201112720 六、發明說明: 【發明所屬之技術領域】 本發明是關於一種「以通信裝置識別碼及動態 密碼作為網路身份驗證與辨識詐騙電話之方法」,特 別是針對目前在網路所推廣之動態密碼驗證方式的 缺失,而加以研發創新出驗證安全性等級更高,直 更易被網路使用者接受之網路身份驗證的方法。 【先前技術】 現代人使用網際網路(World Wide Web )來進行 各種網路購物、網路線上遊戲、網路金融交易及其 他電子商務等活動’已是日常生活中不可或缺又極 為普遍之現象,但伴隨而來的各種網路駭客之破壞 行為也愈來愈多,其大致上可歸納如下: 1. 木馬程式之危害:根據刑事警察局偵九隊說 明,所謂「木馬程式」是指具有短小、精幹、安裝 万便與不意被查覺等特點之軟體;當電腦一但被植 入木馬程式後,攻擊者便可以遠端下載方式,刪除 或列印受攻擊電腦中之資料,也可以由遠端取得對 方的帳號與密碼,或是對用戶的電腦進行自動追蹤 與監督。 2. 網路釣魚(Phishing)騙取客戶密碼之危坐. 根據反網路釣魚工作小組(APWG)之定義,網路约 201112720 魚是利用偽造電子郵件與網站作為誘餌,愚弄使用 者我漏如銀行帳戶密碼、信用卡號碼等個人機密資 料。 •互動式假網站(Man-in-the-Middle)窥改交易201112720 VI. Description of the Invention: [Technical Field of the Invention] The present invention relates to a method for using a communication device identification code and a dynamic password as a network authentication and identification fraudulent telephone, in particular for the current promotion on the Internet. The lack of dynamic password authentication methods has led to the development of innovative methods for verifying the security level and making network authentication more acceptable to network users. [Prior Art] Modern people use the World Wide Web to conduct various online shopping, online online games, online financial transactions and other e-commerce activities. 'It is indispensable and extremely common in daily life. Phenomenon, but the accompanying behaviors of various Internet hackers are becoming more and more, which can be summarized as follows: 1. The harm of Trojan horse program: According to the Criminal Police Bureau’s detective team, the so-called "trojan horse program" is It refers to software that has the characteristics of being short, capable, installed, and unintentionally detected. When the computer is implanted in the Trojan, the attacker can remotely download and delete or print the data in the attacked computer. It is also possible to obtain the other party's account number and password from the remote end, or to automatically track and supervise the user's computer. 2. Phishing swindles the customer's password. According to the definition of the Anti-Phishing Working Group (APWG), the Internet is about 201112720. The fish uses fake emails and websites as bait to fool users into leaking bank accounts. Personal confidential information such as passwords and credit card numbers. • Man-in-the-Middle pessing transaction
內谷之危害.其係由駭客躲藏在銀行與網路用戶端 &間,以偽裝的銀行網站,一邊與用戶連線互動竊 取資料,一邊產生假的交易資料,傳送至銀行真實 "罔站進行交易,使得網路用戶端發生之金錢損失。 綠疋’為防止上述各 已因應發展出以0TP動態密碼作為驗證之方法, 由—些「OTP t態密碼驗證單位」之營利事業法 推廣中,其主要是使用隨機亂數產生的密瑪,依 網路使用者每次進行其所需之網路活動時,而每 產生不同的密碼’也就是—次性密碼( p—’簡稱〇TP)亦稱為「動態密碼」,骇客1 使攔截到該次的「動態密碼 π 也無法應用到- —人的登入(Login)來危害網路 r ^ ^ ^ 更用者,因此,| 、動態W不可預測性、不會重覆性和—⑸ 效性被4為是當前最能夠最 身份驗臂方十、 取有效解決使用者的安全 身份㈣万式…其可有效防範木馬程 釣魚、間諜程式、假網站等多種網路' 至於而該習知勳態密碼驗證:工擊間题。 万法係如第一圖所 201112720 示,其步騾包含: A.由網路使用者先申請註冊成為「動態密碼驗 證單位」之會員; • B ·以上網裝置進入與「動態密碼驗證單位」有合 作 其 中 — 線 上 網 站,並點 選 該線 上網站 之「 動 態 密 場 驗 證 網 頁 C. 將 註 冊會 員 時所指定 之 『帳號』及『 密碼 JI 完 成 輸 入 至 該 動 態 密 碼驗證網 頁 中之 「帳號 」及 厂 密 碼 J 攔 位 內 » j D. 厂 動 態 密 碼 驗證單位 j 收到 『帳號 』及 Γ 密 碼 後 會 產 生 — 組『動態 密 碼』, 並以電 信簡 訊 將 該 Γ 動 態 密 碼 j 撥 打傳送至 網 路使 用者指 定之 行 動 電 言舌 中 , 來 告 知 網 路使用者 當 次的 『動態密碼j • 1, E. 網 路 使 用 者 將閲讀自 其 行動 電話所 接收 電 信 簡訊中的『動態密碼』’再輸入至該線上網路之「動 態密碼驗證網頁」中的「動態密碼驗證欄位」內; F.該線上網站即會將該動態密碼傳送至「動態密 碼驗證單位」,並經「動態密碼驗證單位」的電腦驗 證系統’比對所接收的『動態密碼』與透過電話簡 訊傳迭告知網路使用者的『動態密碼』相符合時, 即在該線上網站之「動態密碼驗證網頁」中出現「登 入成功」;反之,則出現「登入失敗 5 201112720 前述習知動態密碼驗證之方法自從被推廣後, 雖已獲得某些金融銀行、線上遊歲及網路購物等公 用,但從2〇〇7年以來卻遇上了瓶頸而無法 决速增長’其原因有兩點如下: κ由於行動電話的普及具有上網之功能,使得行 動電話歷史上的第!隻病毒「Cabir」與第2隻病毒 「Co_Warri〇r」分別在2〇〇4年6月及彻5年1月 誕生其中’菸「Cabir」病毒之主要特徵是自動搜 尋四周有藍牙功能的智慧型行動電話,不斷向搜尋 到的行動電話發送訊號,受感染的行動電話螢幕上 會出現「〜如」文字,電池待機時間也會因而縮短; 而該「C〇mmWarri〇r」則會利用多媒體簡訊將病毒傳 給行動電話中的所有聯絡人,且不斷發送簡訊造成 行動電話之費用損失;2007年7月西班牙警方逮捕 撰寫這2隻手機病毒的28歲駭客,他所製造的變種 病毒已使仿1 1.5萬支智慧型行動電話受到感染。 此外,在2007年後又陸續發現行動電話病毒已 進步到會臥底’財圑法人資訊工業策進會(簡稱資 策會)的市場情報中心(MIC )指出,目前已發現行 動電p舌病毒會隱藏在簡訊内發送,一旦使用者開啟 簡訊後,就會在完全沒察覺的情形下被安裝侧錄程 式,盜取行動電話裡頭的資訊,甚至側錄對話內容, 201112720 資策屬^、 會l MIC又發現,此類臥底病毒會在用戶完全 ^Γ*" =、到異常的情形下,盜取或刪除手機內的個人 通訊錄、簡訊、行程安排、銀行帳號、密碼等重要 Ρ息,因此,上述步騾D中的「動態密碼」因為是 電信簡訊方式來傳送給網路使用者,一旦該網路 _者的行動電話遭到骇客之侧錄程式侵害後,便 會讓駭客獲知該網路使用者每次之「動態密碼」,進 能、輕易地假冒成該網路使用者之身份來騙過「動 態密瑪驗證單位」的電腦驗證系統,致使整個動態 密瑪驗證的功能喪失及無效。 2.又如前述步騾D所述,當每次遇有網路使用 者要求做身份驗證時,該「動態密碼驗證單位」所 撥打發送當次「動態密碼」給網路使用者的電信簡 訊費用,均是由該與「動態密碼驗證單位」所合作 之線上網站業者來支付,故線上網站業者除須支付 固疋电je簡訊之成本外,更有發生因被其競爭對手 或駭客發送之惡意程式誘發數量龐大之無效「動態 密碼」簡訊的情形,其結果不但會增加業者無謂之 電信支出’亦大幅地降低所有線上網站業者們導入 成為「動態密碼」驗證機制之意願,以致使得整個 推廣上的速度不增反減。The harm of the inner valley. It is hidden by the hacker between the bank and the network client & the disguised bank website, while interacting with the user to steal information, while generating fake transaction data, transmitting to the bank real " The transaction of the website causes the money loss of the network client. In order to prevent the above-mentioned methods of developing the 0TP dynamic password as the verification method, the "OTP t-state password verification unit" is mainly used to promote the use of random random numbers. Each time a network user performs its required network activity, each time a different password is generated, that is, a secondary password (p-'s 〇TP) is also called a "dynamic password", and the hacker 1 makes The "Dynamic Password π" that intercepts this time can't be applied to - the person's login (Login) to harm the network r ^ ^ ^ more users, therefore, | dynamic W unpredictability, not repeatability and - (5) The effectiveness is 4 is the most capable of the most positive arm. It is effective to solve the user's security identity. (4) 10,000... It can effectively prevent multiple networks such as Trojan horse fishing, spyware, fake websites, etc. The singularity of the cryptographic password verification: the work-and-work problem. The 10,000-law system is shown in the first figure 201112720, and its steps include: A. The network user first applies for registration as a member of the "Dynamic Password Verification Unit"; Network device entry and "dynamic density The verification unit has cooperated with - the online website, and clicks on the online website "Dynamic secret field verification page C. The "account number" and "password JI specified by the registered member are entered into the dynamic password verification page" "Account" and factory password J in the block » j D. Factory dynamic password verification unit j will receive the "account number" and Γ password will be generated - group "dynamic password", and send the dynamic password j to the telecom newsletter to The network user specifies the mobile phone voice to inform the network user of the current "dynamic password j · 1, E. Internet users will read the "dynamic password" in the telecom newsletter received from their mobile phones. 'Re-enter the "Dynamic Password Verification Field" in the "Dynamic Password Verification Page" of the online network; F. The online website will transmit the dynamic password to the "Dynamic Password Verification Unit" and Password Verification Unit" Computer Verification System' When the received "Dynamic Password" matches the "Dynamic Password" of the network user through the phone message, the "Login Success" appears on the "Dynamic Password Authentication Page" of the online website; otherwise, "Login failure 5 201112720 The above-mentioned method of dynamic password verification has been implemented. Although it has been acquired by some financial banks, online upstream and online shopping, it has encountered bottlenecks since 2-7 years. There are two reasons for this: "The popularity of mobile phones has the function of accessing the Internet, making the history of mobile phones the first!" The virus "Cabir" and the second virus "Co_Warri〇r" were born in June, 2004 and January, respectively. The main feature of the 'Cabir' virus is the automatic search for Bluetooth-enabled wisdom. The type of mobile phone constantly sends a signal to the searched mobile phone. The "~如" text appears on the infected mobile phone screen, and the battery standby time is shortened. The "C〇mmWarri〇r" uses multimedia. The newsletter passed the virus to all the contacts in the mobile phone, and the continuous sending of the newsletter caused the loss of the mobile phone. In July 2007, the Spanish police arrested the 28-year-old hacker who wrote the two mobile phone viruses. The variant virus he made has made Imitation 15,000 smart mobile phones were infected. In addition, after 2007, it was discovered that the mobile phone virus has progressed to the bottom of the market intelligence center (MIC) of the Financial Institutions Industry Council (referred to as the CMC), and it has been found that the mobile phone virus virus has been discovered. Hidden in the SMS to send, once the user opens the newsletter, it will be installed in the side of the program without any awareness, stealing the information inside the mobile phone, and even side-by-side dialogue content, 201112720 MIC also found that such undercover viruses will steal or delete personal address books, newsletters, itineraries, bank accounts, passwords, etc. in the phone when the user is completely Γ*" =, in an abnormal situation, Therefore, the "dynamic password" in the above step D is transmitted to the network user because it is a telecom short message method, and once the mobile phone of the network_person is attacked by the hacker's side recording program, the hacker will be allowed. Knowing the "Dynamic Password" of the Internet user every time, it can easily spoof the identity of the Internet user to deceive the computer authentication system of the "Dynamic Mima Verification Unit". Dynamic verification secret Ma and loss of function is invalid. 2. As described in the foregoing step D, each time a network user requests authentication, the "Dynamic Password Authentication Unit" dials the telecommunication message sent by the "Dynamic Password" to the network user. The fees are paid by the online website operators who cooperate with the "Dynamic Password Verification Unit". Therefore, in addition to the cost of the je 疋 newsletter, the online website operators are more likely to be sent by their competitors or hackers. The malicious program induced a large number of invalid "dynamic password" newsletters, the result will not only increase the operator's unnecessary telecom expenditures', but also greatly reduce the willingness of all online website operators to import into a "dynamic password" verification mechanism, so that the whole The speed of promotion does not increase or decrease.
此外’由於網際網路與公共交換電話網路pSTN 201112720 (Public Switched Telenhn” 'τIn addition, due to the Internet and public switched telephone network pSTN 201112720 (Public Switched Telenhn" 'τ
PhQne Network)已完成系統 又間的互相連結,許多駭客撰寫程式後再透過網路 發話來達成電話之詐騙,其方式係以竄改來電顯示 ㈣而達到欺H電話受話者之目的,因此駭客結合 詐騙集團而將來電顯示竄改為特定電信公司之客 服、法院、銀行...等號碼以取信被害人,以遂行其不 法詐_已層出不窮’且有與日俱增之情沉,故 如何遏止此犯罪之歪風,乃為刻不容缓之事。 【發明内容】 故而’本發明之主要目的在提供—種「以通, 裝置識別冑及動態m乍為網路身份驗證之^ 法」,其步騾包含: a. 導引網路使用者每次進入特定網站後,即要求 其必須選通信裝置,並將該通信裝置所專屬對 應之『通信裝置識別碼』輸入該特定網站之動態網 頁中的通信裝置識別碼欄位內; b. 該特定網站之網站伺服器收到該『通信裝置:、 別碼』後,會立即產生-相應之『動態密碼』,^ 示於動態網頁中的動態密碼欄位上,同時又將該『4 信裝置識別碼』及『動態密碼』一起儲存於網< 站通 服器之驗證資料庫內; # C. 網路使用者用其選定之通信裝置,將目視來 201112720 動態網頁中動態密碼攔位上的r動態密碼』,主動以 電6簡訊之方式傳送至特定網站所指定的受信端; d.受信端收到上述電.信簡訊時,會主動偵測得知 . 該電信簡訊之通信裝置所專屬之『通信裝置識別 * 碼』,並立即與該電信簡訊内的『動態密碼』—起傳 送至特定網站之驗證資料庫内進行比對,若與該驗 證資料庫內所儲存的『通信裝置識別碼』及『動態 Φ 密馬』均相符合,即在該特定網站之動態網頁中出 現「驗證成功」或相類似之語M ;反之,若比對有 其中一項不符合,則出現「驗證失敗」或相類似之 語詞。 由上述步驟b及c可知,本發明中其「動態密 碼」7C直接由特定網站之動態網頁來告知網路使用 纟,而非習知以電信簡訊方式來告知,故不會因網 • 路使用者之通信裝置(例如行動電話)遭駭客側錄 而有外洩之情形’完全不會發生『動態密碼』被他 人或駭客故意知悉所導致損害之缺失。 本發明之另—目的在提供一種「以通信裝置識 別碼及動態密碼作為網路身份驗證之方法」,由於本 *明步驟C中的『動態密碼』是由網路使用者探、、主 動撥打電簡訊之方式,故其電信費用亦由該網 路使用者支付’而網站業者完全不必負擔該電信費 9 201112720 用之成本’更不必害怕遭受競爭對手㈣客,所發 送惡意程式㈣數量龐大之減「動f㈣」簡訊 的tt形’故可大幅提高所有線上網站業者們導入成 為「動態密碼」I證機制之意願;再者,在本發明 步驟d +之驗證比對參數上係包#「通信裝置識別 碼」及「動態密碼」Μ項,只要有其中—項不符合 即無法通過驗證,故其安全性遠較習知僅以單一「動 態密碼」之比對方式來得更高。 本發明之又-目的在提供—種「以通信裝置識 别碼及動態密碼作為辨識詐騙電話之方法」,其主要 是在電信用戶帛受由電信公司纟客服、法院、銀行..· 發出之電話時,該電信用戶會同時收到一『動態密 碼』;當電信用戶懷疑所接聽由電信公司之客服、法 院、銀行…發出之電話懷疑是詐騙電話時,電信用戶 可用受話的通信設備將收到的『動態密碼』,以語音 或簡訊方式傳送到指定之詐騙電話驗證號碼進行驗 證。若IH登通過貝^戶可以得知該次發話確實是由 電信公司之客服、法院、銀行...等特定單位發出,若 驗證不通過或是沒有接冑『動t密瑪』,貝^得知該 先前所接聽之電話為詐騙電話,因此,電信用戶可 以輕易判斷該發話端是不是詐編電話,並同時保護 電信用戶的通信隱私,因只有持有該通信設備的電 10 201112720 信受話者可要求驗證,若無持有該電信受話者之、 信設備的其他人均無法要求驗證。 < 通 【實施方式】 t錢第二®及第三圖所示,本㈣是—種% . 通信裝置識別碼及動態密瑪作為網路身份驗證與: 識詐騙電話之方法」,其步騾包含: a.導引網路使用者10經由網際網路w每次進 # 肖定網站2G後,即要求其必須選定-通信裝置3(^ 並將該通信裝置30所專屬對應之『通信裝置識別碼』 3 1輸入該特定網站20之動態網頁22中的通信裝置 識別碼欄位23内;其中,若該網路使用者1〇不願 將其通秸裝置識別碼』31輸入時,即表示選揮放 棄接受網路身份驗證之服務; b•特定網站20之網站伺服器21收到該『通信裝 φ 置識別碼』3 1後,會立即產生—相應之『動態密礁』 32並顯示於動態網頁22中的動態密碼欄位24上, 同時又將該『通信裝置識別碼』3丨及『動態密碼』 32 —起儲存於網站伺服器21之驗證資料庫25内; e.網路使用者10用其選定之通信裝置3〇,將目 視V來自動態網頁22中動態密碼欄位上的『動 態密瑪』32 (如第三圖中之標示符號v所示),主動 以電允簡訊之方式傳送至特定網站2〇所指定的受倌 201112720 端40 ; d_受信端40收到上述電信簡訊時,會主動侦測 得知該電信簡訊之通信裝置30所專屬之『通信裝置 識別碼』3 1,並立即與該電信簡訊內的『動態密碼 32 —起傳送至特定網站20之驗證資料庫25內進行 比對,若與該驗證資料庫25內所儲存的r通信裝置 識別碼』3 1及『動態密碼』32均相符合,即在該特 定網站20之動態網頁22中出現「驗證成功」或相 類似之語詞;反之,若比對有其中一項不符合,則 出現「騄證失敗」或相類似之語詞。 其中’步驟a中該通信裝置30若為固網電話 時’則其相應之『通信裝置識別碼』31即是該固網 電話之固網電話號碼;而該通信裝置3〇若為行動電 話時,則其相應之『通信裝置識別碼』3 1可以是該 行動電話之行動電話號碼’或是該行動電話之用戶 識別模組(SIM,Subscriber Identity Module)的資料。 而步騾c中該電信簡訊之傳送方式,可更換成 電信語音或影像之傳送方式^ 另步驟d中該受信端之電話號碼可更設為電信 簡碼’且不論是電話號碼或是電信簡碼,其均是以 媒體廣告之宣傳方式來讓公眾接收得知。 因此’當某一網路使用者1 〇進入—特定網站2 〇 201112720 (例如網路購物網站)後,選定以其合法申請使用 之行動電話做為通信裝置3 〇 ’假設該行動電話之電 話號碼為「U3456789」,則其應輸入之『通信裝置 識別碼』31即為「123456789」,而在特定網站2〇之 網站伺服器21收到該「123456789」之『通信裝置 識別碼』3 1時,便會產生當次相應之『動態密碼』 32 ’假設該『動態密碼』32為「〇987」,則網路使用 1 〇便可在動態網頁2 2的動態密碼欄位2 4中看到 顯示當次之動態密碼為「0987」,此時,網路使用者 10只要用該行動電話碼為r 123456789」之行動電 話,將該動態密碼「0987」以簡訊傳送至受信端4〇, 便可通過身份驗證而進入至網路購物網站開始購 物,其中,在前述操作過程中,即使駭客已早知道 網路使用者之行動電話號碼為「123456789」,但因 無法輕易假冒其『通信裝置識別碼』,故無法達成假 冒其身份來通過驗證而進入網路購物網站去遂行其 犯罪破壞之行為,同樣地,假設駭客已攔截到要進 ^該網路購物網站之網路使用者的『動態密碼』為 0987」’卻也因無法同時知道該網路使用者之『通 信裝置識別碼』為「123456789」,以致無法通過身 份驗證’故本發明之安全性確實遠較習知動態密碼 驗證之方法要高,進而能讓所有重視網路交易安全 13 201112720 之網路消費者完全放心使用。 再如第四圖所示,其中,該步驟b中『動態密 碼』32的顯示方式’更可以透過電子郵件32a,或 網路通訊語音32b’或電信語音32c,或電信簡訊32d 等不同之方式來顯示及告知網路使用者1〇。 又如第五圖所示’其中,該步驟b中『動態密PhQne Network) has completed the interconnection of the system. Many hackers write the program and then send a message over the Internet to achieve the phone fraud. The way is to tamper with the caller ID (4) to achieve the purpose of bullying the H-phone callee. In combination with fraudulent groups, the caller ID is changed to the number of customer service, courts, banks, etc. of a specific telecommunications company to win the trust of the victim, so that the illegal fraud has been carried out _ has emerged in an endless stream, and there is growing enthusiasm, so how to curb the hurricane of this crime It is an urgent task. SUMMARY OF THE INVENTION Therefore, the main purpose of the present invention is to provide a method of "passing, device identification, and dynamic m乍 for network authentication", the steps of which include: a. After entering a specific website, it is required to select a communication device, and input the "communication device identification code" corresponding to the communication device into the communication device identification code field in the dynamic webpage of the specific website; b. After receiving the "communication device:, other code", the website server of the website will immediately generate the corresponding "dynamic password", which is displayed on the dynamic password field in the dynamic web page, and the "4 letter device" The identification code and the "dynamic password" are stored in the verification database of the network < station server; # C. The network user uses the selected communication device to visually access the dynamic password block in the 201112720 dynamic web page. The r dynamic password is actively transmitted to the trusted end designated by the specific website in the form of a telegram 6; d. When the receiving end receives the e-mail message, it will actively detect the communication device of the telecommunication newsletter. The exclusive "communication device identification* code" is immediately compared with the "dynamic password" in the telecommunication newsletter and transmitted to the verification database of the specific website, if the communication is stored in the verification database. "Device ID" and "Dynamic Φ Mima" are consistent, that is, "verification success" or similar language M appears on the dynamic webpage of the specific website; otherwise, if one of the comparisons does not match, then it appears "Verification failed" or a similar term. It can be seen from the above steps b and c that in the present invention, the "Dynamic Password" 7C directly informs the network of the use of the dynamic webpage of the specific website, instead of knowing it by means of the telecommunications newsletter, so it will not be used by the network. The communication device (such as a mobile phone) has been leaked by the hacker and has been leaked. 'The dynamic password is not deliberately misunderstood by others or hackers. Another object of the present invention is to provide a method for "using a communication device identification code and a dynamic password as a network authentication method", since the "dynamic password" in step C of this document is detected by a network user and actively dialed. The way of electricity newsletter, so the cost of telecommunications is also paid by the users of the network' and the website operators do not have to bear the cost of the telecommunications fee. 9 201112720 The cost of 'not to be afraid of being attacked by competitors (4), the number of malicious programs sent (four) is huge Decreasing the "tt-shaped" of the "following f(4)" newsletter can greatly increase the willingness of all online website operators to import into a "dynamic password" I-certification mechanism; in addition, in the verification of the step d + of the present invention, the parameter is packaged #" The "Communication Device Identification Code" and "Dynamic Password" items cannot be verified if they are not met, so the security is far higher than the conventional method of comparing only a single "dynamic password". Still another object of the present invention is to provide a "method of identifying a fraudulent telephone by using a communication device identification code and a dynamic password", which is mainly for a telecommunications user to receive a call from a telecommunications company, a customer service, a court, or a bank. At the same time, the telecommunications user will receive a "dynamic password" at the same time; when the telecommunications user suspects that the telephone sent by the telecommunications company's customer service, court, bank, etc. is suspected to be a fraudulent telephone, the telecommunications subscriber will receive the received communication equipment. The "Dynamic Password" is transmitted by voice or SMS to the specified fraudulent phone verification number for verification. If IH goes through the households, it can be known that the utterance is actually sent by the telecommunications company's customer service, court, bank, etc. If the verification fails or does not follow the "moving t-mima", Bei ^ Knowing that the previously answered call is a fraudulent call, the telecommunication user can easily determine whether the caller is a fraudulent call and at the same time protect the communication privacy of the telecommunication subscriber, since only the person holding the communication device receives the call 10 201112720 Verification can be requested, and no other person who holds the telecommunications caller's equipment can request verification. <Through [Embodiment] t money second and third figures, this (four) is -%. Communication device identification code and dynamic megamar as a network authentication and: method of knowing fraudulent calls", the steps骡 Included: a. Guided network user 10 via the Internet w every time after entering the Xiaoding website 2G, it is required to select the communication device 3 (^ and the corresponding communication device 30 The device identification code 』 3 1 is input into the communication device identification code field 23 in the dynamic web page 22 of the specific website 20; wherein, if the network user 1 does not want to input the stalk device identification code 』31, That is to say, the server chooses to abandon the service of accepting the network authentication; b. The website server 21 of the specific website 20 receives the "communication device identification code" 3 1 and immediately generates the corresponding "dynamic close-up" 32 And displayed in the dynamic password field 24 in the dynamic webpage 22, and the "communication device identification code" 3" and the "dynamic password" 32 are stored in the verification database 25 of the website server 21; e. The network user 10 will use his selected communication device 3〇 to view V From the dynamic webpage 22, the "Dynamic Mimar" 32 on the dynamic password field (as indicated by the symbol v in the third figure) is actively transmitted to the designated website of the specific website 2 by means of the power transmission newsletter. The receiving end 40; d_ receiving terminal 40 will actively detect the "communication device identification code" 311 unique to the communication device 30 of the telecommunication newsletter and immediately communicate with the "news" in the telecommunication newsletter. The password 32 is transmitted to the verification database 25 of the specific website 20 for comparison, and if it is consistent with the r communication device identification code 3 1 and the "dynamic password" 32 stored in the verification database 25, "Verification success" or similar words appear in the dynamic web page 22 of the specific website 20; conversely, if one of the comparisons does not match, a "defective failure" or a similar word appears. If the communication device 30 is a fixed line telephone, then the corresponding "communication device identification code" 31 is the fixed network telephone number of the fixed line telephone; and if the communication device 3 is a mobile phone, the corresponding "Communication device knowledge The code "3 1 may be the mobile phone number of the mobile phone" or the information of the subscriber identity module (SIM) of the mobile phone. The transmission mode of the telecommunication message in step c can be replaced with a telecommunication. Voice or video transmission method ^ In step d, the telephone number of the trusted terminal can be further set to the telecom short code 'and whether it is a telephone number or a telecom short code, it is publicized by the publicity of the media advertisement. Therefore, 'When a certain network user enters the specific website 2 〇201112720 (for example, online shopping website), the mobile phone that is legally applied for is selected as the communication device. If the telephone number is "U3456789", the "communication device identification code" 31 to be entered is "123456789", and the website server 21 on the specific website 2 receives the "communication device identification code" of "123456789". At 1 o'clock, the corresponding "Dynamic Password" 32 will be generated. Assuming that the "Dynamic Password" 32 is "〇 987", the network can use 1 〇 to be dynamic on the dynamic web page 2 2 In the password field 2 4, the dynamic password is displayed as "0987". At this time, the network user 10 only needs to use the mobile phone with the mobile phone code r 123456789" to send the dynamic password "0987" as a short message. After being transmitted to the trusted terminal 4, the user can enter the online shopping website to start shopping through authentication. In the foregoing operation, even if the hacker already knows that the mobile phone number of the network user is "123456789", Because it is not easy to fake its "communication device identification code", it is impossible to obtain the identity of the counterfeit and enter the online shopping website to verify its criminal damage. Similarly, assume that the hacker has intercepted the network. The "dynamic password" of the network user of the shopping site is 0987"', but it is also impossible to know that the "communication device identification code" of the network user is "123456789", so that the authentication cannot be authenticated. Sex is indeed far more sophisticated than the traditional method of dynamic password verification, which in turn allows all Internet consumers who value Internet transaction security to be completely assured. As shown in the fourth figure, the display mode of the "dynamic password" 32 in the step b can be different through the e-mail 32a, or the network communication voice 32b' or the telecommunication voice 32c, or the telecommunication newsletter 32d. To display and inform network users 1〇. Another example is shown in the fifth figure, where the dynamic density is
碼』32的產生方式,另可更由習知之動態密碼產生 器50來產生,而網路使用纟1〇再目視來自該動態 密碼產生器50中㈤『動態密碼』32,主動以電信簡 訊之方式傳送至該特定網站2〇所指定的受信端… 係本發明「以通信裝置 昨騙電話之方法」,其步 另請參閱第六圖所示, 識別碼及動態密碼作為辨識 騍包含: t網# m± λ 疋通站後於 所相對應之、通信装置話端之通信 b·該特定網站隨即對 碼』,產生—相應之『動::接收之『通信裝置 傳輸至對應於該『通俨装、:碼』並透過其動態 同時又將該『通信識別瑪』之通信裝 存於其內部之驗證資料及『動態密碼 ❹自『通㈣置識別碼 201112720 通信裝置_『動態密碼』,並以 送至該特定網站所指定的受信端; "$ d.受信端收到受話端使用者自己通信裝置之『通 識別碼』及其所發送的『動態密碼』後,會 立即與步驟b之驗證資料庫內的F通信 及『動態密碼』進行相互比對,若比對相J 』 %對相符合,即 該特定網站之動態網頁中出現「驗證成功」或類The method of generating the code 32 can be further generated by the conventional dynamic password generator 50, and the network uses 纟1〇 to visually view the (dynamic) password 32 from the dynamic password generator 50, and actively uses the telecommunication newsletter. The method is transmitted to the trusted terminal designated by the specific website 2, which is the method for spoofing the telephone by the communication device, and the method of referring to the sixth figure, the identification code and the dynamic password are identified as: After the network #m± λ 疋通站, the corresponding communication, the communication device's communication, b. The specific website is immediately coded, and the corresponding "moving: receiving" communication device is transmitted to correspond to the Through the installation, the code and the dynamics of the communication of the "communication identification" are stored in the internal verification data and the "dynamic password" from the "four (four) identification code 201112720 communication device _ "dynamic password" And sent to the trusted end designated by the specific website; "$ d. The receiving end will receive the "password" of the communication device of the receiving end user and the "dynamic password" sent by the receiving end, and will immediately step b. The F communication and the "dynamic password" in the verification database are compared with each other. If the comparison phase J % % matches, that is, "verification success" or class appears in the dynamic webpage of the specific website.
:之輸出;反之’若比對不符合,則出現「驗證失 敗」或類似之輸出。 其中,該步驟a中之通信裝置保為固網電話, 而其相應之『通信裝置識別碼』係為固網電話號碼。 而該步騾a中之通信裝置係'為行動電話,則其 相應之『通信裝置識別碼』係為行.動電話號瑪,或 行動電話之用戶識別模組(SIM,Subscriber Identity Module )之資料。 另,該步騾b中『動態密碼』的傳輸方式,可 更為電子郵件,或網路通訊語音,或電信語音,或 電信簡訊等方式。 又,該步騾c中以電信簡訊進行傳輸之方式, 可更為電信語音或影像傳輸之方式者。 再者,該步驟c中之受信端的電話號碼可更設 為電信簡碼,且該電話號碼或電信簡碼均是以廣告 15 201112720 宣傳方式而讓公眾可得知。 【圖式簡單說明】 第-圖:係習知動態密碼驗證方法之步驟流程圖。 第二圖.發明中以通信裝置識別瑪及動態密瑪 作為網路身份驗證之方法的步驟流程圖。 第三圖:係第二圖之作動方塊圖。 第四圖:係本發明中以通信裝置識別瑪及動態密碼 作為網路身份驗證之方法另一實施例的作 動方塊圖。 第五圖 係本發明中以通信裝置識別碼及動態密碼 作為網路身份驗證之方法又—實施例的作 動方塊圖》 第六圖 係本發明中以通信裝置識別碼及動態密碼 作為辨識詐騙電話之方法的步騾流程圖。 【主要元件符號說明】 20-特定網站 22-動態網頁 24-動態密碼欄位 30-通信裝置 32-動態密碼 32b -網路通訊語音 32d-電信簡訊 50-動態密碼產生器 W-網際網路 10-網路使用者 21-網站伺服器 23-通信裝置識別碼欄位 25-驗證資料庫 3 1 -通信裝置識別碼 32a-電子郵件 32c-電信語音 40-受信端 V-目視 16: Output; otherwise 'If the comparison does not match, then "Verification failed" or similar output appears. Wherein, the communication device in the step a is secured as a fixed line telephone, and the corresponding "communication device identification code" is a fixed network telephone number. The communication device in the step a is a mobile phone, and the corresponding "communication device identification code" is a mobile phone number, or a subscriber identity module (SIM, Subscriber Identity Module) of the mobile phone. data. In addition, the transmission method of "dynamic password" in the step b can be more e-mail, or network communication voice, or telecom voice, or telecommunication newsletter. Moreover, the method of transmitting the telecommunication newsletter in the step c can be more convenient for telecom voice or video transmission. Furthermore, the telephone number of the trusted end in the step c can be further set to the telecom short code, and the telephone number or the telecom short code is made public by the advertisement 15 201112720. [Simple description of the diagram] Fig.: Flow chart of the steps of the conventional dynamic password verification method. Fig. 2 is a flow chart showing the steps of the method for recognizing a horse and a dynamic megama as a method of network identity verification in the invention. The third picture is the action block diagram of the second picture. Fig. 4 is a block diagram showing an operation of another embodiment of the method for recognizing a device and a dynamic password as a method of network authentication in the present invention. The fifth figure is a method for verifying the communication device identification code and the dynamic password as the network identity verification in the present invention. The sixth diagram is the identification of the fraudulent telephone using the communication device identification code and the dynamic password in the present invention. Step-by-step flow chart of the method. [Main component symbol description] 20-specific website 22-dynamic webpage 24-dynamic password field 30-communication device 32-dynamic password 32b-network communication voice 32d-telecom newsletter 50-dynamic password generator W-internet 10 - Network User 21 - Website Server 23 - Communication Device Identification Code Field 25 - Authentication Database 3 1 - Communication Device Identification Code 32a - Email 32c - Telecom Voice 40 - Trusted Terminal V - Visual 16