TW201316741A - Authentication system, method and programmed products - Google Patents
Authentication system, method and programmed products Download PDFInfo
- Publication number
- TW201316741A TW201316741A TW100136702A TW100136702A TW201316741A TW 201316741 A TW201316741 A TW 201316741A TW 100136702 A TW100136702 A TW 100136702A TW 100136702 A TW100136702 A TW 100136702A TW 201316741 A TW201316741 A TW 201316741A
- Authority
- TW
- Taiwan
- Prior art keywords
- account
- service platform
- electronic device
- code
- user
- Prior art date
Links
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
Description
本發明係關於一種帳號認證系統、方法及程式產品,詳而言之,係關於一種應用於電子裝置的帳號認證系統、方法以及載於電子裝置的帳號認證程式產品。The present invention relates to an account authentication system, method and program product, and more particularly to an account authentication system and method for an electronic device and an account authentication program product for an electronic device.
隨著網路技術日益增進,越來越多人利用網路來搜尋資訊、收發電子郵件、訂閱電子報、線上購物、連線遊戲、社群聊天等,而多數網站需要使用者成為會員才可使用前述功能。With the increasing use of Internet technology, more and more people use the Internet to search for information, send and receive emails, subscribe to e-newsletters, online shopping, connected games, community chats, etc. Most websites require users to become members. Use the aforementioned features.
所謂會員係指使用者先於該網站中輸入個人基本資料並設定登入網站的帳號及密碼,經網站認證通過後即成為該網站的會員,使用者於下次登入網站時需輸入先前所設定的帳號及密碼始得登入網站。一般而言,帳號及密碼的認證強度係取決於使用者所選取的帳號及密碼本身,例如帳號或密碼的長度、字母和數字的排列組合重複使用率、相同字元重複出現率、複雜性等,因此,越是複雜、沒規則性的帳號或密碼越是難以破解。The so-called membership means that the user enters the personal basic information and sets the account number and password of the login website before the website is authenticated. After the website is authenticated, the user becomes a member of the website. The user needs to input the previously set when logging in to the website. The account number and password must be logged in to the website. Generally speaking, the authentication strength of the account and password depends on the account selected by the user and the password itself, such as the length of the account or password, the arrangement of the combination of letters and numbers, the repetition rate of the same character, the complexity, etc. Therefore, the more complex and irregular account or password, the harder it is to crack.
惟,近年來,盜用帳號的事件層出不窮,若駭客在使用者的電腦植入木馬或側錄軟體,或是仿製知名網站的登錄頁面,然後利用垃圾郵件或即時通訊發送連結,誘使使用者登入,進而直接騙取使用者的帳號、密碼,甚至姓名、地址、電話及信用卡資料等,再利用這些資料獲取不當利益。如此一來,縱使帳號密碼設定得再複雜,亦無法有效的防止帳號密碼的流出。However, in recent years, there have been numerous incidents of misappropriation of account numbers. If a hacker implants a Trojan or a side-recording software on a user's computer, or copies a login page of a well-known website, and then uses spam or instant messaging to send a link, the user is tempted. Log in, and then directly defraud the user's account, password, and even name, address, phone and credit card information, and then use this information to obtain improper benefits. As a result, even if the account password is set to be complicated, the account password cannot be effectively prevented from flowing out.
目前,市面上有許多加強帳號密碼安全性的機制,例如於登入頁面上使用虛擬的動態鍵盤、或於電腦上連接實體的動態密碼鎖,或是增加驗證登入網站的電腦的步驟。然而,虛擬的動態鍵盤無法避開釣魚網站的陷阱、實體的動態密碼鎖不僅操作不便且此密碼鎖中所利用之一次性密碼的技術亦容易破解,而驗證登入網站的電腦亦相當複雜且操作不便。Currently, there are many mechanisms on the market to enhance the security of account passwords, such as using a virtual dynamic keyboard on the login page, or connecting a physical dynamic password lock on a computer, or adding a step to verify the computer that logs into the website. However, the virtual dynamic keyboard cannot avoid the trap of the phishing website, and the dynamic password lock of the entity is not only inconvenient to operate, but also the technology of one-time password used in the password lock is easy to crack, and the computer that verifies the login website is also quite complicated and operates. inconvenient.
鑒於上述習知技術之缺點,本發明之目的在於提供一種帳號認證系統、方法及程式產品,以增加帳號及密碼認證上的安全性。In view of the above disadvantages of the prior art, an object of the present invention is to provide an account authentication system, method and program product for increasing security on account and password authentication.
為達到前述目的以及其他目的,本發明提供一種帳號認證系統,包括:電子裝置與服務平台,其中,該電子裝置包括有用以取得代碼之取得模組、用以輸出該代碼及該電子裝置的資料之傳輸模組、及用以發出開啟使用者的帳號的登入功能之通知的通知開啟模組,而該服務平台係供該使用者輸入帳號及密碼以登入該服務平台,該服務平台包括有用以產生供該電子裝置取得之該代碼,俾使該代碼和該使用者的帳號之間具有關聯之代碼產生模組、用以接收該電子裝置所輸出之該電子裝置的資料及該代碼,俾使該代碼和該電子裝置的資料之間產生關聯之接收模組、及用以接收該電子裝置所發出之開啟使用者的帳號的登入功能之通知而根據該電子裝置的資料開啟關聯該資料之使用者的帳號之登入功能,俾供該使用者於該服務平台輸入該帳號及密碼,再經該服務平台認證通過後登入該服務平台之帳號開啟模組。To achieve the foregoing and other objects, the present invention provides an account authentication system, including: an electronic device and a service platform, wherein the electronic device includes an acquisition module for obtaining a code, and a data for outputting the code and the electronic device. a transmission module and a notification opening module for issuing a notification of a login function for opening a user account, wherein the service platform is for the user to input an account number and password to log in to the service platform, the service platform includes Generating a code for the electronic device to obtain a code generating module associated with the user's account, receiving data of the electronic device and the code output by the electronic device, and causing the code The receiving module associated with the data of the electronic device and the notification function for receiving the login function of the account opened by the electronic device to open the associated use of the data according to the data of the electronic device The login function of the user's account, for the user to enter the account and password on the service platform, and then the service The service platform login module after the account open platform certification.
所述之電子裝置復包括用以讀取自該取得模組所取得之該代碼之讀取模組。此外,該電子裝置可載有帳號認證程式產品,其中,該取得模組、讀取模組、傳輸模組和通知開啟模組係包含於該帳號認證程式產品中。The electronic device further includes a reading module for reading the code obtained from the acquisition module. In addition, the electronic device can be loaded with an account authentication program product, wherein the acquisition module, the reading module, the transmission module, and the notification opening module are included in the account authentication program product.
此外,為達到前述目的以及其他目的,本發明復提供一種帳號認證方法,包括以下步驟:(1)使用者於服務平台輸入帳號及密碼以登入該服務平台;(2)令該服務平台產生代碼,俾使該代碼和該使用者的帳號產生關聯;(3)令電子裝置取得並讀取該代碼,再將該電子裝置的資料和該代碼傳輸至該服務平台,俾使該代碼和該電子裝置的資料產生關聯;(4)於該使用者登入該服務平台前,令該電子裝置通知該服務平台開啟該使用者的帳號之登入功能;以及(5)該服務平台接收該電子裝置的通知而根據該電子裝置的資料開啟關聯該資料之使用者的帳號之登入功能,俾供該使用者於該服務平台輸入該帳號及密碼,再經該服務平台認證通過後登入該服務平台。In addition, in order to achieve the foregoing and other objects, the present invention provides an account authentication method, including the following steps: (1) a user inputs an account and a password on a service platform to log in to the service platform; and (2) causes the service platform to generate a code. And causing the code to be associated with the user's account; (3) causing the electronic device to obtain and read the code, and transmitting the electronic device's data and the code to the service platform, causing the code and the electronic (4) before the user logs in to the service platform, the electronic device is notified to the service platform to enable the login function of the user's account; and (5) the service platform receives the notification of the electronic device And the login function of the account of the user associated with the data is opened according to the information of the electronic device, and the user is input the account and password on the service platform, and then the service platform is authenticated and then login to the service platform.
所述之代碼可為一維代碼或二維代碼,於步驟(2)中,該服務平台產生該代碼並顯示於該服務平台的網頁上,並於步驟(3)中,該電子裝置自該網頁拍攝下該代碼以進行解讀,或者,該電子裝置亦可藉由簡訊或電子郵件之方式取得該代碼。The code may be a one-dimensional code or a two-dimensional code. In the step (2), the service platform generates the code and displays it on a webpage of the service platform, and in the step (3), the electronic device The code is taken by the web page for interpretation, or the electronic device can also obtain the code by means of a short message or an email.
所述之使用者的帳號之登入功能可於開啟一預定時間之後關閉,或者於該使用者輸入該帳號及密碼以登入該服務平台之後立即關閉。The login function of the user's account may be closed after a predetermined time has elapsed, or may be closed immediately after the user inputs the account and password to log in to the service platform.
再者,為達到前述目的以及其他目的,本發明又提供一種帳號認證程式產品,係適用載於電子裝置中,以使該電子裝置執行以下步驟:(1)自服務平台取得代碼,其中,於該服務平台中,該代碼與使用者的帳號有關聯;(2)傳輸電子裝置的資料及該代碼至該服務平台,俾使該代碼和該裝置資料於該服務平台中產生關聯;以及(3)於該使用者登入該服務平台前,通知該服務平台開啟該使用者的帳號之登入功能,俾使該服務平台接收該電子裝置的通知而根據該電子裝置的資料開啟關聯該資料之使用者的帳號之登入功能。In addition, in order to achieve the foregoing and other objects, the present invention further provides an account authentication program product, which is applicable to an electronic device, so that the electronic device performs the following steps: (1) obtaining a code from a service platform, where In the service platform, the code is associated with the user's account; (2) transmitting the information of the electronic device and the code to the service platform, so that the code and the device data are associated in the service platform; and (3) Before the user logs in to the service platform, the service platform is notified to open the login function of the user's account, so that the service platform receives the notification of the electronic device and opens the user associated with the data according to the data of the electronic device. Login function of the account.
相較於以往於登入網站時輸入使用者的帳號和密碼,網站雖可能結合有動態鍵盤等防護措施來加強帳號和密碼的安全性,惟,一旦該使用者的帳號和密碼被竊用,則網站的任何防護措施皆無法產生作用。因此,藉由運用本發明之帳號認證系統、方法及程式產品的應用,俾增加帳號及密碼認證上的安全性。Compared with the previous login of the user's account and password when logging in to the website, the website may combine the dynamic keyboard and other protection measures to strengthen the security of the account and password. However, once the user's account and password are stolen, Any protection measures on the website will not work. Therefore, by using the account authentication system, method and application of the program of the present invention, the security of account and password authentication is increased.
以下藉由特定的具體實施形態說明本發明之技術內容,熟習此技術之人士可由本說明書所揭示之內容輕易地了解本發明之其他優點與功效,亦可藉由其他不同的具體實施形態加以施行或應用。In the following, the technical content of the present invention will be described by a specific embodiment, and those skilled in the art can easily understand other advantages and effects of the present invention by the contents disclosed in the present specification, and can also be implemented by other different embodiments. Or application.
請參閱第1A圖,其係大致揭露本發明之帳號認證系統之架構。該帳號認證系統包括有電子裝置2與服務平台3。電子裝置2可包括取得模組21、傳輸模組22及通知開啟模組23;服務平台3可包括代碼產生模組31、接收模組32及帳號開啟模組33。Please refer to FIG. 1A, which generally discloses the architecture of the account authentication system of the present invention. The account authentication system includes an electronic device 2 and a service platform 3. The electronic device 2 can include an acquisition module 21, a transmission module 22, and a notification opening module 23. The service platform 3 can include a code generation module 31, a receiving module 32, and an account opening module 33.
電子裝置2可例如為手機、PDA、平板電腦、筆記型電腦等具有連網功能之電子裝置。The electronic device 2 can be, for example, an electronic device having a networking function such as a mobile phone, a PDA, a tablet computer, or a notebook computer.
取得模組21係用以自服務平台3取得代碼。取得模組21可為網路收發模組,以透過簡訊或電子郵件的方式取得代碼,或者,如第1B圖所示,取得模組21亦可透過電子裝置2之拍攝模組25,以直接從服務平台3的網頁上拍攝代碼,其中,服務平台3顯示於該網頁上的代碼可為一維代碼或二維代碼(如Quick Response code;簡稱QR code),且電子裝置2復包括讀取模組24,用以對取得模組21所取得之代碼進行解讀。The acquisition module 21 is used to obtain code from the service platform 3. The acquisition module 21 can be a network transceiver module to obtain a code by means of a short message or an e-mail. Alternatively, as shown in FIG. 1B, the acquisition module 21 can also directly pass through the imaging module 25 of the electronic device 2 to directly The code is displayed on the webpage of the service platform 3, wherein the code displayed on the webpage by the service platform 3 can be a one-dimensional code or a two-dimensional code (such as Quick Response code; QR code), and the electronic device 2 includes reading. The module 24 is configured to interpret the code obtained by the acquisition module 21.
傳輸模組22係用以於取得該代碼後,輸出該代碼及電子裝置2的資料至服務平台3,其中,電子裝置2的資料可為電子裝置的編號或序號等。於電子裝置2為手機的實施形態中,電子裝置2的資料亦可包括電話號碼或用戶識別模組(Subscriber Identity Module;簡稱SIM)卡卡號等。The transmission module 22 is configured to output the code and the data of the electronic device 2 to the service platform 3 after the code is obtained. The data of the electronic device 2 may be the number or serial number of the electronic device. In the embodiment where the electronic device 2 is a mobile phone, the data of the electronic device 2 may also include a phone number or a Subscriber Identity Module (SIM) card number.
通知開啟模組23係用以於使用者1登入服務平台3之前,發出開啟使用者1的帳號的登入功能之通知至服務平台3。詳言之,使用者1於登入服務平台3之前,係操作電子裝置2以令電子裝置2通知服務平台3開啟使用者1的帳號的登入功能。The notification opening module 23 is configured to issue a notification of the login function of opening the account of the user 1 to the service platform 3 before the user 1 logs into the service platform 3. In detail, before logging in to the service platform 3, the user 1 operates the electronic device 2 to cause the electronic device 2 to notify the service platform 3 to open the login function of the account of the user 1.
此外,取得模組21、傳輸模組22、通知開啟模組23、讀取模組24及拍攝模組25可包含於一程式產品中,供電子裝置2載入。In addition, the acquisition module 21, the transmission module 22, the notification opening module 23, the reading module 24, and the imaging module 25 can be included in a program product for loading by the electronic device 2.
服務平台3係用以供使用者1輸入帳號及密碼以登入服務平台3。如第1B圖所示,服務平台3復包括登入模組34,使用者1利用於登入模組34輸入帳號及密碼,俾供服務平台3對該帳號及密碼進行認證,亦即,服務平台3將確認該服務平台3是否具有該帳號且該密碼是否對應於該帳號,當該服務平台3具有該帳號且該密碼對應於該帳號時,表示認證通過,之後,使用者1始得登入。The service platform 3 is used for the user 1 to input an account number and password to log in to the service platform 3. As shown in FIG. 1B, the service platform 3 includes a login module 34. The user 1 uses the login module 34 to input an account number and password, and the service platform 3 authenticates the account and password, that is, the service platform 3 It will be confirmed whether the service platform 3 has the account number and whether the password corresponds to the account. When the service platform 3 has the account number and the password corresponds to the account number, it indicates that the authentication is passed, and then the user 1 starts to log in.
代碼產生模組31係用以產生提供予電子裝置2的該代碼,俾使該代碼和使用者1的帳號之間具有關聯。於一實施形態中,使用者1於其帳號及密碼通過認證而登入服務平台3後,服務平台3會隨機產生一組代碼,此時於服務平台3內,該代碼和使用者1的帳號之間係產生關聯。The code generation module 31 is configured to generate the code provided to the electronic device 2 such that there is an association between the code and the account number of the user 1. In an embodiment, after the user 1 logs in to the service platform 3 after the account and password are authenticated, the service platform 3 randomly generates a set of codes. At this time, in the service platform 3, the code and the account of the user 1 are The inter-system produces an association.
接收模組32係用以接收電子裝置2所輸出之電子裝置2的資料及該代碼,俾使該代碼和電子裝置2的資料之間產生關聯。詳言之,服務平台3產生代碼後,電子裝置2可透過簡訊或電子郵件、或拍攝等方式取得該代碼,再將該代碼連同自身的資料,如編號、序號、電話號碼或SIM卡卡號等傳予服務平台3,於接收模組32接收該代碼和電子裝置2的資料時,於服務平台3內,該代碼和電子裝置2的資料係產生關聯。需瞭解,由於先前該代碼和使用者1的帳號已具有關聯,再加上該代碼和電子裝置2的資料亦具有關聯,因而使用者1的帳號、該代碼和電子裝置2的資料三者之間具有關聯。The receiving module 32 is configured to receive the data of the electronic device 2 output by the electronic device 2 and the code, so as to associate the code with the data of the electronic device 2. In detail, after the service platform 3 generates the code, the electronic device 2 can obtain the code through a short message or an email, or shooting, and then the code together with its own data, such as number, serial number, telephone number or SIM card number, etc. The data is transmitted to the service platform 3, and when the receiving module 32 receives the code and the data of the electronic device 2, the code is associated with the data of the electronic device 2 in the service platform 3. It should be understood that since the code has been associated with the account of the user 1 and the data of the electronic device 2 is also associated, the account number of the user 1, the code, and the data of the electronic device 2 are three. There is an association between them.
帳號開啟模組33係用以接收電子裝置2所發出之開啟使用者1的帳號的登入功能之通知,而根據電子裝置2的資料開啟關聯該資料之使用者1的帳號之登入功能,其中,使用者1的帳號之登入功能可於開啟一預定時間後即關閉,或者,可於使用者1利用該帳號登入服務平台3之後立即關閉。接著,帳號開啟模組33開啟使用者1的帳號的登入功能後,使用者1可於服務平台3輸入該帳號及密碼,再經服務平台3認證通過後登入服務平台3。The account opening module 33 is configured to receive a notification of the login function of the user 1 to open the account of the user 1 issued by the electronic device 2, and to enable the login function of the account 1 of the user 1 associated with the data according to the data of the electronic device 2, wherein The login function of the account of the user 1 can be closed after a predetermined time has elapsed, or can be closed immediately after the user 1 logs in to the service platform 3 by using the account. Then, after the account opening module 33 opens the login function of the account of the user 1, the user 1 can input the account and password on the service platform 3, and then log in to the service platform 3 after being authenticated by the service platform 3.
藉此,藉由前述第1A及1B圖之說明可知,原本習知技術僅於使用者登入服務平台時對使用者所輸入之帳號及密碼進行認證,而於本發明所揭露的實施方式中,除了認證帳號及密碼外,更基於使用者的電子裝置的資料來控制開啟帳號的登入功能,如此進而增添帳號及密碼的安全性。Therefore, it can be seen from the description of the first and the first embodiments that the prior art only authenticates the account and the password entered by the user when the user logs in to the service platform, and in the embodiment disclosed by the present invention, In addition to the authentication account and password, the login function of the account is controlled based on the data of the user's electronic device, thereby increasing the security of the account and password.
再者,本發明所提出之帳號認證方法,詳細來說可分為兩階段,包括設定階段和認證階段,分別詳述於第2A圖及第2B圖。Furthermore, the account authentication method proposed by the present invention can be divided into two phases in detail, including a setting phase and an authentication phase, which are respectively described in FIG. 2A and FIG. 2B.
於第2A圖中,於步驟S301中,使用者於服務平台輸入帳號及密碼以登入該服務平台。於目前的網路應用中,使用者要享有電子郵件、線上購物、社群聊天等服務時需先成為提供該些服務的服務平台的會員,即先在服務平台上註冊個人資料(包括帳號及密碼)成為會員,以於下次登入服務平台時利用所設定之帳號及密碼登入。換句話說,使用者欲設定電子裝置與帳號的關聯性必須先登入服務平台。接著進至步驟S302。In FIG. 2A, in step S301, the user enters an account number and password on the service platform to log in to the service platform. In current web applications, users must first become a member of the service platform that provides services for e-mail, online shopping, community chat, etc., that is, first register personal information (including account number and Password) Become a member to log in with the account and password set when logging in to the service platform next time. In other words, the user has to log in to the service platform before setting the association between the electronic device and the account. Then it proceeds to step S302.
於步驟S302中,令該服務平台產生代碼。此時,服務平台內之該使用者的帳號和所產生之代碼產生關聯。接著進至步驟S303。In step S302, the service platform is caused to generate code. At this point, the account of the user within the service platform is associated with the generated code. Then it proceeds to step S303.
於步驟S303中,令電子裝置取得並讀取該代碼。該服務平台可以簡訊或電子郵件方式傳輸該代碼予該電子裝置。於一實施形態中,該服務平台將該代碼,如一維代碼或二維代碼(如QR code)顯示於其網頁上,該電子裝置便可拍攝該代碼以進行解讀。接著進至步驟S304。In step S303, the electronic device is caused to acquire and read the code. The service platform can transmit the code to the electronic device by way of a short message or an email. In one embodiment, the service platform displays the code, such as a one-dimensional code or a two-dimensional code (such as QR code) on its web page, and the electronic device can capture the code for interpretation. Then it proceeds to step S304.
於步驟S304中,令該電子裝置將該電子裝置的資料和該代碼傳輸至該服務平台。此時,該電子裝置的資料、該代碼、和該使用者的帳號產生關聯。In step S304, the electronic device is caused to transmit the data of the electronic device and the code to the service platform. At this time, the information of the electronic device, the code, and the account of the user are associated.
至此,完成電子裝置的設定。設定完成後,使用者再次登入服務平台時便可行使利用電子裝置來提升帳號及密碼的安全性之機制。At this point, the setting of the electronic device is completed. After the setting is completed, the user can use the electronic device to enhance the security of the account and password when logging in to the service platform again.
於第2B圖中,於步驟S305中,令該電子裝置通知該服務平台開啟該使用者的帳號之登入功能。若該使用者沒有操作該電子裝置通知該服務平台開啟該使用者的帳號之登入功能,則該使用者無法進行登入。此外,帳號的開啟具有時效性,例如於開啟一預定時間即關閉或於該使用者登入該服務平台後立即關閉,藉此避免當使用者在登入該服務平台後第三人亦可登入該服務平台的情形,也就是避免盜取該帳號的第三人冒名登入該服務平台。接著進至步驟S306。In FIG. 2B, in step S305, the electronic device is notified to the service platform to enable the login function of the user's account. If the user does not operate the electronic device to notify the service platform to open the login function of the user's account, the user cannot log in. In addition, the opening of the account is time-sensitive, for example, it is closed after a predetermined time is opened or immediately after the user logs in to the service platform, thereby preventing the third party from logging in to the service after logging in to the service platform. In the case of the platform, that is, the third party who avoids stealing the account is impersonated to log in to the service platform. Then it proceeds to step S306.
於步驟S306中,該服務平台接收該電子裝置的通知,而根據該電子裝置的資料開啟關聯該資料之該使用者的帳號之登入功能。由於先前已於設定階段中使該電子裝置的資料、該代碼、和該使用者的帳號產生關聯,因而於認證階段中,可根據該電子裝置的資料開啟關聯該資料之該使用者的帳號之登入功能。接著進至步驟S307。In step S306, the service platform receives the notification of the electronic device, and opens a login function of the user's account associated with the data according to the data of the electronic device. Since the data of the electronic device, the code, and the account number of the user are previously associated in the setting phase, in the authentication phase, the account of the user associated with the data may be opened according to the data of the electronic device. Login function. Then it proceeds to step S307.
於步驟S307中,該使用者於該服務平台輸入該帳號及密碼,經該服務平台認證通過後登入該服務平台。當該使用者所輸入之該帳號與該電子裝置的裝置沒有關聯時,則認證失敗。In step S307, the user inputs the account number and password on the service platform, and logs in to the service platform after passing the authentication of the service platform. When the account entered by the user is not associated with the device of the electronic device, the authentication fails.
另外,具體實施時,申請人(發明人)會開發一種供電子裝置載入之認證程式產品,以使該電子裝置執行:自服務平台取得代碼、傳輸電子裝置的資料及該代碼至該服務平台、通知該服務平台開啟該使用者的帳號之登入功能之步驟。In addition, in the specific implementation, the applicant (inventor) develops an authentication program product for loading the electronic device, so that the electronic device executes: obtaining the code from the service platform, transmitting the data of the electronic device, and the code to the service platform. And notifying the service platform to open the login function of the user's account.
綜上所述,本發明所提出之帳號認證系統、方法及程式產品,係利用電子裝置作為增加帳號認證安全的工具,先於服務平台上讓使用者的帳號、代碼和電子裝置的資料之間具有關聯性,再於登入服務平台前通知該服務平台開啟該使用者的帳號之登入功能。此是由於服務平台於接收電子裝置的通知時能得知電子裝置的資料,進而可利用該資料來開啟該使用者的帳號之登入功能,使得該使用者能夠登入服務平台。是以,縱使第三人已知使用者的帳號,由於沒有使用者的電子裝置的資料,仍無法登入服務平台。即使在第三人得知該使用者的電子裝置的資料之情況下,因為沒有使用者的電子裝置而無法操作該電子裝置執行通知該服務平台開啟該使用者的帳號之登入功能的步驟,還是無法登入服務平台。In summary, the account authentication system, method, and program product proposed by the present invention use an electronic device as a tool for increasing account authentication security, and prior to the service platform, the user's account number, code, and electronic device data are used. Relevance, and then notify the service platform to open the login function of the user's account before logging in to the service platform. This is because the service platform can know the data of the electronic device when receiving the notification of the electronic device, and can then use the data to open the login function of the user's account, so that the user can log in to the service platform. Therefore, even if the third party knows the user's account, the user cannot log in to the service platform because there is no information about the user's electronic device. Even if the third party knows the data of the user's electronic device, because the user does not have the electronic device and cannot operate the electronic device to perform the step of notifying the service platform to open the login function of the user's account, Unable to login to the service platform.
因此,透過本發明的應用,可避免習知技術中,服務平台建置虛擬動態鍵盤的開發及維護成本、實體動態密碼鎖造成使用者不便等等問題,而使用者於服務平台的登入頁面輸入帳號及密碼時,無須再驗證登入該服務平台的電腦或再輸入一次性密碼等繁雜操作,僅需於登入服務平台前利用其電子裝置通知服務平台開啟該使用者的帳號之登入功能。由於所述電子裝置往往為個人所持有,駭客難以輕易取得,如此能有效提升帳號及密碼的認證安全性。Therefore, through the application of the present invention, the problem of the development and maintenance cost of the virtual dynamic keyboard of the service platform, the inconvenience of the user caused by the physical dynamic password lock, and the like can be avoided in the prior art, and the user inputs the login page of the service platform. For the account number and password, you do not need to verify the complicated operation of the computer that is logged in to the service platform or enter the one-time password. You only need to use the electronic device notification service platform to open the login function of the user's account before logging in to the service platform. Since the electronic device is often held by an individual, it is difficult for the hacker to easily obtain it, which can effectively improve the authentication security of the account and the password.
上述各實施形態僅例示性說明本發明之原理及功效,而非用於限制本發明。任何熟習此項技術之人士均可在不違背本發明之精神及範疇下,對上述實施形態進行修飾與改變。因此,本發明之權利保護範圍,應如後述之申請專利範圍所列。The above embodiments are merely illustrative of the principles and effects of the invention and are not intended to limit the invention. Modifications and variations of the above-described embodiments can be made by those skilled in the art without departing from the spirit and scope of the invention. Therefore, the scope of protection of the present invention should be as set forth in the scope of the claims described below.
1...使用者1. . . user
2...電子裝置2. . . Electronic device
21...取得模組twenty one. . . Get module
22...傳輸模組twenty two. . . Transmission module
23...通知開啟模組twenty three. . . Notification opening module
24...讀取模組twenty four. . . Read module
25...拍攝模組25. . . Shooting module
3...服務平台3. . . Service Platform
31...代碼產生模組31. . . Code generation module
32...接收模組32. . . Receiving module
33...帳號開啟模組33. . . Account opening module
34...登入模組34. . . Login module
S301~S307...步驟S301~S307. . . step
第1A圖為本發明之帳號認證系統之一實施形態之基本架構方塊圖;1A is a block diagram showing the basic architecture of an embodiment of an account authentication system of the present invention;
第1B圖為本發明之帳號認證系統之另一實施形態之基本架構方塊圖;1B is a block diagram showing the basic architecture of another embodiment of the account authentication system of the present invention;
第2A圖為本發明之帳號認證方法之設定階段之流程圖;以及2A is a flow chart showing a setting phase of the account authentication method of the present invention;
第2B圖為本發明之帳號認證方法之認證階段之流程圖。2B is a flow chart of the authentication phase of the account authentication method of the present invention.
1...使用者1. . . user
2...電子裝置2. . . Electronic device
21...取得模組twenty one. . . Get module
22...傳輸模組twenty two. . . Transmission module
23...通知開啟模組twenty three. . . Notification opening module
3...服務平台3. . . Service Platform
31...代碼產生模組31. . . Code generation module
32...接收模組32. . . Receiving module
33...帳號開啟模組33. . . Account opening module
Claims (15)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW100136702A TW201316741A (en) | 2011-10-11 | 2011-10-11 | Authentication system, method and programmed products |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW100136702A TW201316741A (en) | 2011-10-11 | 2011-10-11 | Authentication system, method and programmed products |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| TW201316741A true TW201316741A (en) | 2013-04-16 |
Family
ID=48803184
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW100136702A TW201316741A (en) | 2011-10-11 | 2011-10-11 | Authentication system, method and programmed products |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TW201316741A (en) |
-
2011
- 2011-10-11 TW TW100136702A patent/TW201316741A/en unknown
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9923876B2 (en) | Secure randomized input | |
| Ellison | Ceremony design and analysis | |
| US8869238B2 (en) | Authentication using a turing test to block automated attacks | |
| US11563740B2 (en) | Methods and systems for blocking malware attacks | |
| CN103380592B (en) | Method, server and system for personal authentication | |
| JP5462021B2 (en) | Authentication system, authentication method, and authentication program | |
| KR101028882B1 (en) | System and method for providing user authentication one time password using a wireless mobile terminal | |
| EP2023262A2 (en) | Authentication system and authentication method | |
| JP2006294035A (en) | Method and system for authentication service using mobile device | |
| JP2008269610A (en) | Protecting sensitive data intended for remote application | |
| CN102906776A (en) | A method for mutual authentication of a user and service provider | |
| CN101291227A (en) | Password inputting method, device and system | |
| CN107423975A (en) | By submitting number to carry out strong authentication | |
| JP4913624B2 (en) | Authentication system and authentication method | |
| JP2015099470A (en) | System, method, and server for authentication, and program | |
| CN103368831B (en) | A kind of anonymous instant communicating system identified based on frequent visitor | |
| SG175860A1 (en) | Methods of robust multi-factor authentication and authorization and systems thereof | |
| JP2015122073A (en) | Method for generating one-time password and device for executing the same | |
| US10701105B2 (en) | Method for website authentication and for securing access to a website | |
| Kaur et al. | A comparative analysis of various multistep login authentication mechanisms | |
| TW201316741A (en) | Authentication system, method and programmed products | |
| KR20150104667A (en) | Authentication method | |
| WO2017063545A1 (en) | Identity information input method and system relevant to transaction data | |
| Sodhi | Using dropped call as an authentication factor | |
| KR102281580B1 (en) | Authentication system and method of performing authentication in authentication system |