CN101034463A - Internet bank safety login system and implantation method thereof - Google Patents
Internet bank safety login system and implantation method thereof Download PDFInfo
- Publication number
- CN101034463A CN101034463A CNA2007100391043A CN200710039104A CN101034463A CN 101034463 A CN101034463 A CN 101034463A CN A2007100391043 A CNA2007100391043 A CN A2007100391043A CN 200710039104 A CN200710039104 A CN 200710039104A CN 101034463 A CN101034463 A CN 101034463A
- Authority
- CN
- China
- Prior art keywords
- user
- information
- corresponding tables
- correspondence code
- mobile phone
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a safe landing Internet banking system and implementation method, involving an authentication system of login information, the specific application in landing operation on internet banking. Use of the invention, obtained landing system information, is the corresponding code and landing information after converting a corresponding table, and, the table issued by the system is random, and also can send correspondence table information to mobile phones and other handheld terminal according to the needs of users. Therefore, when user is in the landing of internet banking, the form of card number and bank card passwords, and other information in landing is the corresponding code information. Even if the landing information of corresponding code being gained by bad consumer, he has no way to learn consumer's the original standards landing information. Therefore, the invention offers users a secure landing information input channel of internet banking.
Description
Technical field
The present invention relates to a kind of Verification System of log-on message, specifically be applied to the logon operation of Web bank.
Background technology
People often need various authorization identifyings in live and work, or authentication etc.Bank system of web particularly, existing multiple unsafe factor has at present greatly influenced the development of Web bank, online electronic transaction, has also caused loss and inconvenience to the user simultaneously.The present invention seeks a kind of safe Web bank and lands approach.
Summary of the invention
The purpose of this invention is to provide the implementation method that a kind of Web bank lands safely system and system, in this system and method, Web bank's logon information that the user imported, be through the correspondence code logon information after the corresponding tables conversion, steal user's primary standard logon information in order to prevent bad user.
The pairing system of a kind of log-on message, it is so realized, this system comprises: financial server, include the operation processing unit that can generate corresponding tables by computing, store the storer of accounts database and correspondence code database, and in order to generating the correspondence code scrambler of corresponding tables, and correspondence code demoder in order to the correspondence code logon information is decoded; Landing terminal, is to be packaged with display screen, in order to the terminal device of the Web bank's login page that includes corresponding tables to be provided to the user; Communication network is to be connected server and to land the communication between terminals network, and information communication between the two is provided.
The implementation method of the pairing system of a kind of log-on message, the system described in corresponding the preceding paragraph, it realizes that so this method includes following step: step 1, financial server adopt the correspondence code scrambler to generate corresponding tables; Step 2 is sent to login terminal with Web bank's login page through communication network with corresponding tables; Step 3, login terminal receive the Web bank's log-on message after the changing by corresponding tables of user's input; Step 4 is sent to financial server through communication network with user's log-on message; Step 5, logon information and standard logon information with the user in financial server compare; Step 6 is relatively by the transmission authorization page of back financial server to the login terminal; Step 7 is not more passed through, and financial server lands the wrong page to landing the terminal transmission.
The pairing system of a kind of log-on message, it can also so be realized, this system comprises: financial server, include the operation processing unit that can generate corresponding tables by computing, store the storer of accounts database and correspondence code database, and in order to generating the correspondence code scrambler of corresponding tables, and correspondence code demoder in order to the correspondence code logon information is decoded; PC is can obtain login page to offer user's terminal device from server; Mobile phone is to receive the portable handheld terminal of corresponding tables information from server, and is packaged with in order to show the display screen of corresponding tables information; Communication network is the communication network that is connected between server and the PC, includes the internet that is connected with PC, and is to be connected in communication network between mobile phone and the server, includes the mobile radio communication that is connected with mobile phone.
The implementation method of the pairing system of a kind of log-on message, the system described in corresponding the preceding paragraph, it realizes that so this method includes following step: step 1, financial server is sent to PC with Web bank's login page; Step 2, financial server receives user's mobile phone information; Step 3, financial server is sent to corresponding tables in the mobile phone through mobile radio communication; Step 4, PC receive the user by the log-on message after the corresponding tables conversion; Step 5 is sent to financial server by communication network with user login information; Step 6 compares user's logon information and standard logon information; Step 7 relatively sends authorization message by the back financial server to PC; Step 8 is not more passed through, and financial server sends to PC and lands error message.
Utilize the present invention, the logon information that system obtained is through the correspondence code logon information after the corresponding tables conversion, and, the corresponding tables that system sent has randomness, and can also send corresponding tables information in handheld terminals such as mobile phone according to user's needs.So when the user went to bank at debarkation net, the form of information such as bank card number of being imported and bank card password was the correspondence code logon information.Even if this correspondence code logon information is obtained by bad user, bad user also can't be known user's primary standard logon information.So the present invention provides a kind of import pathway of safe Web bank's logon information for the user.
Description of drawings
The present invention will be described in more detail below in conjunction with accompanying drawing.
What Fig. 1 described is a login page of Web bank among the present invention.
Fig. 2 a is in the Web bank of the present invention login page, has the former item parts of landing of landing content, and is corresponding with embodiment shown in Figure 1.
Fig. 2 b is in the Web bank of the present invention login page, has the item parts of landing of landing content after corresponding tables is handled, and is corresponding with embodiment shown in Figure 1.
Fig. 3 a is among the present invention, and the embodiment of a kind of corresponding relation between user name true form and the user name correspondence code is corresponding with Fig. 2 a, Fig. 2 b.
Fig. 3 b is among the present invention, and the embodiment of a kind of corresponding relation between password true form and the password correspondence code is corresponding with Fig. 2 a, Fig. 2 b.
Fig. 4 is the process flow diagram that carries out the logon information input among the present invention from user perspective.
Fig. 5 is the structured flowchart that Web bank of the present invention lands safely system.
Fig. 6 is the process flow diagram that Web bank of the present invention lands safely the implementation method of system, and is corresponding with system shown in Figure 5.
What Fig. 7 a described is a login page of Web bank among the present invention, is other embodiment.
Fig. 7 b be among the present invention in order to the synoptic diagram of the mobile phone that obtains corresponding tables, corresponding with the embodiment shown in Fig. 7 a.
Fig. 8 is the process flow diagram that enters the logon information input among the present invention from user perspective, and is corresponding with the embodiment shown in Fig. 7 a, Fig. 7 b.
Fig. 9 is the structured flowchart that Web bank of the present invention lands safely system, and is corresponding with the embodiment shown in Fig. 7 a, Fig. 7 b.
Figure 10 is the process flow diagram that Web bank of the present invention lands safely the implementation method of system, and is corresponding with system shown in Figure 9.
Embodiment
Number designation explanation among the figure:
100-logins terminal, 101-PC, 102-computer display screen, 103-login page; The 200-entry, 201-user name entry, 202-password entry, the 203-user name, the 204-password, 205a-user name true form, 205b-password true form, the 206-mobile phone lands item; The 300-corresponding tables, 301-true form, 302-correspondence code, 303a-user name correspondence code, 303b-password correspondence code; The 500-financial server, 501-operation processing unit, 502-storer, 503-correspondence code scrambler, 504-correspondence code demoder, 505-accounts database, 506-correspondence code database; The 600-communication network, 601-internet, 602-mobile radio communication; The 800-mobile phone, 801-display screen of mobile telephone, 802-communication keypad, 803-mobile phone receiver, 804-microphone.
The explanation of Fig. 1, Fig. 2 a, Fig. 2 b, Fig. 3 a, Fig. 3 b:
Join shown in Figure 1ly, this is a login terminal 100, utilizes login terminal 100, and the user can import logon information in entry 200, to realize the specific purpose of landing.In the present invention, login terminal 100 is meant PC (PC) 101 especially; In addition, mobile phone that can internet login also can be used as and lands terminal 100.What in the following description, login terminal 100 referred to is exactly PC 101.
Described entry 200 refers to the user when logging in to online banks, the input field of the authentication information that should import.In the present invention, the authentication information form mainly is a character, particularly numeral.Such as, bank card number, bank card password etc. all adopt numeral to explain.
Join shown in Figure 1ly, on PC 101, be provided with computer display screen 102.Utilize computer display screen 102, can show login page 103; And in login page 103, show the information that comprises entry 200.This login page 103 realizes that by webpage webpage refers to the page in the internet, has unique address (URL).Certainly, login page 103 also has other multiple implementation, such as, can also on the handheld terminal of mobile phone one class, realize not limiting login page 103 etc.
In the present embodiment, entry 200 places are provided with user name entry 201 and 202 two input fields of password entry.Certainly, other way of realization is multiple in addition, such as, also can only adopt the input field of both one of username and password, also can set up other input field, be used for the input field of input validation sign indicating number such as increase,, or the like, do not limit.Described here user name is landed item 201, as the logon information of Web bank, is meant bank card number especially; And password lands item 202, is meant bank card password especially.In addition,, also have other input field according to actual conditions, such as, for credit card, also can allow the user import the term of validity of credit card sometimes, and the three-figure code on the credit card (normally three figure places, but do not limit).
As notable feature of the present invention, in login page 103, be provided with corresponding tables 300.Described corresponding tables 300 refers to the content-form of being made up of true form 301 and supporting correspondence code 302.Between true form 301 and the correspondence code 302, corresponding relation is arranged, be fit to adopt the form of form to express, like this can be very clear, can certainly adopt other any form to express, " corresponding tables " is a notion widely.
Be fit to adopt one-to-one relationship between true form 301 and the correspondence code 302, certainly, also do not limit.As an example, join shown in Figure 1ly, the character in the true form 301 is to adopt Digital Implementation, and its digital content is respectively " 0,1,2,3,4,5,6,7,8,9 "; In supporting correspondence code 302, character also is to adopt Digital Implementation, and its digital content is respectively " 2,5,8,1,9,0,4,3,6,7 ", has one-to-one relationship between the two, and does not have repeated content.Particularly, its corresponding relation is: 0 correspondence, 2,1 correspondences, 5,2 correspondences, 8,3 correspondences, 1,4 correspondence, 9,5 correspondences, 0,6 correspondence, 4,7 correspondences, 3,8 correspondences, 6,9 correspondences 7.
The effect of corresponding tables 300 is: can with land in 200 the former logon information that should import, by the corresponding relation between true form and the correspondence code, convert the correspondence code logon information of forming by correspondence code to.Described former logon information by the logon information that true form is formed, specifically refers under the situation of normally landing of user before utilizing the present invention, is the content-form of realizing that authentication purpose is imported in landing item; It mainly is character style.In the present invention, former logon information is meant Financial Information projects such as the bank card number do not used before the present invention, bank card password especially.
The benefit of this input mode is: the user is input to the Financial Information that lands in the item 200, it is conversion correspondence code message form afterwards, by the bad behavior that the mode of monitor user ' input content is stolen user login information, good preventive effect is arranged for those.Illustrate below.
Shown in the ginseng Fig. 2 a, in user name entry 201, user's input has user name 203 pairing primary standard contents, because this content is made up of character style originally, so be called user name true form 205a.As an example, the content of this user name true form 205a is " 9675824607239021 ", can suppose that it is a bank card number.In password entry 202, the message form of its password 204 is original characters of password, is called password true form 205b.As an example, the content of this password true form 205b is " 124589 ", can suppose that it is a bank card password.Right user name true form 205a and password true form 205b are referred to as the primary standard logon information.
Shown in ginseng Fig. 3 a, user name true form 205a is user name correspondence code 303a by after corresponding tables 300 conversions.Shown in the ginseng figure, user name true form 205a is 9675824607239021, after conversion, is character " 7430689423817285 ".
Similarly, password true form 205b has generated password correspondence code 303b through after the conversion.Shown in ginseng Fig. 3 b, character " 124589 ", converts to after the password correspondence code 303b according to the corresponded manner in the corresponding tables 300 as password true form 205b, and its content-form is " 589067 ".
Shown in ginseng Fig. 2 b, in entry 200, do not input user name true form 205a and password true form 205b, what imported all is conversion correspondence code form afterwards, is respectively user name correspondence code 303a and password correspondence code 303b.Right user name correspondence code 303a and password correspondence code 303b are referred to as correspondence code standard logon information.As the basis, as an example, the content of user name correspondence code 303a is " 7430689423817285 " with the illustrated content of Fig. 1, Fig. 2 a, Fig. 3 a, Fig. 3 b of front, and the content of password correspondence code 303b is " 589067 ".
Correspondence code standard logon information after these are changed by corresponding tables 300 has not been seen the true colours of character in the primary standard logon information.So, when the user adopts this method debarkation net to go to bank, can protect the crucial Financial Information such as bank card number, bank card password of oneself effectively.
The form of corresponding tables will have randomness, can comprise the primary standard logon information effectively like this.In the corresponding tables, between true form and the correspondence code, outside the corresponded manner except " all employing is digital, and corresponding one to one, and does not have to repeat ", also have the multiple of other, give an example below.
A when true form repeats to import, adopts different correspondence codes by its multiplicity in logon information, and corresponding one to one between former input code and the correspondence code.In this case, true form is if adopt 0~9 numeral, and correspondence code need increase character, such as, on the basis of numeral, increase letter (as the Latin alphabet).Such as, in the numeral " 9559914123490 ", " 9 " have occurred three times, and " 5 " have occurred twice, and " 1 " has occurred twice, and " 4 " have occurred twice; If, the correspondence code of the true form " 9 " that occurs is a numeral " 3 " for the first time, the correspondence code of the true form " 9 " that occurs is a letter " m " for the second time, the correspondence code of the true form of Chu Xianing " 9 " is a letter " h " for the third time, so, this form can avoid other people to seek repeated content fully from the correspondence code logon information, helps maintaining secrecy of primary standard logon information.
B, true form is non-corresponding one to one with correspondence code, because among correspondence code, is provided with superfluous bit code, and superfluous bit code is not corresponding with true form, only is used for mixing number after the input.
Such as, the conversion regime " 124589 " of pressing corresponding tables among the figure is " 589067 " after conversion.When the user imports, corresponding tables also can provide superfluous bit code nonsensical but that can make up the number, if the superfluous bit code that is provided is " a ", " b ", the position can be any.The user can import " 589a06b7 " so, or " 5aa890bbb67 ", though form is different, and input effect unanimity.Owing to increased superfluous bit code, can hidden better primary standard logon information, because other people do not know which input content is superfluous bit code.
C in the pairing input content of former logon information, can partly adopt correspondence code input.Such as numeral " 9559914123490 ", can only utilize corresponding tables to change back six bit digital " 123490 ", and the numeral of front " 9559914 " keep former character content.This mode can reduce the user and utilize corresponding tables to carry out the workload of correspondence code conversion.
D, in including the former logon information of user name and password, user name and password one adopt the correspondence code input.Among the previously described embodiment, user name and password all utilize corresponding tables to change.In addition, also can a converting users name and password one, when bad user only know user's user name or password one of them the time, can not form complete correct logon information, still do not have what usefulness.
Between the different users, the content of the corresponding tables that is generated allows to have the repetition of randomness, but does not preferably repeat.
If in the corresponding tables 300, corresponding one by one between true form 301 and the correspondence code 302, and different, and true form and correspondence code are 0~9 numeral, its possible number just have " 9!=362880 " plant.If between true form 301 and the correspondence code 302, allow the identical content part, the kind of possible number also can further increase.If true form 301, correspondence code 301 are to add the letter (as English alphabet) from numeral to select, kind is just more.
For same PC 101, each corresponding tables that obtains does not repeat in the number of times that allows.As can be seen, financial server can provide the corresponding tables with height random for same PC 101 fully.Like this, the each employed corresponding tables 300 of the user of same terminal device, its form should be different, so, even if the correspondence code logon information after corresponding tables 300 conversions is spied upon by bad user, bad user can't crack the primary standard logon information there not being supporting corresponding tables information, and the user just can not cause damage yet.Because the content of the corresponding tables 300 of next time changes, need the correspondence code standard logon information of input also correspondingly to change.
The user can re-enter an information of landing, up to successfully login; Certainly, system can be set in the unit interval, and the number of times of the log-on message that the user can import prevents that bad user from utilizing program language to land trial, or other form crack trial.
Simultaneously, a corresponding tables can be provided with effective storage life.Such as, the effective storage life of corresponding tables can be 15 minutes, above behind this effective storage life, this corresponding tables that is directed to the specific user is promptly cancelled.
In addition, described corresponding tables, for the convenience of explaining, can be as shown in Figure 1, with the form appearance of form; Certainly, corresponding tables is a notion widely in the present invention.Further, true form and correspondence code can also adopt the expression of different colours; Such as, true form adopts red, and correspondence code adopts black, like this, helps to distinguish better true form and correspondence code.
The explanation of Fig. 4:
Join shown in Figure 4ly, it has illustrated that the user utilizes the mode of corresponding tables transitional information to carry out the use of register.Below, be that clue describes according to its main step.
Above using method illustrates that the user adopts the corresponding tables form to carry out the main process of log-on message input operation.
The explanation of Fig. 5:
Shown in the ginseng figure, illustrated that here Web bank of the present invention lands safely a kind of embodiment of system.In the present embodiment, this system mainly includes three parts, is respectively financial server 500, communication network 600, and lands terminal 100.
Described financial server 500, it has the corresponding tables generative capacity, and the authentication capability of user login information, is the primary structure that is used to realize native system.
In native system, financial server 500 at first includes operation processing unit 501 and storer 502.Operation processing unit 501 wherein by the operation processing structure that arithmetic processor is formed, can be carried out computing, processing to various data.Storer 502 wherein can store various kinds of data information, and program information etc.In storer 502, include the data content of two aspects at least, be respectively accounts database 505 and corresponding tables database 506.Accounts database 505 wherein stores corresponding the bank account information of different user, such as bank card number, and corresponding bank card password, remaining sum, deposit record, withdrawl deposit record, information such as transaction payment record.Corresponding tables database 506 wherein, the system of including is directed to the corresponding tables information that the specific user generates.
By storer 502 and operation processing unit 501, also to realize the function of correspondence code scrambler 503.Described correspondence code scrambler 503 is to adopt random fashion, is directed to different user's requests, edits out the corresponding tables with randomness, shows for different login pages.
In addition, utilize storer 502 and operation processing unit 501, also can realize the function of correspondence code demoder 504, this function can be set as required.Described correspondence code demoder 504 can be decoded to the correspondence code log-on message that the user imports by login page, is reduced into the true form logon information, when decoding, call corresponding tables database 506.
Web bank's log-on message that the user imported just can carry out verification by financial server 500 by after 504 decodings of correspondence code demoder.Concrete mode is: call primary standard log-on message in the accounts database 505 by operation processing unit 501, compare with decoded user's input information, if the content unanimity, then the user logins success, just can send the page after landing successfully to the user then; If relatively, user's input content does not conform to primary standard logon information in the accounts database 505, and so, user's login just gets nowhere.
In addition, also can by corresponding tables database 506, convert the primary standard log-on message in the accounts database 505 to form correspondence code standard log-on message by correspondence code.This step also can realize by correspondence code demoder 504, is the reverse corresponding tables database 506 that used.The correspondence code log-on message that the user imported, can be directly and in the accounts database 505 the correspondence code standard log-on message after the corresponding tables conversion compare, thereby judge that can the user successfully login.In this case, do not need 504 couples of users' of correspondence code demoder input content to decode, but the primary standard logon information of specific user in the accounts database 505 need be converted to correspondence code standard logon information.
Communication network is to be connected server and to land the communication between terminals network, and information communication between the two is provided.Dividing from the physical arrangement of channel, can be wireless communication networks, also can be wire net; The multiple mode classification that other is also arranged in addition.Among the present invention, being directed to and landing terminal, is to adopt internet (comprise wire net, also comprise wireless communication networks) to realize.Land terminal 100, adopt foregoing PC 101 to realize.
The explanation of Fig. 6:
This figure has illustrated the process flow diagram of the implementation method of system of the present invention, and corresponding the described system of Fig. 5 is a clue with its key step below, launches explanation.
Such as, generate corresponding tables 300 as shown in fig. 1.And this corresponding tables concerning the same terminal 100 of landing, must be at random.
Such as, be similar to the login page 103 among Fig. 1, include corresponding tables 300 and land item 200, can be used as a Webpage, from financial server, send in user's the PC 101.
Such as, be similar to the input content among Fig. 2 b, be exactly the user with oneself bank card number (user name true form 205a) and bank card password (password true form 205b) after corresponding tables 300 conversions, obtain correspondence code standard logon information, input gets final product.
Described standard logon information includes two kinds, and the one, that form by true form, correct primary standard logon information, the 2nd, that form by correspondence code, correct correspondence code standard logon information.Wherein, the primary standard logon information is relatively-stationary, can not change before the user initiatively changes; Correspondence code standard logon information can change along with the difference of corresponding tables content.
Corresponding with foregoing content, the verification mode of User login information has two kinds, first kind: earlier the correspondence code logon information that the user imported is reduced into the true form logon information, then, true form logon information and primary standard logon information is compared.In reduction process, correspondence code demoder 504 will call correspondence code database 506, obtains and the corresponding corresponding tables information of the specific User login page, then just can be easily user's logon information have been reduced.
The second way: call correspondence code database 506, the primary standard logon information be transformed into correspondence code standard logon information, then, the correspondence code logon information of being imported with the user directly with compare, that's all.
By relatively, just can finish the checking procedure of User login information, determine that can the user land success.
If relatively pass through, then User login success.At this moment, financial server just can be with the authorization page after the User login success, sends to that the user is employed to have landed terminal 100 places.
The reason of more not passing through has multiple, if the user has made mistakes when using corresponding tables to change, and, do not change corresponding tables yet, so, can directly turn back to step 3, the user is from newly changing, and input correspondence code logon information.If corresponding tables originally is out of date, perhaps the user will change corresponding tables, so, can turn back to step 1, receives corresponding tables and carries out logon operation afterwards again.If the user is not proper user, promptly do not know correct logon information, so, repeat after the repeatedly wrong logon information of input the logon operation that can forbid this user.
Specifically can limit the user error number of times, such as, corresponding same account, every day, the number of times of mistake input can not be operated five times, or the like.In addition, also can point out user's apparent error, such as, the character input is many, capital and small letter wrong (if the type difference is arranged) etc.; Specifically do not limit.
The explanation of Fig. 7 a, Fig. 7 b:
Shown in the ginseng Fig. 7 a, the login page 103 in the present embodiment includes and lands 200, is consistent with embodiment shown in Figure 1.But in the present embodiment, in login page 103, do not show corresponding tables 300.Corresponding tables is to offer the user's by other approach.
The reason of this set is for higher safety guarantee is provided.By the internet, when the user utilizes Webpage to login, if the employed terminal of landing, it is PC, be set up logon information theft program in advance, as specific trojan horse program, or the virus of other form, can the photographed screen image, and the information in can monitor user ' input computer.So, the theft program is by screen picture that photographs and the user input content that is monitored, and just the log-on message that the user imported is made up of correspondence code might be reduced, and obtains the primary standard logon information, in this case, user's log-on message has the danger of divulging a secret; Though implement the very difficult of this operation.
In the present embodiment, obtain corresponding tables information by being independent of the mobile phone that lands outside the terminal, even if employed the landing of user has powerful theft program again in the terminal, all can't obtain corresponding tables information, thereby, also just can't reduce to the login content that the user imported, this mode can be guaranteed the security of the log-on message that the user imports.
Three kinds of modes are provided in the present embodiment altogether, have allowed mobile phone obtain corresponding tables information.
First kind of mode: shown in ginseng Fig. 7 a, in login page 103, be provided with mobile phone and land item 206, the user can be at the Mobile Directory Number of this column input oneself, click corresponding button then, the financial server that just the user's mobile phone number can be sent to system has suffered (certainly, there is the transmittance process of a plurality of information the centre), and financial server corresponding tables that correspondence this page is sent in the user's mobile phone then.
The message form of corresponding tables be fit to adopt short message to express, and comprises the text SMS breath, the picture message breath, and video message breath and multi-media SMS breath, these four kinds of short message forms select one to get final product, as long as can steady display corresponding tables content, can; Text SMS breath form is selected in recommendation for use.
Shown in ginseng Fig. 7 b, this is a mobile phone 800.On mobile phone 800, encapsulated the display screen of mobile telephone 801 that is used to realize showing purpose; Below display screen of mobile telephone 801, be provided with the communication keypad 802 that is used to realize importing and controlling purpose; Above display screen of mobile telephone 801, be provided with mobile phone receiver 803, utilize the loudspeaker in the receiver, can play sound; Accordingly, below communication keypad 802, be provided with the microphone 804 that is used for typing sound.Utilize display screen of mobile telephone 801, just can the information content in the corresponding tables 300 be shown easily, consult for the user.
The second way: shown in ginseng Fig. 7 a, the user utilizes mobile phone to send short message and receives in the code to short message, and then be sent in system's financial server, after financial server obtains corresponding user's mobile phone number with particular webpage, just corresponding tables can be sent to user's mobile phone and suffer.As an example, in the present embodiment, the user utilizes mobile phone to send short message " DMB " and arrives in " 96577 " pairing short message receiver address, just user's mobile phone number and request content can be sent to corresponding system's financial server has suffered, further, user's mobile phone just can obtain to come from the corresponding tables information of system's financial server.Short message receiver address " 96577 " wherein is exactly that short message receives code.
The third mode: shown in the ginseng Fig. 7 a, the user can utilize mobile phone to dial specific phone indication code, and after putting through, the user just can operate according to the indication of system, such as direct on-hook etc.Phone indication code is the telephone number that can dial in the present embodiment; In the present embodiment, be 8001231213 (numbers of supposing).Then, system's financial server just can obtain the pairing user's mobile phone number of particular webpage by the operation of dialing of user's mobile phone.Thereby, will with the corresponding tables that matches of login page that the user sees, be sent in the user's mobile phone.
Certainly, also there is other the mobile phone that utilizes to obtain the mode of corresponding tables information, do not limit.
The explanation of Fig. 8:
This width of cloth figure has illustrated from user perspective, is utilizing mobile phone to obtain the corresponding tables situation, how to carry out the flow process that Web bank lands.
Step 901 utilizes mobile phone to obtain corresponding tables.Adopt foregoing mode, utilize mobile phone to obtain the information content of corresponding tables, and show
Step 902 is changed the content of needs input according to corresponding tables.The user is with reference to the corresponding tables in the mobile phone, and the Financial Informations such as bank card number, bank card password with oneself convert the correspondence code logon information to.
Step 903 is carried out register after the input logon information.
The explanation of Fig. 9:
Join shown in Figure 9, the embodiment shown in Figure 5 that compares, the system that lands safely of this Web bank increases mobile radio communication 602 and mobile phone 800.
The user utilizes PC 101, and after utilizing internet 601 to obtain to come from the login page of financial server 500; Further, by mobile phone 800, utilize mobile radio communication 602, with the number of user's mobile phone 800, the communication network through comprising mobile radio communication 602 is sent in the financial server 500; And then, financial server 500 will with the corresponding corresponding tables of the login page in the PC 101, be sent to mobile phone 800 through mobile radio communication 602 again.The user just can change Financial Information on this basis through corresponding tables, finish register then.
Foregoing internet 601 and mobile radio communication 602 are the multi-form and ingredient of the communication network 600 of broad sense.Wherein the internet directly is connected with PC 101, is the part of communication network 600; Mobile radio communication directly is connected with mobile phone, also is the part of communication network 600.
The explanation of Figure 10:
Join shown in Figure 10ly, this is corresponding the described system of Fig. 9, and Web bank of the present invention lands safely the implementation method of system.Its main process, with embodiment shown in Figure 6 be similarly, just increased system and sent this step of corresponding tables to user's portable terminal.Describe below.
Obtain and the go to bank method of the corresponding user's mobile phone number of login page of ad hoc networks, as previously mentioned.
In system, the correspondence code scrambler 503 in financial server 500 generates corresponding tables, in addition, if the corresponding tables that was not used that prestores is arranged in correspondence code database 506, also can call; Then with described corresponding tables after comprise the communication network of mobile radio communication, being transferred in the user's mobile phone, just created condition for user's logon operation.
PC will obtain the user by the log-on message after the corresponding tables conversion, i.e. correspondence code logon information.
PC is passed through the internet 601 in the communication network etc., and the Financial Information that the user imported is delivered in the financial server.
The reason of more not passing through has multiple, if the user has made mistakes when using corresponding tables to change, and, do not change corresponding tables yet, so, can directly turn back to step 4, the user is from newly changing, and input correspondence code logon information, that's all.If corresponding tables originally is out of date, perhaps the user will change corresponding tables, so, can turn back to step 3, and the user utilizes mobile phone from new reception corresponding tables, carries out logon operation then.If the user is not proper user, promptly do not know correct logon information, so, repeat after the repeatedly wrong logon information of input the logon operation that can forbid this user.
More than be the description of this invention and non-limiting, based on other embodiment of inventive concept, all among protection scope of the present invention.
Claims (17)
1. a Web bank lands safely system, it is characterized in that this system comprises:
Financial server includes the operation processing unit that can generate corresponding tables by computing, stores the storer of accounts database and correspondence code database,
And in order to generating the correspondence code scrambler of corresponding tables,
And correspondence code demoder in order to the correspondence code logon information is decoded;
Landing terminal, is to be packaged with display screen, in order to the terminal device of the Web bank's login page that includes corresponding tables to be provided to the user;
Communication network is to be connected server and to land the communication between terminals network, and information communication between the two is provided.
2. the pairing system of log-on message according to claim 1 is characterized in that: the network portion that is connected with PC in the described communication network is the internet, and the described terminal of landing is a PC.
3. the implementation method of the pairing system of log-on message, corresponding aforesaid claim 1 described system is characterized in that this method includes following step:
Step 1, financial server adopt the correspondence code scrambler to generate corresponding tables;
Step 2 is sent to login terminal with Web bank's login page through communication network with corresponding tables;
Step 3, login terminal receive the Web bank's log-on message after the changing by corresponding tables of user's input;
Step 4 is sent to financial server through communication network with user's log-on message;
Step 5, logon information and standard logon information with the user in financial server compare;
Step 6 is relatively by the transmission authorization page of back financial server to the login terminal;
Step 7 is not more passed through, and financial server lands the wrong page to landing the terminal transmission.
4. pairing system of log-on message is characterized in that this system comprises:
Financial server includes the operation processing unit that can generate corresponding tables by computing, stores the storer of accounts database and correspondence code database,
And in order to generating the correspondence code scrambler of corresponding tables,
And correspondence code demoder in order to the correspondence code logon information is decoded;
PC is can obtain login page to offer user's terminal device from server;
Mobile phone is to receive the portable handheld terminal of corresponding tables information from server, and is packaged with in order to show the display screen of corresponding tables information;
Communication network is the communication network that is connected between server and the PC, includes the internet that is connected with PC,
And be to be connected in communication network between mobile phone and the server, include the mobile radio communication that is connected with mobile phone.
5. the implementation method of the pairing system of log-on message, corresponding aforesaid claim 4 described systems is characterized in that this method includes following step:
Step 1, financial server is sent to PC with Web bank's login page;
Step 2, financial server receives user's mobile phone information;
Step 3, financial server is sent to corresponding tables in the mobile phone through mobile radio communication;
Step 4, PC receive the user by the log-on message after the corresponding tables conversion;
Step 5 is sent to financial server by communication network with user login information;
Step 6 compares user's Web bank's logon information and standard logon information;
Step 7 relatively sends authorization message by the back financial server to PC;
Step 8 is not more passed through, and financial server sends to PC and lands error message.
6. the implementation method of the pairing system of log-on message according to claim 5 is characterized in that: the form that mobile phone receives corresponding tables is a short message.
7. the input method of logon information according to claim 5 is characterized in that: the mode that the user adopts mobile phone to obtain corresponding tables comprises following three's one,
A, the user lands the mobile phone that Mobile Directory Number is input in the login page in the item, obtains corresponding tables after financial server sends this number,
B, the user sends short message with own mobile phone in short message reception code, from financial server, obtaining corresponding tables,
C, the user calls the indication code with the mobile phone of oneself, and financial server sends to the form of corresponding tables information with short message in the user's mobile phone.
8. according to the input method of claim 3 or 5 described logon informations, it is characterized in that: true form and correspondence code all adopt numeral, and be corresponding one to one, do not repeat.
9. according to the input method of claim 3 or 5 described logon informations, it is characterized in that: true form adopts numeral, and correspondence code adopts the character that comprises numeral, letter and symbol.
10. according to the input method of claim 3 or 5 described logon informations, it is characterized in that: when true form repeats to import, adopt different correspondence codes by its multiplicity in logon information, corresponding one to one between former input code and the correspondence code.
11. the input method according to claim 3 or 5 described logon informations is characterized in that: true form is non-corresponding one to one with correspondence code, wherein among correspondence code, is provided with the superfluous bit code that only is used for mixing number.
12. the input method according to claim 3 or 5 described logon informations is characterized in that: in the pairing input content of former logon information, part adopts correspondence code input.
13. the input method according to claim 3 or 5 described logon informations is characterized in that: in including the former logon information of user name and password, user name and password one at least adopt the correspondence code input.
14. the input method of logon information according to claim 13 is characterized in that: described user name is a bank card number, and described password is a bank card password.
15. the input method according to claim 3 or 5 described logon informations is characterized in that: user's mobile phone and the corresponding tables information that login page obtained have the restriction of effective storage life.
16. the input method according to claim 3 or 5 described logon informations is characterized in that: user's mobile phone and the corresponding tables information that login page obtained have the access times restriction.
17. the input method according to claim 3 or 5 described logon informations is characterized in that: user's mobile phone and the corresponding tables content that login page obtained all are at random at every turn.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100391043A CN101034463A (en) | 2007-04-03 | 2007-04-03 | Internet bank safety login system and implantation method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100391043A CN101034463A (en) | 2007-04-03 | 2007-04-03 | Internet bank safety login system and implantation method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101034463A true CN101034463A (en) | 2007-09-12 |
Family
ID=38731006
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007100391043A Pending CN101034463A (en) | 2007-04-03 | 2007-04-03 | Internet bank safety login system and implantation method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101034463A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101944914A (en) * | 2010-09-19 | 2011-01-12 | 刘继峰 | Method for dynamic combination of account numbers and passwords |
| WO2011029270A1 (en) * | 2009-09-11 | 2011-03-17 | 中国银联股份有限公司 | Method for acquiring pin of smart card safely |
| CN102005001A (en) * | 2010-11-12 | 2011-04-06 | 中国工商银行股份有限公司 | Login method, device and system of internet bank |
| CN101599954B (en) * | 2008-06-03 | 2012-11-14 | 联想(北京)有限公司 | Safety input system, safety input method and auxiliary display device based on auxiliary display unit |
| CN105743860A (en) * | 2014-12-10 | 2016-07-06 | 北京数码视讯科技股份有限公司 | Method and device for converting characters |
| CN108171027A (en) * | 2018-01-29 | 2018-06-15 | 深圳平安综合金融服务有限公司 | Internetbank login method, device, computer equipment and storage medium |
-
2007
- 2007-04-03 CN CNA2007100391043A patent/CN101034463A/en active Pending
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101599954B (en) * | 2008-06-03 | 2012-11-14 | 联想(北京)有限公司 | Safety input system, safety input method and auxiliary display device based on auxiliary display unit |
| WO2011029270A1 (en) * | 2009-09-11 | 2011-03-17 | 中国银联股份有限公司 | Method for acquiring pin of smart card safely |
| CN102024289A (en) * | 2009-09-11 | 2011-04-20 | 中国银联股份有限公司 | Method for acquiring passwords of intelligent card safely |
| CN101944914A (en) * | 2010-09-19 | 2011-01-12 | 刘继峰 | Method for dynamic combination of account numbers and passwords |
| CN102005001A (en) * | 2010-11-12 | 2011-04-06 | 中国工商银行股份有限公司 | Login method, device and system of internet bank |
| CN102005001B (en) * | 2010-11-12 | 2013-03-27 | 中国工商银行股份有限公司 | Login method, device and system of internet bank |
| CN105743860A (en) * | 2014-12-10 | 2016-07-06 | 北京数码视讯科技股份有限公司 | Method and device for converting characters |
| CN108171027A (en) * | 2018-01-29 | 2018-06-15 | 深圳平安综合金融服务有限公司 | Internetbank login method, device, computer equipment and storage medium |
| CN108171027B (en) * | 2018-01-29 | 2020-04-28 | 深圳平安综合金融服务有限公司 | Online banking login method and device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110399713B (en) | Information authentication method and related device | |
| CN1285235C (en) | Method and system of preventing handset from theft by using international id code of mobile facilities | |
| CN103986688B (en) | Method of authenticating a user of a peripheral apparatus, a peripheral apparatus, and a system for authenticating a user of a peripheral apparatus | |
| EP3230917B1 (en) | System and method for enabling secure authentication | |
| US8839448B2 (en) | Generation of a human readable output message in a format that is unreadable by a computer-based device | |
| CN101048947A (en) | Method and system for providing selected service by displaying numbers and strings corresponding to inputted buttons | |
| CN101034463A (en) | Internet bank safety login system and implantation method thereof | |
| JP5758531B2 (en) | Voice assistant personalization method | |
| CN1746808A (en) | Securing audio-based access to application data | |
| CN1805339A (en) | Digital signature supporting personal trusted device and its method for implementing signature | |
| CN101060403A (en) | Wireless communication terminal-based interactive dynamic password safety service system | |
| CN1993691A (en) | A method for preventing input information from exposing to observers | |
| CN1879071A (en) | Method and system for the authentication of a user of a data processing system | |
| CN1875564A (en) | Methods and apparatus for providing application credentials | |
| CN1492656A (en) | Method, device and system for sharing applied program conversation information on multichannels | |
| CN1764922A (en) | Message settings selection | |
| CN105592065A (en) | Method and system for website registration on the basis of mobile phone message | |
| CN101064604A (en) | Remote access process, system and equipment | |
| WO2003081401A2 (en) | Method and apparatus for dynamic personal identification number management | |
| CN103942519B (en) | Content shared method, graphic code coding side and graphic code decoding end between multiple terminals | |
| CN1940955A (en) | System and method for registering entities for code signing services | |
| CN1829365A (en) | User recognition module and method capable of realizing mobile terminal area locking | |
| CN113111341A (en) | Account sharing and login method and device | |
| CN1910531A (en) | Method and system used for key control of data resource, related network and computer program product | |
| US20230147743A1 (en) | Website Verification Service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20070912 |