CN1702998A - A method for inputting private data in network application - Google Patents

A method for inputting private data in network application Download PDF

Info

Publication number
CN1702998A
CN1702998A CN 200510050019 CN200510050019A CN1702998A CN 1702998 A CN1702998 A CN 1702998A CN 200510050019 CN200510050019 CN 200510050019 CN 200510050019 A CN200510050019 A CN 200510050019A CN 1702998 A CN1702998 A CN 1702998A
Authority
CN
China
Prior art keywords
data
input
software
transformation rule
service
Prior art date
Application number
CN 200510050019
Other languages
Chinese (zh)
Inventor
许戟
石国伟
Original Assignee
石国伟
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 石国伟 filed Critical 石国伟
Priority to CN 200510050019 priority Critical patent/CN1702998A/en
Publication of CN1702998A publication Critical patent/CN1702998A/en

Links

Abstract

This invention disclose one network application coding data input method, which generates data input conversion rules through service terminal software to convert the data into rules and the real data into input data and comprises the following steps: customer terminal software loading on the service software; the service software generating data input conversion rules and going back; user converting the original data by the rules; the customer terminal software sending the user input data; the server terminal software receiving the above data and converting it into original data for identification.

Description

The input method of private data in a kind of network application
Technical field
The present invention relates to a kind of data entry device, the input method of private data in particularly a kind of network application is used in the input of important private data such as user name in the network application, number of the account, bank's card number and password.
Background technology
Along with Internet development, network trading is more and more accepted by people, and safety how to guarantee online transaction also is the emphasis that people paid close attention to.Network payment in the network trading is owing to relate to confidential datas such as dealer's number of the account and password, and most of dealers have the psychology of strick precaution.Yet use the method for traditional input number of the account, password additional dynamic random cipher, be unable to escape malice wooden horse software stealing such data.In the reality transaction, cause the stolen situation of significant datas such as dealer's number of the account and password of common occurrence by this type of transaction data input method.Tracing it to its cause is because the data of user by inputs such as keyboards are exactly True Data, and Malwares such as wooden horse can intercept keyboard data in the very first time, or in transmission course such significant data of intercepting and capturing, the dealer is sustained a loss.
Summary of the invention
Technical problem to be solved by this invention is; overcome the defective that prior art exists; provide a kind of and can effectively protect the important private datas of in network application, inputing such as user name, number of the account, bank's card number and password, do not resided in the input method of private data in the network application that the Malware in client and the transmission course steals.
The present invention addresses the above problem the technical scheme that is adopted: the input method of private data in this network application, be characterized in: this private data input method is to generate data input transformation rule by service end software, the client user is according to this data input transformation rule, with the True Data of need inputs convert to input with data after input again, this input method may further comprise the steps:
A, client software sign in to service end software;
After b, service end software are received client-requested, produce data input transformation rule, and return to client software;
C, client software video data input transformation rule are given the user, and the user changes original True Data according to data input transformation rule;
D, user import the data after the conversion, and client software is to data encryptions such as username and passwords;
The data of sending the user to import on e, the client software are given service end;
F, service end software receive data, and are converted into original True Data according to data input transformation rule, confirm the correctness of data by the checking link.
The data input transformation rule that service end software is produced among the described step b of the input method of private data in the network application of the present invention is that stochastic and dynamic changes.
The input data that the user converts True Data data-driven input transformation rule among the described step c of the input method of private data in the network application of the present invention are ephemeral data at random.
If in the network application of the present invention in the described steps d of the input method of private data the user by data inputs transformation rule input data, then service end software verification data can be failed among the step f, service end software will be again generate data input transformation rule at random and return to client software, and then repeating step c, d, e, f.
The present invention compared with prior art has following useful effect: private data input method of the present invention is by producing one group of random data input transformation rule for each transaction, significant datas such as number of the account and password are imported by conversion, just in case the data of input are intercepted by rogue programs such as wooden horses, because these data are not original True Datas, for transaction from now on all is useless, can not cause damage to the dealer.Adopt this input method in network trading, to input important private datas such as user name, number of the account, bank's card number and password; the Malware that can effectively protect these significant datas of dealer not resided in client and the transmission course is stolen, and guarantees that the safety of online transaction is carried out.
Description of drawings
Fig. 1 is the input method operational flowchart of private data in the embodiment of the invention network application.
Fig. 2 is a client software page schematic diagram.
Embodiment
The client software such as browser on foreground and the service end software on backstage are arranged in the network trading.The input method of private data in this network application, be when client softwares such as browser land the server software of corresponding website, generate a data input transformation rule at random by service end software, and return to client software, client software shows this data input transformation rule on the page, the client user is according to this data input transformation rule, with the True Data of need input convert to input with data after input again, rather than directly import True Data.
Embodiment of the invention input method operating procedure is referring to Fig. 1, and this input method may further comprise the steps:
1, client software signs in to service end software, sends connection request.
2, after service end software is received client-requested, produce the data input transformation rule of a dynamic change at random, and this transformation rule is encrypted, return to client softwares such as browser.
Service end software is according to the time of different users, request, debarkation point or the like factor, according to specific software program, generate data input transformation rule at random, this data input transformation rule all is unique to land at every turn, and has ease for operation.According to the needs of input True Data, data input transformation rule can comprise the transformation rule of numeral, letter etc.
3, client software such as browser data input transformation rule deciphering that service end software is generated, and be shown to the user, the user changes original True Data according to this data input transformation rule.Because the transformation rule of foundation is unique, at random, so the input data that the user converts the True Data data-driven input transformation rule of determining to are ephemeral datas at random, only suitable this transaction.
4, the data input after the user will change, client softwares such as browser are to data encryptions such as username and passwords.
5, the data of sending the user to import on the client software are given service end.
6, service end software receives data, and is converted into original True Data according to data input transformation rule, confirms the correctness of data by the checking link.
If the user does not make mistakes by data input transformation rule input data or input, then service end software verification data can be failed; At this moment, service end software will be again data input transformation rule of regeneration and return to client software at random, and then repeating step 3,4,5,6.
During use, if user's true password is: 749285; The data input transformation rule that service end software produces at random is: 0-c 1-e 2-0 3-k 4-q 5-a 6-g 7-8 8-m 9-x; Client software page prompts: the password of please importing you for the True Data of protecting you by this rule; The data of the actual input of user become: 8qx0ma; Service end software converts it back to True Data 749285 after receiving these data, the line data of going forward side by side checking.Because when client software is logined at every turn, the transformation rule that service end software produces is at random, has stopped Malwares such as wooden horse to effectively the stealing of user's key in data, and has also guaranteed safety of data in the communication process.
The present invention not only does conversion to numeral, and letter is also changed.As the initial data as the user is kwigtx; Transformation rule is: a-b b-c c-d d-e e-f f-g g-7 h-i i-jj-k k-8 l-m m-n n-o o-p p-q q-r r-s s-t t-v u-v v-w w-xx-y y-z z-a; Then user input data is converted to: 8xj7vy.
The client software page shows example:
As certain dealer's card number is 9555505710205899
Then the client software page shows referring to Fig. 2.

Claims (4)

1, the input method of private data in a kind of network application, it is characterized in that: this private data input method is to generate data input transformation rule by service end software, the client user is according to this data input transformation rule, with the True Data of need inputs convert to input with data after input again, this input method may further comprise the steps:
A, client software sign in to service end software;
After b, service end software are received client-requested, produce data input transformation rule, and return to client software;
C, client software video data input transformation rule are given the user, and the user changes original True Data according to data input transformation rule;
D, user import the data after the conversion, and client software is to data encryptions such as username and passwords;
The data of sending the user to import on e, the client software are given service end;
F, service end software receive data, and are converted into original True Data according to data input transformation rule, confirm the correctness of data by the checking link.
2, the input method of private data in the network application according to claim 1 is characterized in that: the data input transformation rule that service end software is produced among the described step b is that stochastic and dynamic changes.
3, the input method of private data in the network application according to claim 2 is characterized in that: the input data that the user converts True Data data-driven input transformation rule among the described step c are ephemeral data at random.
4, according to the input method of private data in claim 1 or the 3 described network applications, it is characterized in that: if the user is not by data input transformation rule input data in the described steps d, then service end software verification data can be failed among the step f, service end software will be again generate data input transformation rule at random and return to client software, and then repeating step c, d, e, f.
CN 200510050019 2005-06-09 2005-06-09 A method for inputting private data in network application CN1702998A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 200510050019 CN1702998A (en) 2005-06-09 2005-06-09 A method for inputting private data in network application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 200510050019 CN1702998A (en) 2005-06-09 2005-06-09 A method for inputting private data in network application

Publications (1)

Publication Number Publication Date
CN1702998A true CN1702998A (en) 2005-11-30

Family

ID=35632536

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 200510050019 CN1702998A (en) 2005-06-09 2005-06-09 A method for inputting private data in network application

Country Status (1)

Country Link
CN (1) CN1702998A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101051904B (en) * 2007-05-17 2010-05-19 成都金山互动娱乐科技有限公司 Method for landing by account number cipher for protecting network application sequence
CN101374042B (en) * 2007-08-21 2011-03-02 联想(北京)有限公司 Auxiliary display system, apparatus and method
WO2011029270A1 (en) * 2009-09-11 2011-03-17 中国银联股份有限公司 Method for acquiring pin of smart card safely
CN103036853A (en) * 2011-09-30 2013-04-10 中国移动通信集团公司 Business data transmission method and device and business processing method and device
CN104618367A (en) * 2015-01-27 2015-05-13 杨勇 Transfer privacy device and data transmission method
CN106446668A (en) * 2015-08-13 2017-02-22 宇龙计算机通信科技(深圳)有限公司 Password unlocking method and device
CN107533702A (en) * 2015-03-06 2018-01-02 万事达卡国际股份有限公司 Dynamic payment account designator in payment system

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101051904B (en) * 2007-05-17 2010-05-19 成都金山互动娱乐科技有限公司 Method for landing by account number cipher for protecting network application sequence
CN101374042B (en) * 2007-08-21 2011-03-02 联想(北京)有限公司 Auxiliary display system, apparatus and method
WO2011029270A1 (en) * 2009-09-11 2011-03-17 中国银联股份有限公司 Method for acquiring pin of smart card safely
CN102024289A (en) * 2009-09-11 2011-04-20 中国银联股份有限公司 Method for acquiring passwords of intelligent card safely
CN103036853A (en) * 2011-09-30 2013-04-10 中国移动通信集团公司 Business data transmission method and device and business processing method and device
CN103036853B (en) * 2011-09-30 2016-01-27 中国移动通信集团公司 Business datum sending method and device, method for processing business and device
CN104618367A (en) * 2015-01-27 2015-05-13 杨勇 Transfer privacy device and data transmission method
CN107533702A (en) * 2015-03-06 2018-01-02 万事达卡国际股份有限公司 Dynamic payment account designator in payment system
CN106446668A (en) * 2015-08-13 2017-02-22 宇龙计算机通信科技(深圳)有限公司 Password unlocking method and device

Similar Documents

Publication Publication Date Title
US10824714B2 (en) Method and system for securing user access, data at rest, and sensitive transactions using biometrics for mobile devices with protected local templates
US9450969B2 (en) System and method for key challenge validation
US9838205B2 (en) Network authentication method for secure electronic transactions
RU2639674C2 (en) Authentication method and system
US9426134B2 (en) Method and systems for the authentication of a user
US10069804B2 (en) Tokenization of structured data
RU2506637C2 (en) Method and device for verifying dynamic password
AU2007217172B2 (en) Pin servicing
AU2010240822B2 (en) System and method for personal certification using a mobile device
US20160307194A1 (en) System and method for point of sale payment data credentials management using out-of-band authentication
DE602004012996T2 (en) Method and device for authenticating users and websites
US7149899B2 (en) Establishing a secure channel with a human user
CN102025710B (en) Multi-application smart card and the many AMSs of smart card and method
US7908223B2 (en) System and method for conducting secure transactions
US20180060878A1 (en) Data authenticity identification method and device for safety check of two-dimensional code
US8732477B2 (en) Graphical image authentication and security system
US7650310B2 (en) Technique for reducing phishing
CN102880960B (en) Based on the payment by using short messages method and system of fingerprint recognition mobile phone
RU2263407C2 (en) Data protection method
US20120323700A1 (en) Image-based captcha system
CN101316169B (en) Network identity verification method based on internet third party biological characteristic validation
US7073067B2 (en) Authentication system and method based upon random partial digitized path recognition
US10635835B2 (en) Decentralized token table generation
CN101183932B (en) Security identification system of wireless application service and login and entry method thereof
CA2649015C (en) Graphical image authentication and security system

Legal Events

Date Code Title Description
PB01 Publication
C06 Publication
SE01 Entry into force of request for substantive examination
C10 Entry into substantive examination
WD01 Invention patent application deemed withdrawn after publication
C02 Deemed withdrawal of patent application after publication (patent law 2001)