TW201222320A - CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) data management methods and related data management systems and computer program products thereof - Google Patents

CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) data management methods and related data management systems and computer program products thereof Download PDF

Info

Publication number
TW201222320A
TW201222320A TW99141418A TW99141418A TW201222320A TW 201222320 A TW201222320 A TW 201222320A TW 99141418 A TW99141418 A TW 99141418A TW 99141418 A TW99141418 A TW 99141418A TW 201222320 A TW201222320 A TW 201222320A
Authority
TW
Taiwan
Prior art keywords
data
computer
server
client
human
Prior art date
Application number
TW99141418A
Other languages
Chinese (zh)
Other versions
TWI448921B (en
Inventor
Pai Helen
Original Assignee
F2Ware Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by F2Ware Inc filed Critical F2Ware Inc
Priority to TW099141418A priority Critical patent/TWI448921B/en
Publication of TW201222320A publication Critical patent/TW201222320A/en
Application granted granted Critical
Publication of TWI448921B publication Critical patent/TWI448921B/en

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) data management methods and related management systems are provided. First, a server generates at least one CAPTCHA data according to a first data, wherein the first data represents data corresponding to an operation. Then, the server encodes the CAPTCHA data with an encoded data corresponding thereto and transmits the encoded CAPTCHA data to a client via a transmission medium such that the client inputs a second data corresponding to the operation using the encoded CAPTCHA data and transmits a third data corresponding to the second data to the server via the transmission medium. Thereafter, the server receives and decodes the third data to obtain data inputted by the client.

Description

201222320 六、發明說明: 【發明所屬之技術領域】 本發明係有關於一種資料管理方法及其相關之資料管 理系統,特別是有關於一種全自動區分計算機和人類的測 試資料產生方法與其相關管理系統,可以加強對傳輸資料 的保護。 ' 【先前技術·】 近年來,隨著網路的應用與發展越來越成熟,使用者 需要透過網路取得資訊的機會有越來越大。使用者可以利 用其電子«置如電腦純、可攜絲置等,透過網路進行 大量服務與應用。在一些網路服務中,使用者必須對於特 定服務進行註冊或躲_些:#訊騎相 過程中’使用者必須檢視提供服務之舰器端所=; 關資訊,並依據這些資訊來進行相關輸人,以進行註冊或 傅統上 6 與制者端之傳遞是經由電腦 或木馬等惡意程式竄改,即使採用 3式,其在使用者端輸入完成後之傳遞亦是經 由電腦文字傳輸。舉例來說, 山 L力疋Λ 由使用者端以㈣或呈現在貝料之輸入’乃藉 在使用者端·並傳輸時M =虛_盤撕輸入。 服器以為交易内容之朗。藉由電子文字方法傳輸至祠 為了避免這些個人資料或猫 叶次刼作的内容被旁人盜取,需201222320 VI. Description of the invention: [Technical field to which the invention pertains] The present invention relates to a data management method and related data management system, and more particularly to a method for automatically generating computer and human test data generation and related management system thereof Can enhance the protection of transmission data. '[Previous technology·] In recent years, as the application and development of the Internet has become more mature, users have more and more opportunities to obtain information through the Internet. Users can use their electronic «such as computer pure, portable silk, etc., through the network for a large number of services and applications. In some network services, the user must register or hide the specific service. Someone: In the process of riding the video, the user must check the information provided by the player to turn off the information, and use the information to make relevant information. Losing people to register or transfer the system to the makers is tampering with malicious programs such as computers or Trojans. Even with the 3 type, the transfer after the user input is completed is transmitted via computer text. For example, the mountain L force is input by the user end (4) or presented in the input of the bedding material, and is transmitted by the user terminal and transmitted by M = virtual disk. The server thinks that the transaction content is lang. Transfer to 祠 by electronic text method In order to prevent the content of these personal data or cats from being stolen by others,

Client’s Docket No.: TT’s Docket No:卯96-A42766-TW/Final 201222320 要加強伺服器與用戶端之間的資料傳送的保密措施。 因此,需要一種能夠於伺服器與用戶端之間執行任一 操作時,確實保護傳送的資料的正確性的方法與系統。 【發明内容】 有鑑於此,本發明提供一種基於全自動區分計算機和 人類的測試資料之資料管理方法及及其相關之資料管理系 統,以解決上述的問題。 • 本發明實施例提供一種全自動區分計算機和人類的測 試資料管理方法,包括下列步驟。首先,一伺服器依據一 第一資料產生至少一全自動區分計算機和人類的測試資 料,其中第一資料係為與一操作有關之資料。接著,伺服 器將全自動區分計算機和人類的測試資料藏入一對應之編 碼資料。伺服器透過一第一傳輸媒介傳送編碼後之全自動 區分計算機和人類的測試資料至一用戶端,致使用戶端利 用編碼後之全自動區分計算機和人類的測試資料輸入一第 • 二資料並傳送第二資料對應之一第三資料。之後,伺服器 接收並解碼第三資料,以得到用戶端所輸入之資料。 本發明實施例另提供一種全自動區分計算機和人類的 測試資料管理系統,至少包括一伺服器。伺服器依據一第 一資料產生一全自動區分計算機和人類的測試資料、將全 自動區分計算機和人類的測試資料藏入一對應之編碼資 料、透過一第一傳輸媒介傳送編碼後之全自動區分計算機 和人類的測試資料至一用戶端,致使用戶端利用編碼後之 全自動區分計算機和人類的測試資料輸入一第二資料並傳Client’s Docket No.: TT’s Docket No: 卯96-A42766-TW/Final 201222320 To strengthen the confidentiality of data transmission between the server and the client. Therefore, there is a need for a method and system that can ensure the correctness of transmitted data when performing any operation between the server and the client. SUMMARY OF THE INVENTION In view of the above, the present invention provides a data management method based on a fully automatic computer and human test data and a related data management system thereof to solve the above problems. The embodiment of the present invention provides a method for automatically testing computer and human test data, including the following steps. First, a server generates at least one fully automatic computer and human test data based on a first data, wherein the first data is data related to an operation. The server then hides the fully automated computer and human test data into a corresponding coded material. The server transmits the encoded fully automatic computer and human test data to a user terminal through a first transmission medium, so that the user end uses the coded fully automatic computer and human test data to input a second data and transmit the data. The second data corresponds to one of the third materials. After that, the server receives and decodes the third data to obtain the data input by the client. Another embodiment of the present invention further provides a test data management system for automatically distinguishing between a computer and a human, comprising at least one server. The server generates a fully automatic computer and human test data according to a first data, and hides the fully automatic computer and human test data into a corresponding coded data, and transmits the coded automatic transmission through a first transmission medium. The computer and human test data are sent to a user end, so that the user end uses the coded fully automatic computer and human test data to input a second data and transmit

Client's Docket No.: TT’s Docket No:9096-A42766-TW/Final c 201222320 送第二資料對應之一第三資料、以及接收並解碼第三資 料,以得到用戶端所輸入之資料。其中,第一資料係為與 一操作有關之資料。 本發明上述方法可以透過程式碼方式收錄於實體媒體 中。當程式碼被機器載入且執行時,機器變成用以實行本 發明之裝置。 為使本發明之上述和其他目的、特徵、和優點能更明 顯易懂,下文特舉出較佳實施例,並配合所附圖式,作詳 細說明如下。 【實施方式】 本發明實施例中提供一種基於全自動區分計算機和人 類的圖靈測試(Completely Automated Public Test to tell Computers and Humans Apart,以下簡稱 CAPTCHA)資料之 資料管理方法及其相關之資料管理系統,用以於一伺服器 (server)與一用戶端(cnent)之間執行一操作,其中,伺服器 會依據使用者所需用到的資訊的資料集合轉換為個別的 CAPTCHA資料並將CAPTCHA資料編碼後透過一傳輸媒 介(例如一網路)傳送給用戶端,同時用戶端透過選擇這些 接收到的CAPTCHA資料進行資料輸入,並且回傳所選擇 的CAPTCHA資料所對應的編碼資料或識別資料至伺服器 端進行資料驗證,以驗證資料是否為有效資料,以確認用 戶端所送出的資料可被祠服器所正確接收,進而得到輸入 的資料,防止傳送過程中被不當竄改。 於實施例中,提供一種將編碼資料技術用於一操作所Client's Docket No.: TT’s Docket No: 9096-A42766-TW/Final c 201222320 Sends the second data corresponding to one of the third data, and receives and decodes the third data to obtain the data input by the client. Among them, the first data is the information related to an operation. The above method of the present invention can be recorded in physical media through code. When the code is loaded and executed by the machine, the machine becomes the means for carrying out the invention. The above and other objects, features and advantages of the present invention will become more <RTIgt; [Embodiment] In the embodiment of the present invention, a data management method based on fully automatic distinguishing computer and human-based Turing test (Completely Automated Public Test to Tell Computers and Humans Apart) (CAPTCHA) data and related data management system are provided. For performing an operation between a server (server) and a client (cnent), wherein the server converts the data into individual CAPTCHA data according to the data set used by the user and the CAPTCHA data. After being encoded, the data is transmitted to the client through a transmission medium (for example, a network), and the user terminal selects the received CAPTCHA data for data input, and returns the coded data or identification data corresponding to the selected CAPTCHA data to the servo. The device performs data verification to verify whether the data is valid data, to confirm that the data sent by the client can be correctly received by the server, and then the input data is obtained to prevent improper tampering during the transmission. In an embodiment, an encoding data technique is provided for use in an operation

Client's Docket No.: TT,s Docket No:9096-A42766-TW/Final 201222320 需的資料例如交易資訊之方法,編碼資料係可為未加密或 未加密資料例如一浮水印、一數位簽章或一演算法所產生 之特定密鑰等。首先,一伺服器產生人類或電腦可辨別之 數位内容,其中,交易過程所需的資訊以編碼資料的技術 嵌入於數位内容。其中,數位内容包含文字、圖片、聲音、 影片、二維條碼等任何數位型式。接著,伺服器以傳輸媒 介將嵌入編碼資料的數位内容傳送至一使用者端。使用者 端可使用嵌入編碼資料的數位内容做為操作資料之輸入, 以進行交易之處理,並將嵌入編碼資料的數位内容以傳輸 媒介傳送至一伺服器。最後,伺服器可依據一演算法或多 演算法將嵌入編碼資料的數位内容取出,以識別操作過程 所需的資訊,而達到資訊安全之方法。需提醒的是,交易 資訊係有別於交易傳輸,交易傳輸類似於數位憑證,使用 者端得以驗證伺服端的對象。 第1圖顯示依據本發明實施例之資料管理系統。依據 本發明實施例之資料管理系統100至少包括一伺服器110 與一用戶端120,其中伺服器110可透過一傳輸媒介例如 網路130與用戶端120進行資料的傳輸,於兩者之間執行 一操作。傳輸媒介,舉例來說但不限於此,包括網路130。 網路130可包括有線或無線網路,例如網際網路 (INTERNET),但不限於此。 伺服器110可依據所欲執行的操作的内容如資料屬 性,將操作中所需用到的資訊的資料集合轉換為個別的 CAPTCHA資料並且將其透過網路130傳送給用戶端120。Client's Docket No.: TT,s Docket No:9096-A42766-TW/Final 201222320 Required information, such as the method of trading information, the encoded data may be unencrypted or unencrypted data such as a watermark, a digital signature or a The specific key generated by the algorithm, and so on. First, a server generates digital content that can be discerned by humans or computers. The information required for the transaction process is embedded in the digital content by the technique of encoding the data. Among them, the digital content includes any digit type such as text, picture, sound, movie, 2D barcode. Then, the server transmits the digital content of the embedded encoded material to a user end by using a transmission medium. The user can use the digital content embedded in the encoded data as the input of the operation data to process the transaction, and transmit the digital content embedded in the encoded data to the server through the transmission medium. Finally, the server can extract the digital content embedded in the encoded data according to an algorithm or a multi-algorithm to identify the information required for the operation process and achieve the information security method. It should be reminded that the transaction information is different from the transaction transmission, the transaction transmission is similar to the digital certificate, and the user can verify the object of the server. Figure 1 shows a data management system in accordance with an embodiment of the present invention. The data management system 100 according to the embodiment of the present invention includes at least a server 110 and a client 120. The server 110 can transmit data to and from the client 120 through a transmission medium, such as the network 130. An operation. The transmission medium, for example but not limited to, includes the network 130. Network 130 may include a wired or wireless network, such as the Internet, but is not limited thereto. The server 110 can convert the data set of the information required for the operation into individual CAPTCHA data according to the content of the operation to be performed, such as the data attribute, and transmit it to the client 120 through the network 130.

Client’s Docket No.: TT's Docket No:9096-A42766-TW/Final 201222320 的輪入 ,以辨 自動產 \—個 顯示的 的文字 °須注 為了避免由計算機或程式所造成大量惡意或重複性 行為,CAPTCHA技術可以用來區分計算機或人類 識出相關輸入係由使用者所輸入,亦或由計算機所 生的。一般而言,CAPTCHA係藉由要求使用者輪 比較不容易被一些辨識程式自動辨識出的圖片上所 文字或數字,例如扭曲變形或劃線之圖片上所顯示 或數字來區分出相關輸入係由計算機或人類所產生 意的是,於本發明實施例中,係採用CAPTCHA技術的概 念,提供對應於操作所需的相關資料的CAPTCHA資料。 然而,於操作時,使用者可透過用戶端120所提供的使用 者介面例如透過瀏覽器點選這些CAPTCHA資料來輪入資 料。 其中,伺服器110更包括一產生模組112、一編碼模 組114以及一解碼模組116。產生模組112用以依據第一 資料’決定一組第一資料集合。產生模組112可依據所欲 執行的操作中的一或多個第一資料決定一組第一資料集合 並產生對應於第一資料集合的一組CAPTCHA資料。其 中’第一資料可為與操作有關的資料,如使用者相關的資 料或重要資料,例如使用者的個人身份資料、帳號、轉帳 金額、地址等等。第一資料集合可包含對應於第一資料的 所有可能的資料。舉例來說,當第一資料為一數字資料時, 則其對應的第一資料集合可為數字0-9。因此,產生模組 112可依據數字資料的特性,產生包含數字〇-9的一組 CAPTCHA資料,但本發明不限於此。當第一資料包括一Client's Docket No.: TT's Docket No: 9096-A42766-TW/Final 201222320 The round-in, to identify the text of the automatic display - a display ° Note to avoid a large number of malicious or repetitive behavior caused by computers or programs, CAPTCHA Techniques can be used to distinguish between computers or humans that the relevant input is entered by the user or generated by the computer. In general, CAPTCHA distinguishes the relevant input system by requiring the user to compare the characters or numbers on the picture that are not easily recognized by some recognition programs, such as the distortion or the image displayed on the line. Computers or humans have created that, in the embodiments of the present invention, the concept of CAPTCHA technology is used to provide CAPTCHA data corresponding to relevant data required for operation. However, during operation, the user can enter the data through the user interface provided by the client 120, for example, by clicking on the CAPTCHA data through the browser. The server 110 further includes a generating module 112, an encoding module 114, and a decoding module 116. The generating module 112 is configured to determine a set of first data sets according to the first data. The generating module 112 can determine a set of first data sets and generate a set of CAPTCHA data corresponding to the first data set according to one or more first materials in the operation to be performed. The 'first data' may be information related to the operation, such as user-related information or important information, such as the user's personal identification data, account number, transfer amount, address, and the like. The first set of data may contain all possible data corresponding to the first material. For example, when the first data is a digital data, the corresponding first data set may be the numbers 0-9. Therefore, the generation module 112 can generate a set of CAPTCHA data including the number 〇-9 according to the characteristics of the digital material, but the present invention is not limited thereto. When the first data includes one

Client’s Docket No_: TT’s Docket No:9096-A42766-TW/Final 8 201222320 由-或多個字元所組成的字元資料時,產生模組ιι2可依 據字元資料的特性,產生包含英文字母a_z的一组 CAPTCHA 資料。 舉例來說但不限於此,於一實施例中, 銀轉帳操作時,操作時所需輸入的資料可包括帳號以及轉 帳金額,因此’伺服器110將分別產生數字〇_9所對應的 10個CAPTCHA資料200-209 ’如第2圖所示。第2圖的 鲁10個CAPTCHA t料將分別被編碼後再傳送至用戶端12〇 以供其進行資料輸入。須注意的是,在此例子中,captcha 資料200-209係為一圖片。然而,在一些實施例中,除了 圖片之外,CAPTCHA資料亦可以係視訊或聲音等。 在產生模組112產生對應於第一資料集合的一組 CAPTCHA資料之後,編碼模組114可將產生模組112所 有產生的CAPTCHA資料個別藏入一對應的編碼資料。在 些貫知例中,編碼資料係可為未加密資料或加密資料, • 例如一浮水印、一數位簽章或一演算法所產生之特定密鑰 等。在一些實施例中,編碼資料係為對應於該全自動區分 δ十算機和人類的測試資料之一識別碼。請參照第3圖,係 顯示依據本發明實施例之一 CAPTCHA資料示意圖。如第 3圖所示,CAPTCHA資料300中更包含有一編碼資料 310 ’此編碼資料310係可為對應於每個CAPTCHA資料的 一個唯一的雜湊編號(hash number) ’此雜凑編號可經由一 雜湊表以查表方式所產生或直接由一既定的雜湊函數所產 生。Client's Docket No_: TT's Docket No:9096-A42766-TW/Final 8 201222320 When the character data consists of - or more characters, the generation module ιι2 can generate the English letter a_z according to the characteristics of the character data. A set of CAPTCHA data. For example, but not limited to, in an embodiment, in the silver transfer operation, the data required for input during operation may include an account number and a transfer amount, so the server 110 will respectively generate 10 numbers corresponding to the number 〇_9. CAPTCHA data 200-209 'as shown in Figure 2. The 10 CAPTCHAs in Figure 2 will be encoded and then transmitted to the client 12 for data input. It should be noted that in this example, the captcha data 200-209 is a picture. However, in some embodiments, in addition to the pictures, the CAPTCHA data may also be video or sound. After the generating module 112 generates a set of CAPTCHA data corresponding to the first data set, the encoding module 114 can individually store all the generated CAPTCHA data of the generating module 112 into a corresponding encoded data. In some examples, the encoded data may be unencrypted data or encrypted data, such as a watermark, a digital signature, or a specific key generated by an algorithm. In some embodiments, the encoded data is an identification code corresponding to one of the fully automated δ computer and human test data. Referring to Figure 3, there is shown a schematic diagram of a CAPTCHA data in accordance with an embodiment of the present invention. As shown in FIG. 3, the CAPTCHA data 300 further includes an encoded data 310. This encoded data 310 can be a unique hash number corresponding to each CAPTCHA data. 'This hash number can be passed through a hash. The table is generated in a table lookup manner or directly by a given hash function.

Client’s Docket N〇,: TT's Docket No:9096-A42766-TW/Final 201222320 藏入編碼資料的CAPTCHA資料將被傳送至用戶端 120’致使用戶端120利用這些產生的全自動區分計算機和 人類的測試資料進行輸入,與伺服器端11〇進行該項操 作。用戶端120其可透過網路13〇接收並顯示伺服器u〇 所產生之CAPTCHA資料’並利用接收到的這些captCHA 資料輸入對應的資料。於操作過程中,用戶端12〇可先利 用編碼後之全自動區分計算機和人類的測試資料輸入一第 二資料’之後’將第二資料對應的一第三資料(例如:編碼 資料)傳送至飼服器端110進行驗證。其中,用戶端120可 更包括一解碼模組122 ’用以分析CAPTCHA資料得到編 碼資料’再依據輸入的第二資料以及分析出的編碼資料, 產生對應的第三資料。舉例來說,當CAPTCHA資料中的 編碼資料為一識別碼(例如:雜湊編號)時,解碼模組122可 分析CAPTCHA資料’得到其對應的識別碼,再依據輸入 的第二資料以及分析出的識別碼,產生對應第二資料的識 別碼(第三資料)。 解碼模組116係用以解碼用戶端120所傳送的資料, 從用戶端120所傳送的第三資料中解碼出編碼資料(例如一 識別碼),再依據編碼資料所表示的内容判斷資料是否與原 先發出的資料相同,進而得到所輸入的資料内容。詳細的 CAPTCHA資料管理方法將介紹於下。 第4圖顯示一依據本發明實施例之CAPTCHA資料管 理方法之流程圖。請同時參照第1圖與第4圖。依據本發 明實施例之CAPTCHA資料管理方法可以應用於資料管理Client's Docket N〇,: TT's Docket No:9096-A42766-TW/Final 201222320 The CAPTCHA data hidden in the encoded data will be transmitted to the client 120', causing the client 120 to use these generated fully automated computer and human test data. Make the input and perform this operation with the server terminal 11〇. The client 120 can receive and display the CAPTCHA data generated by the server u through the network 13 and input the corresponding data by using the received captCHA data. In the operation process, the user terminal 12 may first input a second data 'after' using the coded fully automatic computer and human test data to transmit a third data (eg, coded data) corresponding to the second data to The feeder end 110 is verified. The client 120 may further include a decoding module 122' for analyzing the CAPTCHA data to obtain the coded data, and then generating the corresponding third data according to the input second data and the analyzed coded data. For example, when the encoded data in the CAPTCHA data is an identification code (for example, a hash number), the decoding module 122 can analyze the CAPTCHA data to obtain the corresponding identification code, and then according to the input second data and the analyzed The identification code generates an identification code (third data) corresponding to the second data. The decoding module 116 is configured to decode the data transmitted by the client 120, decode the encoded data (for example, an identification code) from the third data transmitted by the client 120, and determine whether the data is based on the content indicated by the encoded data. The original information was the same, and the content of the input was obtained. The detailed CAPTCHA data management method will be introduced below. Figure 4 is a flow chart showing a CAPTCHA data management method in accordance with an embodiment of the present invention. Please refer to both Figure 1 and Figure 4. The CAPTCHA data management method according to the embodiment of the present invention can be applied to data management

Client’s Docket No.: TT*s Docket No:9096-A42766-TW/Final 201222320 系統100上,用以輸入一操作所需的資料。 首先’如步驟S402 ’伺服器11〇依據操作中的資料屬性 產生一或多個CAPTCHA資料並如步驟S404將所產生的一戋 多個CAPTCHA資料分別藏入一編碼資料。舉例來說,編碼^ 料可為對應於一或多個CAPTCHA資料的一識別碼。於藏入 編碼資料後,如步驟S406’伺服器11〇透過一第一傳輸媒介(如 網路130)傳送編碼後的CAPTCHA資料至用戶端12〇。舉 例來說但不限於此’於一實施例中,當操作為一網銀轉帳 操作時,操作時所需的資料可包括帳號以及轉帳金額資 料’因此’祠服器110將分別產生數字〇_9所對應的丨〇個 CAPTCHA資料,並分別指定每一 CAPTCHA資料一識別 碼。於另一實施例中’若帳號資料包括英文字母與數字的 組合時,則伺服器11 〇可分別產生字母A-Z與數字0-9所 對應的36個CAPTCHA資料及賦予每一 CAPTCHA資料一 特定雜湊編號。 之後,如步驟S408,用戶端120接收並顯示CAPTCHA 資料,並且如步驟S410,利用CAPTCHA資料,輸入一第 一資料並如步驟S412,產生對應第一資料的一第二資料。 其中,第一資料可由一或多個CAPTCHA資料所組成,第 二資料係可為第一資料所對應的識別資料。舉例來說,第 二資料可為第一資料對應的一識別碼(例如一特定雜湊編 號)、對應的CAPTCHA資料或其摘要資訊、第一資料與對 應的操作結果(例如:謎語回答)或者座標資訊,但不限於 此。於一實施例中,當欲執行的操作係一網銀轉帳操作時,Client's Docket No.: TT*s Docket No: 9096-A42766-TW/Final 201222320 System 100 is used to input the information required for an operation. First, as shown in step S402, the server 11 generates one or more CAPTCHA data according to the data attributes in the operation and concatenates the generated plurality of CAPTCHA data into a coded data, respectively, in step S404. For example, the code may be an identification code corresponding to one or more CAPTCHA data. After the encoded data is hidden, the server 11 transmits the encoded CAPTCHA data to the client terminal 12 via a first transmission medium (such as the network 130) in step S406. For example, but not limited to, in an embodiment, when the operation is a online banking transfer operation, the information required for the operation may include an account number and a transfer amount data. Therefore, the server 110 will generate a number 〇_9, respectively. Corresponding one CAPTCHA data, and each identification code of each CAPTCHA data is specified. In another embodiment, if the account information includes a combination of English letters and numbers, the server 11 can generate 36 CAPTCHA data corresponding to the letters AZ and 0-9, respectively, and assign a specific hash to each CAPTCHA data. Numbering. Then, in step S408, the client 120 receives and displays the CAPTCHA data, and in step S410, uses the CAPTCHA data to input a first data and, as in step S412, generates a second data corresponding to the first data. The first data may be composed of one or more CAPTCHA data, and the second data may be the identification data corresponding to the first data. For example, the second data may be an identification code corresponding to the first data (eg, a specific hash number), a corresponding CAPTCHA data or its summary information, a first data and a corresponding operation result (eg, a riddle answer) or a coordinate Information, but not limited to this. In an embodiment, when the operation to be performed is an online banking transfer operation,

Client’s Docket No.: TT's Docket No:9096-A42766-TW/Final 201222320 則輸入的第一資料可包括轉帳相關資料,例如帳戶號碼、 轉帳金額、交易對象的姓名、貨幣單位等等。於另一實施 例中,當欲執行的操作係一登入操作時,則輸入的第一資 料可包括可用以進行身份辨識的登入相關資料,例如使用 者的帳號、密碼與/或其他登入所需的身份驗證資料。於此 步驟中,用戶端120的解碼模組122可分析CApTCHA資 料’得到其對應的編碼資料例如一唯一的雜湊編號,再依 據輸入的第一資料以及分析出的編碼資料,產生對應第一 資料的編碼資料(第二資料)。 於產生第二資料之後,如步驟S414,用戶端120將第 二資料傳送至伺服器110。舉例來說,若一步驟為輸入金 額之步驟時,使用者可透過點選對應欲輸入的金額數字的 CAPTCHA資料來輸入數字,用戶端120會將對應的 CAPTCHA資料或CAPTCHA資料對應的識別碼(例如雜凑 編號)傳送至伺服器110,用以驗證資料是否正確傳達伺服 器110,進而使伺服器110得到所輸入的資料内容。 如步驟S416 ’當伺服器110接收到用戶端120傳送的 第二資料時’便執行步驟S418 ’先判斷接收資料是否為有 效資料。於一實施例中,伺服器110可依據接收資料的格 式或内容進行判斷’判斷是否資料為有效。當接收資料的 格式及内容均正確時’伺服器110便判斷此接收資料為有 效資料,反之則為無效資料。 於判斷出資料為無效資料時(步驟S418的否),表示接 收到的資料可能非由伺服器110所產生或非由用戶端120Client’s Docket No.: TT's Docket No:9096-A42766-TW/Final 201222320 The first data entered may include transfer related information such as account number, transfer amount, name of the transaction object, currency unit, and so on. In another embodiment, when the operation to be performed is a login operation, the input first data may include login related information that can be used for identity identification, such as a user's account number, password, and/or other login requirements. Authentication information. In this step, the decoding module 122 of the client 120 can analyze the CApTCHA data to obtain its corresponding encoded data, such as a unique hash number, and generate corresponding first data according to the input first data and the analyzed encoded data. Encoding data (second data). After the second data is generated, the client 120 transmits the second data to the server 110 as in step S414. For example, if a step is the step of inputting the amount, the user can input the number by clicking the CAPTCHA data corresponding to the amount of the amount to be input, and the client 120 will corresponding code corresponding to the CAPTCHA data or the CAPTCHA data ( For example, the hash number is transmitted to the server 110 to verify whether the data correctly communicates with the server 110, thereby causing the server 110 to obtain the input data content. If the server 110 receives the second data transmitted by the client 120 in step S416', step S418' is performed to determine whether the received data is valid data. In an embodiment, the server 110 may determine whether the data is valid according to the format or content of the received data. When the format and content of the received data are correct, the server 110 determines that the received data is valid data, and vice versa. When it is determined that the data is invalid data (No in step S418), it indicates that the received data may not be generated by the server 110 or not by the client 120.

Client’s Docket No·: TT*s Docket No:9096-A42766-TW/Final 201222320 所傳送,資料有被更動過,因此流程結束。此時,可進一 步提示使用者重新輸入或者直接禁止使用者再進行後續輸 入。於判斷出資料為有效資料時(步驟S418的是),如步驟 S420,伺服器110可依據接收到的資料,得到其所輸入的 資料。舉例來說,當接收到的資料係為一雜湊編號時,伺 服器110可由接收到的資料中得到雜湊編號,並依據雜湊 編號,利用一查表方式或利用一雜湊函數來得到用戶端 120所輸入之資料。 之後,如步驟S422,伺服器110可繼續從用戶端120 接收下一資料並且重複執行步驟S416至S422以得到輸入 的資料内容,若中途發現有任何無效資料時,便停止整個 流程。因此,可確保所輸入的資料不會被任意竄改,確保 操作的安全性。 於一些實施例中,編碼資料可為一唯一的識別碼。舉 例來說,伺服器110可將每一產生的CAPTCHA資料指定 一個唯一的雜湊編號,再傳送給用戶端120進行選擇,再 藉由用戶端120所回傳的圖片的雜湊編號,利用查表方式 來得到所輸入的資料内容。於一些實施例中,伺服器110 也可將用戶端120所回傳的圖片的雜湊編號利用一雜湊函 數,藉由函數驗證方式來得到所輸入的資料内容。 如前述,CAPTCHA資料可包括一圖片、一視訊及/或 一聲音。於一些實施例中,伺服器110可傳送一或一組的 圖片、視訊及/或聲音至用戶端120供其選擇。用戶端120 可以直接選擇圖片、視訊及/或聲音或者選擇圖片、視訊及Client’s Docket No·: TT*s Docket No:9096-A42766-TW/Final 201222320 The data has been changed, so the process ends. At this point, the user can be prompted to re-enter or directly prohibit the user from performing subsequent inputs. When it is determined that the data is valid data (YES in step S418), in step S420, the server 110 can obtain the data input according to the received data. For example, when the received data is a hash number, the server 110 may obtain a hash number from the received data, and use the lookup table or a hash function to obtain the client 120 according to the hash number. Enter the information. Thereafter, in step S422, the server 110 may continue to receive the next data from the client 120 and repeat steps S416 to S422 to obtain the input data content. If any invalid data is found in the middle, the entire process is stopped. Therefore, it is ensured that the data entered will not be arbitrarily falsified, ensuring the safety of the operation. In some embodiments, the encoded material can be a unique identification code. For example, the server 110 may assign a unique hash number to each generated CAPTCHA data, and then transmit it to the client 120 for selection, and then use the hash number of the image returned by the client 120 to use the lookup table. To get the content of the input data. In some embodiments, the server 110 can also use the hash function of the picture returned by the client 120 to obtain the input data content by function verification. As mentioned above, the CAPTCHA data can include a picture, a video, and/or a sound. In some embodiments, server 110 can transmit one or a set of pictures, videos, and/or sounds to client 120 for selection. The client 120 can directly select pictures, videos and/or sounds or select pictures, videos and

Client's Docket No.: TT's Docket No:9096-A42766-TW/Final 13 201222320 /或聲音所對應的某一資料進行資料輸入,再將選擇的資料 傳送至伺服器110。於一實施例中,伺服器110可將一或 一組的圖片或一或一組的聲音傳送給用戶端12〇進行選 擇。 於一些實施例中,當CAPTCHA資料係為一圖片時, 伺服器100可於圖片上產生一可點選區域,提供多個可點 選的目標以供點選。舉例來說,此可點選區域可為一表示 鍵盤的區塊,此鍵盤係隨機顯示於圖片的一特定區域,且 輸入資料的排列方式也隨機產生。請參照第5A圖與第5B 圖’係顯示依據本發明另一實施例之CAPTCHA資料示意 圖。如第5A圖所示,CAPTCHA資料500中更包含有一可 點選區域510 ’此可點選區域510係顯示於CAPTCHA資 料的特定區域520且可點選區域510中的數字0-9係依序 排列於特定區域中。如第5B圖所示,CAPTCHA資料500 中的可點選區域510則顯示於CAPTCHA資料的特定區域 530且可點選區域51〇中的數字鍵〇_9係如圖所示的排列, 而非順序的排列於鍵盤區域中。伺服器11〇可將包含此可 點選區域510的CAPTCHA資料傳送至用戶端120。當用 戶端120接收並顯示此CAPTCHA資料時,用戶端120的 使用者可點選特定區域中的可點選區域510的一位置來輸 入所需的資料。舉例來說,使用者可點選第5A圖的區域 520的位置P9或第5B圖的區域530的位置P6來輸入數 字”9”。當用戶端120接收到此選擇時,將此位置所對應的 座標資訊傳送至伺服器110。因此,伺服器11〇接收用戶Client's Docket No.: TT's Docket No: 9096-A42766-TW/Final 13 201222320 / or a certain data corresponding to the sound is input, and the selected data is transmitted to the server 110. In one embodiment, server 110 may transmit a picture or a set of pictures or a set of sounds to client 12 for selection. In some embodiments, when the CAPTCHA data is a picture, the server 100 can generate a clickable area on the picture, providing a plurality of selectable targets for selection. For example, the clickable area can be a block representing a keyboard, the keyboard is randomly displayed in a specific area of the picture, and the arrangement of the input data is also randomly generated. Referring to Figures 5A and 5B, there is shown a schematic diagram of a CAPTCHA data according to another embodiment of the present invention. As shown in FIG. 5A, the CAPTCHA data 500 further includes a clickable area 510 'This selectable area 510 is displayed in a specific area 520 of the CAPTCHA material and the numbers 0-9 in the selectable area 510 are sequentially Arranged in a specific area. As shown in FIG. 5B, the clickable area 510 in the CAPTCHA data 500 is displayed in the specific area 530 of the CAPTCHA data and the number key 〇_9 in the selectable area 51 is arranged as shown in the figure, instead The order is arranged in the keyboard area. The server 11A can transmit the CAPTCHA data containing the selectable area 510 to the client 120. When the user 120 receives and displays the CAPTCHA data, the user of the client 120 can click on a location of the clickable area 510 in the specific area to input the desired material. For example, the user can click on the position P9 of the area 520 of Fig. 5A or the position P6 of the area 530 of the 5B figure to input the number "9". When the client 120 receives the selection, the coordinate information corresponding to the location is transmitted to the server 110. Therefore, the server 11 receives the user

Client’s Docket No_: TT's Docket No:9096-A42766-TW/Final 14 201222320 端120所傳送的座標資訊並依據座標資訊判別出該用戶端 所輸入之資料。舉例來說.,假設第5A圖的區域52〇的位 置9的座標為(X,y),則當伺服器11〇接收到此座標資訊時, 將可依據其位置來推知其所輸入的資料内容為數字”9,,。注 思的疋座^示賓訊可以為絕對座標或相對座標(相對於某一 位置的座標)。舉例來說,用戶端〗2〇可將確認鍵的座標設 為座標(0,0)’之候再傳送對應的一座標資訊至伺服器110, 伺服器110可經由計算得到其所輸入的資料内容。須提醒 的是,雖然第5A圖以及第5B圖中的可點選區域510僅顯 示了數字鍵,於一些實施例中,可點選區域51〇也可包含 所有實體鍵盤的按鍵以供用戶端120的使用者進行輸入與 選擇。 第6圖顯示依據本發明另一實施例之資料管理方法之 流程圖。請同時參照第1圖與第6圖。依據本發明實施例 之資料管理方法可以應用於資料管理系統丨〇〇上,用以輸 入一操作所需的資料。 首先’如步驟S602,伺服器11〇依據操作中的資料屬性 產生一 CAPTCHA資料,其中,CAPTCHA資料包含一可點 選區域’此可點選區域係隨機顯示於圖片的一特定區域’且 輸入資料的排列方式也隨機產生(如第5A圖所示的可點選區 域510)。舉例來說但不限於此,於一實施例中,當操作為 一網銀轉帳操作時’操作時所需的資料可包括帳號以及轉 帳金額資料’因此,伺服器11〇將產生包含如第5A圖的 可點選區域510的CAPTCHA資料。Client's Docket No_: TT's Docket No:9096-A42766-TW/Final 14 201222320 The coordinate information transmitted by terminal 120 determines the data input by the client based on the coordinate information. For example, if the coordinate of the position 9 of the area 52 of the 5A map is (X, y), when the server 11 receives the coordinate information, the information input by the server 11 can be inferred according to its position. The content is the number "9,." Note: The guest can be an absolute coordinate or a relative coordinate (relative to a coordinate at a certain position). For example, the user terminal can set the coordinate of the confirmation key. After the coordinates (0, 0)', the corresponding flag information is transmitted to the server 110, and the server 110 can obtain the data content input by the server 110. It should be reminded that although in FIG. 5A and FIG. 5B, The clickable area 510 only displays the numeric keys. In some embodiments, the clickable area 51 can also include the keys of all the physical keyboards for input and selection by the user of the user terminal 120. Figure 6 shows the basis A flowchart of a data management method according to another embodiment of the present invention. Please refer to both FIG. 1 and FIG. 6. The data management method according to an embodiment of the present invention can be applied to a data management system for inputting an operation. Required information. In step S602, the server 11 generates a CAPTCHA data according to the data attribute in the operation, wherein the CAPTCHA data includes a clickable area 'this selectable area is randomly displayed in a specific area of the picture' and input data The arrangement is also randomly generated (such as the clickable area 510 shown in FIG. 5A). For example, but not limited to, in an embodiment, when the operation is a online banking transfer operation, the information required for the operation may be Including the account number and the transfer amount information 'Thus, the server 11 will generate the CAPTCHA material containing the clickable area 510 as shown in FIG. 5A.

Client’s Docket No·: TT's Docket No:9096-A42766-TW/Finai 15 201222320 之後’如步驟S604 ’ 司服n 11〇將包含可點選區域的 CAPTCHA資料傳送至用戶端12〇。伺服器11〇可透過一第 一傳輸媒介(如網路130)傳送包含可點選區域的cApTCHA 資料至用戶端120。 用戶端120接收並顯示CApTCHA資料,並且如步驟 S606,用戶端120點選於特定區域的可點選區域的一特定 位置(例如某一個知:鍵位置),並回傳位置的座標資訊至伺 服器U0。於是,如步驟8608,伺服器11〇可依據回傳的 座標資訊,得到輸入之資料。 於一些實施例中,編嫣資料可為一段文字或圖片,此 段文字或圖片用以提示用戶端12〇執行一特定操作,致使 用戶端120產生對應此特定操作的一結果給飼服器11〇。 於-實施射,減文字或圖片可表示—段人類能理解的 操作’例如表示一謎語或一遊戲。舉例來說,伺服器11〇 可將表示一謎s吾的編崎資料附加於CAPTCHA資料後傳送 給用戶端120,致使用戶端120必須回傳包含謎語對應的 回答的資訊供伺服器110進行驗證。 以下列舉一實施例,用以辅助說明依據本發明之資料 管理細節,但本發明並不限於此。於本實施例,假設以一 操作為網路銀行的轉帳交易為例,在此項交易中的”轉帳帳 號”與”金額”兩部分的資料可定義為此項交易中的輸入資 料’而”轉帳帳號”與”金額”資料所對應的資料集合可為數 字與字母”A”-“Z” ’例如’ ”轉帳帳號,,可為”a 123456” 與”金額”可為”1000”,因此,數字,,〇,,_“9,,與字母”A,,-“Z”Client's Docket No:: TT's Docket No: 9096-A42766-TW/Finai 15 201222320 After 'step S604', the server sends the CAPTCHA data containing the clickable area to the client terminal 12〇. The server 11 transmits the cApTCHA data containing the clickable area to the client 120 through a first transmission medium (e.g., the network 130). The client 120 receives and displays the CApTCHA data, and in step S606, the client 120 selects a specific location of the clickable area of the specific area (for example, a certain known key position), and returns the coordinate information of the location to the servo. U0. Then, in step 8608, the server 11 can obtain the input data according to the returned coordinate information. In some embodiments, the compiled material may be a piece of text or a picture for prompting the client 12 to perform a specific operation, causing the client 120 to generate a result corresponding to the specific operation to the feeder 11 Hey. In--shooting, subtracting text or pictures can represent an operation that a human can understand, for example, representing a riddle or a game. For example, the server 11A may add the singular data representing the riddle to the CAPTCHA data and transmit it to the client 120, so that the client 120 must return the information including the answer corresponding to the riddle for verification by the server 110. . An embodiment is exemplified below to assist in explaining the details of data management in accordance with the present invention, but the present invention is not limited thereto. In this embodiment, assuming that an operation is an online banking transfer transaction, the data of the "transfer account number" and the "amount" in the transaction may be defined as the input data in the transaction. The data set corresponding to the "transfer account" and "amount" data can be a number and letter "A" - "Z" 'for example' "transfer account number, which can be "a 123456" and "amount" can be "1000", so , number, 〇,, _ "9,, with the letters" A,, - "Z"

Client's Docket No.: TT,s Docket No:9096-A42766-TW/Final 201222320 即為可能的資料集合,因此依據本發明之CAPTCHA資料 管理方法,伺服器110的產生模組112將分別產生〇_9與 A-Z的對應CAPTCHA資料。 伺服器110的編碼模組114再將所有產生的CAPTCHA 資料藏入一編碼資料’例如一雜湊編號。接著,便可將編 碼後的CAPTCHA資料傳送至用戶端12〇,並利用編碼後 的CAPTCHA資料進行此項交易。隨後,用戶端12〇可傳 _ 送所選擇的CAPTCHA資料所對應的編碼資料至伺服器 110’使得伺服器110依據所接收到的資料來驗證並得到用 戶端120所輸入的資料内容。 綜上所述’依據本發明之資料管理方法及其相關之資 料管理系統’可依據一項欲執行的操作中所需輸入資料的 可能資料集合產生一組CAPTCHA資料,再對此組 CAPTCHA資料加入一特定編碼資料例如一識別碼來進一 步的保護所傳送及接收的資料,可強化現行交易方法上之 φ 安全性,在伺服器端與使用者端全程利用CAPTCHA資料 (如圖片)取代較容易被病毒或木馬竄改的電腦文字,較過 去完全採用電腦文字傳輸來得安全,並可將隱藏訊息的技 術運用於操作内容如交易内容的傳遞,可確保用戶端與伺 服器所傳送的資料的安全性,並可確保傳送過程中重要的 資料不致遺失或被盜用。再者,依據本發明之資料管理方 法可更進一步提供多樣性的CApTCHA資料例如一組音 訊、視訊或包含前述的可點選區域、謎語或遊戲的 CAPTCHA資料’作為用戶端的輸入選擇,可更進一步透Client's Docket No.: TT,s Docket No:9096-A42766-TW/Final 201222320 is a possible data set. Therefore, according to the CAPTCHA data management method of the present invention, the generating module 112 of the server 110 will generate 〇_9 respectively. Corresponding CAPTCHA data with AZ. The encoding module 114 of the server 110 then hides all of the generated CAPTCHA data into a coded material&apos; such as a hash number. Then, the encoded CAPTCHA data can be transmitted to the client terminal 12, and the encoded CAPTCHA data can be used for the transaction. Then, the client terminal 12 can transmit the encoded data corresponding to the selected CAPTCHA data to the server 110', so that the server 110 verifies and obtains the data content input by the user 120 according to the received data. In summary, the 'data management method according to the present invention and its related data management system' can generate a set of CAPTCHA data according to a possible data set of input data required for an operation to be performed, and then join the group of CAPTCHA data. A specific coded material, such as an identification code, to further protect the transmitted and received data, can enhance the security of the current transaction method, and is more easily replaced by the CAPTCHA data (such as pictures) on the server side and the user end. The computer text modified by viruses or Trojans is safer than computer text transmission in the past, and the technology of hiding messages can be applied to the operation content, such as the transmission of transaction content, to ensure the security of the data transmitted by the client and the server. It also ensures that important information in the transmission process is not lost or stolen. Furthermore, the data management method according to the present invention can further provide a variety of CApTCHA data such as a set of audio, video or CAPTCHA data containing the aforementioned clickable areas, riddles or games as an input choice of the user terminal, which can be further through

Client’s Docket No.: TT,s Docket No:9096-A42766-TW/Final 201222320 避免輸入資 ==::互動式的輪人方式來 的细能^ 或特定型態或其部份,可以以程式碼 ,包含於實體媒體,如軟碟、光碟片、硬碟、或是任 可八他機盗可讀如電腦可讀儲存媒體,其卜合程 ^被機器,如電腦載人且執行時,此機器變成用以;與 X明之t置。本發明之方法與裝置也可以以程式碼型態 過一些傳送媒體’如電線或龍、光纖、或是任何傳輸 型態進行傳送,其中’當程式碼被機器’如電腦接收、载 入且執行時,此機器變成用以參與本發明之裝置。當在一 般用途處理ϋ實作時’程式碼結合處理器提供—操作類似 於應用特定邏輯電路之獨特裝置。 雖然本發明已以較佳實施例揭露如上,然其並非用以 限疋本發明’任何熟悉此項技藝者,在不脫離本發明之精 神和範圍内,當可做些許更動與潤飾,因此本發明之保護 範圍當視後附之申請專利範圍所界定者為準。 【圖式簡單說明】 第1圖顯示依據本發明實施例之資料管理系統。 第2圖係顯示依據本發明實施例之CAPTCHA資料之 示意圖。 第3圖係顯示一依據本發明實施例之含編碼資料之 CAPTCHA資料之示意圖。 第4圖係顯示一依據本發明實施例之CAPTCHA資料 管理方法之流程圖。Client's Docket No.: TT,s Docket No:9096-A42766-TW/Final 201222320 Avoid input money ==:: interactive round-the-wheel approach to fine power ^ or specific type or part thereof, can be coded Included in physical media, such as a floppy disk, a CD-ROM, a hard disk, or a computer-readable storage medium that can be read by a computer, such as a computer, if the computer is loaded and executed, the machine becomes Used; and X is set to t. The method and apparatus of the present invention can also be transmitted in a coded form via a transmission medium such as a wire or a dragon, an optical fiber, or any transmission type, where 'when the code is received, loaded, and executed by a machine' such as a computer. At this time, the machine becomes a device for participating in the present invention. When the general purpose processing is implemented, the code is provided in conjunction with the processor to operate a unique device similar to the application specific logic. Although the present invention has been disclosed in the above preferred embodiments, it is not intended to limit the invention, and it is intended that the invention may be modified and modified without departing from the spirit and scope of the invention. The scope of the invention is defined by the scope of the appended claims. BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 shows a data management system in accordance with an embodiment of the present invention. Figure 2 is a schematic diagram showing CAPTCHA data in accordance with an embodiment of the present invention. Figure 3 is a schematic diagram showing CAPTCHA data containing encoded data in accordance with an embodiment of the present invention. Figure 4 is a flow chart showing a CAPTCHA data management method in accordance with an embodiment of the present invention.

Client’s Docket No.: TT*s Docket No:9096-A42766-TW/Finai 18 201222320 第5A圖與第5B圖係顯示依據本發明另一實施例之 CAPTCHA資料之示意圖。 第6圖係顯示依據本發明另一實施例之CAPTCHA資 料管理方法之流程圖。 【主要元件符號說明】 100〜資料管理系統; 110〜伺服器; • 112〜產生模組; 114〜編碼模組; 116〜解碼模組; 120〜用戶端; 122〜分析模組; 130〜網路; 200-209、300〜CAPTCHA 資料; 310〜編碼資料, 籲 S402-S422〜執行步驟; 500〜CAPTCHA 資料; 510〜可點選區域; 520、530〜區域; P6、P9〜位置; S602-S608〜執行步驟。Client's Docket No.: TT*s Docket No: 9096-A42766-TW/Finai 18 201222320 Figures 5A and 5B show schematic diagrams of CAPTCHA data according to another embodiment of the present invention. Figure 6 is a flow chart showing a CAPTCHA data management method in accordance with another embodiment of the present invention. [Main component symbol description] 100~ data management system; 110~server; • 112~ generation module; 114~ coding module; 116~ decoding module; 120~user end; 122~analysis module; Road; 200-209, 300~CAPTCHA data; 310~ coded data, S402-S422~ execution steps; 500~CAPTCHA data; 510~clickable area; 520, 530~ area; P6, P9~ position; S602- S608~ execution steps.

Client’s Docket No·: TT’s Docket No:9096-A42766-TW/FinalClient’s Docket No·: TT’s Docket No:9096-A42766-TW/Final

Claims (1)

201222320 七、申請專利範圍: 1. 一種全自動區分計算機和人類的測試資料管理方 法,包括下列步驟: 一 4司服器¢(¾依據一第一資料產生至少一全自動區分計 算機和人類的測试(Completely Automated Public Test to tell Computers and Humans Apart,CAPTCHA)資料’其中 該第一資料係為與一操作有關之資料; 該伺服器將該全自動區分計算機和人類的測試資料藏 入一對應之編碼資料; g 該伺服器透過一第一傳輪媒介傳送編碼後之全自動區 分計算機和人類的測試資料至一用戶端,致使該用戶端利 用該編碼後之全自動區分計算機和人類的測試資料輸入一 第二資料並傳送該第二資料對應之一第三資料;以及 該伺服器接收並解碼該第三資料,以得到該用戶端所 輸入之資料。 2. 如申请專利範圍第1項所述之全自動區分計算機和 人類的測試管理方法,其中該編碼資料係為對應於該全自鲁 動區分計算機和人類的測試資料之一識別碼。 3. 如申請專利範圍第2項所述之全自動區分計算機和 人類的測試管理方法’其中該識別碼包括〜雜湊編號。 4. 如申請專利範圍第3項所述之全自動區分計算 人類的測試管理方法,其中該伺服器接收並解碼該第三^ 料,以得到該用戶端所輸入之資料之步驟更包括: 該词服器由該第三資料中得到該雜凑編號,並依據該 Client's Docket No.: TT’s Docket No:9096-A42766-TW/Final 20 201222320 雜湊編號,利用—杳矣 人類的測試管理方法,1 述之全自動區分計算機和 料,以得到該用戶端所輪器接收並解碼該第三資 該伺服器由該第三資料由:枓之步驟更包括: 雜湊編號,彻—雜、m㈣該雜凑編號,並依據該201222320 VII. Patent application scope: 1. A fully automatic method for distinguishing computer and human test data, including the following steps: 1 4 server device (3⁄4 based on a first data to generate at least one fully automatic computer and human measurement) (Completely Automated Public Test to tell Computers and Humans Apart, CAPTCHA) data 'where the first data is data related to an operation; the server hides the fully automatic computer and human test data into a corresponding one Coding data; g The server transmits the encoded fully automatic computer and human test data to a client through a first transfer medium, so that the user uses the code to automatically distinguish between computer and human test data. Inputting a second data and transmitting a third data corresponding to the second data; and the server receives and decodes the third data to obtain the data input by the user terminal. Automatically distinguishing between computer and human test management methods, wherein the coded data system Corresponding to the identification code of one of the test data of the computer and the human being. The 3. The fully automatic computer and human test management method described in claim 2, wherein the identification code includes a hash number 4. The method of fully automatic computing human test management as described in claim 3, wherein the step of receiving and decoding the third material by the server to obtain the data input by the client further comprises: The word server obtains the hash number from the third material, and according to the Client's Docket No.: TT's Docket No: 9096-A42766-TW/Final 20 201222320 hash number, using the human test management method, 1 The fully automatic computer and material are divided to obtain the third wheel of the server to receive and decode the third server by the third data: the step of the step further comprises: a hash number, a complete-misc, m (four) Hash number, and according to &amp;如申請專利料。 人類的測試管理方法,1 κ之王自動區为计异機和 的測試資料包括^片,動區分計算機和人類 ^ ^現矾及/或一聲音。 7.如申請專利範圍第6頊 人類的測試管理方法,1中該二=動區分計算機和 可點選區域係隨機顯示於該圖片之選】域,該 法更包括: ⑽月之特疋區域,並且該方 座俨::二收該用戶端所傳送之-座標資訊並依據該 座私貝訊判別出該用戶端所輸入之資料, 可點座標資耗㈣用戶端闕於該特定區域之該 了點選區域之一位置所產生。 請專利範_ 1項所述之全自動區分計算機和 人類的測試管理方法,其中該編碼資料係為—段文字或圖 片’該段文字或圖片用以提示該用戶端執行—特定操作, 致使該用戶端產生對應該特定操作之—結果給該飼服器。 9.如申睛專利範圍第!項所述之全自動區分計算機和 人類的測試管理方法,其中該段文字或圖片表示—謎語或 一遊戲。 Client’s Docket No.: TT’s Docket No :9096-A42766-TW/FinaI 201222320 ιυ. 統,包括心目缝分計算機和人類的測試資料管理系 -伺服器’依據一第一資料產生— 和人類的測試資料、將該全自動區分計:拖f區分計算機 資料藏入一對應之編碼資料、透 和人類的测試 碼後之該全自動區分計算機和人類的;傳送編 端,致使該用戶端利用該編石馬後之 ':用戶 類的測試資料輸入一第二資料並傳送該和人 ^資料、以及接收並解碼該第三資料,以得到該 所輸入之資料, 用戶柒 其中該第-資料係為與—操作有關之資料。 如申請專利範㈣1G項所述之全自動區分計 和人類的測試管㈣統,其巾該編碼資料係為對應於該入 自動區分計算機和人類的測試資料之一識別碼。 乂王 12. 如申請專利範圍第U項所述之全自動區分計算 和人類關試管理祕,其巾該識別碼包括—雜凑編號。 13. 如申請專利範圍第12項所述之全自動區分計算機 # 和人類的測試管理系統,其中該伺服器更由該第三資料中 知到該雜凑編號’並依據該雜湊編號,利用一查表方式得 到該用戶端所輸入之資料。 $ 14.如申請專利範圍第12項所述之全自動區分計算機 和人類的測試管理系統’其中該伺服器更由該第三資料中 得到該雜湊編號’並依據該雜湊編號,利用一雜湊函數來 得到該用戶端所輸入之資料。 Client's Docket No.: TT's Docket No:9096-A42766-TW/Final 22 201222320 15·如申請專鄉_ 1G項所述之全自動區分 和人類的測試管理系統,其中’該全自動區分計算機:: 類的測試資料包括-圖片、-視訊及/或一聲音。 人 二申請專利範園第15項所述之全自“分計算機 和人類的測試管理系統,其中該圖片係表示一 域,該可點選區域係隨_示於該圖片之—特定區域^ 且=服器更接㈣用戶㈣傳送之—座⑽訊並依據該 座標資訊判別出該用戶端所輸入之資料, 其中該座標資訊係由該用戶端點選於該特定區域之該 可點選區域之一位置所產生。 17.如申請專利範_ 1G項所述之全自動區分計算機 和人類的測試管理系統,其中該Μ㈣係為—段文字或 圖片’該段文字或圖片用以提示該用戶端執行一特定操 作,致使該用戶端產生對應該特定操作之—結果給該饲服 器。 φ 18.如申請專利範圍第10項所述之全自動區分計算機 和人類的職管理线’其中該段文字或圖片表示一謎語 或一遊戲。 19.一種電腦程式產品,其係被一機器載入以執行一全 自動區分計算機和人類的測試資料管理方法,該電腦程式 產品包括: 一第一程式碼,用以依據一第一資料產生至少一全自 動£分计鼻機和人類的測試(Completely Automated Public Test to tell Computers and Humans Apart,CAPTCHA)資 Client’s Docket No.: TT’s Docket No:9096-A42766-TW/Final 23 201222320 料,其中該第一資料係為與一操作有關之資料; 一第二程式碼,用以將該全自動區分計算機和人類的 測試資料藏入一對應之編碼資料, 一第三程式碼,用以透過一第一傳輸媒介傳送編碼後 之全自動區分計算機和人類的測試資料至一用戶端,致使 該用戶端利用該編碼後之全自動區分計算機和人類的測試 資料輸入一第二資料並傳送該第二資料對應之一第三資 料;以及 一第四程式碼,用以接收並解碼該第三資料,以得到 該用戶端所輸入之資料。 Client’s Docket No.: TT's Docket No:9096-A42766-TW/Final 24&amp; If you apply for a patent. The human test management method, the 1 κ king automatic zone for the counting machine and the test data includes ^ slice, dynamic distinction between computer and human ^ ^ 矾 and / or a sound. 7. In the patent test method of the sixth application of the patent scope, in the 1st, the mobile computer and the selectable area are randomly displayed in the field of the picture, and the method further includes: (10) special area of the month And the square 俨:: two receives the coordinate information transmitted by the client and determines the data input by the user terminal according to the private message, and can point the coordinate consumption (4) the user terminal is in the specific area This is the location of one of the selected areas. Please refer to the method of fully automatic computer and human test management according to the patent specification, wherein the coded data is a paragraph text or a picture 'the text or picture is used to prompt the user to perform a specific operation, so that the The client generates a corresponding operation - the result is given to the feeder. 9. For example, the scope of the patent application! The fully automatic computer and human test management method described in the section, wherein the text or picture represents a riddle or a game. Client's Docket No.: TT's Docket No :9096-A42766-TW/FinaI 201222320 ιυ. System, including the mind-sewn computer and human test data management system - server 'generated according to a first data — and human test data, The automatic classification meter: dragging f computer data into a corresponding coded data, transparent and human test code, the fully automatic distinction between computer and human; transmitting the end, causing the user to use the stone After the horse's: the user's test data is input into a second data and the person's data is transmitted, and the third data is received and decoded to obtain the input data, and the user's first data is - Operational information. For example, the automatic classification meter and the human test tube (four) system described in the application of the patent (4) 1G item, the code data of the towel is an identification code corresponding to the test data of the automatic distinction between the computer and the human.乂王 12. If you apply for the fully automatic classification calculation and human security management management described in item U of the patent scope, the identification code includes the hash number. 13. The automatic distinguishing computer # and the human test management system according to claim 12, wherein the server further knows the hash number from the third material and uses one according to the hash number. The table lookup method obtains the data input by the client. $14. The fully automatic computer and human test management system as described in claim 12, wherein the server obtains the hash number from the third material and uses a hash function according to the hash number. To get the information entered by the client. Client's Docket No.: TT's Docket No:9096-A42766-TW/Final 22 201222320 15·If you apply for the automatic division and human test management system described in the hometown _ 1G item, where 'the fully automatic computer:: class The test data includes - pictures, - video and / or a sound. The second application of the patent computer is the sub-computer and human test management system, wherein the picture represents a domain, and the selectable area is displayed in the specific area of the picture ^ The server is connected to (4) the user (4) transmits the seat (10) and determines the data input by the user terminal according to the coordinate information, wherein the coordinate information is selected by the user endpoint in the selectable area of the specific area. 17. Produced by one location. 17. The fully automatic computer and human test management system as described in the patent application _1G, wherein the Μ(4) is a paragraph text or a picture 'the text or picture is used to prompt the user The end performs a specific operation, causing the user to generate a corresponding operation - the result is given to the feeder. φ 18. The fully automatic computer and human management line as described in claim 10 of the patent application A paragraph text or picture represents a riddle or a game. 19. A computer program product that is loaded by a machine to perform a fully automated computer and human test data management method. The computer program product comprises: a first code for generating at least one fully automatic metering and human testing (Completely Automated Public Test to tell Computers and Humans Apart, CAPTCHA) based on a first data. No.: TT's Docket No: 9096-A42766-TW/Final 23 201222320, wherein the first data is data related to an operation; a second code is used to automatically distinguish between computer and human testing The data is stored in a corresponding coded data, and a third code is used to transmit the encoded fully automatic computer and human test data to a client through a first transmission medium, so that the user uses the code. Automatically distinguishing computer and human test data into a second data and transmitting a third data corresponding to the second data; and a fourth code for receiving and decoding the third data to obtain the user terminal Enter the information. Client's Docket No.: TT's Docket No:9096-A42766-TW/Final 24
TW099141418A 2010-11-30 2010-11-30 Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof TWI448921B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW099141418A TWI448921B (en) 2010-11-30 2010-11-30 Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW099141418A TWI448921B (en) 2010-11-30 2010-11-30 Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof

Publications (2)

Publication Number Publication Date
TW201222320A true TW201222320A (en) 2012-06-01
TWI448921B TWI448921B (en) 2014-08-11

Family

ID=46725189

Family Applications (1)

Application Number Title Priority Date Filing Date
TW099141418A TWI448921B (en) 2010-11-30 2010-11-30 Captcha (completely automated public test to tell computers and humans apart) data management methods and related data management systems and computer program products thereof

Country Status (1)

Country Link
TW (1) TWI448921B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI682300B (en) * 2018-06-13 2020-01-11 新加坡商雲網科技新加坡有限公司 Image based authentication code method, server, and authentication code system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016135963A1 (en) * 2015-02-27 2016-09-01 楽天株式会社 Information processing device, information processing method, program, storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090055193A1 (en) * 2007-02-22 2009-02-26 Pudding Holdings Israel Ltd. Method, apparatus and computer code for selectively providing access to a service in accordance with spoken content received from a user
TWI336631B (en) * 2007-04-17 2011-02-01 Univ Nat Taiwan Science Tech Online game managing method and online game managing device using the same
WO2010014386A1 (en) * 2008-07-29 2010-02-04 Motorola, Inc. Method and system for securing communication sessions
EP2182457A1 (en) * 2008-10-31 2010-05-05 Gemalto SA Dynamic PIN verification for insecure environment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI682300B (en) * 2018-06-13 2020-01-11 新加坡商雲網科技新加坡有限公司 Image based authentication code method, server, and authentication code system

Also Published As

Publication number Publication date
TWI448921B (en) 2014-08-11

Similar Documents

Publication Publication Date Title
JP7051859B2 (en) Methods and systems for creating network-enabled accounts using photodetection
US10417399B2 (en) Accessing a secured software application
TWI526037B (en) Method and system for abstrcted and randomized one-time use passwords for transactional authentication
US20230086191A1 (en) Systems and Methods for Token Content Unlocking, Biometric Authentication using Privacy-Protecting Tokens, Ownership-Based Limitations of Content Access, Policy-Based Time Capsule Technology, and Content Lock Mechanisms
US20140244514A1 (en) Methods and arrangements for smartphone payments and transactions
US20140157382A1 (en) Observable authentication methods and apparatus
WO2023273070A1 (en) Registration method and system, and electronic device, storage medium and computer program product
JP2008204424A (en) Method and system for graphical image authentication
TW201121280A (en) Network security verification method and device and handheld electronic device verification method.
JP2017507552A (en) Method and apparatus for providing client-side score-based authentication
JP2017117301A (en) Ticket issuing system
US20130191641A1 (en) Captcha (completely automated public test to tell computers and humans apart) data generation methods and related data management systems and computer program products thereof
Mathis et al. Stay home! Conducting remote usability evaluations of novel real-world authentication systems using virtual reality
TWI379213B (en)
US20230114684A1 (en) Cryptographic Content Co-Creation Mechanisms and Linking Physical Elements to Cryptographic Elements
WO2023036143A1 (en) Decentralized zero-trust identity verification and authentication system and method
US20110225633A1 (en) Data Processing Methods and Systems for Processing Data in an Operation having a Predetermined Flow Based on CAPTCHA (Completely Automated Public Test to Tell Computers and Humans Apart) Data, and Computer Program Products Thereof
US20110225634A1 (en) CAPTCHA (Completely Automated Public Test to Tell Computers and Humans Apart) Data Generation Methods and Related Data Management Systems and Computer Program Products Thereof
TWI436232B (en) Data processing methods and systems for processing data in an operation having a predetermined flow based on captcha (completely automated public test to tell computers and humans apart) data, and computer program products thereof
TW201222320A (en) CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) data management methods and related data management systems and computer program products thereof
EP4413701A1 (en) Systems and methods for encrypted multifactor authentication using imaging devices and image enhancement
JP2007058807A (en) Authentication system and method
WO2023060284A1 (en) Cryptographic content co-creation mechanisms and linking physical elements to cryptographic elements
JP2020194544A (en) System for generating and verifying matrix barcode, method for generating matrix barcode, and method for verifying matrix barcode
US20070202945A1 (en) Accessibility and security in a gaming environment

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees