TW202230260A - Inter-bank identity authentication system and method thereof in which an intermediary server is applied to transmit identity authentication data and result of comparison between a first financial institution server and a second financial institution server - Google Patents
Inter-bank identity authentication system and method thereof in which an intermediary server is applied to transmit identity authentication data and result of comparison between a first financial institution server and a second financial institution server Download PDFInfo
- Publication number
- TW202230260A TW202230260A TW110102852A TW110102852A TW202230260A TW 202230260 A TW202230260 A TW 202230260A TW 110102852 A TW110102852 A TW 110102852A TW 110102852 A TW110102852 A TW 110102852A TW 202230260 A TW202230260 A TW 202230260A
- Authority
- TW
- Taiwan
- Prior art keywords
- financial institution
- identity authentication
- institution server
- server
- financial
- Prior art date
Links
Images
Abstract
Description
本發明係有關一種新型的金流架構,特別是指一種跨行身分認證之系統及其方法。The present invention relates to a new type of cash flow structure, in particular to a system and method for cross-bank identity authentication.
隨著行動支付日漸盛行,金融機構提供客戶更多元、便捷的線上金融服務,客戶於線上辦理金融服務時,因不須臨櫃,故須線上進行客戶身份確認。例如在行動支付應用程式上認證一張金融卡時,由於金融卡綁定銀行帳戶,因此更需要嚴格確認使用行動支付應用程式的使用者是否為金融卡的持卡人本人。With the increasing popularity of mobile payment, financial institutions provide customers with more diverse and convenient online financial services. When customers apply for financial services online, they do not need to go to the counter, so they must confirm their identity online. For example, when authenticating a financial card on a mobile payment application, since the financial card is bound to a bank account, it is even more necessary to strictly confirm whether the user using the mobile payment application is the cardholder of the financial card.
而金融業線上的身分認證方式多元,舉凡硬體憑證簽章(如工商憑證、自然人憑證等)、一次性密碼、視訊會議、知識詢問等皆屬之,惟以晶片金融卡的身份認證,無法跨行進行認證。The online identity authentication methods in the financial industry are diverse, including hardware certificate signatures (such as industrial and commercial certificates, natural person certificates, etc.), one-time passwords, video conferences, knowledge inquiries, etc., but the identity authentication of the chip financial card cannot be used. Authenticate across banks.
因此,本發明針對上述習知技術之缺失及未來之需求,提出一種跨行身分認證之系統及其方法,具體架構及其實施方式將詳述於下:Therefore, the present invention proposes a system and method for cross-bank identity authentication in view of the above-mentioned deficiencies in the prior art and future needs. The specific architecture and implementation thereof will be described in detail below:
本發明之主要目的在提供一種跨行身分認證之系統及其方法,其提供中介伺服器介接多間金融機構伺服器,提供使用者線上進行金融卡身份認證之作業,不須臨櫃辦理。The main purpose of the present invention is to provide an inter-bank identity authentication system and method, which provide an intermediary server to interface with multiple financial institution servers, and provide users with online financial card identity authentication operations without going over the counter.
本發明之另一目的在提供一種跨行身分認證之系統及其方法,其提供插卡及無卡兩種認證方式,皆可確認使用者的身分認證資料是否與開戶時提供的個人資料一致。Another object of the present invention is to provide a system and method for cross-bank identity authentication, which provides two authentication methods of inserting a card and not having a card.
為達上述目的,本發明提供一種跨行身分認證之系統,包括:一第一金融機構伺服器,儲存一使用者之複數個人資訊;一第二金融機構伺服器,接受使用者輸入之複數身份認證資訊並傳輸出去;以及一中介伺服器,訊號連接第一金融機構伺服器及第二金融機構伺服器,接收第二金融機構伺服器所傳送的身份認證資訊後,轉傳到第一金融機構伺服器以與個人資訊進行比對,並將比對結果透過中介伺服器回傳給第二金融機構伺服器,於線上完成使用者之身份認證。In order to achieve the above object, the present invention provides an inter-bank identity authentication system, comprising: a first financial institution server, which stores multiple personal information of a user; and a second financial institution server, which accepts multiple identity authentications input by the user and an intermediary server, the signal is connected to the first financial institution server and the second financial institution server, and after receiving the identity authentication information sent by the second financial institution server, it is transmitted to the first financial institution server. The device compares with the personal information, and sends the comparison result back to the server of the second financial institution through the intermediary server to complete the user's identity authentication online.
依據本發明之實施例,個人資訊為使用者在第一金融機構伺服器開戶時所留存者。According to an embodiment of the present invention, the personal information is stored when the user opens an account on the server of the first financial institution.
依據本發明之實施例,第二金融機構伺服器更連接至一實體或網路自動櫃員機(ATM),自動櫃員機接收使用者插入之一金融卡,並將一交易代號、一交易金額、一銀行帳號、身份認證資訊等傳入金融卡的晶片中進行簽署,產生對應之一金融卡交易驗證碼(Transaction Authentication Code, TAC)。According to an embodiment of the present invention, the second financial institution server is further connected to a physical or network automated teller machine (ATM), and the ATM receives a financial card inserted by the user, and sends a transaction code, a transaction amount, a bank The account number, identity authentication information, etc. are transferred into the chip of the financial card for signing, and a corresponding transaction authentication code (TAC) of the financial card is generated.
依據本發明之實施例,金融卡為第一金融機構伺服器所核發,自動櫃員機將身份認證資訊及金融卡交易驗證碼傳送至第二金融機構伺服器,再透過中介伺服器傳送到第一金融機構伺服器進行驗證。According to an embodiment of the present invention, the financial card is issued by the first financial institution server, and the ATM transmits the identity authentication information and the financial card transaction verification code to the second financial institution server, and then transmits it to the first financial institution through the intermediary server. Organization server for verification.
依據本發明之實施例,第一金融機構伺服器接收到身份認證資訊及金融卡交易驗證碼後,先驗證金融卡交易驗證碼之合法性,再將身分認證資訊與個人資訊進行比對。According to an embodiment of the present invention, after receiving the identity authentication information and the financial card transaction verification code, the first financial institution server verifies the legality of the financial card transaction verification code, and then compares the identity authentication information with the personal information.
依據本發明之實施例,第一金融機構伺服器驗證使用者的身份後,第二金融機構伺服器發送一則一次性密碼簡訊給使用者進行確認。According to an embodiment of the present invention, after the first financial institution server verifies the user's identity, the second financial institution server sends a one-time password short message to the user for confirmation.
依據本發明之實施例,第二金融機構伺服器為一代理銀行伺服器。According to an embodiment of the present invention, the second financial institution server is an agent bank server.
本發明另提供一種跨行身分認證之方法,包括下列步驟:於一第一金融機構伺服器中儲存一使用者之複數個人資訊;當一第二金融機構伺服器接受使用者輸入之複數身份認證資訊時,第二金融機構伺服器將身分認證資訊傳輸到一中介伺服器;中介伺服器將身份認證資訊轉傳到第一金融機構伺服器,於第一金融機構伺服器中將身份認證資訊與個人資訊進行比對;以及第一金融機構伺服器將比對之結果透過中介伺服器回傳給第二金融機構伺服器,於線上完成使用者之身份認證。The present invention further provides a method for cross-bank identity authentication, comprising the following steps: storing a plurality of personal information of a user in a first financial institution server; when a second financial institution server accepts the plurality of identity authentication information input by the user When , the second financial institution server transmits the identity authentication information to an intermediary server; the intermediary server transmits the identity authentication information to the first financial institution server, and the identity authentication information is associated with the individual in the first financial institution server The information is compared; and the first financial institution server sends the comparison result back to the second financial institution server through the intermediary server to complete the user's identity authentication online.
本發明提供一種跨行身分認證之系統及其方法,請同時參考第1圖,其為本發明跨行身分認證之系統10之方塊圖。本發明跨行身分認證之系統10包括複數第一金融機構伺服器12、一中介伺服器14及複數第二金融機構伺服器。第一金融機構伺服器12為提供多元金融服務之代理銀行伺服器,亦可為電子支付機構合作的代理銀行。中介伺服器14為一具有公信力的第三方平台,且為金融機構平台,將各代理銀行伺服器(即第一金融機構伺服器12)與各第二金融機構伺服器16介接,提供安全又具有公信力的資料傳輸。第二金融機構伺服器16在本發明中為發卡銀行,其中儲存了使用者開戶時留存的複數個人資訊。The present invention provides an inter-bank identity authentication system and method thereof. Please also refer to FIG. 1 , which is a block diagram of the inter-bank
當使用者要進行跨行認證時,例如在一金融機構或電子支付機構之應用程式中,要線上認證使用者身份,必須向第一金融機構伺服器12確認該使用者的個人資訊的有效性。第二金融機構伺服器12接受使用者輸入之複數身份認證資訊後,傳輸到中介伺服器14。中介伺服器14訊號連接第一金融機構伺服器12及第二金融機構伺服器16,接收第二金融機構伺服器16所傳送的身份認證資訊後,轉傳到第一金融機構伺服器12以與個人資訊進行比對,並將比對結果透過中介伺服器14回傳給第二金融機構伺服器16,於線上完成使用者之身份認證。When a user needs to perform cross-bank authentication, for example, in an application of a financial institution or an electronic payment institution, to authenticate the user's identity online, the first
本發明中包括無卡核驗及插卡核驗二種跨行身份認證的方式。請同時參考第2圖,其為本發明跨行身分認證之方法中無卡核驗之流程圖。無卡核驗時使用者是在行動裝置上進行操作。首先步驟S10,於第一金融機構伺服器12中儲存一使用者之複數個人資訊;步驟S12中,使用者在第二金融機構伺服器16提供的使用者介面上輸入複數身份認證資訊,此使用者介面可為行動裝置上顯示的第二金融機構的認證網頁。當第二金融機構伺服器16接受使用者輸入之身份認證資訊時,第二金融機構伺服器16將身分認證資訊傳輸到中介伺服器14。接著於步驟S14中,中介伺服器14將身份認證資訊轉傳到第一金融機構伺服器16,於第一金融機構伺服器16中將身份認證資訊與儲存的個人資訊進行比對,判斷是否一致,以確認身份認證資訊的有效性;最後於步驟S16中,第一金融機構伺服器12將比對之結果透過中介伺服器14回傳給第二金融機構伺服器16,於線上完成使用者之身份認證。The present invention includes two cross-bank identity authentication modes: no-card verification and card-inserted verification. Please also refer to FIG. 2 , which is a flow chart of card-free verification in the method of cross-bank identity authentication of the present invention. The user is operating on a mobile device when there is no card verification. First, in step S10, a plurality of personal information of a user is stored in the first
在上述步驟S16中,第一金融機構伺服器12驗證使用者的身份無誤後,第二金融機構伺服器16接收到比對結果,會發送一個一次性密碼簡訊給使用者進行確認,以確保無卡核驗的對象的確是使用者本人。In the above step S16, after the first
接著說明本發明之另一實施例。請參考第3圖,其為本發明跨行身分認證之方法中插卡核驗之流程圖。此實施例必需插卡操作,例如將金融卡插入實體自動櫃員機或網路自動櫃員機。在網路自動櫃員機的情況下,使用者備有訊號連接電腦的讀卡機,並操作該電腦連線至第二金融機構伺服器16所提供的網站,以操作該網站上的網路ATM服務。前述實體或網路自動櫃員機經由網際網路與第二金融機構伺服器16連線並交換訊息。首先步驟S20,於第一金融機構伺服器12中儲存一使用者之複數個人資訊。步驟S22中,自動櫃員機接收使用者插入之一金融卡,並將一交易代號、一交易金額、一銀行帳號、身份認證資訊等傳入金融卡的晶片中進行簽署,產生對應之一金融卡交易驗證碼。接著步驟S24中,自動櫃員機將身份認證資訊及金融卡交易驗證碼傳送至第二金融機構伺服器16,第二金融機構伺服器16再傳送到中介伺服器14。接著於步驟S26中,中介伺服器14將身份認證資訊及金融卡交易驗證碼轉傳到第一金融機構伺服器16,於第一金融機構伺服器16中將身份認證資訊與儲存的個人資訊進行比對,判斷是否一致,以確認身份認證資訊的有效性;最後於步驟S28中,第一金融機構伺服器12將比對之結果透過中介伺服器14回傳給第二金融機構伺服器16,於線上完成使用者之身份認證。Next, another embodiment of the present invention will be described. Please refer to FIG. 3 , which is a flowchart of card insertion verification in the method of cross-bank identity authentication of the present invention. This embodiment requires a card insertion operation, such as inserting a financial card into a physical ATM or a network ATM. In the case of a network ATM, the user prepares a card reader with a signal to connect the computer, and operates the computer to connect to the website provided by the second
在上述步驟S26中,第一金融機構伺服器12接收到身份認證資訊及金融卡交易驗證碼後,會先驗證金融卡交易驗證碼之合法性,若金融卡交易驗證碼是合法的,才會接著將身分認證資訊與個人資訊進行比對。若金融卡交易驗證碼不合法,則直接交易失敗。In the above step S26, after receiving the identity authentication information and the financial card transaction verification code, the first
綜上所述,藉由本發明所提供之跨行身分認證之系統及其方法,當使用者至金融機構(包含電子支付機構)申請需要進行跨行認證的各項金融服務時,可透過插卡或無卡等兩種方式進行檢核。具體地,核驗使用者開戶時留存的個人資料,例如帳號、行動電話號碼、生日等可供識別的資訊;亦可檢核使用者的存款帳戶是否為臨櫃開立,若是,則可供作後續使用者線上開戶之準據,依據「銀行受理客戶以往路方式開立數位存款帳戶作業範本」第四條第四款第(一)目提到:「以本人(須含統一編號)之存款帳戶、信用卡或其他經主管機關認定之金融支付工具為限,但不包含未以臨櫃方式開立之存款帳戶…」。如此一來,本發明提供之線上使用者身份資訊、金融資訊屬性及其有效性的認證,能有效解決當今技術無法克服的難點,從而顯著提升電子支付的使用率。To sum up, with the system and method for inter-bank identity authentication provided by the present invention, when a user applies to a financial institution (including an electronic payment institution) for various financial services that require inter-bank authentication, the user can insert a card or without Cards are checked in two ways. Specifically, verify the personal data retained by the user when opening an account, such as account number, mobile phone number, birthday and other identifiable information; it can also verify whether the user's deposit account is open over the counter, if so, it can be used for The criteria for subsequent users to open an online account shall be based on the "Operation Template for Banks Accepting Customers to Open Digital Deposit Accounts by the Way of the Road" as mentioned in item (1) of Article 4, Paragraph 4: "Deposits made in person (must include a uniform number)" Accounts, credit cards or other financial payment instruments recognized by the competent authority are limited, but do not include deposit accounts that have not been opened through the counter…”. In this way, the authentication of online user identity information, financial information attributes and their validity provided by the present invention can effectively solve the difficulties that cannot be overcome by current technology, thereby significantly improving the utilization rate of electronic payment.
唯以上所述者,僅為本發明之較佳實施例而已,並非用來限定本發明實施之範圍。故即凡依本發明申請範圍所述之特徵及精神所為之均等變化或修飾,均應包括於本發明之申請專利範圍內。Only the above descriptions are only preferred embodiments of the present invention, and are not intended to limit the scope of the present invention. Therefore, all equivalent changes or modifications made according to the features and spirits described in the scope of the application of the present invention shall be included in the scope of the application for patent of the present invention.
10:跨行身分認證之系統 12:第一金融機構伺服器 14:中介伺服器 16:第二金融機構伺服器 10: Cross-bank identity authentication system 12: First Financial Institution Server 14: Mediation server 16: Second Financial Institution Server
第1圖為本發明跨行身分認證之系統之方塊圖。 第2圖為本發明跨行身分認證之方法中無卡核驗之流程圖。 第3圖為本發明跨行身分認證之方法中插卡核驗之流程圖。 FIG. 1 is a block diagram of the system for cross-bank identity authentication according to the present invention. Fig. 2 is a flow chart of card-free verification in the method of cross-bank identity authentication of the present invention. FIG. 3 is a flow chart of card insertion verification in the method of cross-bank identity authentication of the present invention.
10:跨行身分認證之系統 10: Cross-bank identity authentication system
12:第一金融機構伺服器 12: First Financial Institution Server
14:中介伺服器 14: Mediation server
16:第二金融機構伺服器 16: Second Financial Institution Server
Claims (13)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW110102852A TW202230260A (en) | 2021-01-26 | 2021-01-26 | Inter-bank identity authentication system and method thereof in which an intermediary server is applied to transmit identity authentication data and result of comparison between a first financial institution server and a second financial institution server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW110102852A TW202230260A (en) | 2021-01-26 | 2021-01-26 | Inter-bank identity authentication system and method thereof in which an intermediary server is applied to transmit identity authentication data and result of comparison between a first financial institution server and a second financial institution server |
Publications (1)
Publication Number | Publication Date |
---|---|
TW202230260A true TW202230260A (en) | 2022-08-01 |
Family
ID=83782563
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW110102852A TW202230260A (en) | 2021-01-26 | 2021-01-26 | Inter-bank identity authentication system and method thereof in which an intermediary server is applied to transmit identity authentication data and result of comparison between a first financial institution server and a second financial institution server |
Country Status (1)
Country | Link |
---|---|
TW (1) | TW202230260A (en) |
-
2021
- 2021-01-26 TW TW110102852A patent/TW202230260A/en unknown
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11836724B2 (en) | Systems and methods for performing ATM fund transfer using active authentication | |
US20220414629A1 (en) | Systems and methods for performing atm fund transfers using active authentication | |
US10453062B2 (en) | Systems and methods for performing person-to-person transactions using active authentication | |
AU2010256666B2 (en) | System and method for providing authentication for card not present transactions using mobile device | |
US7444676B1 (en) | Direct authentication and authorization system and method for trusted network of financial institutions | |
KR100994289B1 (en) | Mobile account authentication service | |
US20060173776A1 (en) | A Method of Authentication | |
US20200327513A1 (en) | Authorization system using partial card numbers | |
US20090292642A1 (en) | Method and system for automatically issuing digital merchant based online payment card | |
CA2777799A1 (en) | Anti-phishing system and method including list with user data | |
CA2686280A1 (en) | Method and system for payment authorization and card presentation using pre-issued identities | |
US20120239570A1 (en) | Systems and methods for performing ATM transactions using active authentication | |
JP2019525645A (en) | Cryptographic authentication and tokenized transactions | |
US20130185207A1 (en) | Method and system for online authentication using a credit/debit card processing system | |
TWM637453U (en) | Fido identity verification system based on chip financial card | |
TW202230260A (en) | Inter-bank identity authentication system and method thereof in which an intermediary server is applied to transmit identity authentication data and result of comparison between a first financial institution server and a second financial institution server | |
US11574310B2 (en) | Secure authentication system and method | |
TWM613951U (en) | Cross-bank identity authentication system | |
TWI815638B (en) | Fido identity verification method and system based on chip financial card | |
TWI801744B (en) | Financial transaction device, method and system with non-contact authentication function | |
AU2008254851B2 (en) | Method and system for payment authorization and card presentation using pre-issued identities | |
Rathour | Review of 3-D Secure Protocol | |
KR20070107895A (en) | A phone-banking auto calling system on the internet banking and finance dealing method using the same |