CN1601960A - Safety authentication method of cell phone bank system - Google Patents
Safety authentication method of cell phone bank system Download PDFInfo
- Publication number
- CN1601960A CN1601960A CN 200410080977 CN200410080977A CN1601960A CN 1601960 A CN1601960 A CN 1601960A CN 200410080977 CN200410080977 CN 200410080977 CN 200410080977 A CN200410080977 A CN 200410080977A CN 1601960 A CN1601960 A CN 1601960A
- Authority
- CN
- China
- Prior art keywords
- bank
- account
- identification code
- account number
- mobile banking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Handset bank system includes mobile terminal, gateway, firewall, handset bank center and background of bank. Mobile terminal through network connects to gateway. Gateway through Internet or dedicated line and firewall is connected to handset bank center. In procedure of id authentication, id code of account number relevant to bank account is adopted to transmitted in media of having unsafe factor such as mobile communication network and Internet so as to raise safety factor in banking transaction. The said id code of account number can be individualized and easy memorized alias of account number.
Description
Technical field
The present invention relates to safety certifying method, relate in particular to a kind of safety certifying method that is applied to cell phone bank system.
Background technology
Cell phone bank system also claims mobile bank system, normally utilizes mobile communications network that portable terminal is connected to banking system, to realize that the user utilizes portable terminal directly to finish the service system of various finance and money management business.It is a kind of channel that bank realizes electronic service, also is based on a service with good development prospect on the mobile communications network.
See also Fig. 1, it is a kind of topology network schematic diagram of existing cell phone bank system.It comprises portable terminal 11, gateway 12, fire compartment wall 13, Mobile banking center 14 and bank backstage 15.Present most widely used portable terminal 11 is a mobile phone.Portable terminal 11 communicates by the gateway 12 that mobile communications network and operator set, gateway 12 is used to set up being connected between bank and the portable terminal 11, comprise: the wireless messages that portable terminal 11 is transmitted converts wired information to, and described wired information is sent to the fire compartment wall 13 of bank by DDN (digital data network) special line or internet; And will become wireless messages to be sent to corresponding mobile terminal 11 by wired information translation that DDN special line or internet transmit.Mobile banking center 14 is authentication control centres of cell phone bank system, is used to realize user's safety certification and sets up being connected of portable terminal 11 and bank backstage 15.The fire compartment wall 13 main safety that realize entering bank's internal data.Mobile banking center 14 is control centres of cell phone bank system, is mainly used in operations such as carrying out authentication, and sets up being connected between portable terminal 11 and the bank backstage 15, so that the user carries out the every business operation of bank.
As everyone knows, safety is that the user utilizes cell phone bank system to carry out the most important Consideration of every banking, bank is except the safety that guarantees the inner every data of bank, before the user carries out every banking transaction by portable terminal 11 and bank, also need the user who files an application is carried out safety certification.See also Fig. 2, it carries out the concrete steps of safety certification for user in the prior art:
At first, portable terminal 11 sends logging request (step S110) by gateway 12 to Mobile banking center 13; Then, the information (step S120) of carrying out authentication is returned at Mobile banking center 14; Then, portable terminal 11 sends Bank Account Number and corresponding password thereof to Mobile banking center 14, request authentication (step S130); At last, Mobile banking center 14 is sent to bank backstage 15 with described Bank Account Number and password, carry out safety certification, if the password identical (step S140) in the account number cipher database (not illustrating among the figure) on described password and bank backstage 15, then the return authentication success message is to portable terminal 11, otherwise the return authentication failure is to portable terminal 11.And, have only the portable terminal 11 of authentication success to connect with bank backstage 15, carry out every banking operation.Wherein, the account number cipher database is in order to each Bank Account Number of preserving this bank, corresponding password and other relevant informations.
More than the safety certifying method of disclosed cell phone bank system only be a kind of authentication method in the prior art, in whole authentication process, need pass through mobile communications network from portable terminal 11 to carrying out mutual data between the Mobile banking center 13, there is the transmission medium of unsafe factor in internets etc., and each transaction all needs portable terminal 11 directly Bank Account Number and corresponding password to be sent to Mobile banking center 13 together to exist very big potential safety hazard: intercepted and captured Bank Account Number and corresponding password by the third party from mobile communications network or internet easily, thereby bring the risk of user's property loss.Therefore the safety certifying method of above-mentioned cell phone bank system can't guarantee the fail safe of banking transaction in the cell phone bank system.
In addition, most of users preserve several Bank Account Numbers, and each Bank Account Number is long, and the user also needs to remember each Bank Account Number and corresponding password when carrying out every banking transaction of cell phone bank system, thereby causes inconvenience to the user.
Summary of the invention
The object of the present invention is to provide a kind of safety certifying method of cell phone bank system, when solving that portable terminal carries out data communication with the Mobile banking center in the prior art, directly in existing the media of unsafe factor, mobile communications network and internet etc. transmit and the safety problem that causes with Bank Account Number with its corresponding user cipher.
A kind of safety certifying method of cell phone bank system, described cell phone bank system comprises portable terminal, gateway, fire compartment wall, Mobile banking center and bank backstage, described portable terminal connects described gateway by the mobile network, described gateway is connected with the Mobile banking center by described fire compartment wall by internet or special line, comprising:
(1) in the authentication code memory unit at Mobile banking center, preserves the Bank Account Number of each user identification code binding and each Bank Account Number number of the account identification code one to one;
(2) described portable terminal utilizes the user identification code of this terminal correspondence to send logging request by described gateway to described Mobile banking center, and described Mobile banking center receives described logging request and obtains described mobile terminal user identification code automatically;
(3) described authentication code memory unit is searched according to described user identification code in described Mobile banking center, obtains each Bank Account Number with described user identification code binding, then each Bank Account Number corresponding account number identification code is sent to described portable terminal together;
(4) described portable terminal is selected wherein a number of the account identification code and is inputed corresponding password from receive all number of the account identification codes, sends ID authentication request to described Mobile banking center then;
(5) corresponding Bank Account Number is found according to described number of the account identification code in described Mobile banking center, and and described password be sent to described bank backstage together so that carry out cipher authentication, if authentication success, return authentication success message then, otherwise return authentication failed message.
Described number of the account identification code comprises number of the account another name and account number sequence number.
Step (1) specifically comprises:
Described user is sent to the Mobile banking center by the authentication information that bank outlets or Web bank will comprise the Bank Account Number of user identification code binding;
Described Mobile banking center judges whether each Bank Account Number has the corresponding account number another name in the authentication information that receives, if have, then preserve the binding relationship and the corresponding account number another name of described Bank Account Number and user identification code, otherwise, automatically distribute default number of the account another name, and preserve the binding relationship and the number of the account another name thereof of described Bank Account Number and user identification code, then the default number of the account another name of described Bank Account Number correspondence is sent to described portable terminal and preserves.
And step (1) can also specifically comprise:
(1-1) portable terminal is sent to the Mobile banking center with the authentication information that comprises the Bank Account Number of binding with user identification code of user's input;
(1-2) user identification code of described portable terminal correspondence and the binding relationship of described new Bank Account Number are preserved in described Mobile banking center in described authentication code memory unit;
(1-3) described Mobile banking center judges whether each Bank Account Number has the corresponding account number another name in the authentication information that receives, if have, then preserve described Bank Account Number and corresponding account number another name, otherwise, automatically distribute default number of the account another name, and preserve described Bank Account Number and number of the account another name thereof, then the default number of the account another name of described Bank Account Number correspondence is sent to described portable terminal and preserves.
In addition, the Mobile banking center distributes in order to uniquely identified number of the account sequence number for each Bank Account Number.
Comprise between step (1-1) and the step (1-2): new Bank Account Number that described Mobile banking center will receive and password thereof are sent to described bank backstage earlier, verify whether described Bank Account Number and described password be correct, if, then carry out step (1-2), otherwise withdraw from after returning the Bank Account Number error message.
Step (4) further comprises: described portable terminal will comprise the ID authentication request of number of the account identification code and password through sending to described Mobile banking center after the encryption;
Further comprise between step (4) and the step (5): described Mobile banking center will receive ID authentication request and be decrypted processing back described number of the account identification code of acquisition and password.
After the safety certification of described portable terminal is passed through, described user sends change number of the account identity request, described Mobile banking judges at the center that whether new number of the account identification code is with identical with other number of the account identification code of described user identification code binding, if exist identical, then return the change failed message, otherwise delete original number of the account identification code, preserve the binding relationship of new number of the account identification code and described user identification code, and return the change success message.
Described portable terminal comprises mobile phone.
Compared with prior art, the present invention has the following advantages: because the present invention adopts when carrying out safety certification and Bank Account Number one to one the number of the account identification code in there is the media of unsafe factor in mobile communications network and internet etc., transmit, avoided directly in having the media of unsafe factor, transmitting, therefore improved the coefficient of safety of authentication with bank's Bank Account Number with its corresponding user cipher.And, in safety certification process of the present invention, avoided the corresponding with it password of Bank Account Number in media, to transmit together, further improved the coefficient of safety of authentication thus.In addition, number of the account another name that the number of the account identification code adopts the user to revise has been exempted the worry that the user remembers a lot of number of the account, is user-friendly to.
Description of drawings
Fig. 1 is a kind of topology network schematic diagram of cell phone bank system;
Fig. 2 carries out the particular flow sheet of safety certification for user in the prior art;
Fig. 3 is for carrying out the schematic flow sheet of first embodiment of safety certification in the cell phone bank system among the present invention;
Fig. 4 is a kind of embodiment of mobile banking service menu;
Fig. 5 is for carrying out the schematic flow sheet of second embodiment of safety certification in the cell phone bank system among the present invention.
Embodiment
Below in conjunction with accompanying drawing, specify the present invention.
Below we will be in conjunction with the accompanying drawings, optimum implementation of the present invention is described in detail.At first it is to be noted, the implication of the term of using among the present invention, words and claim can not only only limit to its literal and common implication and go to understand, also comprise the implication and the notion that into conform to technology of the present invention, this is because we are as the inventor, to suitably provide the definition of term, so that the most appropriate description is carried out in our invention.Therefore, the configuration that provides in this explanation and the accompanying drawing is first-selected embodiment of the present invention, rather than will enumerates all technical characteristics of the present invention.We will recognize to also have the various equivalent scheme or the modifications that can replace our scheme.
For the present invention is described better, the present invention is an example with the cell phone bank system of Fig. 1 still, specifies safety certifying method of the present invention.Wherein, portable terminal 11 comprises wireless mobile phone, the mobile phone of various analog networks or digital network even comprises PHS (Personal Handyphone System).Each portable terminal 11 all be provided with the unique correspondence of this terminal user identification code (such as, phone number is the user identification code of mobile phone), and portable terminal 11 can be other portable terminal with user identification code and communication function, as has the PDA of communication function.
The banking of below speaking of comprise make transfers, inquire about, multiple financial business such as transaction, and cell phone bank system mainly is to break through the space-time restriction, carries out every banking service by the user is required.
At present, gateway 12 can be the SMS server, also can be the WAP gateway WAP gateway.If gateway 12 SMS servers, then portable terminal 11 operations that will carry out mobile banking service communicates by mobile communications network and SMS server with the form of short message, the SMS server can be a short message service center, if the short message that receives is the short message about mobile banking service, then the data format that becomes Mobile banking center 14 to accept this message conversion is sent to banking system by internet or special line.In some cases, the SMS server also may link to each other with bank by a professional value increasing platform, alleviates the SMS load of server thus.
If described gateway is a WAP gateway, then portable terminal 11 need be a portable terminal 11 of supporting wap protocol.Equally, the operations that portable terminal 11 carries out mobile banking service is sent to WAP gateway with the form that WAP asks, and by WAP gateway corresponding data is sent to bank inside.The principal character of WAP class Mobile banking product is to carry out the wireless connections agreement, and the main product of generally acknowledging on American-European market at present.
Bank backstage 15 can comprise the server that carries out every banking, such as the server that carries out foreign currency operation operation, carry out the server of fund business operation etc., because each bank is the difference of banking scope separately, and different bank backstages 15 can be set.Because bank backstage 15 is known subsystems, does not repeat them here.
In Mobile banking of the present invention center 14, an authentication code memory unit is set also, is used to preserve and all Bank Account Numbers of each user identification code binding and each Bank Account Number number of the account identification code one to one.The number of the account identification code comprises number of the account another name and number of the account sequence number.When the number of the account identification code was the number of the account another name, the user can carry out personalized setting to it.If the user is not provided with, then 11 automatic generations default number of the account another name in Mobile banking center is preserved, and is sent to portable terminal 11, to inform the user.Such as, Bank Account Number is 5184763305494666, the default another name that Mobile banking center 14 is provided with can be shape as another name 518*763*054*4666.The number of the account identification code can also comprise the number of the account sequence number, and this number of the account sequence number is the unique ID number that bank mobile phone center 14 is distributed each Bank Account Number.
For number of the account another name and number of the account sequence number, have different number of the account another names (number of the account sequence number) as long as guarantee all Bank Account Numbers of each user identification code binding, and need not guarantee that each the number of the account another name (number of the account sequence number) in the authentication code memory unit is all inequality.Such as: the another name of a Bank Account Number of user identification code A binding is TOM, and the another name of a Bank Account Number of user identification code B binding is TOM also, allows among the present invention.The number of the account sequence number can be the numeral of serial number.
The difference of number of the account sequence number and number of the account another name is seen being used for representing to the cellphone subscriber with number of the account another name in fact.After the cellphone subscriber selects number of the account another name, mobile phone will be with the number of the account another name of selecting corresponding the number of the account sequence number be sent to the Mobile banking center; If certainly the account number identification code only contain the number of the account another name, selected the number of the account another name as the cellphone subscriber so, mobile phone will be sent to this another name the Mobile banking center, like this number of the account another name has had the function of number of the account sequence number simultaneously concurrently.
Because the safety certifying method of cell phone bank system is similar, be example still below with transmission number of the account another name in transmission medium, specify verification process of the present invention.
Embodiment 1
See also Fig. 3, it is for carrying out the schematic flow sheet of first embodiment of safety certification in the cell phone bank system among the present invention.It may further comprise the steps:
S210: the Bank Account Number that each user identification code of preservation is bound in the authentication code memory unit at Mobile banking center 14 and each Bank Account Number be the number of the account another name one to one.At first, the user is sent to Mobile banking center 14 by the authentication information that bank outlets or Web bank will comprise the Bank Account Number of user identification code binding; Then, Mobile banking center 14 judges whether each Bank Account Number has the corresponding account number another name in the authentication information that receives, if have, the binding relationship of then preservation, Bank Account Number and described user identification code and Bank Account Number and corresponding account number another name, otherwise, automatically distribute default number of the account another name, and preserve binding relationship and Bank Account Number and its number of the account another name of described Bank Account Number and described user identification code, then the default number of the account another name of Bank Account Number correspondence is sent to portable terminal and preserves.Following portable terminal 11 is an example with the mobile phone, and the user identification code of mobile phone is example with the phone number, and two specific embodiments of the present invention are described.Above-mentioned authentication code memory unit can be a database as shown in table 1.
Table 1
Phone number 1 | Bank Account Number 1 | Another name 1 |
Phone number 1 | Bank Account Number 2 | Another name 2 |
Phone number 1 | Bank Account Number 3 | Another name 3 |
Phone number 2 | Bank Account Number 4 | Another name 4 |
Phone number 2 | Bank Account Number 5 | Another name 5 |
... | ... | ... |
Certainly, the storage form of authentication code memory unit is not limited to database, also can be other file layouts such as chained list.
S220: mobile phone sends logging request by gateway 12 to Mobile banking center 14, and Mobile banking center 14 receives described logging request and obtains described mobile terminal user identification code automatically.Mobile phone sends logging request by note, WAP or other transmission meanss by mobile communications network.Correspondingly, gateway 12 receives this request, converts request message to data format that Mobile banking center 14 can be accepted, and by special line or internet data is sent to Mobile banking center 14.
When mobile phone is opened mobile banking service, can in mobile phone, set up the mobile banking service menu usually.See also Fig. 4, it is a kind of embodiment of mobile banking service menu.Comprise submenus such as sending logging request, Bank Account Number alias name modifications, banking operation in this mobile banking service menu, wherein, Bank Account Number alias name modifications, banking operation all need be carried out behind authentication success, and the banking operation can be provided with the banking operation of different tolerance bands according to different users.Above-mentioned mobile banking service menu can be provided with when the user opens mobile banking service;
S230: authentication code memory unit is searched according to phone number in Mobile banking center 14, obtains each Bank Account Number with described user identification code binding, then each Bank Account Number corresponding account number another name is sent to mobile phone together;
S240: mobile phone is selected wherein number of the account another name and is inputed corresponding password from receive all numbers of the account another name, send ID authentication request to Mobile banking center 14 then;
S250: corresponding Bank Account Number is found according to described number of the account identification code and phone number in Mobile banking center 14 in authentication code memory unit, to obtain Bank Account Number and password then and be sent to bank backstage 15 together, so that carry out cipher authentication, if authentication success, return authentication success message then, otherwise return authentication failed message.
Step S240 and step S250 can also replace with following step:
When in the number of the account another name that the user finds to receive the Bank Account Number that needs operation not being arranged, the user can utilize mobile phone re-enter new Bank Account Number, password with it the corresponding account number another name carry out logging request.New Bank Account Number and password thereof that Mobile banking center 14 will receive are sent to bank backstage 15 earlier, verify whether this Bank Account Number and described password be correct, if, then return the message that is proved to be successful, and carry out next step, otherwise after returning the Bank Account Number error message, withdraw from Mobile banking's proof procedure.
When Mobile banking center 14 receive be proved to be successful message after, preserving phone number in authentication code memory unit calls and described password with binding relationship, the number of the account of new Bank Account Number, and mobile phone and bank backstage 15 can connect, and carry out every banking operation.
In above-mentioned verification process, if also want to improve the fail safe of verify data transmission course, then transmit leg can adopt various cryptographic algorithm that data are encrypted the back transmission, and is same, and the recipient can adopt corresponding decipherment algorithm that the data that receive are decrypted.Such as, in step S220, receive the logging request of mobile phone when the Mobile banking center, then send a key in advance to described mobile phone, mobile phone bank center 14 sends after calling all Bank Account Number corresponding account number of this phone number binding with secret key encryption after receiving mobile phone reception success message, described mobile phone judges whether it is the login return information earlier with the data that receive, if then the message that receives with described secret key decryption obtains all the number of the account another names with described phone number binding.
In step S240, mobile phone will comprise the ID authentication request message of number of the account another name and password through sending to described Mobile banking center 14 after the encryption; And Mobile banking center 14 will receive ID authentication request message and decipher earlier and afterwards obtain described number of the account another name and password just carries out respective handling.
Also have, when this mobile phone through safety certification after, described user selects the change number of the account another name submenu in the mobile banking service menu of mobile phone, and import new number of the account, and then send change number of the account identity request to Mobile banking center 14, described Mobile banking judges at the center that whether new number of the account another name is with identical with other number of the account another name of described phone number binding, if exist identical, then return the change failed message, otherwise delete original number of the account another name, preserve the binding relationship of new number of the account another name and described subscriber phone number, and return the change success message.
Above-mentioned authentication method; the number of the account identification code of transmitting between mobile phone and the Mobile banking center 13 (is called as number of the account; also can be the number of the account sequence number); thereby avoid as far as possible true Bank Account Number and corresponding password in the internet or wireless communication terminal the fail safe that has improved cell phone bank system thus obtained very much together by the 3rd other party.In addition, number of the account another name can be according to carrying out the individual character setting in advance, and need not memory, thereby improved user's utilization rate.
In the foregoing description 1, the user needs to the site of bank's appointment at every turn or needs on the net bank to remove to handle mobile phone to bind business with Bank Account Number, causes certain trouble to the user thus, and for this reason, the applicant has proposed the embodiment 2 that addresses the above problem again.
Embodiment 2
In the present embodiment, the user need not the site or utilizes Web bank to handle mobile phone and Bank Account Number binding business, further improves user's convenience.See also Fig. 5, it is for carrying out the schematic flow sheet of second embodiment of safety certification in the cell phone bank system among the present invention.It may further comprise the steps:
S310: utilize original cell phone bank system with phone number, user account with it corresponding account number another name and password be kept at the recognition code memory unit at Mobile banking center 14, can finish by following steps:
The user is when using mobile banking service for the first time, the Bank Account Number of this phone number binding is not preserved at Mobile banking center 14, perhaps the user need to find the Bank Account Number of use not to be arranged to and this phone number binding when carrying out the mobile banking service operation.Under above-mentioned these situations, mobile phone need send logging request by gateway 12 and fire compartment wall 13 to described Mobile banking center 14 with user's input authentication information.
Described authentication information can comprise new Bank Account Number, corresponding account number identification code and password with it, also can comprise new Bank Account Number and password.If do not comprise the number of the account identification code in the authentication information, then default Bank Account Number is distributed at the Mobile banking center automatically.
Then, new Bank Account Number and password thereof that Mobile banking center 14 will receive are sent to bank backstage 15 earlier, verify whether this Bank Account Number and described password be correct, if, then return the message that is proved to be successful, and carry out next step, otherwise after returning the Bank Account Number error message, withdraw from Mobile banking's proof procedure.
When Mobile banking center 14 receive be proved to be successful message after, in authentication code memory unit, preserve binding relationship, number of the account another name, number of the account sequence number and the described password of phone number and new Bank Account Number, and mobile phone and bank backstage 15 can connect, and carry out every banking operation.
For banking operation next time, need not the user and import identical number of the account, the Mobile banking center can initiatively will be bound all Bank Account Number corresponding account number another names with this phone number and is sent to mobile phone, allow the user select, deduct the each use of user and all need import the trouble of Bank Account Number, improved the efficient that the user uses.
Preserve the Bank Account Number and corresponding account number another name of this handset binding when cell phone bank system after, can carry out following step:
S320: the mobile phone utilization is sent logging request by gateway 12 to described Mobile banking center 14, and described Mobile banking center receives described logging request and obtains described mobile terminal user identification code automatically;
S330: authentication code memory unit is searched according to phone number in Mobile banking center 14, obtains each Bank Account Number with the phone number binding, then each Bank Account Number corresponding account number another name is sent to mobile phone together;
S340: mobile phone is selected wherein number of the account another name and is inputed corresponding password from receive all numbers of the account another name, send ID authentication request to Mobile banking center 14 then;
S350: corresponding Bank Account Number is found according to number of the account another name in Mobile banking center 14, and and described password be sent to described bank backstage 15 together so that carry out cipher authentication, if authentication success, return authentication success message then, otherwise return authentication failed message.
In above-mentioned verification process, if also want to improve the fail safe of verify data transmission course, then transmit leg can adopt various cryptographic algorithm that data are encrypted the back transmission, and is same, and the recipient can adopt corresponding decipherment algorithm that the data that receive are decrypted.Such as, in step S310, receive the logging request of mobile phone when the Mobile banking center, then send a key in advance to described mobile phone, mobile phone bank center 14 sends after calling all Bank Account Number corresponding account number of this phone number binding with secret key encryption after receiving mobile phone reception success message, described mobile phone judges whether it is the login return information earlier with the data that receive, if then the message that receives with described secret key decryption obtains all the number of the account another names with described phone number binding.
Step S340 and step S350 can also replace with following step:
When in the number of the account another name that the user finds to receive the Bank Account Number that needs operation not being arranged, the user can utilize mobile phone re-enter new Bank Account Number, password with it the corresponding account number another name carry out logging request.New Bank Account Number and password thereof that Mobile banking center 14 will receive are sent to bank backstage 15 earlier, verify whether this Bank Account Number and described password be correct, if, then return the message that is proved to be successful, and carry out next step, otherwise after returning the Bank Account Number error message, withdraw from Mobile banking's proof procedure.
When Mobile banking center 14 receive be proved to be successful message after, preserving phone number in authentication code memory unit calls and described password with binding relationship, the number of the account of new Bank Account Number, and mobile phone and bank backstage 15 can connect, and carry out every banking operation.
More than disclosed only be several specific embodiment of the present invention; but the present invention is not limited thereto; any those skilled in the art can think various variations, all should fall within the scope of protection of the present invention, protection scope of the present invention is based on the scope of claims.
Claims (9)
1, a kind of safety certifying method of cell phone bank system, described cell phone bank system comprises portable terminal, gateway, fire compartment wall, Mobile banking center and bank backstage, described portable terminal connects described gateway by the mobile network, described gateway is connected with the Mobile banking center by described fire compartment wall by internet or special line, it is characterized in that, comprising:
(1) in the authentication code memory unit at Mobile banking center, preserves the Bank Account Number of each user identification code binding and each Bank Account Number number of the account identification code one to one;
(2) described portable terminal utilizes the user identification code of this terminal correspondence to send logging request by described gateway to described Mobile banking center, and described Mobile banking center receives described logging request and obtains described mobile terminal user identification code automatically;
(3) described authentication code memory unit is searched according to described user identification code in described Mobile banking center, obtains each Bank Account Number with described user identification code binding, then each Bank Account Number corresponding account number identification code is sent to described portable terminal together;
(4) described portable terminal is selected wherein a number of the account identification code and is inputed corresponding password from receive all number of the account identification codes, sends ID authentication request to described Mobile banking center then;
(5) corresponding Bank Account Number is found according to described number of the account identification code in described Mobile banking center, and and described password be sent to described bank backstage together so that carry out cipher authentication, if authentication success, return authentication success message then, otherwise return authentication failed message.
2, the safety certifying method of cell phone bank system as claimed in claim 1 is characterized in that, described number of the account identification code comprises number of the account another name and account number sequence number (seeing the 6th page of countdown line 3 of specification).
3, the safety certifying method of cell phone bank system as claimed in claim 2 is characterized in that, step (1) specifically comprises:
Described user is sent to the Mobile banking center by the authentication information that bank outlets or Web bank will comprise the Bank Account Number of user identification code binding;
Described Mobile banking center judges whether each Bank Account Number has the corresponding account number another name in the authentication information that receives, if have, then preserve the binding relationship and the corresponding account number another name of described Bank Account Number and user identification code, otherwise, automatically distribute default number of the account another name, and preserve the binding relationship and the number of the account another name thereof of described Bank Account Number and user identification code, then the default number of the account another name of described Bank Account Number correspondence is sent to described portable terminal and preserves.
4, the safety certifying method of cell phone bank system as claimed in claim 1 or 2 is characterized in that, step (1) specifically comprises:
(1-1) portable terminal is sent to the Mobile banking center with the authentication information that comprises the Bank Account Number of binding with user identification code of user's input;
(1-2) user identification code of described portable terminal correspondence and the binding relationship of described new Bank Account Number are preserved in described Mobile banking center in described authentication code memory unit;
(1-3) described Mobile banking center judges whether each Bank Account Number has the corresponding account number another name in the authentication information that receives, if have, then preserve described Bank Account Number and corresponding account number another name, otherwise, automatically distribute default number of the account another name, and preserve described Bank Account Number and number of the account another name thereof, then the default number of the account another name of described Bank Account Number correspondence is sent to described portable terminal and preserves.
As the safety certifying method of claim 3 or 4 described cell phone bank systems, it is characterized in that 5, the Mobile banking center distributes in order to uniquely identified number of the account sequence number for each Bank Account Number.
6, the safety certifying method of cell phone bank system as claimed in claim 4, it is characterized in that, comprise between step (1-1) and the step (1-2): new Bank Account Number that described Mobile banking center will receive and password thereof are sent to described bank backstage earlier, verify whether described Bank Account Number and described password be correct, if, then carry out step (1-2), otherwise withdraw from after returning the Bank Account Number error message.
7, as the safety certifying method of claim 3 or 4 described cell phone bank systems, it is characterized in that,
Step (4) further comprises: described portable terminal will comprise the ID authentication request of number of the account identification code and password through sending to described Mobile banking center after the encryption;
Further comprise between step (4) and the step (5): described Mobile banking center will receive ID authentication request and be decrypted processing back described number of the account identification code of acquisition and password.
8, the safety certifying method of cell phone bank system as claimed in claim 1 or 2, it is characterized in that, after the safety certification of described portable terminal is passed through, described user sends change number of the account identity request, described Mobile banking judges at the center that whether new number of the account identification code is with identical with other number of the account identification code of described user identification code binding, if exist identical, then return the change failed message, otherwise delete original number of the account identification code, preserve the binding relationship of new number of the account identification code and described user identification code, and return the change success message.
As the safety certifying method of claim 3 or 4 described cell phone bank systems, it is characterized in that 9, described portable terminal comprises mobile phone.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2004100809775A CN100382486C (en) | 2004-10-26 | 2004-10-26 | Safety authentication method of cell phone bank system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2004100809775A CN100382486C (en) | 2004-10-26 | 2004-10-26 | Safety authentication method of cell phone bank system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1601960A true CN1601960A (en) | 2005-03-30 |
CN100382486C CN100382486C (en) | 2008-04-16 |
Family
ID=34666981
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2004100809775A Active CN100382486C (en) | 2004-10-26 | 2004-10-26 | Safety authentication method of cell phone bank system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100382486C (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2007104243A1 (en) * | 2006-03-10 | 2007-09-20 | Tencent Technology (Shenzhen) Company Limited | The managing system of accounts security based on the instant message and its method |
CN101540024A (en) * | 2008-03-18 | 2009-09-23 | 陈斌 | Method for theft prevention of account password |
CN101398952B (en) * | 2007-09-25 | 2010-09-01 | 中国移动通信集团公司 | User identity verification mode management device, platform and method for verifying user identity |
CN101860437A (en) * | 2009-04-08 | 2010-10-13 | 黄金富 | Method and system for authenticating identity by using mobile phone |
CN101097645B (en) * | 2006-06-30 | 2010-11-17 | 中国银联股份有限公司 | Method for finishing financial data-handling with video terminal and public payment server |
CN102165479A (en) * | 2008-07-31 | 2011-08-24 | 赛贝斯股份有限公司 | Mobile banking architecture |
CN1921390B (en) * | 2006-09-08 | 2011-11-02 | 网之易信息技术(北京)有限公司 | User identification identifying method and system |
CN102340733A (en) * | 2010-07-22 | 2012-02-01 | 黄金富 | Network bank account system for authenticating identity by use of mobile phone network and corresponding method thereof |
CN101448001B (en) * | 2008-11-19 | 2012-03-21 | 中国工商银行股份有限公司 | System for realizing WAP mobile banking transaction security control and method thereof |
CN107993141A (en) * | 2017-11-22 | 2018-05-04 | 中国银行股份有限公司 | Data processing method and device, server |
CN113537962A (en) * | 2021-07-15 | 2021-10-22 | 中国工商银行股份有限公司 | Alias-based payment method, device, equipment, storage medium and program product |
CN115001803A (en) * | 2022-05-30 | 2022-09-02 | 中国银行股份有限公司 | Mobile phone bank login method and device |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102118743A (en) * | 2011-03-02 | 2011-07-06 | 中兴通讯股份有限公司 | Method and system for logging onto online bank with mobile phone, and bank server |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1180751A1 (en) * | 2000-08-18 | 2002-02-20 | Siemens Aktiengesellschaft | Method and system for transmitting an amount of electronic money from a credit memory |
WO2003025815A1 (en) * | 2001-08-10 | 2003-03-27 | Yong-Seok Jeong | Method and system for providing mail service using peculiar code as mail account |
CN100471214C (en) * | 2001-12-04 | 2009-03-18 | 北京凯华网联技术有限公司 | Mobile payment method and system thereof |
CN1377000A (en) * | 2002-04-18 | 2002-10-30 | 杨丽莎 | Interactive authentication method for finanical transaction |
-
2004
- 2004-10-26 CN CNB2004100809775A patent/CN100382486C/en active Active
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8892690B2 (en) | 2006-03-10 | 2014-11-18 | Tencent Technology (Shenzhen) Company Limited | System and method for managing account of instant messenger |
WO2007104243A1 (en) * | 2006-03-10 | 2007-09-20 | Tencent Technology (Shenzhen) Company Limited | The managing system of accounts security based on the instant message and its method |
CN101097645B (en) * | 2006-06-30 | 2010-11-17 | 中国银联股份有限公司 | Method for finishing financial data-handling with video terminal and public payment server |
CN1921390B (en) * | 2006-09-08 | 2011-11-02 | 网之易信息技术(北京)有限公司 | User identification identifying method and system |
CN101398952B (en) * | 2007-09-25 | 2010-09-01 | 中国移动通信集团公司 | User identity verification mode management device, platform and method for verifying user identity |
CN101540024A (en) * | 2008-03-18 | 2009-09-23 | 陈斌 | Method for theft prevention of account password |
CN102165479A (en) * | 2008-07-31 | 2011-08-24 | 赛贝斯股份有限公司 | Mobile banking architecture |
CN101448001B (en) * | 2008-11-19 | 2012-03-21 | 中国工商银行股份有限公司 | System for realizing WAP mobile banking transaction security control and method thereof |
CN101860437A (en) * | 2009-04-08 | 2010-10-13 | 黄金富 | Method and system for authenticating identity by using mobile phone |
CN102340733A (en) * | 2010-07-22 | 2012-02-01 | 黄金富 | Network bank account system for authenticating identity by use of mobile phone network and corresponding method thereof |
CN107993141A (en) * | 2017-11-22 | 2018-05-04 | 中国银行股份有限公司 | Data processing method and device, server |
CN113537962A (en) * | 2021-07-15 | 2021-10-22 | 中国工商银行股份有限公司 | Alias-based payment method, device, equipment, storage medium and program product |
CN115001803A (en) * | 2022-05-30 | 2022-09-02 | 中国银行股份有限公司 | Mobile phone bank login method and device |
CN115001803B (en) * | 2022-05-30 | 2024-04-16 | 中国银行股份有限公司 | Mobile phone bank login method and device |
Also Published As
Publication number | Publication date |
---|---|
CN100382486C (en) | 2008-04-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1130099C (en) | Method and system for verifying authenticity of first communication participants in communications network | |
CN1293720C (en) | Method and apparatus for initializing secure communications among and for exclusively pairing wireless devices | |
CN1190717C (en) | Method, and associated apparatus, for selectively permitting access by mobile terminal to packet data network | |
CN100536395C (en) | System and method for verifying digital signatures on certificates | |
US20050266798A1 (en) | Linking security association to entries in a contact directory of a wireless device | |
CN103535004B (en) | Method for promoting anonymity audio and video communication and system based on web | |
CN1265609C (en) | Confirmation method for safe mobile e-business platform digital certificate | |
CN1816997A (en) | Challenge response system and method | |
CN1197297C (en) | A platform information switch | |
CN1868183A (en) | System and method of secure message processing | |
CN1653783A (en) | System and method of mobile lightweight directory access | |
CN1951060A (en) | System and method for handling data transfers | |
CN1842990A (en) | System and method for sending secure messages | |
CN1744489A (en) | Providing certificate matching in a system and method for searching and retrieving certificates | |
CN1575579A (en) | Selecting a security format conversion for wired and wireless devices | |
CN1674590A (en) | System and method for viewing message attachments | |
CN1316152A (en) | Secure session set up based on wireless application protocol | |
CN1738275A (en) | Wireless communication system, communication device, communication controlling method, and communication control program | |
CN1697470A (en) | Telephone number change notification method and telephone number change notification system | |
CN1601960A (en) | Safety authentication method of cell phone bank system | |
CN1682228A (en) | System and method for integrating electronic mail accounts | |
CN1540550A (en) | Electronic keying system and use method thereof | |
CN102036181A (en) | Group communication method and device with contacts | |
CN102811228A (en) | Network business login method, equipment and system | |
CN1744490A (en) | System and method for searching and retrieving certificates |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |