the generated payment information, and transmits the payment information to the card issuing server 28. Then, proceeding to step S42, the card issuing server 28 authenticates the payment information. After the payment information is successfully authenticated, the card issuing server 28 generates an authorization notification message to the authorized transfer center server 26, and finally proceeds to step S44 to authorize the transfer center. The server 26 then transmits the authorization notification information to the user device 10, notifies the user that the payment is successful, and transmits the authorization notification information to the merchant server 24, and the merchant server 24 can make a payment to the authorized transfer center server 26.

除此之外,本發明之發卡伺服器28當信用卡片到期或其他突發狀況等,更新卡片資料時,發卡伺服器28在自動更新卡片資料後,產生一卡片更新資訊至代理機構伺服器22,代理機構伺服器22再將卡片更新資訊傳遞至授權轉接中心伺服器26,授權轉接中心伺服器26再將卡片更新資訊傳遞至商家伺服器24,同時代理機構伺服器22會將卡片更新資訊傳遞至使用者裝置10,以通知使用者卡片已進行更新。In addition, the card issuing server 28 of the present invention generates a card update information to the agency server after automatically updating the card data when the card data is expired or other unexpected conditions are updated. 22. The agency server 22 then passes the card update information to the authorized transfer center server 26, which authorizes the transfer center server 26 to pass the card update information to the merchant server 24, and the agent server 22 will present the card. The update information is passed to the user device 10 to inform the user that the card has been updated.

綜上所述,本發明可整合多種信用卡格式,發卡銀行以及多種付款的使用平台,提高使用的機動性。且本發明在登入信用卡以及付款時可對信用卡的卡號進行加密後,再傳送出去,避免卡號外洩,且登入信用卡時係透過發卡銀行直接對使用者進行身分核對,可強化持卡申請卡片時的安全性,避免卡號被盜用的風險,有效提高使用電子錢包的安全性。In summary, the present invention can integrate a variety of credit card formats, issuing banks and a variety of payment usage platforms to improve the mobility of use. Moreover, the invention can encrypt the card number of the credit card after logging in the credit card and payment, and then transmit the card number to avoid leakage of the card number, and the credit card is directly checked by the card issuing bank when the card is credited, and the card application card can be strengthened. The security, to avoid the risk of the card number being stolen, and effectively improve the security of using the electronic wallet.

唯以上所述者,僅為本發明之較佳實施例而已,並非用來限定本發明實施之範圍。故即凡依本發明申請範圍所述之特徵及精神所為之均等變化或修飾,均應包括於本發明之申請專利範圍內。The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention. Therefore, any changes or modifications of the features and spirits of the present invention should be included in the scope of the present invention.

1‧‧‧建立電子錢包系統1‧‧‧Create an electronic wallet system

10‧‧‧使用者裝置10‧‧‧User device

20‧‧‧卡片管理系統20‧‧‧Card Management System

22‧‧‧代理機構伺服器22‧‧‧ Agency Server

24‧‧‧商家伺服器24‧‧‧Business Server

26‧‧‧授權轉接中心伺服器26‧‧‧Authorized Transfer Center Server

28‧‧‧發卡伺服器28‧‧‧ card issuing server

第一圖係為本發明系統方塊圖。 第二圖係為本發明之申請電子錢包步驟流程圖。 第三圖係為本發明之另一實施例之系統方塊圖。 第四圖係為本發明之利用電子錢包付款步驟流程圖。 第五圖係為本發明之利用電子錢包付款之另一實施例步驟流程圖。The first figure is a block diagram of the system of the present invention. The second figure is a flow chart of the steps of applying for an electronic wallet of the present invention. The third figure is a system block diagram of another embodiment of the present invention. The fourth figure is a flow chart of the steps of using the electronic wallet to pay for the present invention. The fifth figure is a flow chart of another embodiment of the present invention for payment by electronic wallet.

Claims (19)

一種建立電子錢包系統,包括: 一代理機構伺服器,產生一申請程式以及至少一加密金鑰; 一使用者裝置,接收該加密金鑰以及該申請程式,以根據該申請程式需求輸入至少一卡片資料後,該使用者裝置利用該加密金鑰加密該卡片資料並產生一加密卡片資料,該加密卡片資料包括一核身指令; 至少一商家伺服器,接收該加密卡片資料,並將該加密卡片資料傳送出去; 一授權轉接中心伺服器,接收該商家伺服器之該加密卡片資料,並將該加密卡片資料傳遞至該代理機構伺服器,使該代理機構伺服器對該加密卡片資料進行解密,產生該卡片資料與該核身指令;以及 至少一發卡伺服器,接收該代理機構伺服器傳遞的的該卡片資料與該核身指令,並根據該核身指令認證該卡片資料,該卡片資料認證成功後,產生一認證成功資訊至該代理機構伺服器,使該代理機構伺服器根據該卡片資料產生對應之交易卡片資料至該使用者裝置顯示,提供使用者選擇該交易卡片資料請求付款。An electronic wallet system, comprising: an agency server, generating an application program and at least one encryption key; a user device receiving the encryption key and the application program to input at least one card according to the application requirement After the data, the user device encrypts the card data by using the encryption key and generates an encrypted card data, the encrypted card data includes a core command; at least one merchant server receives the encrypted card data, and the encrypted card The data is transmitted; an authorized transfer center server receives the encrypted card data of the merchant server, and transmits the encrypted card data to the agency server, so that the agent server decrypts the encrypted card data Generating the card data and the nuclear body command; and at least one card issuing server receiving the card data and the nuclear body command transmitted by the agency server, and authenticating the card data according to the nuclear body instruction, the card data After the authentication is successful, an authentication success message is generated to the agency server, so that The agency server device user generates a corresponding transaction data to the card based on the card information, the user selects the provided information request payment card transaction. 如請求項1所述之建立電子錢包系統,其中該發卡伺服器認證該卡片資料成功後,更產生一驗證碼至該使用者裝置顯示,提供使用者輸入該驗證碼至該代理機構伺服器,該代理機構伺服器接收到該驗證碼後,將該交易卡片資料傳送至該使用者裝置顯示。The electronic wallet system is established as described in claim 1, wherein after the card issuing server authenticates the card data, a verification code is generated to the user device display, and the user is provided to input the verification code to the agency server. After receiving the verification code, the agency server transmits the transaction card data to the user device for display. 如請求項2所述之建立電子錢包系統,其中該代理機構伺服器在該交易卡片資料傳送至該使用者裝置顯示後,該代理機構伺服器更產生一交易卡片資料下載完成資訊至該授權轉接中心伺服器,該授權轉接中心伺服器再將該交易卡片資料下載完成資訊傳送至該商家伺服器。The method as claimed in claim 2, wherein the agent server further generates a transaction card data download completion information to the authorization transfer after the transaction card data is transmitted to the user device for display. After receiving the central server, the authorized transfer center server transmits the transaction card data download completion information to the merchant server. 如請求項1所述之建立電子錢包系統,其中該代理機構伺服器接收到該認證成功資訊後,該代理機構伺服器更產生一進行製卡通知資訊至該授權轉接中心伺服器,其再將該進行製卡通知資訊傳送至該商家伺服器。If the e-wallet system is established as described in claim 1, after the agent server receives the authentication success information, the agent server further generates a card-making notification information to the authorized transfer center server, and then The card-making notification information is transmitted to the merchant server. 如請求項1所述之建立電子錢包系統,其中該卡片資料包括至少一卡片資料影像、信用卡號或使用者個人資料。The electronic wallet system is established as claimed in claim 1, wherein the card material includes at least one card data image, a credit card number, or a user profile. 如請求項1所述之建立電子錢包系統,其中該發卡伺服器更可產生一卡片更新資訊至該代理機構伺服器,其再將該卡片更新資訊傳送至該授權轉接中心伺服器,該授權轉接中心伺服器再將該卡片更新資訊傳送至該商家伺服器,且該代理機構伺服器可將該卡片更新資訊傳送至該使用者裝置。Establishing the electronic wallet system as claimed in claim 1, wherein the card issuing server further generates a card update information to the agency server, and then transmits the card update information to the authorized transfer center server, the authorization The transfer center server then transmits the card update information to the merchant server, and the agent server can transmit the card update information to the user device. 如請求項1所述之建立電子錢包系統,其中該使用者裝置選擇該交易卡片資料後產生一付款資訊,該使用者裝置並利用該加密金鑰將該付款資訊加密,產生一加密付款資訊至該授權轉接中心伺服器,該授權轉接中心伺服器透過該代理機構伺服器解碼該加密付款資訊後,產生該付款資訊至該發卡伺服器,該發卡伺服器認證該付款資訊成功後,產生一授權通知資訊至該授權轉接中心伺服器,該授權轉接中心伺服器再將該授權通知資訊傳送至該使用者裝置以及商家伺服器。The e-wallet system is configured as described in claim 1, wherein the user device selects the transaction card data to generate a payment information, and the user device encrypts the payment information by using the encryption key to generate an encrypted payment information to The authorized transfer center server, after the authorized transfer center server decodes the encrypted payment information through the proxy server, generates the payment information to the card issuing server, and the card issuing server authenticates the payment information successfully, and generates An authorization notification message is sent to the authorized transfer center server, and the authorized transfer center server transmits the authorization notification information to the user device and the merchant server. 如請求項1所述之建立電子錢包系統,其中使用者裝置更可產生一電子錢包碼,以將該電子錢包碼輸入一電腦裝置中,並在該使用者裝置選擇該交易卡片資料後產生一付款資訊,該使用者裝置並利用該加密金鑰將該付款資訊加密,產生一加密付款資訊至該授權轉接中心伺服器,該授權轉接中心伺服器透過該代理機構伺服器解碼該加密付款資訊後產生該付款資訊至該發卡伺服器,該發卡伺服器認證該付款資訊成功後,產生一授權通知資訊至該代理機構伺服器,再傳遞至該授權轉接中心伺服器,其再將該授權通知資訊傳送至該使用者裝置以及商家伺服器。The electronic wallet system is configured as described in claim 1, wherein the user device further generates an electronic wallet code to input the electronic wallet code into a computer device, and generates a message after the user device selects the transaction card data. Payment information, the user device encrypts the payment information by using the encryption key, and generates an encrypted payment information to the authorized transfer center server, and the authorized transfer center server decodes the encrypted payment through the proxy server After the information is generated, the payment information is generated to the card issuing server, and after the card issuing server authenticates the payment information, an authorization notification message is generated to the agent server, and then transmitted to the authorized transfer center server, and the Authorization notification information is transmitted to the user device and the merchant server. 如請求項1所述之建立電子錢包系統,其中該使用者裝置係為智慧型手機。The electronic wallet system is established as described in claim 1, wherein the user device is a smart phone. 如請求項1所述之建立電子錢包系統,其中該發卡伺服器透過一通訊裝置與一使用者核對身分。The electronic wallet system is established as described in claim 1, wherein the card issuing server checks the identity with a user through a communication device. 一種建立電子錢包方法,步驟包括: 在一使用者裝置輸入至少一卡片資料; 該使用者裝置利用一加密金鑰加密該卡片資料並產生一加密卡片資料,該加密卡片資料包含有一核身指令,該使用者裝置並將該加密卡片資料傳送至一卡片管理系統; 該卡片管理系統對該加密卡片資料進行解密,產生該卡片資料與該核身指令,使該卡片管理系統根據該核身指令,認證該卡片資料; 該卡片資料認證成功後,產生一認證成功資訊;以及 該卡片管理系統根據該卡片資料產生對應之交易卡片資料,並傳送該交易卡片資料至該使用者裝置並顯示該交易卡片資料,提供使用者選擇該交易卡片資料請求付款。A method for establishing an electronic wallet, the method comprising: inputting at least one card data in a user device; the user device encrypting the card data by using an encryption key and generating an encrypted card data, the encrypted card data comprising a core body instruction, The user device transmits the encrypted card data to a card management system; the card management system decrypts the encrypted card data, generates the card data and the nuclear body command, so that the card management system according to the nuclear body command, Authenticating the card data; after the card data is successfully authenticated, generating an authentication success message; and the card management system generates corresponding transaction card data according to the card data, and transmitting the transaction card data to the user device and displaying the transaction card Information, providing the user to select the transaction card information to request payment. 如請求項11所述之建立電子錢包方法,其中在卡片資料認證成功之步驟後,該卡片管理系統更產生一驗證碼至該使用者裝置,提供該使用者輸入該驗證碼至該使用者裝置後,該使用者裝置將該交易卡片資料顯示。The method for establishing an electronic wallet according to claim 11, wherein after the step of successfully authenticating the card data, the card management system further generates a verification code to the user device, and provides the user to input the verification code to the user device. Thereafter, the user device displays the transaction card data. 如請求項12所述之建立電子錢包方法,其中在該使用者裝置並顯示該交易卡片資料之步驟後,該卡片管理系統更產生一卡片下載完成資訊。The method for establishing an electronic wallet as claimed in claim 12, wherein the card management system further generates a card download completion information after the user device displays the transaction card data. 如請求項11所述之建立電子錢包方法,其中在產生該認證成功資訊之步驟後,該卡片管理系統更產生一進行製卡通知資訊。The method for establishing an e-wallet according to claim 11, wherein the card management system further generates a card-making notification information after the step of generating the authentication success information. 如請求項11所述之建立電子錢包方法,更包括該卡片管理系統產生一卡片更新資訊。The method for establishing an electronic wallet as claimed in claim 11, further comprising the card management system generating a card update information. 如請求項11所述之建立電子錢包方法,其中該卡片資料包括至少一卡片資料影像、信用卡號或使用者個人資料。The method for establishing an electronic wallet as claimed in claim 11, wherein the card material comprises at least one card data image, a credit card number or a user profile. 如請求項11所述之建立電子錢包方法,其中提供該使用者選擇該交易卡片資料請求付款之步驟中更包括: 在該使用者裝置選擇該交易卡片資料,產生一付款資訊; 該使用者裝置利用該加密金鑰將該付款資訊加密,產生一加密付款資訊; 該卡片管理系統接收該加密付款資訊並解碼該加密付款資訊,產生該付款資訊; 該卡片管理系統認證該付款資訊成功後,產生一授權通知資訊;以及 該卡片管理系統根據該授權通知資訊進行請款,並將該授權通知資訊傳遞至該使用者裝置。The method for establishing an electronic wallet according to claim 11, wherein the step of providing the user to select the transaction card data to request payment further comprises: selecting the transaction card data at the user device to generate a payment message; The payment information is encrypted by using the encryption key to generate an encrypted payment information; the card management system receives the encrypted payment information and decodes the encrypted payment information to generate the payment information; and the card management system authenticates the payment information and generates the payment information. An authorization notification information; and the card management system makes a payment according to the authorization notification information, and transmits the authorization notification information to the user device. 如請求項11所述之建立電子錢包方法,其中提供該使用者選擇該交易卡片資料請求付款之步驟中更包括: 該使用者裝置產生一電子錢包碼; 將該電子錢包碼輸入一電腦裝置中; 在該使用者裝置選擇該交易卡片資料,產生一付款資訊; 該使用者裝置利用該加密金鑰將該付款資訊加密,產生一加密付款資訊; 該卡片管理系統接收該加密付款資訊並解碼該加密付款資訊,產生該付款資訊; 該卡片管理系統認證該付款資訊成功後,產生一授權通知資訊;以及 該卡片管理系統根據該授權通知資訊進行請款,並將該授權通知資訊傳遞至該使用者裝置。The method for establishing an electronic wallet according to claim 11, wherein the step of providing the user to select the transaction card data to request payment further comprises: the user device generating an electronic wallet code; inputting the electronic wallet code into a computer device Selecting the transaction card data at the user device to generate a payment message; the user device encrypts the payment information by using the encryption key to generate an encrypted payment information; the card management system receives the encrypted payment information and decodes the Encrypting the payment information to generate the payment information; after the card management system authenticates the payment information, generating an authorization notification information; and the card management system makes a payment according to the authorization notification information, and transmits the authorization notification information to the use Device. 如請求項11所述之建立電子錢包方法,其中認證該卡片資料之步驟中,該卡片管理系統係透過通訊聯絡該使用者,以便與該使用者核對身分。The method for establishing an e-wallet according to claim 11, wherein in the step of authenticating the card data, the card management system contacts the user via communication to check the identity with the user.
TW106103360A 2017-01-26 2017-01-26 Electronic wallet system and method thereof effectively improve the safety of using the electronic wallet TW201828188A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW106103360A TW201828188A (en) 2017-01-26 2017-01-26 Electronic wallet system and method thereof effectively improve the safety of using the electronic wallet

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW106103360A TW201828188A (en) 2017-01-26 2017-01-26 Electronic wallet system and method thereof effectively improve the safety of using the electronic wallet

Publications (1)

Publication Number Publication Date
TW201828188A true TW201828188A (en) 2018-08-01

Family

ID=63960216

Family Applications (1)

Application Number Title Priority Date Filing Date
TW106103360A TW201828188A (en) 2017-01-26 2017-01-26 Electronic wallet system and method thereof effectively improve the safety of using the electronic wallet

Country Status (1)

Country Link
TW (1) TW201828188A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI695337B (en) * 2018-10-25 2020-06-01 玉山商業銀行股份有限公司 Method of binding a credit card and transaction system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI695337B (en) * 2018-10-25 2020-06-01 玉山商業銀行股份有限公司 Method of binding a credit card and transaction system

Similar Documents

Publication Publication Date Title
US11880815B2 (en) Device enrollment system and method
JP6603765B2 (en) Method and system for securely transmitting a remote notification service message to a mobile device without using a secure element
JP6889967B2 (en) Methods and systems for generating advanced storage keys on mobile devices without secure elements
US10592899B2 (en) Master applet for secure remote payment processing
US10515362B2 (en) Methods and apparatus for card transactions
CN102057386B (en) Trusted service manager (TSM) architectures and methods
KR101809221B1 (en) Method and system for secure authentication of user and mobile device without secure elements
JP2018522353A (en) Authentication system and method for server-based payment
CN108476227A (en) System and method for equipment push supply
WO2018040653A1 (en) Nfc-based off-line payment method
JP2016076262A (en) Method of paying for product or service in commercial website via internet connection and corresponding terminal
US20230179587A1 (en) Token processing system and method
TWI626606B (en) Electronic card establishment system and method thereof
TW201828188A (en) Electronic wallet system and method thereof effectively improve the safety of using the electronic wallet
TWM542199U (en) Electronic wallet creation system
TWM542814U (en) System of electronic card creation
TW201833833A (en) System for establishing electronic cards capable of encrypting the card information to effectively improve the security of data usage
US11250410B2 (en) Computer implemented method and a payment terminal for executing card present transaction dynamically from remote environment
AU2014202432A1 (en) Payment Transaction Techniques