CN104778384A - Authorization server, authorization method and computer program product - Google Patents

Authorization server, authorization method and computer program product Download PDF

Info

Publication number
CN104778384A
CN104778384A CN 201410013977 CN201410013977A CN104778384A CN 104778384 A CN104778384 A CN 104778384A CN 201410013977 CN201410013977 CN 201410013977 CN 201410013977 A CN201410013977 A CN 201410013977A CN 104778384 A CN104778384 A CN 104778384A
Authority
CN
Grant status
Application
Patent type
Prior art keywords
authorization
code
remote
initial
authorization server
Prior art date
Application number
CN 201410013977
Other languages
Chinese (zh)
Inventor
陈丽蕙
林意纹
张许龙湫
Original Assignee
全宏科技股份有限公司
英吉宏通有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Abstract

The invention discloses an authorization server, an authorization method and a computer program product. The authorization server is arranged between an electronic device and intermediate equipment in a signal connection way. The authorization server comprises a transmission receiver and a processor, wherein the transmission receiver receives a request message generated by the electronic device; the processor responds to the request message to provide an initial authorization code and generates a server side authorization code according to the initial authorization code, wherein the transmission receiver is used for receiving a remote authorization code obtained according to the initial authorization code after the initial authorization code is transmitted; and the processor authorizes a processing program when a preset condition is true.

Description

授权服务器、授权方法与计算机程序产品 Authorization server, authorization method and computer program product

技术领域 FIELD

[0001] 本发明是有关于一种授权服务器、授权方法与计算机程序产品,且特别是有关于一种搭配电子装置使用的授权服务器、授权方法与计算机程序产品。 [0001] The present invention relates to an authorization server, the authorization method and a computer program product, and more particularly relates to an electronic device for use with the authorization server, the authorization method and a computer program product.

背景技术 Background technique

[0002] 在网络发达的今日,许多自动化服务亦相伴而生。 [0002] In today's network developed, many automated services also hand in hand. 举例而言,金融交易系统即为透过网络,提供用户便捷服务的例子。 For example, financial trading systems that is through the network, providing examples of user convenient services. 对金融机构而言,自动化服务不仅能节省许多营运成本,也能带给使用者更快速与多元的服务。 For financial institutions, automated service will not only save a lot of operating costs, but also bring more rapid and multi-user service.

[0003] 典型的金融交易系统,透过网络银行或是自动柜员机提供自动化的金融服务。 [0003] A typical financial transaction system that provides financial services through a network of automated banking or ATM. 用户无论是利用网络银行或自动柜员机进行自动化交易,金融卡均扮演一个相当重要的角色。 Whether the user is using the Internet to automate the bank or ATM transactions, debit cards have played a very important role. 金融交易系统必须透过金融卡的使用,确认使用者的身分,进而根据用户的帐户信息提供金融服务。 Financial transaction system must be through the use of a debit card to confirm the identity of the user, thereby providing financial services according to the user's account information. 简言之,金融交易系统提供自动化交易的同时,仍须注意身分识别的安全性。 In short, the financial transaction system offers automated trading, while still pay attention to the security of identity recognition.

[0004] 然而,此种交易模式存在一些问题。 [0004] However, such a transaction model has some problems. 诸如,并非每个银行客户都有卡片阅读机与网络银行的交易功能、用户不一定会随身携带金融卡,且银行能设置的自动柜员机数量也有限等。 Such as, not every bank customer has a card reader and transaction banking network function, the user will not necessarily carry debit cards, automated teller machines and the number of banks can set is also limited and so on. 换言之,习用的金融交易系统所提供的自动化服务仍不够便利。 In other words, automated trading systems conventional financial services provided by still not convenient.

[0005] 承上,金融交易系统必须对存户进行身分识别,方能让使用者使用自动化服务。 [0005] deck, financial transaction system must be identifiable to depositors, party allows users to use automated services. 但是,现有的金融交易系统必须透过金融卡对存户进行身分识别,导致使用者仍感不便。 However, the existing system of financial transaction must be identifiable to depositors through debit cards, causing the user remains inconvenience.

[0006] 除了金融系统外,许多授权系统也经常遇到类似的问题。 [0006] In addition to the financial system, many authorization system often encounter similar problems. 即,需要兼顾使用者进行自动化操作时的便利性,与进行授权服务时的安全性问题。 That is, the need to balance user convenience when carried automation, and security issues during the authorization service.

发明内容 SUMMARY

[0007] 本发明是有关于一种授权服务器、授权方法与计算机程序产品,此种授权服务器、授权方法与计算机程序产品兼顾便利性与安全性的考虑。 [0007] The present invention relates to an authorization server, authorization method and computer program product, such authorization server, authorization method and computer program product to consider both convenience and security.

[0008] 根据本发明的第一方面,提出一种授权服务器,包含:一传送接收器,其是接收一请求讯息;以及,一处理器,响应该请求讯息而提供一初始授权码,并根据该初始授权码而产生一伺服端验证码,其中该传送接收器是于传送该初始授权码后,接收根据该初始授权码而得的一远程验证码,且该处理器是于判断一预设条件成立时,授权进行一处理程序。 [0008] According to a first aspect of the present invention, to provide a license server, comprising: a transmission receiver is receiving a request message; and a processor, in response to the initial request message to provide an authorization code, and in accordance with the initial authorization code generate codes a server end, wherein the receiver is transmitted after transmitting the initial authorization code, the remote receiver in accordance with an authorization code to the initial codes obtained, and the processor is within a predetermined determination when the condition is satisfied, authorize a handler.

[0009] 根据本发明的第二方面,提出一种授权方法,应用于一授权服务器,该授权方法包含以下步骤:响应一请求讯息而提供一初始授权码;根据该初始授权码而产生一伺服端验证码;接收根据该初始授权码而得的一远程验证码;以及,在该远程验证码与该伺服端验证码符合一预设条件时,授权进行一处理程序。 [0009] According to a second aspect of the present invention, the authorization to provide a method applied to an authorization server, the authorization method comprising the steps of: in response to an initial request message and providing an authorization code; generating a servo authorization code based on the initial terminal authentication code; receiving the estimated initial code is obtained by a remote authorization codes; meet a predetermined condition, and when in the remote authentication code with the authentication code server end, a processing program authorized.

[0010] 根据本发明的第三方面,提出一种授权方法,应用于一电子装置,该授权方法包含以下步骤:传送一请求讯息;接收响应该请求讯息而产生的一初始授权码;根据该初始授权码而产生一远程验证码;以及,将该远程验证码透过经由一中间装置而传送至一授权服务器,其中且该授权服务器根据该远程验证码而判断一预设条件成立时,授权进行一处理程序。 [0010] According to a third aspect of the present invention, the authorization to provide a method applied to an electronic device, the authorization method comprising the steps of: transmitting a request message; receiving a response to the request message generated by an initial authorization code; According to this the initial code to generate a remote authorization codes; and the time, and transmits the remote verification code via an intermediate means to an authorization server, and wherein the remote authorization server based on the authentication code is judged a predetermined condition is satisfied, the authorization be a handler.

[0011] 根据本发明的第四方面,提出一种计算机程序产品,其上储存有一软件程序,该软件程序执行时将使具有一控制器的一电子装置进行一授权方法,该授权方法包括下列步骤:传送一请求讯息;接收响应该请求讯息而产生的一初始授权码;根据该初始授权码而产生一远程验证码;以及,将该远程验证码透过一中间装置传送至一授权服务器,其中,该授权服务器根据该远程验证码而判断一预设条件成立时,授权进行一处理程序。 [0011] According to a fourth aspect of the present invention, a computer program product is proposed, which stores a software program, will cause an electronic device having a controller performing a method of authorizing the software program when executed, the method comprises the authorization steps of: transmitting a request message; receiving a response to the request message generated by an initial authorization code; generating a remote authorization codes based on the initial code; and, the remote verification code via an intermediate means to an authorization server, wherein the remote authorization server based on the authentication code is judged when a predetermined condition is satisfied, to authorize a processing program.

[0012] 为了对本发明的上述及其他方面有更佳的了解,下文特举较佳实施例,并配合所附图式,作详细说明如下: [0012] In order to have a better understanding of the above and other aspects of the invention, several preferred embodiments hereinafter, and the accompanying figures, described in detail below:

附图说明 BRIEF DESCRIPTION

[0013]图1,其是本发明第一实施例的授权系统的示意图。 [0013] FIG. 1, which is a schematic view of a first embodiment of the authorization system embodiment of the present invention.

[0014]图2A、图2B,其是本发明第一实施例的授权系统的示意图。 [0014] FIGS. 2A, 2B, which is a schematic view of a first embodiment of the authorization system embodiment of the present invention.

[0015] 图3,其是电子装置提供行动银行功能选项的示意图。 [0015] FIG. 3 shows a schematic diagram of the electronic device to provide the mobile banking options.

[0016] 图4A,其是用户利用电子装置选取提款账号的示意图。 [0016] Figures 4A, which is a schematic diagram of an electronic device using the selected user account withdrawals.

[0017] 图4B,其是用户利用电子装置输入提款金额的示意图。 [0017] FIG. 4B, which is a schematic view of an electronic device using the user input withdrawal amount.

[0018] 图5,其是授权服务器透过简讯传送初始授权码至电子装置的示意图。 [0018] FIG. 5, which is the initial authorization server transmits an authorization code to the schematic diagram of the electronic device via SMS.

[0019] 图6,其是电子装置提供无卡提款功能选项的示意图。 [0019] FIG. 6 is a schematic view of an electronic device which provides a non-card withdrawal options.

[0020] 图7A,其是使用者选择取得远程验证码的功能选项的示意图。 [0020] Figures 7A, which is a schematic diagram of the functional items the user selects remote acquisition codes.

[0021] 图7B,其是使用者输入初始授权码的示意图。 [0021] 7B, the user input is a schematic diagram which initial authorization code.

[0022] 图7C,其是电子装置显示远程验证码的示意图。 [0022] to Figure 7C, which is a schematic diagram of a remote electronic device displays a verification code.

[0023] 图8A,其是使用者经由自动柜员机输入初始授权码的示意图。 [0023] FIGS. 8A, which is a schematic view of an initial user input authorization code via the ATM.

[0024] 图8B,其是使用者经由自动柜员机输入远程验证码的示意图。 [0024] 8B, a schematic diagram which is a remote user to enter a verification code via ATM.

[0025] 图9,其是利用智能型芯片搭配手机的示意图。 [0025] FIG. 9, which is a schematic view of a chip with smart phone use.

[0026]图10,其是本发明第二实施例的授权系统的示意图。 [0026] FIG. 10 shows a schematic diagram of the authorization system of the second embodiment of the present invention.

[0027] 图11,其是本发明的授权系统的示意图。 [0027] FIG. 11 shows a schematic diagram of the authorization system according to the present invention.

[0028] 图12,其是本发明的授权方法的流程图。 [0028] FIG. 12, which is a flowchart of a method of the present invention is authorized.

[0029]【符号说明】 [0029] EXPLANATION OF SYMBOLS

[0030] 电子装置21 中间装置25[0031 ] 授权服务器23、43 内部网络29 [0030] The electronic device 21 means the intermediate 25 [0031] 23 and 43 of the internal network 29. The authorization server

[0032] 电信网络27 SM卡81 [0032] telecommunications network 27 SM card 81

[0033] 智能型贴片83 手机85 [0033] smart phone patch 83 85

[0034] 第一手机41 第二手机45 [0034] 41 of the first mobile phone handset 45 second

[0035] 电信网络47、49 处理器131 [0035] 47, 49 telecommunications network processor 131

[0036] 传送接收器133 [0036] The receiver 133 transmits

具体实施方式 detailed description

[0037] 为便于说明,以下以金融交易系统做为授权系统的举例。 [0037] For ease of explanation, the financial transaction system as an example authorization system. 此处说明使用者可在不使用金融卡的情况下,利用电子装置进行取款程序。 Described herein may be in the user without the use of debit cards, electronic devices using the withdrawal procedure. 然而,本发明的授权方法亦可被广泛的应用于其它类型的金融交易程序,以及,各种类型的授权系统。 However, the authorization process of the present invention may also be widely applied to other types of financial trading programs, and various types of authorization system. 如前所述,授权系统必须考虑安全性与便利性。 As mentioned earlier, the authorization system must take into account the safety and convenience. 为此,本发明的授权服务器,让用户利用方便携带的电子装置(例如:手机),更便捷的对使用者的身分进行验证。 To this end, the present invention authorization server, allowing users to make use of portable electronic devices (eg: mobile phone), more convenient for the user to verify identity. 此外,本发明透过由授权服务器与电子装置分别产生验证码后,再进行比对的方式,故能维持授权服务器的安全性。 Further, the present invention is transmitted through the codes generated by the authorization server and the electronic device, respectively, then alignment manner, it can maintain the security of the authorization server.

[0038] 根据本发明的第一实施例,使用者可搭配使用自动柜员机与手机进行提款程序。 [0038] According to a first embodiment of the present invention, a user may be used with the mobile phone ATM withdrawal procedure. 在此实施例中,金融交易系统(授权系统)包含:自动柜员机(中间装置)与金融平台(授权服务器)。 In this embodiment, the financial transaction system (authorization system) comprising: ATM (intermediate device) and the financial platform (authorization server). 金融交易系统透过用户的手机(电子装置),验证用户的身分与权限。 Financial transaction system through the user's mobile phone (electronic device), verify the user's identity and authority. 本发明的授权方法能以更便利的方式,验证使用者的身分。 The method of the present invention can be authorized in a more convenient way to verify a user's identity.

[0039] 请参见图1,其是本发明以金融交易系统作为第一实施例的示意图。 [0039] Referring to FIG. 1, which is a financial transaction system of the present invention in a schematic view of a first embodiment. 其中,电子装置21与授权服务器23间,透过电信网络而信号连接;授权伺服23器与中间装置25间,透过内部网络29而信号连接。 Wherein, the electronic device 21 and the authorization server 23, and the signal is connected through a telecommunication network; authorized servo 23 with the intermediate means 25, the internal network 29 via the signal connection. 在电子装置21与中间装置25间,可利用近距离传输而信号连接。 In the electronic apparatus 21 and the intermediate device 25 can be connected by short-range signal transmissions. 或者,由持有电子装置21的用户,手动对中间装置25的输入接口操作。 Alternatively, the user holds the electronic device 21, the manual operation of the input interface 25 of the intermediate apparatus. 关于授权系统与电子装置间的详细步骤,可参看图2A、图2B的说明。 Detailed step between the authorization system and the electronic device can be found in FIGS. 2A, FIG. 2B described.

[0040] 请参见图2A、图2B,其是本发明第一实施例的授权系统的示意图。 [0040] Referring to FIG. 2A, 2B, which is a schematic view of a first embodiment of the authorization system embodiment of the present invention. 图2A、图2B分别以三个纵轴代表电子装置21、中间装置25、授权服务器23在时间轴上的动作。 FIGS. 2A, 2B respectively, three vertical axis represents the electronic device 21, the intermediate means 25, 23 on the time axis operation authorization server. 若进行的动作涉及两个装置时,则以箭头方向表示。 If the operation performed involves two devices, the direction of the arrow indicates places.

[0041] 为便于说明,此处以图1的架构为基础,说明图2A、图2B的流程。 [0041] For convenience of explanation, herein by the architecture of Figure 1 is based, described FIGS. 2A, 2B of the flow of FIG. 并且,于说明流程时搭配,图3、图4A、图4B、图5、图6、图7A、图7B、图7C、图8A、图8B说明电子装置21与中间装置25的执行页面。 Further, in the description of the flow with, FIG. 3, 4A, 4B, and 5, 6, 7A, 7B, the FIG. 7C, 8A, 8B illustrate the electronic device 21 perform page 25 and the intermediate apparatus.

[0042] 首先,用户透过应用软件选取行动银行功能选项(步骤S211、图3)。 [0042] First, the user selects Mobile Banking options (step S211, Fig. 3) through the application of software. 接着,图4A代表使用者选择要自电子货币包进行提款。 Next, FIG. 4A represents the user to select the electronic money from the ATM packets. 图4B则假设使用者输入所欲提款的金额为100元。 4B, if the user enters the desired amount $ 100 withdrawal. 此处,将使用者进行的这些操作,进一步转换为一请求讯息。 Here, the user performs these operations, and further converted into a request message. 换言之,请求讯息相当于用户需要进行的交易内容。 In other words, the equivalent of the transaction request message content of user needs. 例如:使用者A选择自电子货币包提领100元。 For example: A user selecting the package from the electronic money withdraw $ 100. 电子装置21根据用户的操作,对应产生提款的请求讯息(步骤S212)。 The electronic device 21 according to a user's operation, corresponding to the withdrawal request message is generated (step S212). 基于安全性的考虑,电子装置21可对请求讯息进行加密(步骤S213)后,再将加密后的请求讯息经由电信网络27传送至授权服务器23(步骤S214)。 After the electronic device 21 may be encrypted (step S213) based on the consideration of security request message, the request message and then transmits the encrypted via the telecommunications network 27 to the authorization server 23 (step S214).

[0043] 授权服务器23在接收加密后的请求讯息(步骤S231)后,解密得出请求讯息的内容(步骤S232)。 [0043] The authorization server 23 in the request message (step S231) after receiving the encrypted message decrypts the obtained content request (step S232). 例如,授权服务器23对请求讯息进行解密后,判断请求讯息由用户A传出,且使用者A希望提款100元。 For example, authorization server 23 pairs after decrypting request message, the outgoing message if the request by the user A, and user A wishes to withdraw $ 100.

[0044] 接着,授权服务器23将判断使用者A的账号是否存在,以及,使用者A的账户余额,是否足以支付此次提款交易所欲提领的金额。 [0044] Next, the authorization server 23 will determine whether there is the account of the user A, as well as, user A's account balance, sufficient to cover the amount of the withdrawals Exchange For dereferenceable. 亦即。 that is. 授权服务器23将判断传送请求讯息的用户,其账号是否存在授权数据库中。 The authorization server 23 determines that the user of the transfer request message, whether there is an account which the authorization database. 并且,授权服务器23将判断请求讯息的内容,是否符合使用者账号所对应的一权限。 In addition, authorization server 23 will determine the contents of the request message is consistent with a corresponding user account permissions.

[0045] 若授权服务器23判断使用者账号不存在,或使用者账号虽然存在,但是使用者所欲进行的操作超出使用者的权限时,授权服务器23可透过简讯服务(Short messageservice,简称为SMS)传送一错误提示讯息至用户A的手机。 [0045] The authorization server 23 determines if the user account does not exist or the user account, although present, but the operation performed by the user exceeds the desired user privileges, authorization server 23 may be a service via SMS (Short messageservice, Acronym SMS) sends an error message to the user a's mobile phone. 针对这种情形,授权流程可直接终止。 In view of this situation, the authorization process can be terminated directly. 若授权服务器23判断使用者账号存在,且使用者所欲进行的操作符合使用者的权限时,授权服务器23则产生一初始授权码。 The authorization server 23 determines if the user account exists, and the operation performed by the user desired to meet user privileges, authorization server 23 generates an initial authorization code. 因此,步骤S233为,授权服务器23选择性的提供初始授权码。 Thus, for the step S233, the authorization server 23 to provide the initial selectivity authorization code.

[0046] 由授权服务器23产生的初始授权码,可透过SMS传送至电子装置21 (步骤S2344)。 [0046], may be transmitted by the initial authorization server 23 generates the authorization code through the SMS 21 (step S2344) of the electronic device. 基于安全性的考虑,授权服务器23传送初始授权码时,进一步限定一预设期间。 Based security considerations, initial authorization server 23 transmits an authorization code, a predetermined period is further defined. 使用者在接收到初始授权码后,必须在预设期间内完成后续的授权流程。 After receiving the initial user authorization code, the authorization process must be completed in a subsequent predetermined period. 即,用户必须在默认期间内,将电子装置21产生的远程验证码,透过中间装置25传送至授权服务器23。 That is, the user must be within the default time, the remote authentication code generated by the electronic device 21, device 25 is transmitted to authorization server 23 through the intermediary. 预设期间的长短,并不需要被限定,例如:可假设预设期间为5分钟或30分钟等。 The default length of the period, does not need to be defined, for example: it may be assumed for a preset period of 5 minutes or 30 minutes and the like.

[0047] 例如,图5代表授权服务器透过SMS通知使用者,初始授权码为874243。 [0047] For example, Figure 5 represents the authorization server notifies the user through the SMS, initial authorization code is 874243. 此外,使用者亦被通知需于2013 / 5 / 1813: 28的时点前,利用电子装置21产生远程验证码、完成传送远程验证码。 In addition, the user was also required to inform 2013/5/1813: 28 time points before, the use of remote electronic device 21 generates codes, codes remote transfer is completed.

[0048] 如图6所示,假设使用者在收到SMS后,选择进行无卡提款。 As shown in [0048] FIG. 6, if a user after receipt of the SMS, no selection card withdrawal. 此时,电子装置21将以初始授权码为基础,进行一次性密码产生程序,进而产生远程验证码(步骤S215)。 In this case, the initial authorization code 21 will be based on the electronic device, a one-time password generator, thereby generating a remote codes (step S215). 图7A代表使用者选择进行取得远程验证码的功能选项;图7B为电子装置21显示输入初始授权码的画面后,使用者输入874243的初始授权码;以及,图7C为电子装置21根据874243的初始授权码,进行一次性密码产生程序而产生的远程验证码193141。 FIG. 7A function item means that the user selected for the remote acquisition of codes; FIG. 7B is a rear electronic device displays an input screen 21 of the initial authorization code, the user inputs the initial authorization code 874243; and, FIG. 7C is an electronic device 21 according to the 874 243 the initial authorization code, a one-time password generator generates a remote codes 193,141.

[0049] 实际应用时,前述流程的各个步骤还可采用不同的方式实现。 [0049] In practice, the various steps of the process may also be implemented in different ways. 例如,SMS固然是授权服务器23将错误提示码、初始授权码等讯息传至电子装置21的一种传送媒介。 E.g., SMS authorization server 23 is of course error code, authorization code and other messages transmitted initial electronic device 21 of the transmission medium. 然而,其他类型的传送方式如空中传送(On the air,简称为OTA)、实时传讯软件(例如:WhatsApp、Line等)、电子邮件等,也都能作为传讯方式的一种媒介。 However, other types of transfer methods, such as over the air (On the air, referred to as OTA), instant messaging software (eg: WhatsApp, Line, etc.), e-mail, etc., also can be used as a medium for communications method.

[0050] 再者,电子装置21所提供的一次性密码产生程序,可以透过应用软件在接收初始授权码后自动执行。 [0050] Moreover, the 21-time password generator to provide an electronic apparatus, can be automatically performed after receiving the authorization code through the initial application. 或者,电子装置21提供操作页面,让使用者手动输入初始授权码,并在选取确认后,再进一步产生远程验证码。 Alternatively, the electronic device 21 provides operating page, allow a user to manually enter the initial authorization code, and select the confirmation, further generates a remote codes. 须留意的是,应用软件的实现方式与储存媒介并不需要被限定,并能由本案所属技术领域的技术人员自行代换。 We should be aware that the implementation of the application software storage medium does not need to be defined, and can be substitution by one skilled in the art relevant to the case itself.

[0051] 经由手机产生远程验证码后,使用者将初始授权码与远程验证码输入至中间装置(步骤S216、步骤S217)。 [0051] After generating the verification code via the remote handset, an initial user authorization code to the remote device to the intermediate authentication code input (step S216, the step S217). 图8A为自动柜员机的屏幕显示的提示讯息,让用户透过实体按键、触控屏幕等输入接口,手动输入初始授权码。 8A is a prompt message to the ATM screen display, so that a user input interface, via the authorization code manually enter the initial physical buttons, a touch screen or the like. 使用者输入874243并按下确认后,自动柜员机的屏幕将显示图8B的提示画面。 After the user inputs 874,243 and press OK, the ATM prompts the screen to display the screen of FIG. 8B. 用户再根据手机屏幕显示的远程验证码,手动输入至自动柜员机。 The mobile phone user then displayed on the screen remote authentication code, manual input to the ATM.

[0052] 除了利用手动输入方式外,手机与自动柜员机之间也可能采用近距离传输而进行初始授权码与远程验证码的传送与接收。 [0052] In addition to using the manual input mode, the phone between the ATM and may be transmitted with the received authorization code with the original code using remote verification close transmission. 近距离传输可为:无线网络、近场通讯(NearField Communicat1n,简称为NFC)等方式。 Short distance transmission can: WiFi, near field communication (NearField Communicat1n, referred to as NFC) and other means.

[0053]自动柜员机在接收初始授权码与远程验证码后,将初始授权码与远程验证码传送至授权服务器(步骤S252)。 [0053] After receiving an initial ATM authorization code and a remote authentication code, authorization code and the initial code sent to the remote authorization server (step S252). 授权服务器23进一步判断预设条件是否成立(步骤S236)。 Authorization server 23 further determines whether a preset condition is satisfied (step S236).

[0054] 预设条件包含两个判断,其一为,产生初始授权码与接收远程验证码的期间是否小于预设期间;其二为,远程验证码与授权服务器自身产生的伺服端验证码是否符合。 [0054] predetermined condition comprises determining two, one is generated during the initial authorization code with the received remote codes is less than a predetermined period; other is, the server end and the remote authorization server authentication code generated by itself whether the codes meets the. 当这两个判断结果均为肯定时,才视为预设条件成立。 When these two judgment results are positive, it regarded as pre-conditions are met. 其中,当第一个判断的结果为否定时,代表授权服务器23太晚接收到远程验证码。 Wherein, when the result of the first determination is negative, representative of the authorization server 23 to the remote codes received too late. 此时,授权服务器23将中断用户的提款程序,目的是防止初始授权码的流失。 At this time, the authorization server 23 will interrupt the user's withdrawal procedures in order to prevent the loss of the original authorization code. 再者,进行第二个判断更能进一步确保提款程序的安全性。 Furthermore, a second judge more further ensure the security of the withdrawal process.

[0055] 为了提升数据传输的安全性,本案的授权服务器23与电子装置21根据一次性密码(One Time Password,简称为OTP)产生程序,对初始授权码进行运算后,产生远程验证码。 [0055] In order to enhance the security of data transmission, the authorization server 23 and the case 21 of the electronic device in accordance with one-time password generation program (One Time Password, referred to as the OTP), after the initial operation of the authorization code, generating a remote codes. 一次性密码产生程序属于动态产生密码的作法,对应产生的计算结果是不可预测的。 One-time password generator to generate a dynamic password belonging to practice, the corresponding calculation result produced is unpredictable. 由于授权服务器23与电子装置21是根据相同的初始授权码,各自进行一次性密码产生程序。 Since the authorization server 23 and the electronic device 21 is based on the same initial authorization codes, each one-time password generator. 因此,两者分别产生的伺服端验证码与远程验证码应彼此一致。 Accordingly, both ends of the servo codes generated respectively with the remote codes should coincide with each other. 如果授权服务器23产生的伺服端验证码,与所接收的远程验证码彼此不一致,可能是远程验证码传送时受到干扰,则授权流程将中断。 If the server end of the authorization server 23 generates a verification code coincide with each other and remote codes the received interference may be remote verification code, the authorization process will be interrupted.

[0056] 当预设条件被判断为成立时,授权服务器23才认可用户希望进行的提款程序。 [0056] When a predetermined condition is judged to be established, the authorization server 23 was approved withdrawal of the program the user wants to perform. 之后,授权服务器23将授权由中间装置25进行处理程序(步骤S237),以及,由中间装置25提供电子装置21所需的处理程序(步骤S253)。 Thereafter, the authorization server to authorize the processing program 23 (step S237) by the intermediary device 25, and a processing program required for providing the electronic device 21 (step S253) by the intermediary device 25. 其中,处理程序为,响应电子装置21产生的请求讯息而提供的服务内容。 Wherein the handler is a response to the request message generated by the electronic device 21 provided services. 例如:提供现钞100元。 For example: providing cash 100.

[0057] 更进一步的,若用户希望进行多笔金融交易时,类似的流程将反复进行。 [0057] Further still, if the user wishes to carry out multi-pen financial transactions, a similar process will be repeated. 假设用户希望进行三笔金融交易,则,电子装置21将针对这三笔金融交易产生三个相对应的请求讯息。 Assume that the user wishes to three items of financial transactions, the electronic device 21 will generate three corresponding request message for these three items of financial transactions. 授权服务器23将针对这三个请求讯息而提供三笔初始授权码。 Authorization server 23 for three three items requested to provide initial message authorization code. 这三笔初始授权码由授权服务器23经过一次性密码产生程序而产生三笔伺服端验证码;以及,由电子装置21产生三笔远程验证码。 Three authorization code by the amount of initial authorization server 23 through the one-time password generator generates three items servo terminal authentication code; and generating three items remotely by the electronic device 21 codes. 当授权服务器23透过中间装置25接收这三笔远程验证码后,分别判断这三笔远程验证码的接收是否符合预设条件。 When the server 23 receives the three authorization pen remote codes through the intermediary device 25, respectively, determines the three received codes remote pen meets a preset condition.

[0058] 由于这三笔金融交易均有对应的初始授权码,即使这三笔金融交易产生的时点相当接近,授权服务器23仍可明显区别这三笔金融交易。 [0058] Since the initial authorization codes which have three items corresponding to a financial transaction, even though the three point pen very close to the financial transaction generated, the authorization server 23 can still significant difference between the three items of financial transactions. 再者,由于这三笔金融交易为各自独立,因此,可能产生仅有一笔金融交易顺利通过授权;三笔金融交易均通过授权;或者,三笔金融交易均未通过授权等情形。 Furthermore, since these three items of financial transactions independently, therefore, it may produce only a sum of financial transactions passed the authorization; three items through financial transactions are authorized; or three items did not pass the authorization of financial transactions and other circumstances.

[0059] 实际应用时,由电子装置21使用的应用软件(例如:行动银行),可运作于一般的嵌入式操作系统(例如=Android)使用。 [0059] In practice, the application software used by the electronic device 21 (for example: Mobile Banking), can operate in the general embedded operating system (eg = Android) use. 或者,应用软件也可能是由电子装置中,相对底层的组件所提供。 Alternatively, the application software may be, relative to the underlying components by the electronic device. 例如:在SM卡或Micro SM卡储存应用软件。 For example: in the Micro SM SM card or store card application software. 此外,应用软件还可透过一种智能型贴片(smart film) 83提供。 In addition, the application also provides 83 (smart film) through an intelligent patch. 智能型贴片83是一种大小与客户识别模块(SubscriberIdentity Module,简称为SIM)卡相当,但厚度极薄的一种电路。 Intelligent patch 83 is of a size and a subscriber identity module (SubscriberIdentity Module, abbreviated as SIM) card equivalent to a circuit but very thin. 智能型贴片可提供授权流程所需的应用软件。 Intelligent patch may provide application software required authorization process.

[0060] 请参见图9,其是利用智能型芯片搭配手机的示意图。 [0060] Referring to FIG 9, which is a schematic view of a chip with the use of smart phones. 就外观而言,智能型贴片83为一薄片,其表面上的接点配置方式与SM卡81的接点配置方式一致。 For the appearance, of an intelligent patch sheet 83, which is consistent with the contacts arranged on the surface of the contact arrangement 81 and SM card manner.

[0061] 此外,智能型贴片83的接点Cl〜CS可导通其上下两侧。 [0061] In addition, the intelligent patch Cl~CS contacts 83 may be turned on its upper and lower sides. 智能型贴片83被用来贴附于SIM卡与插槽的接点间,并能兼容于SIM卡的电路。 Intelligent patch 83 is attached to and in between the contacts of the SIM card slot, and the circuit can be compatible with the SIM card.

[0062] 众所周知,手机85必须搭配SM卡81才能提供各种电信服务,因此,所有的手机85都具有SIM卡插槽。 [0062] As we all know, the phone must be used with SM 85 card 81 to provide various telecommunication services, therefore, all 85 phones have SIM card slot. 通过智能型贴片83提供行动银行功能时,并不需要考虑电信营运商、通讯装置的型式或SIM卡的型式,是一种相当便利的实现方式。 Providing mobile banking functions through intelligent patch 83, does not need to consider the type of pattern or SIM card telecom operators, communication devices, it is a very convenient way to achieve.

[0063] 再者,本发明的第二实施例,则是针对自动柜员机的设置尚不普及的地区而提出。 [0063] Further, the second embodiment of the present invention, it is provided for the ATM is not the region proposed widespread. 在这些地区,金融机构可与私人或其他业者(以下称,代理商)建立合作关系,当一般个人希望进行金融交易时,可以寻求这些代理商的协助。 In these areas, financial institutions and other private or industry (hereinafter referred to as agents) partnership, when the general individual wishes to conduct a financial transaction, it can seek the assistance of these agents.

[0064] 请参见图10,其是本发明第二实施例的授权系统的示意图。 [0064] Referring to FIG. 10, which is a schematic view of a second embodiment of the authorization system of the present invention. 此处仍假设使用者只持有手机(第一手机41)而无金融卡。 The assumption still holds only a mobile phone user (the first mobile phone 41) without a debit card. 另一方面,假设代理商提供代理商设备(第二手机45)。 On the other hand, assuming that the agents agents to provide equipment (45 second phone). 在此种情况下,第二手机45扮演中间装置的角色。 In this case, the second mobile phone 45 play the role of intermediary devices.

[0065] 第二手机45可透过触控面板或按键等方式提供输入接口。 [0065] The second handset 45 provides an input interface through buttons or a touch panel like manner. 通过输入接口,用户或代理商可进行输入操作。 Through the input interface, the user can perform an input operation or agents. 据此,第二手机45能取得初始授权码与远程验证码。 Accordingly, the second mobile phone 45 can obtain the initial authorization code and remote verification code. 此外,第二手机还包含传送模块,用于将初始授权码与远程验证码传送至授权服务器43。 Further, the second mobile phone further comprises transfer means for transferring the initial authorization code and the remote authorization server 43 to the verification code.

[0066] 同样的,在此实施例中,第二手机45也能透过SM卡搭配智能型贴片的方式,以内建于智能型贴片的应用软件,让中间装置参与授权流程。 [0066] Also, in this embodiment, the mobile phone 45 but also with a second intelligent patch way through SM card, built-in applications in smart patch, so that the intermediate apparatus involved in the authorization process. 当然,第二手机45参与授权流程所采用的应用软件,也可能运作于手机内建的嵌入式操作系统,或者,由SIM卡提供的底层软件执行。 Of course, the second mobile phone software application 45 involved in the authorization process used, it may operate in the phone built-in embedded operating system, or the underlying software provided by the SIM card to perform. 此部分的作法可类推前述说明,此处不再详述。 This approach portion may analogy foregoing description, not described in detail here.

[0067] 在此实施例例中,第一手机41具有第一智能型贴片41a,第一手机41透过电信网络47而信号连接于授权服务器43。 [0067] In this example embodiment, the first phone 41 having a first intelligent patch 41a, the first mobile phone 4147 and the signal 43 through an authorization server connected to a telecommunication network. 第二手机45具有第二智能型贴片的45a,中间装置45透过电信网络49而信号连接于授权服务器43。 The second mobile phone 45 having a second intelligent patch 45a, the intermediate device 45 through the telecommunication network 49 and the signal 43 is connected to the authorization server. 在此实施例中,第一手机41、第二手机45、授权服务器43之间的互动大致与第一实施例相似,此处不再赘述。 In this embodiment, the first mobile phone 41, the second mobile phone 45, the interaction between the authorization server 43 is substantially similar to the first embodiment will not be repeated here.

[0068] 然而,在第二实施例中,使用者还可透过口头方式,告知代理商,由代理商在第二手机45输入初始授权码与远程验证码。 [0068] However, in the second embodiment, the user may be via oral, inform agents enter the initial authorization code with codes in the remote phone 45 by the second agent. 其后,第二手机45再将初始授权码与远程验证码传送至授权服务器43。 Thereafter, the second mobile phone 45 then initial authorization code with the authorization code sent to the remote server 43. 与第一实施例相较,在第二实施例中,第二手机45取得初始授权码与远程验证码的方式更为弹性。 Compared with the first embodiment, in the second embodiment, the second embodiment the mobile phone 45 initially made with a remote authorization code verification code more flexible.

[0069] 在此实施例中,当授权服务器43判断预设条件为符合时,授权服务器43可传送一简讯至第二手机45,通知代理商可以进行使用者所请求的业务内容。 [0069] In this embodiment, when the authorization server 43 determines a predetermined condition is met, the authorization server 43 may transmit a text message to the second mobile phone 45 can notify the agent service content requested by the user. 此外,授权服务器43也可同时传送一简讯第一手机41,藉以通知用户该笔交易内容已经获得授权。 In addition, the authorization server 43 may also send a text message while the first mobile phone 41, in order to inform the user that the transaction has licensed content. 由于使用者也会收到简讯,因而能避免代理商在代理执行金融业务时犯错。 Since the user will receive a text message, which can avoid mistakes agent when the agent to perform financial services.

[0070] 在此实施例中,使用者与服务提供商的手机,均使用既有的电信网络。 [0070] example, mobile phone users and service providers in this embodiment, both the use of existing telecommunications networks. 甚至,使用者不需要奔波往来于金融机构或找寻自动柜员机,即能完成许多金融交易。 Indeed, users do not need to run around looking for dealings with financial institutions or ATM, that is able to perform many financial transactions. 对金融机构而言,并不需要花费装设自动柜员机的成本,即可让代理商进行代收、代付等金融交易的业务内容。 For financial institutions do not need to spend the cost of installation of an automatic teller machine, so that agents can conduct business content of the collection, payment and other financial transactions.

[0071 ] 附带一提的是,在第二实施例中,第二手机45与授权服务器43之间并不是透过内部网络而进行数据交换。 [0071] Incidentally, in the second embodiment, the second mobile phone 45 and the server 43 is not authorized to perform the data exchange via the internal network. 因此,第二手机45将初始授权码与远程验证码传送至授权服务器43的方式;以及,授权服务器43通知代理商的方式,并不以简讯为限。 Thus, the second mobile phone 45 initial authorization code and remote verification code to authorize the server 43; and the authorization server 43 notify the agent of way, it is not limited to text messages. 例如,其他类型的传送方式如空中传送(On the air,简称为OTA)、实时传讯软件(例如:WhatsApp、Line等)、电子邮件等,也都能被采用。 For example, other types of transfer methods, such as over the air (On the air, referred to as OTA), instant messaging software (eg: WhatsApp, Line, etc.), e-mail, etc., it can also be used.

[0072] 请参见图11,其是本发明授权服务器与电子装置、中间装置的示意图。 [0072] Referring to FIG. 11, which is a license server and the electronic apparatus according to the present invention, a schematic view of an intermediate device. 本发明的授权服务器13与电子装置11、中间装置15信号连接,且授权服务器13包含处理器131与传送接收器133。 The authorization server 13 of the present invention, the electronic device 11, the intermediate signal connection means 15, and the authorization server 13 includes a processor 131 and receiver 133 transmit. 其中,传送接收器133信号连接于电子装置11与中间装置15。 Wherein the transmit signal receiver 133 connected to the electronic device 11 and the intermediate device 15.

[0073] 传送接收器133用于接收电子装置11传送的请求讯息。 [0073] The transmission request receiver 133 for receiving messages transmitted by the electronic device 11. 处理器131响应请求讯息而提供初始授权码,并根据初始授权码而产生伺服端验证码。 In response to processor 131 to provide an initial authorization code, and generates a servo codes from the initial end of the authorization code request message. 其中传送接收器133是于传送初始授权码后,接收根据初始授权码而得的远程验证码。 Wherein the receiver 133 is transmitted after transmitting the initial authorization code, receiving a remote codes obtained according to the initial authorization code. 其后,处理器131是于判断预设条件成立时,授权由中间装置15执行处理程序。 Thereafter, processor 131 determines when a predetermined condition established in authorizing the execution of the handler 15 by the intermediate device. 需留意的是,前述的两个实施例所述的电子装置11虽以手机为例,但其它类型的电子装置11亦可搭配使用。 Need to be noted that, two of the electronic device 11 described in the embodiment, although an example mobile phone, but other types of electronic devices 11 may also be used with.

[0074] 在图11中,授权服务器13与电子装置11透过电信网络(未绘式)而彼此信号连接。 [0074] In FIG. 11, the authorization server 13 and the signal 11 is connected to another electronic device via a telecommunication network (not formula). 根据应用的不同,中间装置13可能透过电信网络(未绘式)或内部网络(未绘式)而信号连接于授权服务器13。 Depending on the application, the intermediate device 13 may be transmitted through a telecommunication network (not type) or an intranet (not type) while the signal 13 is connected to the authorization server. 根据前述实施例,图11以步骤的编号,代表在中间装置15、授权服务器13与电子装置11间,动作的先后顺序,并以箭头方向代表各个装置间的互动。 According to the foregoing embodiment, the step numbers in FIG. 11, represents an intermediate device 15, the authorization server 11 and the electronic device 13, the operation of the order, and in the direction of arrow represents the interaction between the individual devices. 关于此图式的箭头与对应的步骤,请一并参看图12的说明。 Corresponding to the arrow on the drawings of this step, see reference to FIG. 12 described together.

[0075] 请参见图12,其是本发明的授权方法的流程图。 [0075] Referring to FIG. 12, which is a flowchart of a method of the present invention is authorized. 首先,电子装置11产生请求讯息(步骤S501),并将请求讯息传送至授权服务器(步骤S502)。 First, the electronic device 11 generates a request message (step S501), and transmits the request message to the authorization server (step S502). 授权服务器13根据请求讯息而选择性提供初始授权码(步骤S503)。 The authorization server 13 selectively provides an initial request message authorization code (step S503).

[0076] 步骤S503可进一步包含两个子步骤:授权服务器13利用处理器131,根据请求讯息而得出用户账号与处理程序(步骤S503a);以及,处理器131判断处理程序的内容是否符合用户账号所对应的权限(S503b)。 [0076] Step S503 may further comprise two sub-steps: authorization server 131 with the processor 13, to derive the user account processing procedure (step S503 a) according to the request message; and a content handler processor 131 determines whether the user account corresponding rights (S503b). 如果步骤S503a得出的使用者账号不存在授权服务器13的数据库时,授权服务器13并不会提供初始授权码。 If step S503a obtained authorization server user account database 13 does not exist, the authorization server 13 does not provide an initial authorization code. 或者,如果步骤S503b判断,用户希望进行处理程序的内容不符合用户账号所对应的权限时,授权服务器13并不会提供初始授权码。 Or, if the determination in step S503b, the user desires content handler does not meet the corresponding user account privileges, authorization server 13 does not provide an initial authorization code.

[0077] 其后,授权服务器13利用传送接收器133将初始授权码传送至电子装置11 (S5034)。 [0077] Thereafter, the authorization server 13 transmits the receiver 133 using the initial authorization code to the electronic device 11 (S5034). 授权服务器13的处理器131根据初始授权码产生伺服端验证码(步骤S505),且电子装置11根据初始授权码而产生远程验证码(步骤S506)。 The authorization server 13 generates a servo processor 131 codes side (step S505) according to the initial authorization code, the electronic apparatus 11 and the remote codes generated (step S506) according to the initial authorization code. 其中,步骤S505与步骤S506先后毋须限定。 Wherein, step S505 and step S506 need not have defined. 或者,两者亦可同时进行。 Alternatively, both may be performed simultaneously.

[0078] 电子装置11产生远程验证码后,传送初始授权码与远程验证码至中间装置15 (步骤S507)。 After [0078] The electronic device 11 generates a remote codes, initially transmits the authorization code to the intermediate code with a remote verification device 15 (step S507). 之后,中间装置15再将远程验证码传送至授权服务器13(步骤S508)。 Thereafter, the intermediate device 15 and then transmitted to the remote authentication code authorization server 13 (step S508). 授权服务器13将判断预设条件是否成立(步骤S509)。 Authorization server 13 will determine a preset condition is satisfied (step S509).

[0079] 若步骤S509的判断结果为否定,授权服务器13结束此次的授权流程。 [0079] If the determination result of step S509 is negative, the authorization server 13 ends the current authorization process. 此时,授权服务器13可透过中间装置15而显示错误讯息。 In this case, the authorization server 13 via the intermediate device 15 and may display an error message. 若步骤S509的判断结果为肯定,授权服务器13将授权中间装置15进行处理程序(步骤S510)。 If the determination result of step S509 is positive, the authorization server 13 for authorization handler intermediate device 15 (step S510).

[0080] 前述的实施例虽然假设电子装置为手机,但实际应用时,并不以手机为限。 [0080] While the foregoing embodiment is assumed that the electronic device is a mobile phone, but the actual application is not limited to mobile phones. 且,于电子装置执行的授权方法,其实现方式可透过SM卡、智能型贴片、应用软件等方式。 And authorizing the electronic device performing the method, which embodiment can be realized through mode SM card, a smart patch, and application software. 承上,本发明的授权方法,可透过软件程序储存于各种类型的计算机程序产品。 Deck, authorization method according to the present invention, may be stored in various types of computer program products with a software program. 举凡具有控制器的电子装置,均可利用控制器执行实现本发明授权方法的软件程序。 Jufan electronic device with a controller, the controller may be performed by using a software program authorization method of the present invention. 即,在软件程序中,进行传送请求讯息;接收响应请求讯息而产生初始授权码;根据初始授权码而产生远程验证码;以及,将远程验证码透过中间装置传送至授权服务器的步骤。 That is, in the software program, a transfer request message; receiving a response to the request message generating an initial authorization code; generating codes according to an initial remote authorization code; and the step of the remote device through the intermediary verification code to the authorization server. 其中,授权服务器根据远程验证码而判断预设条件成立时,执行处理程序。 Wherein the remote authorization server authentication code is judged in accordance with a preset condition is satisfied, executing the processing program.

[0081] 采用本发明的授权方法时,只需搭配电子装置对用户进行身分验证,就能使用各种自动化的金融交易。 [0081] When using authorized methods of the present invention, the electronic device only with the user identity verification, you can use a variety of automated financial transactions. 甚至,还能搭配自动柜员机在无金融卡的情况下,直接提领现钞。 Even, but also with an ATM card in the absence of the financial situation, directly withdraw cash. 此种授权方法能省去使用者必须携带金融卡才能进行金融交易的不便,还能在自动柜员机设置并不普及的地区,由金融机构的授权代理商提供金融交易。 Such authorization method can save the user must carry a debit card can be inconvenient financial transactions, but also in the ATM settings are not popular areas, providing financial transaction by the authorized agents of financial institutions. 再者,本发明搭配一次性密码产生程序的作法,也能确保金融交易系统进行帐户用户识别的安全性。 Furthermore, the present invention with a one-time password generating program practices, but also to ensure the security of financial transactions system account user identification.

[0082] 需留意的是,仅管前述的说明系以金融交易系统为例,但本发明所述的授权系统的应用并不以此为限。 [0082] The need to pay attention that the foregoing description is only the pipe line to financial transaction system as an example, but the application of the authorization system according to the present invention is not limited thereto. 举凡各种需要进行用户身分识别的授权系统,例如:档案下载系统、货品销售系统、票券销售系统等,皆可采用本发明的构想。 Whether it needs identifiable user authorization system, for example: file downloading system, the goods distribution system, ticket sales system, the present invention can be used all contemplated.

[0083] 综上所述,虽然本发明已以较佳实施例揭露如上,然其并非用以限定本发明。 [0083] Although the present invention has been disclosed above by the preferred embodiments, they are not intended to limit the present invention. 本发明所属技术领域中具有通常知识者,在不脱离本发明的精神和范围内,当可作各种的更动与润饰。 Technical Field The present invention pertains having ordinary knowledge in the present invention without departing from the spirit and scope, may make various modifications and variations. 因此,本发明的保护范围当视随附的权利要求范围所界定的为准。 Accordingly, the scope of the claims scope of the present invention is best defined by the appended prevail.

Claims (30)

  1. 1.一种授权服务器,包含: 一传送接收器,其是接收一请求讯息;以及一处理器,响应该请求讯息而提供一初始授权码,并根据该初始授权码而产生一伺服端验证码,其中该传送接收器是于传送该初始授权码后,接收根据该初始授权码而得的一远程验证码,且该处理器是于判断一预设条件成立时,授权进行一处理程序。 An authorization server, comprising: a transmission receiver is receiving a request message; and a processor, in response to the initial request message to provide an authorization code, and generates a terminal authentication code based on the servo initial authorization code wherein the receiver is transmitted in the initial transmission authorization code after receiving a remote authentication code according to the initial authorization code obtained, and the processor is in the judgment when a predetermined condition is satisfied, to authorize a processing program.
  2. 2.根据权利要求1所述的授权服务器系统,其中该默认条件是指,该授权服务器在一预设期间内接收该远程验证码,且该远程验证码符合该伺服端验证码。 The authorization server system according to claim 1, wherein the default condition is that, the remote server receives the authorization codes in a predetermined period, and the verification code matches the remote end of the servo codes.
  3. 3.根据权利要求1所述的授权服务器系统,其中该传送接收器信号连接于一电子装置,该电子装置是产生该请求讯息,并根据该初始授权码而产生该远程验证码。 3. The authorization server system according to claim 1, wherein the transmitting and receiving a signal is connected to the electronic device, the electronic device is generating the request message, and generating the codes based on the initial remote authorization code.
  4. 4.根据权利要求3所述的授权服务器,其中该电子装置是透过一电信网络而信号连接于该传送接收器。 Authorization server according to claim 3, wherein the electronic device via a telecommunication network is connected to the signal transmitting and receiving device.
  5. 5.根据权利要求3所述的授权服务器系统,其中该处理器是根据一一次性密码产生程序而产生该伺服端验证码,且该电子装置是根据该一次性密码产生程序而产生该远程验证码。 The generating the remote authorization server system as claimed in claim 3, wherein the processor is a generator generating the server end according to a one-time password verification code, and the electronic device is based on the one-time password generating program verification code.
  6. 6.根据权利要求3所述的授权服务器,其中该电子装置是一第一手机,该第一手机是透过一应用软件而产生该请求讯息、根据该初始授权码而产生该远程验证码。 6. The authorization server according to claim 3, wherein the first electronic device is a mobile phone, the first phone is transmitted through a software application generates the request message, generating the codes based on the initial remote authorization code.
  7. 7.根据权利要求6所述的授权服务器,其中该第一手机具有一第一客户识别模块(Subscriber Identity Module, SIM)卡,且该应用软件是由与该第一客户识别模块兼容的一第一智能型贴片、该第一客户识别模块卡提供。 A second authorization server according to claim claim 6, wherein the first mobile phone having a first subscriber identity module (Subscriber Identity Module, SIM) card, and the application software is compatible with the first client from the identity module a smart patch, the first subscriber identity module card offers.
  8. 8.根据权利要求6所述的授权服务器,其中该第一手机具有一嵌入式操作系统,且该应用软件是运作于该嵌入式操作系统。 8. The authorization server according to claim 6, wherein the first mobile phone having an embedded operating system, and the application is operating in the embedded operating system.
  9. 9.根据权利要求1所述的授权服务器,其中该传送接收器信号连接于一中间装置,且该中间装置是于取得该远程验证码后,将该远程验证码传送至该授权服务器。 9. The authorization server according to claim 1, wherein the signal transmitting and receiving means is connected to an intermediate, and the intermediate means is made after the remote verification code, transmits the verification code to the remote authorization server.
  10. 10.根据权利要求9所述的授权服务器,其中该中间装置是透过一内部网络或一电信网络而信号连接于该传送接收器。 The authorization server as claimed in claim 9, wherein the intermediate means is via an internal network or a telecommunications network is connected to the signal transmitting and receiving device.
  11. 11.根据权利要求9所述的授权服务器,其中该中间装置是提供用于输入该远程验证码的一输入接口。 11. The authorization server according to claim 9, wherein the intermediate means is provided for inputting an input interface of the remote verification code.
  12. 12.根据权利要求9所述的授权服务器,其中该中间装置与该电子装置是透过一近距离传输而信号连接于一电子装置,且该远程验证码是由该电子装置透过该近距离传输而传送至该中间装置。 12. The authorization server according to claim 9, wherein the intermediate device and the electronic device is transmitting the signal via a short-range connection to an electronic device, and the verification code by the remote electronic device via the short distance It is transmitted to the intermediate transmission means.
  13. 13.根据权利要求12所述的授权服务器,其中该近距离传输是一无线网络、一近场通讯(Near Field Communicat1n,简称为NFC)。 Authorization server according to claim 12, wherein the transmission is a short distance wireless network, a near field communication (Near Field Communicat1n, simply referred to as NFC).
  14. 14.根据权利要求9所述的授权服务器,其中该中间装置是一提款机或一代理商设备。 14. The authorization server according to claim 9, wherein the intermediate device is an ATM device or a dealer.
  15. 15.根据权利要求14所述的授权服务器,其中该代理商设备是一第二手机,该第二手机包含: 一输入接口,其是根据一输入操作而取得该初始授权码与该远程验证码;以及, 一传送模块,其是传送该初始授权码与该远程验证码至该授权服务器。 15. The authorization server according to claim 14, wherein the agent is a second mobile phone apparatus, the second phone comprises: an input interface, which is initially acquired the remote authorization code with the authentication code according to an input operation ; and, a delivery module, which is the initial authorization server transmits the authorization code to the remote codes.
  16. 16.根据权利要求15所述的授权服务器,其中该第二手机具有一第二客户识别模块(Subscriber Identity Module, SIM)卡,且控制该输入接口的一应用软件是由与该第二客户识别模块兼容的一第二智能型贴片、该第二客户识别模块卡提供。 16. The authorization server according to claim 15, wherein the second mobile phone having a second subscriber identity module (Subscriber Identity Module, SIM) card, and a control input of the application interface by the second customer identification the module is compatible with a second intelligent patch, the second subscriber identity module card offers.
  17. 17.根据权利要求16所述的授权服务器,其中该第二手机具有一嵌入式操作系统,且该应用软件是运作于该嵌入式操作系统。 17. The authorization server according to claim 16, wherein the second mobile phone having an embedded operating system, and the application is operating in the embedded operating system.
  18. 18.根据权利要求1所述的授权服务器,其中该授权服务器是一金融平台,且该请求讯息是一金融交易程序。 18. The authorization server according to claim 1, wherein the authorization server is a financial platform, and the request message is a financial transaction program.
  19. 19.一种授权方法,应用于一授权服务器,该授权方法包含以下步骤: 响应一请求讯息而提供一初始授权码; 根据该初始授权码而产生一伺服端验证码; 接收根据该初始授权码而得的一远程验证码;以及, 在该远程验证码与该伺服端验证码符合一预设条件时,授权进行一处理程序。 19. A method for authorization, applied to an authorization server, the authorization method comprising the steps of: in response to an initial request message and providing an authorization code; generating a servo codes based on the initial end of the authorization code; receiving authorization code based on the initial obtained by a remote authentication code; and when, the verification code to the remote authentication server end code conforms to a predetermined condition, to authorize a processing program.
  20. 20.根据权利要求19所述的授权方法,其中该预设条件是指: 该授权服务器在一预设期间内接收该远程验证码;以及, 该远程验证码符合该伺服端验证码。 20. The method of claim 19 authorization claim, wherein the predetermined condition is that: the remote server receives the authorization codes in a predetermined period; and, the verification code matches the remote end of the servo codes.
  21. 21.根据权利要求19所述的授权方法,其中根据该初始授权码而产生该伺服端验证码的步骤是指: 该授权服务器根据该初始授权码与一一次性密码产生程序而产生该伺服端验证码。 Generating the servo program based on the authorization server generates the authorization code and the initial one-time password: authorization to claim 21. The method of claim 19, wherein the authorization code based on the initial step of generating said server code verification means end codes.
  22. 22.根据权利要求19所述的授权方法,其中更包含以下步骤: 传送该初始授权码至一电子装置。 22. The method of authorization according to claim 19, wherein further comprising the steps of: initially transmitting the authorization code to an electronic device.
  23. 23.根据权利要求22所述的授权方法,其中该电子装置是根据该初始授权码与一一次性密码产生程序而产生该远程验证码。 23. The method of claim 22 authorization claim, wherein the electronic device is generating the codes of the original remote authorization code with a one-time password generating program based.
  24. 24.根据权利要求22所述的授权方法,其中该授权服务器信号连接于一中间装置,该中间装置是传送该远程验证码至该授权服务器。 24. The method of claim 22 authorization claim, wherein the authorization server is connected to a signal means intermediate the intermediate means is transmitting the verification code to the remote authorization server.
  25. 25.根据权利要求24所述的授权方法,其中该中间装置具有一输入接口,且该中间装置是通过该输入接口取得由一用户输入的该远程验证码。 25. The method of claim 24, wherein the authorization claim, wherein the intermediate means has an input interface, and the intermediate means is made of the remote codes entered by a user through the input interface.
  26. 26.一种授权方法,应用于一电子装置,该授权方法包含以下步骤: 传送一请求讯息; 接收响应该请求讯息而产生的一初始授权码; 根据该初始授权码而产生一远程验证码;以及, 将,其中该远程验证码是透过经由一中间装置而传送至一授权服务器,其中且该授权服务器根据该远程验证码而判断一预设条件成立时,授权进行一处理程序。 26. A method for authorization, applied to an electronic device, the authorization method comprising the steps of: transmitting a request message; receiving a response to the request message generated by an initial authorization code; generating a remote codes based on the initial authorization code; and, a, wherein the remote authentication code to be transmitted through an authorization server via an intermediate device, and wherein the remote authorization server based on the authentication code is judged when a predetermined condition is satisfied, to authorize a processing program.
  27. 27.根据权利要求26所述的授权方法,其中根据该初始授权码而产生一远程验证码的步骤是指:根据该初始授权码与一次性密码产生程序而产生一远程验证码。 27. A method of authorizing step according to claim 26, wherein a remote codes generated according to the initial authorization code means of: generating a program based on the authorization code and the initial one-time password generated by a remote codes.
  28. 28.根据权利要求26所述的授权方法,其中该电子装置是透过一近距离传输、该中间装置提供的一输入接口而使该中间装置取得该远程验证码。 28. The method of authorization according to claim 26, wherein the electronic device is transmitted via a close, the intermediate device provides an input interface of the intermediate apparatus that obtains the remote codes.
  29. 29.一种计算机程序产品,其上储存有一软件程序,该软件程序执行时将使具有一控制器的一电子装置进行一授权方法,该授权方法包括下列步骤: 传送一请求讯息; 接收响应该请求讯息而产生的一初始授权码; 根据该初始授权码而产生一远程验证码;以及, 将该远程验证码透过一中间装置传送至一授权服务器,其中,该授权服务器根据该远程验证码而判断一预设条件成立时,授权进行一处理程序。 29. A computer program product, stored on a software program, will cause an electronic device having a controller performing a method of authorizing the software program when executed authorization method comprising the steps of: transmitting a request message; receiving a response to the request message generated by an initial authorization code; generating an authorization code based on the initial remote authentication code; and the remote verification code is transmitted to an intermediate device an authorization server, wherein the remote authorization server based on the codes and judging when a predetermined condition is satisfied, authorize a handler.
  30. 30.根据权利要求29所述的授权方法,其中根据该初始授权码而产生一远程验证码的步骤是指:根据该初始授权码与一次性密码产生程序而产生一远程验证码。 30. A method of authorizing step according to claim 29, wherein a remote codes generated according to the initial authorization code means of: generating a program based on the authorization code and the initial one-time password generated by a remote codes.
CN 201410013977 2014-01-13 2014-01-13 Authorization server, authorization method and computer program product CN104778384A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201410013977 CN104778384A (en) 2014-01-13 2014-01-13 Authorization server, authorization method and computer program product

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201410013977 CN104778384A (en) 2014-01-13 2014-01-13 Authorization server, authorization method and computer program product

Publications (1)

Publication Number Publication Date
CN104778384A true true CN104778384A (en) 2015-07-15

Family

ID=53619843

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201410013977 CN104778384A (en) 2014-01-13 2014-01-13 Authorization server, authorization method and computer program product

Country Status (1)

Country Link
CN (1) CN104778384A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5978483A (en) * 1997-04-07 1999-11-02 Inkel Corporation Securely encrypted remote keyless entry system
CN1560801A (en) * 2004-03-09 2005-01-05 欧阳世杰 Disposable cipher protection careless electronic transaction payment method
US20060028431A1 (en) * 2004-06-29 2006-02-09 Hou-Tin Leong Remote control system
CN101667915A (en) * 2008-09-05 2010-03-10 拓讯资讯股份有限公司 Method for generating dynamic password to execute remote security authentication and mobile communication device thereof
CN101958024A (en) * 2009-07-16 2011-01-26 全宏科技股份有限公司 Financial transaction system, automated teller machine and method for operating automated teller machine
US20110270744A1 (en) * 2010-04-30 2011-11-03 Ginger Baker Mobile tangible value banking system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5978483A (en) * 1997-04-07 1999-11-02 Inkel Corporation Securely encrypted remote keyless entry system
CN1560801A (en) * 2004-03-09 2005-01-05 欧阳世杰 Disposable cipher protection careless electronic transaction payment method
US20060028431A1 (en) * 2004-06-29 2006-02-09 Hou-Tin Leong Remote control system
CN101667915A (en) * 2008-09-05 2010-03-10 拓讯资讯股份有限公司 Method for generating dynamic password to execute remote security authentication and mobile communication device thereof
CN101958024A (en) * 2009-07-16 2011-01-26 全宏科技股份有限公司 Financial transaction system, automated teller machine and method for operating automated teller machine
US20110270744A1 (en) * 2010-04-30 2011-11-03 Ginger Baker Mobile tangible value banking system

Similar Documents

Publication Publication Date Title
US20140108263A1 (en) Virtualization and secure processing of data
US20110265149A1 (en) Secure and efficient login and transaction authentication using iphonestm and other smart mobile communication devices
US20130060618A1 (en) Method and System for Electronic Wallet Access
US20110103586A1 (en) System, Method and Device To Authenticate Relationships By Electronic Means
US20150140960A1 (en) Automated Account Provisioning
US20130080276A1 (en) Systems, methods, and computer program products providing electronic communication during transactions
US20140279546A1 (en) Enhanced near field communications attachment
US20130226812A1 (en) Cloud proxy secured mobile payments
US20130185214A1 (en) System and Method For Secure Offline Payment Transactions Using A Portable Computing Device
US20120078735A1 (en) Secure account provisioning
CN102103778A (en) Mobile payment system, mobile terminal and method for realizing mobile payment service
US20100332832A1 (en) Two-factor authentication method and system for securing online transactions
US20140058951A1 (en) Mobile electronic device and use thereof for electronic transactions
EP1026641A1 (en) Personal device, terminal, server and methods for establishing a trustworthy connection between a user and a terminal
WO2012042262A1 (en) Mobile payment system
CN102737311A (en) Internet bank security authentication method and system
US20130328801A1 (en) Software pin entry
US20130333006A1 (en) Enterprise triggered 2chk association
CN102289893A (en) Wallet credit loading method, apparatus and system for
CN101222333A (en) Data transaction processing method and apparatus
CN103793815A (en) Mobile intelligent terminal acquirer system and method suitable for bank cards and business cards
US20140214688A1 (en) System and method for secure transaction process via mobile device
CN101072384A (en) Mobile phone payment method and system based on mobile phone bank
CN101699892A (en) Method and device for generating dynamic passwords and network system
CN103198400A (en) Bluetooth wireless point of sale (POS) terminal financial payment system and payment method thereof

Legal Events

Date Code Title Description
C06 Publication
EXSB Decision made by sipo to initiate substantive examination
WD01