CN102075547A - Dynamic password generating method and device and authentication method and system - Google Patents
Dynamic password generating method and device and authentication method and system Download PDFInfo
- Publication number
- CN102075547A CN102075547A CN2011100405682A CN201110040568A CN102075547A CN 102075547 A CN102075547 A CN 102075547A CN 2011100405682 A CN2011100405682 A CN 2011100405682A CN 201110040568 A CN201110040568 A CN 201110040568A CN 102075547 A CN102075547 A CN 102075547A
- Authority
- CN
- China
- Prior art keywords
- dynamic password
- information
- transaction information
- customer transaction
- challenge code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention relates to a dynamic password generating method, a dynamic password generating device, an authentication method and an authentication system. The authentication method comprises the following steps that: a transaction system generates and displays a graph which comprises transaction information and/or random information of users; after acquiring the graph displayed by the transaction system, the dynamic password generating device generates a challenge code according to the graph and generates a dynamic password of an authenticated party according to the challenge code; and after receiving the dynamic password of the authenticated party, the transaction system completes authentication by comparing the dynamic password of the authenticated party with a dynamic password of an authenticator, wherein the dynamic password of the authenticator is generated in a mode that the transaction system generates the challenge code according to the transaction information and/or the random information of the users or according to the graph, and generates the dynamic password of the authenticator according to the generated challenge code. The challenge code is not required to be inputted into the dynamic password generating device by the users manually, so user experience is improved, and the transaction efficiency is improved.
Description
Technical field
The present invention relates to information security field, especially a kind of dynamic password formation method and device, authentication method and system.
Background technology
In recent years, follow the fast development of the Internet and Financial Informationization, Web bank obtains the generally high praise of user and bank's industry rapidly with its facility, advantage such as efficient.In order to overcome the safety defect based on the authentication mode of static password, a lot of Web banks have adopted the authentication mode based on the dynamic password technology.
The dynamic password technology is called one-time password (One Time Password, be called for short OTP) technology again, according to the difference of password generating mode, can be divided into time-based dynamic password technology and based on the dynamic password technology of challenging/replying.
When adopting time-based dynamic password technology, dynamic password generating apparatus and server are synchronous in time, and store identical key seed; Dynamic password generating apparatus and server use this key seed dynamic password of (for example, 60 seconds) generation at set intervals; In the time of need carrying out authentification of user, after the user is known the present dynamic password by the display screen of dynamic password generating apparatus, import this dynamic password at transaction terminal, transaction terminal sends to server with information such as this dynamic password and user name, static passwords and authenticates.
Employing is during based on the dynamic password technology challenging/reply, and the dynamic password generating apparatus has identical key seed with server stores; In the time of need carrying out authentification of user, server sends transaction terminal from a challenge code to user or mobile phone, after the user obtains challenge code, challenge code is imported the dynamic password generating apparatus; The dynamic password generating apparatus uses the challenge code of key seed and user's input to generate answer back code (being dynamic password), after the user is known the present dynamic password by the display screen of dynamic password generating apparatus, import this dynamic password at transaction terminal, transaction terminal sends to server with information such as this dynamic password and user name, static passwords and authenticates.
Above-mentioned authentication mode based on the dynamic password technology has overcome the changeless defective of password information in the static password checking well, but also there are the following problems:
When (1) adopting time-based dynamic password technology, dynamic password is not to use once promptly to lose efficacy, but effective within a certain period of time, therefore after this dynamic password was intercepted and captured, the hacker can use this dynamic password and server to carry out alternately; For example, after the user used time-based dynamic password login, the hacker can use this dynamic password of intercepting and capturing to carry out follow-up operation immediately.Be that the time-based dynamic password technology of existing employing exists bigger potential safety hazard.
When (2) adopting based on the dynamic password technology challenging/reply, the user must import the challenge code of server transmission in the dynamic password generating apparatus; Carry for the ease of the user, the size of dynamic password generating apparatus is less usually, so the user imports very inconvenience of challenge code in the dynamic password generating apparatus.
It is in addition, existing that also there are the following problems based on the dynamic password technology of challenging/replying:
(I) because challenge code is that server produces at random, irrelevant with Transaction Information and user profile (can be referred to as customer transaction information), if this challenge code is oversize, can causes the user to import inconvenience, and cause input error easily, user experience is relatively poor.
(II) since existing be that server produces at random based on challenge code in the dynamic password technology of challenging/replying, irrelevant with Transaction Information and user profile (can be referred to as customer transaction information), the user can't confirm transaction according to challenge code.
Summary of the invention
Technical problem to be solved by this invention is to overcome the deficiencies in the prior art, the dynamic password formation method and device, authentication method and the system that provide a kind of user of need not to import challenge code by hand.
In order to address the above problem, the invention provides a kind of authentication method, this method comprises:
The transaction system generation also shows the figure that comprises customer transaction information and/or random information;
After the dynamic password generating apparatus collects the described figure of transaction system demonstration, generate challenge code, and generate certified side's dynamic password according to the challenge code of its generation according to described figure;
After transaction system receives described certified side's dynamic password, compare by dynamic password and to finish authentication itself and authenticating party;
Wherein, the dynamic password of described authenticating party generates in the following way: described transaction system generates challenge code according to described customer transaction information and/or random information or according to described figure, and generates the dynamic password of described authenticating party according to the challenge code of its generation.
In addition, comprise described customer transaction information or described customer transaction information and random information in the described figure;
Before generating challenge code after described dynamic password generating apparatus collects the described figure that transaction system shows, according to described figure, also comprise following steps: show described figure or show that the customer transaction information of extracting confirms for the user from described figure; And the affirmation that receives the user is indicated.
In addition, described dynamic password generating apparatus and transaction system generate challenge code according to described figure in the following way:
From described figure, extract described customer transaction information and/or random information;
Generate described challenge code according to described customer transaction information and/or random information.
In addition, described dynamic password generating apparatus generates challenge code according to described figure in the following way: extract described customer transaction information and/or random information from described figure; Generate described challenge code according to described customer transaction information and/or random information;
Described transaction system generates described challenge code according to described customer transaction information and/or random information.
In addition, described dynamic password generating apparatus and transaction system generate challenge code according to described figure in the following way:
From described figure, extract the coded message of described customer transaction information and/or random information;
Generate described challenge code according to described coded message.
In addition, the described figure that comprises customer transaction information is a bar code.
In addition, described bar code is a two-dimensional bar.
In addition, described figure is a character image.
The present invention also provides a kind of dynamic password formation method, and this method comprises:
The transaction system generation also shows the figure that comprises customer transaction information and/or random information;
After the dynamic password generating apparatus collects the described figure of transaction system demonstration, generate challenge code, and generate certified side's dynamic password according to the challenge code of its generation according to described figure;
Transaction system generates challenge code according to described customer transaction information and/or random information or according to described figure, and generates the dynamic password of authenticating party according to the challenge code of its generation.
In addition, comprise described customer transaction information or described customer transaction information and random information in the described figure;
Before generating challenge code after described dynamic password generating apparatus collects the described figure that transaction system shows, according to described figure, also comprise following steps: show described figure or show that the customer transaction information of extracting confirms transaction for the user from described figure; Receive user's affirmation indication.
In addition, described dynamic password generating apparatus and transaction system generate challenge code according to described figure in the following way:
From described figure, extract described customer transaction information and/or random information;
Generate described challenge code according to described customer transaction information and/or random information.
In addition, described dynamic password generating apparatus generates challenge code according to described figure in the following way: extract described customer transaction information and/or random information from described figure; Generate described challenge code according to described customer transaction information and/or random information;
Described transaction system generates described challenge code according to described customer transaction information and/or random information.
In addition, described dynamic password generating apparatus and transaction system generate challenge code according to described figure in the following way:
From described figure, extract the coded message of described customer transaction information and/or random information;
Generate described challenge code according to described coded message.
In addition, the described figure that comprises customer transaction information is a bar code.
In addition, described bar code is a two-dimensional bar.
In addition, described figure is a character image.
The present invention also provides a kind of Verification System, it is characterized in that, this system comprises: dynamic password generating apparatus and transaction system, wherein:
Described transaction system is used to generate and show the figure that comprises customer transaction information and/or random information;
Described dynamic password generating apparatus is used to gather the described figure that described transaction system shows, generates challenge code according to described figure, and generates certified side's dynamic password according to the challenge code of its generation;
Described transaction system also is used for after receiving described certified side's dynamic password, compares by the dynamic password with itself and authenticating party and finishes authentication;
Wherein, described transaction system also is used for generating in the following way the dynamic password of described authenticating party: described transaction system generates challenge code according to described customer transaction information and/or random information or according to described figure, and generates the dynamic password of described authenticating party according to the challenge code of its generation.
In addition, comprise described customer transaction information or described customer transaction information and random information in the described figure;
Before generating challenge code after described dynamic password generating apparatus collects the described figure that transaction system shows, according to described figure, also be used for carrying out following operation: show described figure or show that the customer transaction information of extracting from described figure confirms for the user; And the affirmation that receives the user is indicated.
In addition, described dynamic password generating apparatus and transaction system are used for generating challenge code according to described figure in the following way:
From described figure, extract described customer transaction information and/or random information;
Generate described challenge code according to described customer transaction information and/or random information.
In addition, described dynamic password generating apparatus is used for generating challenge code according to described figure in the following way: extract described customer transaction information and/or random information from described figure; Generate described challenge code according to described customer transaction information and/or random information;
Described transaction system is used for generating described challenge code according to described customer transaction information and/or random information.
In addition, described dynamic password generating apparatus and transaction system are used for generating challenge code according to described figure in the following way:
From described figure, extract the coded message of described customer transaction information and/or random information;
Generate described challenge code according to described coded message.
In addition, the described figure that comprises customer transaction information is a bar code.
In addition, described bar code is a two-dimensional bar.
In addition, described figure is a character image.
The present invention also provides a kind of dynamic password generating apparatus, comprising: the dynamic password generation module, and display module is characterized in that, this device also comprises: the figure acquiring and identifying module; Wherein:
Described figure acquiring and identifying module is used to gather the figure that comprises customer transaction information and/or random information; And from described figure, extract: the coded message of described customer transaction information and/or random information or described customer transaction information and/or random information, and send it to described dynamic password generation module;
Described dynamic password generation module is used for after the coded message of the described customer transaction information that receives described figure acquiring and identifying module transmission and/or random information or described customer transaction information and/or random information, coded message according to described customer transaction information and/or random information or described customer transaction information and/or random information generates challenge code, and generates dynamic password according to the challenge code of its generation; The dynamic password of its generation is sent to described display module;
Described display module is used to show the described dynamic password of described dynamic password generation module transmission.
In addition, this device also comprises: the user confirms module; Wherein:
Comprise described customer transaction information or described customer transaction information and random information in the described figure;
Described figure acquiring and identifying module also is used for after collecting described figure described figure being sent to described display module;
Described display module also is used to show the described figure of described figure acquiring and identifying module transmission;
The user confirms that module is used for sending dynamic password to described dynamic password generation module and generating indication after the affirmation indication that receives the user;
Described dynamic password generation module is carried out the operation of described generation challenge code after receiving described dynamic password generation indication.
In addition, this device also comprises: the user confirms module; Wherein:
Comprise described customer transaction information or described customer transaction information and random information in the described figure;
Described figure acquiring and identifying module also is used for after collecting described figure, extracts described customer transaction information from described figure, and described customer transaction information is sent to described display module;
Described display module also is used to show the described customer transaction information of described figure acquiring and identifying module transmission;
The user confirms that module is used for sending dynamic password to described dynamic password generation module and generating indication after the affirmation indication that receives the user;
Described dynamic password generation module is carried out the operation of described generation challenge code after receiving described dynamic password generation indication.
In addition, the described figure that comprises customer transaction information is a bar code.
In addition, described bar code is a two-dimensional bar.
In addition, described figure is a character image.
In sum, the challenge code among the present invention need not the user and inputs to the dynamic password generating apparatus by hand, has improved user experience, and has improved trading efficiency.
In addition, the challenge code that is used to generate dynamic password among the present invention has comprised customer transaction information, and dynamic password apparatus can be shown to the user with customer transaction information before generating challenge code, for the user transaction is confirmed, therefore compare with challenge code generating mode of the prior art, improved the fail safe of dynamic password.
In addition, the present invention can also generate figure with customer transaction information with random information, gather and extract (identification) for the dynamic password generating apparatus, and dynamic password generating apparatus and transaction system use customer transaction information and random information to generate dynamic password simultaneously, can further improve the fail safe of dynamic password.
Description of drawings
Fig. 1 is the structural representation of Verification System of the present invention;
Fig. 2 is the authentication method flow chart of first embodiment of the invention;
Fig. 3 is the authentication method flow chart of second embodiment of the invention;
Fig. 4 is the dynamic password formation method flow chart of first embodiment of the invention;
Fig. 5 is the dynamic password formation method flow chart of second embodiment of the invention;
Fig. 6 is the structural representation of embodiment of the invention dynamic password generating apparatus.
Embodiment
Core of the present invention is, generation comprises and (or is called expression, as follows) figure of customer transaction information (or is called image, as follows), and it is presented on the transaction terminal of transaction system (authentication authorization and accounting side), user's (being certified side) uses the dynamic password generating apparatus that has figure collection and recognition function to gather above-mentioned figure from transaction terminal, and according to the Figure recognition that collects (extraction in other words, as follows) all or part of customer transaction information that wherein comprises, and, generate the dynamic password (being certified side's dynamic password) that is used to authenticate according to this challenge code according to the customer transaction information generation challenge code that collects; In addition, the transaction system end also adopts corresponding mode to generate identical challenge code, and generates the dynamic password of identical authenticating party.
In addition, the dynamic password generating apparatus can be before generating challenge code and dynamic password according to the figure that collects, show the figure that comprises customer transaction information that collects, so that the user to user Transaction Information confirms that the dynamic password generating apparatus was carried out the operation that generates challenge code and dynamic password again after the wait user confirmed.
Describe the present invention below in conjunction with drawings and Examples.
Fig. 1 is the structural representation of Verification System of the present invention; As shown in Figure 1, this Verification System comprises: transaction system, dynamic password generating apparatus (token as shown in Figure 1); Wherein:
Transaction system can comprise: transaction terminal and certificate server; Certainly, transaction terminal and certificate server also can be merged into an entity device.
Transaction system is used to generate and show the figure that comprises customer transaction information, extracts customer transaction information from this figure, and uses the customer transaction information of this extraction to generate challenge code; Or directly use customer transaction information to generate challenge code, generate the dynamic password of transaction system end according to this challenge code.
The dynamic password generating apparatus is used to gather the above-mentioned figure that transaction system shows, and from this figure, extract customer transaction information, and use the customer transaction information of this extraction to generate challenge code, generate and show the dynamic password of dynamic password generating apparatus end according to this challenge code.
So far, the user can authenticate (comprising: authentication and/or transaction authentication) with the dynamic password input transaction system of dynamic password generating apparatus end.
The concrete function of above-mentioned Verification System is described in more detail below.
The first authentication method embodiment
Fig. 2 is the authentication method flow chart of first embodiment of the invention.In the present embodiment, be that example is described authentication method of the present invention with the transaction system that comprises discrete transaction terminal and certificate server.As shown in Figure 2, this method comprises:
201, transaction terminal generates the figure that comprises customer transaction information according to current customer transaction information, and it is presented on the display screen;
Above-mentioned transaction terminal can be the ATM (Automated Teller Machine, ATM) of bank, also can be equipment such as PC.
Above-mentioned customer transaction information can comprise: user profile and/or current Transaction Information.For example: user name, number of the account, dealing money etc.
Above-mentioned figure can be the bar code (promptly comprising or represent the bar code of customer transaction information) that generates after customer transaction information is encoded, and above-mentioned bar code can be one-dimensional bar code or two-dimensional bar (being called for short one dimension sign indicating number or two-dimension code).Preferably, in order to comprise more information, above-mentioned figure is a two-dimensional bar.
If above-mentioned figure is a bar code, need encodes to customer transaction information according to the barcode encoding mode that is adopted to customer transaction information, and generate corresponding bar code figure according to coded message.The coded system of bar code can adopt: Code39 sign indicating number (39 yards of standards), Codabar sign indicating number (Ku Deba sign indicating number), Code25 sign indicating number (25 yards of standards), ITF25 sign indicating number (intersecting 25 yards), Matrix25 sign indicating number (25 yards in matrix), UPC-A sign indicating number, UPC-E sign indicating number, EAN-13 sign indicating number (EAN-13 international commodity bar code), EAN-8 sign indicating number (EAN-8 international commodity bar code), Code128 sign indicating number (the Code128 sign indicating number comprises the EAN128 sign indicating number) etc.Two-dimensional bar code can adopt: PDF417 sign indicating number, Code49 sign indicating number, Code 16K sign indicating number, Data Matrix sign indicating number, MaxiCode sign indicating number etc.
Certainly, above-mentioned figure also can be the character image that comprises customer transaction information, and for the ease of gathering, above-mentioned character image may be displayed on the specific region of display screen, for example in display screen rectangular area.
202, transaction terminal sends to certificate server with customer transaction information or above-mentioned figure.
203, behind certificate server receives the above-mentioned figure that comprises customer transaction information, generate challenge code according to this figure; Certainly, if transaction terminal sends to certificate server with customer transaction information, then certificate server directly generates challenge code according to customer transaction information;
Above-mentioned step according to figure generation challenge code can be:
203a, certificate server extracts customer transaction information from the above-mentioned figure that comprises customer transaction information;
According to the difference of graph style, the mode of extracting customer transaction information from figure is also different.
If figure is a bar code, then adopt bar code recognition of the prior art and corresponding decoding technique can from figure, extract customer transaction information;
If the character image of figure for adopting customer transaction information to generate then adopts existing OCR (Optical Character Recognition, optical character identification) technology can extract the customer transaction information that wherein comprises from figure.For example, customer transaction information is account name: " Zhang San ", above-mentioned character image is for being presented at " Zhang San " pattern on the display screen.
203b, certificate server generates challenge code according to customer transaction information.
Above-mentioned step according to customer transaction information generation challenge code can be:
203x, certificate server extract all or part of information from customer transaction information, and this information is carried out Hash operation, obtain cryptographic Hash H;
203y, certificate server extracts all or part of data as challenge code with preset rule from above-mentioned cryptographic Hash H;
Above-mentioned preset rule can be: begin to extract continuously the individual bit of n (n is the integer greater than 1) from highest order.
204, the key seed of the local storage of certificate server use is carried out cryptographic calculation to the challenge code of its generation, obtains the dynamic password (dynamic password of authentication authorization and accounting side) of certificate server end.
205, the user uses the figure collecting unit of dynamic password generating apparatus that the above-mentioned figure that comprises customer transaction information that is presented at transaction terminal is gathered;
Above-mentioned figure collecting unit can be a camera, or special-purpose bar code scanner.
206, the dynamic password generating apparatus shows the figure that comprises customer transaction information that collects, and confirms for the user to user Transaction Information, waits for that the user confirms; (promptly receive user's affirmation indication back) after the user confirms and carry out next step;
User's affirmation indication can be that the user presses the push button signalling that acknowledgement key generated on the dynamic password generating apparatus.
This step is an optional step.
207, the dynamic password generating apparatus generates challenge code according to the figure that comprises customer transaction information that collects;
Above-mentioned method according to figure generation challenge code is identical with the certificate server end, can be referring to the description of step 203.
208, the key seed of the local storage of dynamic password generating apparatus use is carried out cryptographic calculation to the challenge code of its generation, obtains the dynamic password (being certified side's dynamic password) of dynamic password generating apparatus end.
It should be noted that therefore the dynamic password of generation is identical owing to preserve identical key seed in dynamic password generating apparatus and the certificate server.
209, the dynamic password generating apparatus shows the above-mentioned dynamic password of its generation on display screen.
210, the user reads the dynamic password of its demonstration from the dynamic password generating apparatus after, with its input transaction terminal.
211, transaction terminal sends to certificate server with the dynamic password of the dynamic password generating apparatus end of user input and authenticates, and after authentication was passed through, transaction terminal was finished follow-up authentication and/or trading processing.
The second authentication method embodiment
Fig. 3 is the authentication method flow chart of second embodiment of the invention.The difference of the present embodiment and first embodiment is, generates challenge code by transaction terminal in the present embodiment, and sends it to certificate server.As shown in Figure 3, this method comprises:
301, transaction terminal generates figure according to current customer transaction information, and it is presented on the display screen;
302, transaction terminal generates challenge code according to the above-mentioned figure that comprises customer transaction information, or directly generates challenge code according to customer transaction information;
Above-mentioned step according to figure generation challenge code can be:
302a, transaction terminal extracts customer transaction information from the above-mentioned figure that comprises customer transaction information;
302b, transaction terminal generates challenge code according to customer transaction information.
Above-mentioned step according to customer transaction information generation challenge code can be:
302x, transaction terminal extract all or part of information from customer transaction information, and this information is carried out Hash operation, obtain cryptographic Hash H;
302y, transaction terminal extracts all or part of data as challenge code with preset rule from above-mentioned cryptographic Hash H.
303, transaction terminal sends to certificate server with the challenge code of its generation;
304, certificate server uses the key seed of local storage that the challenge code that receives is carried out cryptographic calculation, obtains the dynamic password (dynamic password of authentication authorization and accounting side) of certificate server end.
305, the user uses the figure collecting unit of dynamic password generating apparatus that the above-mentioned figure that comprises customer transaction information that is presented at transaction terminal is gathered;
306, the dynamic password generating apparatus shows the figure that comprises customer transaction information that collects, and confirms for the user to user Transaction Information, waits for that the user confirms; (promptly receive user's affirmation indication back) after the user confirms and carry out next step;
User's affirmation indication can be that the user presses the push button signalling that acknowledgement key generated on the dynamic password generating apparatus.
This step is an optional step.
307, the dynamic password generating apparatus generates challenge code according to the figure that comprises customer transaction information that collects;
Above-mentioned method according to figure generation challenge code is identical with the certificate server end, can be referring to the description of step 203.
308, the key seed of the local storage of dynamic password generating apparatus use is carried out cryptographic calculation to the challenge code of its generation, obtains the dynamic password (being certified side's dynamic password) of dynamic password generating apparatus end.
It should be noted that therefore the dynamic password of generation is identical owing to preserve identical key seed in dynamic password generating apparatus and the certificate server.
309, the dynamic password generating apparatus shows the above-mentioned dynamic password of its generation on display screen.
310, the user reads the dynamic password of its demonstration from the dynamic password generating apparatus after, with its input transaction terminal.
311, transaction terminal sends to certificate server with the dynamic password of the dynamic password generating apparatus end of user input and authenticates, and after authentication was passed through, transaction terminal was finished follow-up authentication and/or trading processing.The first dynamic password formation method embodiment
Fig. 4 is the dynamic password formation method flow chart of first embodiment of the invention.In the present embodiment, be that example is described dynamic password formation method of the present invention with the transaction system that comprises discrete transaction terminal and certificate server.As shown in Figure 4, the dynamic password formation method of first embodiment of the invention and the first authentication method embodiment shown in Figure 2 are basic identical, and difference only is that the dynamic password formation method of first embodiment of the invention has omitted step 210 and 211.
The second dynamic password formation method embodiment
Fig. 5 is the dynamic password formation method flow chart of second embodiment of the invention.In the present embodiment, be that example is described dynamic password formation method of the present invention with the transaction system that comprises discrete transaction terminal and certificate server.As shown in Figure 5, the dynamic password formation method of second embodiment of the invention and the second authentication method embodiment shown in Figure 3 are basic identical, and difference only is that the dynamic password formation method of second embodiment of the invention has omitted step 310 and 311.
Fig. 6 is the structural representation of embodiment of the invention dynamic password generating apparatus; As shown in Figure 6, this device comprises: dynamic password generation module, display module; Wherein:
The figure acquiring and identifying module is used to gather the figure that comprises customer transaction information and/or random information; And from figure, extract: the coded message of customer transaction information and/or random information or customer transaction information and/or random information, and send it to the dynamic password generation module;
The dynamic password generation module is used for after the coded message of the customer transaction information that receives the transmission of figure acquiring and identifying module and/or random information or customer transaction information and/or random information, coded message according to customer transaction information and/or random information or customer transaction information and/or random information generates challenge code, and generates dynamic password according to the challenge code of its generation; The dynamic password of its generation is sent to display module;
Display module is used to show the dynamic password of dynamic password generation module transmission.
In addition, comprise customer transaction information or customer transaction information and random information in the figure;
The figure acquiring and identifying module also is used for after collecting figure figure being sent to display module; Display module also is used for the figure that the display graphics acquiring and identifying module sends; The user confirms that module is used for sending dynamic password to the dynamic password generation module and generating indication after the affirmation indication that receives the user; The dynamic password generation module is carried out the operation that generates challenge code after receiving dynamic password generation indication; Or:
The figure acquiring and identifying module also is used for after collecting figure, extracts customer transaction information from figure, and customer transaction information is sent to display module; Display module also is used for the customer transaction information that the display graphics acquiring and identifying module sends; The user confirms that module is used for sending dynamic password to the dynamic password generation module and generating indication after the affirmation indication that receives the user; The dynamic password generation module is carried out the operation that generates challenge code after receiving dynamic password generation indication.
The figure that comprises customer transaction information can be a bar code, and preferably, bar code is a two-dimensional bar.
In addition, figure can be a character image.
According to basic principle of the present invention, the foregoing description can also have multiple mapping mode, for example:
(1) in the above-described embodiments, transaction system (authentication authorization and accounting side) and dynamic password generating apparatus all are to use customer transaction information to generate challenge code;
In other embodiments of the invention, transaction system and dynamic password generating apparatus also can use the coded message of customer transaction information to generate challenge code.
For example, if the above-mentioned figure of customer transaction information that comprises is for adopting the two-dimension code of PDF417 sign indicating number as the coding/decoding mode, customer transaction information via coding back generates the code word data of being made up of binary data, after code word data generation error correction code word, generate the figure that comprises code word data and error correction code word.Above-mentioned code word data and/or error correction code word are exactly the coded message of customer transaction information.Therefore, after transaction system and the identification of dynamic password generating apparatus obtain above-mentioned coded message, need not it is decoded, can directly generate challenge code according to above-mentioned coded message.
(2) in the above-described embodiments, transaction system (authentication authorization and accounting side) and dynamic password generating apparatus all are to use the coded message of customer transaction information or customer transaction information to generate challenge code; Therefore, only comprise customer transaction information in the figure that transaction system shows;
In other embodiments of the invention, also comprise the random information (for example, random number, random character etc.) that transaction system (transaction terminal) generates in the above-mentioned figure, above-mentioned random information can carry out barcode encoding and demonstration with customer transaction information; In addition, above-mentioned random information also can be presented on the display screen as character image with customer transaction information and gather and extract for the dynamic password generating apparatus; And transaction system and dynamic password generating apparatus use customer transaction information and random information to generate challenge code simultaneously.
If use random information and customer transaction information to generate challenge code simultaneously, in above-mentioned first embodiment, can generate random information, and it is sent to certificate server in the transaction system with customer transaction information by the transaction terminal in the transaction system; In above-mentioned second embodiment, can generate random information by transaction terminal, and generate challenge code according to customer transaction information and random information.
(3) in the above embodiment of the present invention, the dynamic password generating apparatus is after collecting the figure that comprises customer transaction information, it is shown to the user, for the user transaction (promptly to customer transaction information) is confirmed, after treating that the user confirms, the dynamic password generating apparatus generates challenge code and dynamic password according to this figure again;
In other embodiments of the invention, the dynamic password generating apparatus can extract (adopting technology such as challenge code identification or OCR) customer transaction information from above-mentioned figure, and is shown to the user with mode word and confirms for the user.
Claims (30)
1. an authentication method is characterized in that, this method comprises:
The transaction system generation also shows the figure that comprises customer transaction information and/or random information;
After the dynamic password generating apparatus collects the described figure of transaction system demonstration, generate challenge code, and generate certified side's dynamic password according to the challenge code of its generation according to described figure;
After transaction system receives described certified side's dynamic password, compare by dynamic password and to finish authentication itself and authenticating party;
Wherein, the dynamic password of described authenticating party generates in the following way: described transaction system generates challenge code according to described customer transaction information and/or random information or according to described figure, and generates the dynamic password of described authenticating party according to the challenge code of its generation.
2. the method for claim 1 is characterized in that,
Comprise described customer transaction information or described customer transaction information and random information in the described figure;
Before generating challenge code after described dynamic password generating apparatus collects the described figure that transaction system shows, according to described figure, also comprise following steps: show described figure or show that the customer transaction information of extracting confirms for the user from described figure; And the affirmation that receives the user is indicated.
3. the method for claim 1 is characterized in that,
Described dynamic password generating apparatus and transaction system generate challenge code according to described figure in the following way:
From described figure, extract described customer transaction information and/or random information;
Generate described challenge code according to described customer transaction information and/or random information.
4. the method for claim 1 is characterized in that,
Described dynamic password generating apparatus generates challenge code according to described figure in the following way: extract described customer transaction information and/or random information from described figure; Generate described challenge code according to described customer transaction information and/or random information;
Described transaction system generates described challenge code according to described customer transaction information and/or random information.
5. the method for claim 1 is characterized in that,
Described dynamic password generating apparatus and transaction system generate challenge code according to described figure in the following way:
From described figure, extract the coded message of described customer transaction information and/or random information;
Generate described challenge code according to described coded message.
6. as the described method of arbitrary claim in the claim 1 to 5, it is characterized in that,
The described figure that comprises customer transaction information is a bar code.
7. method as claimed in claim 6 is characterized in that,
Described bar code is a two-dimensional bar.
8. as the described method of arbitrary claim in the claim 1 to 5, it is characterized in that,
Described figure is a character image.
9. a dynamic password formation method is characterized in that, this method comprises:
The transaction system generation also shows the figure that comprises customer transaction information and/or random information;
After the dynamic password generating apparatus collects the described figure of transaction system demonstration, generate challenge code, and generate certified side's dynamic password according to the challenge code of its generation according to described figure;
Transaction system generates challenge code according to described customer transaction information and/or random information or according to described figure, and generates the dynamic password of authenticating party according to the challenge code of its generation.
10. method as claimed in claim 9 is characterized in that,
Comprise described customer transaction information or described customer transaction information and random information in the described figure;
Before generating challenge code after described dynamic password generating apparatus collects the described figure that transaction system shows, according to described figure, also comprise following steps: show described figure or show that the customer transaction information of extracting confirms transaction for the user from described figure; Receive user's affirmation indication.
11. method as claimed in claim 9 is characterized in that,
Described dynamic password generating apparatus and transaction system generate challenge code according to described figure in the following way:
From described figure, extract described customer transaction information and/or random information;
Generate described challenge code according to described customer transaction information and/or random information.
12. method as claimed in claim 9 is characterized in that,
Described dynamic password generating apparatus generates challenge code according to described figure in the following way: extract described customer transaction information and/or random information from described figure; Generate described challenge code according to described customer transaction information and/or random information;
Described transaction system generates described challenge code according to described customer transaction information and/or random information.
13. method as claimed in claim 9 is characterized in that,
Described dynamic password generating apparatus and transaction system generate challenge code according to described figure in the following way:
From described figure, extract the coded message of described customer transaction information and/or random information;
Generate described challenge code according to described coded message.
14. as the described method of arbitrary claim in the claim 9 to 13, it is characterized in that,
The described figure that comprises customer transaction information is a bar code.
15. method as claimed in claim 14 is characterized in that,
Described bar code is a two-dimensional bar.
16. as the described method of arbitrary claim in the claim 9 to 13, it is characterized in that,
Described figure is a character image.
17. a Verification System is characterized in that, this system comprises: dynamic password generating apparatus and transaction system, wherein:
Described transaction system is used to generate and show the figure that comprises customer transaction information and/or random information;
Described dynamic password generating apparatus is used to gather the described figure that described transaction system shows, generates challenge code according to described figure, and generates certified side's dynamic password according to the challenge code of its generation;
Described transaction system also is used for after receiving described certified side's dynamic password, compares by the dynamic password with itself and authenticating party and finishes authentication;
Wherein, described transaction system also is used for generating in the following way the dynamic password of described authenticating party: described transaction system generates challenge code according to described customer transaction information and/or random information or according to described figure, and generates the dynamic password of described authenticating party according to the challenge code of its generation.
18. system as claimed in claim 17 is characterized in that,
Comprise described customer transaction information or described customer transaction information and random information in the described figure;
Before generating challenge code after described dynamic password generating apparatus collects the described figure that transaction system shows, according to described figure, also be used for carrying out following operation: show described figure or show that the customer transaction information of extracting from described figure confirms for the user; And the affirmation that receives the user is indicated.
19. system as claimed in claim 17 is characterized in that,
Described dynamic password generating apparatus and transaction system are used for generating challenge code according to described figure in the following way:
From described figure, extract described customer transaction information and/or random information;
Generate described challenge code according to described customer transaction information and/or random information.
20. system as claimed in claim 17 is characterized in that,
Described dynamic password generating apparatus is used for generating challenge code according to described figure in the following way: extract described customer transaction information and/or random information from described figure; Generate described challenge code according to described customer transaction information and/or random information;
Described transaction system is used for generating described challenge code according to described customer transaction information and/or random information.
21. system as claimed in claim 17 is characterized in that,
Described dynamic password generating apparatus and transaction system are used for generating challenge code according to described figure in the following way:
From described figure, extract the coded message of described customer transaction information and/or random information;
Generate described challenge code according to described coded message.
22. as the described system of arbitrary claim in the claim 17 to 21, it is characterized in that,
The described figure that comprises customer transaction information is a bar code.
23. the system as claimed in claim 22 is characterized in that,
Described bar code is a two-dimensional bar.
24. as the described system of arbitrary claim in the claim 17 to 21, it is characterized in that,
Described figure is a character image.
25. a dynamic password generating apparatus comprises: the dynamic password generation module, display module is characterized in that, this device also comprises: the figure acquiring and identifying module; Wherein:
Described figure acquiring and identifying module is used to gather the figure that comprises customer transaction information and/or random information; And from described figure, extract: the coded message of described customer transaction information and/or random information or described customer transaction information and/or random information, and send it to described dynamic password generation module;
Described dynamic password generation module is used for after the coded message of the described customer transaction information that receives described figure acquiring and identifying module transmission and/or random information or described customer transaction information and/or random information, coded message according to described customer transaction information and/or random information or described customer transaction information and/or random information generates challenge code, and generates dynamic password according to the challenge code of its generation; The dynamic password of its generation is sent to described display module;
Described display module is used to show the described dynamic password of described dynamic password generation module transmission.
26. device as claimed in claim 25 is characterized in that, this device also comprises: the user confirms module; Wherein:
Comprise described customer transaction information or described customer transaction information and random information in the described figure;
Described figure acquiring and identifying module also is used for after collecting described figure described figure being sent to described display module;
Described display module also is used to show the described figure of described figure acquiring and identifying module transmission;
The user confirms that module is used for sending dynamic password to described dynamic password generation module and generating indication after the affirmation indication that receives the user;
Described dynamic password generation module is carried out the operation of described generation challenge code after receiving described dynamic password generation indication.
27. device as claimed in claim 25 is characterized in that, this device also comprises: the user confirms module; Wherein:
Comprise described customer transaction information or described customer transaction information and random information in the described figure;
Described figure acquiring and identifying module also is used for after collecting described figure, extracts described customer transaction information from described figure, and described customer transaction information is sent to described display module;
Described display module also is used to show the described customer transaction information of described figure acquiring and identifying module transmission;
The user confirms that module is used for sending dynamic password to described dynamic password generation module and generating indication after the affirmation indication that receives the user;
Described dynamic password generation module is carried out the operation of described generation challenge code after receiving described dynamic password generation indication.
28. as the described device of arbitrary claim in the claim 25 to 27, it is characterized in that,
The described figure that comprises customer transaction information is a bar code.
29. device as claimed in claim 28 is characterized in that,
Described bar code is a two-dimensional bar.
30. as the described device of arbitrary claim in the claim 25 to 27, it is characterized in that,
Described figure is a character image.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110040568.2A CN102075547B (en) | 2011-02-18 | 2011-02-18 | Dynamic password generating method and device and authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110040568.2A CN102075547B (en) | 2011-02-18 | 2011-02-18 | Dynamic password generating method and device and authentication method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102075547A true CN102075547A (en) | 2011-05-25 |
| CN102075547B CN102075547B (en) | 2014-03-26 |
Family
ID=44033890
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110040568.2A Active CN102075547B (en) | 2011-02-18 | 2011-02-18 | Dynamic password generating method and device and authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102075547B (en) |
Cited By (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102347942A (en) * | 2011-07-01 | 2012-02-08 | 飞天诚信科技股份有限公司 | Information safety method based on image acquisition and system thereof |
| CN102368230A (en) * | 2011-10-31 | 2012-03-07 | 北京天地融科技有限公司 | Mobile memory and access control method thereof as well as system |
| CN102377784A (en) * | 2011-11-24 | 2012-03-14 | 飞天诚信科技股份有限公司 | Dynamic password identification method and system |
| CN102377783A (en) * | 2011-11-07 | 2012-03-14 | 飞天诚信科技股份有限公司 | Dynamic password generation and authentication method and dynamic password generation and authentication system |
| CN102387020A (en) * | 2011-10-20 | 2012-03-21 | 北京天地融科技有限公司 | Dynamic password generating device as well as dynamic password implementing method and system |
| CN102387150A (en) * | 2011-10-31 | 2012-03-21 | 北京天地融科技有限公司 | Access control method and system of mobile memory and mobile memory |
| CN102509037A (en) * | 2011-10-10 | 2012-06-20 | 北京宏基恒信科技有限责任公司 | Trading system, method and device |
| CN102592090A (en) * | 2011-12-30 | 2012-07-18 | 深圳市文鼎创数据科技有限公司 | Input method and input device of challenge type dynamic token challenge questions |
| CN102664736A (en) * | 2012-04-13 | 2012-09-12 | 天地融科技股份有限公司 | Electronic cipher generating method, device and equipment and electronic cipher authentication system |
| CN102801724A (en) * | 2012-08-09 | 2012-11-28 | 长城瑞通(北京)科技有限公司 | Identity authentication method combining graphic image with dynamic password |
| CN102970307A (en) * | 2012-12-21 | 2013-03-13 | 网秦无限(北京)科技有限公司 | Password safety system and password safety method |
| CN103020574A (en) * | 2012-11-22 | 2013-04-03 | 北京握奇数据系统有限公司 | OTP (One Time Password) equipment and method combining photographing and bar code indentifying technologies |
| CN103218740A (en) * | 2013-03-13 | 2013-07-24 | 北京宏基恒信科技有限责任公司 | Trading system, method and device using two-dimension codes |
| CN103269328A (en) * | 2013-03-08 | 2013-08-28 | 陈景辉 | Authentication system based on graphic information exchange and method thereof |
| CN103475481A (en) * | 2013-09-06 | 2013-12-25 | 天地融科技股份有限公司 | Token and dynamic password generating method, dynamic password authentication method and system |
| CN103516674A (en) * | 2012-06-21 | 2014-01-15 | 棣南股份有限公司 | Method for rapid online connection to network equipment and manipulator |
| CN103580873A (en) * | 2013-11-15 | 2014-02-12 | 清华大学 | Identity authentication method and system and password protection device |
| CN103745151A (en) * | 2014-01-08 | 2014-04-23 | 杭州晟元芯片技术有限公司 | System and method for authenticating identity through combination of two-dimension codes and dynamic passwords |
| CN104021328A (en) * | 2014-06-24 | 2014-09-03 | 上海众人科技有限公司 | Phishing website identification method and system based on light sensitive technology |
| CN104253689A (en) * | 2013-06-28 | 2014-12-31 | 中国电信股份有限公司 | User identity module card generated dynamic password authentication method and system based on QR (quick response) code |
| CN104394002A (en) * | 2014-12-12 | 2015-03-04 | 恒宝股份有限公司 | Dynamic password authentication method and system |
| CN104395917A (en) * | 2012-05-21 | 2015-03-04 | 金主汉 | Application for using mobile communication terminal as payment terminal, and application service provider system and method |
| JP2016042210A (en) * | 2014-08-13 | 2016-03-31 | 株式会社野村総合研究所 | Authentication system, authentication method, and authentication program |
| JP2016042211A (en) * | 2014-08-13 | 2016-03-31 | 株式会社野村総合研究所 | Authentication system, authentication method, and authentication program |
| CN105721155A (en) * | 2014-12-05 | 2016-06-29 | 北京握奇智能科技有限公司 | Dynamic token data processing method and system |
| JP2016526810A (en) * | 2013-06-12 | 2016-09-05 | クリプトマティック リミテッドCryptomathic Ltd | Systems and methods for encryption |
| CN103684784B (en) * | 2013-12-06 | 2017-01-25 | 上海众人网络安全技术有限公司 | Two-factor identity authentication method based on Chinese character format information |
| CN103647649B (en) * | 2013-12-18 | 2017-03-29 | 上海众人网络安全技术有限公司 | A kind of Dual-factor identity authentication method based on light-wave information |
| JP2017536030A (en) * | 2014-10-21 | 2017-11-30 | ジェムアルト エスアー | Method for accessing services, corresponding first device, second device and system |
| WO2018098925A1 (en) * | 2016-11-29 | 2018-06-07 | 华为技术有限公司 | Method for payment and terminal device |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1682478A (en) * | 2002-10-16 | 2005-10-12 | 微软公司 | Cryptographically secure person identification |
| CN1937498A (en) * | 2006-10-09 | 2007-03-28 | 网之易信息技术(北京)有限公司 | Dynamic cipher authentication method, system and device |
| CN101025806A (en) * | 2006-02-20 | 2007-08-29 | 普天信息技术研究院 | Identity authentication method of fee payment via mobile communication terminal |
| CN101046870A (en) * | 2006-04-27 | 2007-10-03 | 陈龙军 | Method for raising safety of transaction process using two-dimensional code for identifying local cipher |
| CN101252437A (en) * | 2008-01-15 | 2008-08-27 | 深圳市九思泰达技术有限公司 | Dynamic verification method, system and apparatus of client terminal identification under C/S architecture |
| US20090063850A1 (en) * | 2007-08-29 | 2009-03-05 | Sharwan Kumar Joram | Multiple factor user authentication system |
| CN101388066A (en) * | 2007-09-12 | 2009-03-18 | 北京方维银通科技有限公司 | Method for implementing two-dimensional code certification |
| CN101465736A (en) * | 2008-12-31 | 2009-06-24 | 北京中星微电子有限公司 | Identification authentication method and system |
| CN101645775A (en) * | 2008-08-05 | 2010-02-10 | 北京灵创科新科技有限公司 | Over-the-air download-based dynamic password identity authentication system |
| CN101820346A (en) * | 2010-05-04 | 2010-09-01 | 北京飞天诚信科技有限公司 | Secure digital signature method |
-
2011
- 2011-02-18 CN CN201110040568.2A patent/CN102075547B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1682478A (en) * | 2002-10-16 | 2005-10-12 | 微软公司 | Cryptographically secure person identification |
| CN101025806A (en) * | 2006-02-20 | 2007-08-29 | 普天信息技术研究院 | Identity authentication method of fee payment via mobile communication terminal |
| CN101046870A (en) * | 2006-04-27 | 2007-10-03 | 陈龙军 | Method for raising safety of transaction process using two-dimensional code for identifying local cipher |
| CN1937498A (en) * | 2006-10-09 | 2007-03-28 | 网之易信息技术(北京)有限公司 | Dynamic cipher authentication method, system and device |
| US20090063850A1 (en) * | 2007-08-29 | 2009-03-05 | Sharwan Kumar Joram | Multiple factor user authentication system |
| CN101388066A (en) * | 2007-09-12 | 2009-03-18 | 北京方维银通科技有限公司 | Method for implementing two-dimensional code certification |
| CN101252437A (en) * | 2008-01-15 | 2008-08-27 | 深圳市九思泰达技术有限公司 | Dynamic verification method, system and apparatus of client terminal identification under C/S architecture |
| CN101645775A (en) * | 2008-08-05 | 2010-02-10 | 北京灵创科新科技有限公司 | Over-the-air download-based dynamic password identity authentication system |
| CN101465736A (en) * | 2008-12-31 | 2009-06-24 | 北京中星微电子有限公司 | Identification authentication method and system |
| CN101820346A (en) * | 2010-05-04 | 2010-09-01 | 北京飞天诚信科技有限公司 | Secure digital signature method |
Cited By (44)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102347942A (en) * | 2011-07-01 | 2012-02-08 | 飞天诚信科技股份有限公司 | Information safety method based on image acquisition and system thereof |
| CN102509037B (en) * | 2011-10-10 | 2015-05-20 | 北京宏基恒信科技有限责任公司 | Trading system, method and device |
| CN102509037A (en) * | 2011-10-10 | 2012-06-20 | 北京宏基恒信科技有限责任公司 | Trading system, method and device |
| CN102387020A (en) * | 2011-10-20 | 2012-03-21 | 北京天地融科技有限公司 | Dynamic password generating device as well as dynamic password implementing method and system |
| CN102368230A (en) * | 2011-10-31 | 2012-03-07 | 北京天地融科技有限公司 | Mobile memory and access control method thereof as well as system |
| CN102387150A (en) * | 2011-10-31 | 2012-03-21 | 北京天地融科技有限公司 | Access control method and system of mobile memory and mobile memory |
| CN102377783A (en) * | 2011-11-07 | 2012-03-14 | 飞天诚信科技股份有限公司 | Dynamic password generation and authentication method and dynamic password generation and authentication system |
| CN102377783B (en) * | 2011-11-07 | 2014-03-12 | 飞天诚信科技股份有限公司 | Dynamic password generation and authentication method and dynamic password generation and authentication system |
| US9386013B2 (en) | 2011-11-24 | 2016-07-05 | Feitian Technologies Co., Ltd. | Dynamic password authentication method and system thereof |
| CN102377784A (en) * | 2011-11-24 | 2012-03-14 | 飞天诚信科技股份有限公司 | Dynamic password identification method and system |
| CN102377784B (en) * | 2011-11-24 | 2014-06-04 | 飞天诚信科技股份有限公司 | Dynamic password identification method and system |
| CN102592090A (en) * | 2011-12-30 | 2012-07-18 | 深圳市文鼎创数据科技有限公司 | Input method and input device of challenge type dynamic token challenge questions |
| CN102664736A (en) * | 2012-04-13 | 2012-09-12 | 天地融科技股份有限公司 | Electronic cipher generating method, device and equipment and electronic cipher authentication system |
| WO2013152735A1 (en) * | 2012-04-13 | 2013-10-17 | 天地融科技股份有限公司 | Electronic cipher generation method, apparatus and device, and electronic cipher authentication system |
| CN104395917A (en) * | 2012-05-21 | 2015-03-04 | 金主汉 | Application for using mobile communication terminal as payment terminal, and application service provider system and method |
| CN103516674B (en) * | 2012-06-21 | 2016-10-12 | 棣南股份有限公司 | Quickly and the method for network device online and control device |
| CN103516674A (en) * | 2012-06-21 | 2014-01-15 | 棣南股份有限公司 | Method for rapid online connection to network equipment and manipulator |
| CN102801724A (en) * | 2012-08-09 | 2012-11-28 | 长城瑞通(北京)科技有限公司 | Identity authentication method combining graphic image with dynamic password |
| CN103020574A (en) * | 2012-11-22 | 2013-04-03 | 北京握奇数据系统有限公司 | OTP (One Time Password) equipment and method combining photographing and bar code indentifying technologies |
| CN102970307A (en) * | 2012-12-21 | 2013-03-13 | 网秦无限(北京)科技有限公司 | Password safety system and password safety method |
| CN102970307B (en) * | 2012-12-21 | 2016-01-13 | 网秦无限(北京)科技有限公司 | Cipher safety system and password safety method |
| CN103269328A (en) * | 2013-03-08 | 2013-08-28 | 陈景辉 | Authentication system based on graphic information exchange and method thereof |
| CN103218740A (en) * | 2013-03-13 | 2013-07-24 | 北京宏基恒信科技有限责任公司 | Trading system, method and device using two-dimension codes |
| JP2016526810A (en) * | 2013-06-12 | 2016-09-05 | クリプトマティック リミテッドCryptomathic Ltd | Systems and methods for encryption |
| CN104253689B (en) * | 2013-06-28 | 2018-10-23 | 中国电信股份有限公司 | Subscriber card verifying dynamic password method and system based on Quick Response Code |
| CN104253689A (en) * | 2013-06-28 | 2014-12-31 | 中国电信股份有限公司 | User identity module card generated dynamic password authentication method and system based on QR (quick response) code |
| WO2015032248A1 (en) * | 2013-09-06 | 2015-03-12 | 天地融科技股份有限公司 | Token, dynamic password generation method, and dynamic password authentication method and system |
| CN103475481A (en) * | 2013-09-06 | 2013-12-25 | 天地融科技股份有限公司 | Token and dynamic password generating method, dynamic password authentication method and system |
| CN103580873A (en) * | 2013-11-15 | 2014-02-12 | 清华大学 | Identity authentication method and system and password protection device |
| CN103580873B (en) * | 2013-11-15 | 2017-06-06 | 清华大学 | Identity identifying method, system and cipher protection apparatus |
| CN103684784B (en) * | 2013-12-06 | 2017-01-25 | 上海众人网络安全技术有限公司 | Two-factor identity authentication method based on Chinese character format information |
| CN103647649B (en) * | 2013-12-18 | 2017-03-29 | 上海众人网络安全技术有限公司 | A kind of Dual-factor identity authentication method based on light-wave information |
| CN103745151B (en) * | 2014-01-08 | 2017-01-25 | 杭州晟元数据安全技术股份有限公司 | Method for authenticating identity through combination of two-dimension codes and dynamic passwords |
| CN103745151A (en) * | 2014-01-08 | 2014-04-23 | 杭州晟元芯片技术有限公司 | System and method for authenticating identity through combination of two-dimension codes and dynamic passwords |
| CN104021328B (en) * | 2014-06-24 | 2018-02-06 | 上海众人网络安全技术有限公司 | Fishing website discrimination method and system based on light sensation technology |
| CN104021328A (en) * | 2014-06-24 | 2014-09-03 | 上海众人科技有限公司 | Phishing website identification method and system based on light sensitive technology |
| JP2016042211A (en) * | 2014-08-13 | 2016-03-31 | 株式会社野村総合研究所 | Authentication system, authentication method, and authentication program |
| JP2016042210A (en) * | 2014-08-13 | 2016-03-31 | 株式会社野村総合研究所 | Authentication system, authentication method, and authentication program |
| JP2017536030A (en) * | 2014-10-21 | 2017-11-30 | ジェムアルト エスアー | Method for accessing services, corresponding first device, second device and system |
| US10263973B2 (en) | 2014-10-21 | 2019-04-16 | Gemalto Sa | Method for accessing a service, corresponding first device, second device and system |
| CN105721155A (en) * | 2014-12-05 | 2016-06-29 | 北京握奇智能科技有限公司 | Dynamic token data processing method and system |
| CN105721155B (en) * | 2014-12-05 | 2019-01-25 | 北京握奇智能科技有限公司 | A kind of data processing method and system of dynamic token |
| CN104394002A (en) * | 2014-12-12 | 2015-03-04 | 恒宝股份有限公司 | Dynamic password authentication method and system |
| WO2018098925A1 (en) * | 2016-11-29 | 2018-06-07 | 华为技术有限公司 | Method for payment and terminal device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102075547B (en) | 2014-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102075547B (en) | Dynamic password generating method and device and authentication method and system | |
| US8407463B2 (en) | Method of authentication of users in data processing systems | |
| CN105590199B (en) | Payment method and payment system based on dynamic two-dimensional code | |
| US7647279B2 (en) | Method to make transactions secure by means of cards having unique and non-reproducible identifiers | |
| Lee et al. | Online banking authentication system using mobile-OTP with QR-code | |
| CN104835046B (en) | A kind of data false distinguishing method for two-dimension code safe verification | |
| CN104903904B (en) | Bar code authentication for resource request | |
| CN102387020B (en) | Dynamic password generating device as well as dynamic password implementing method and system | |
| CN102752115B (en) | Challenge code generating method and device, dynamic password authentication method and system | |
| CN104464117B (en) | Based on dynamic two-dimension code ATM (automatic teller machine) withdrawal method and system | |
| CN103778728A (en) | Method and system for realizing transaction without bank card through automatic teller machine | |
| EP2693687A1 (en) | Method for generating a code, authorization method and authorization system for authorizing an operation | |
| CN103854170A (en) | Payment system and payment method based on two-dimension code | |
| WO2015000365A1 (en) | Quick payment method and system based on location information | |
| CN102158488A (en) | Dynamic countersign generation method and device and authentication method and system | |
| US20180330367A1 (en) | Mobile payment system and process | |
| US20130018758A1 (en) | Quidlr | |
| Eminagaoglu et al. | A two-factor authentication system with QR codes for web and mobile applications | |
| TWM474207U (en) | Image recognition service system for M-commerce identification | |
| US20140344162A1 (en) | Method and system for enhancing the security of electronic transactions | |
| CN104156855A (en) | Payment method and system | |
| JP2019518265A (en) | System and method for identifying a user using graphical barcodes and payment card authorization readings | |
| KR101242684B1 (en) | User certification system and method for 2 dimensional barcode | |
| EP3369059A1 (en) | Multi-dimensional authentication system and method for cardless banking transactions and other transactions involving high-level security | |
| Shanmugapriyan et al. | Secure electronic transaction using aadhaar based qr code and biometric authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 102211 Beijing city Changping District Baishan town 100 Ge Road No. 9 Building No. 2 hospital Applicant after: Tendyron Technology Co., Ltd. Address before: 100083, B, block 17, golden building, No. 1810 Qinghua East Road, Beijing, Haidian District Applicant before: Beijing Tendyron Technology Co., Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |