TW201911169A - Mobile E-bank transaction authentication method and system return the signature data packaged with the hash value, the identification code, and the certificate data, and verification data to the E-bank servo end - Google Patents

Mobile E-bank transaction authentication method and system return the signature data packaged with the hash value, the identification code, and the certificate data, and verification data to the E-bank servo end Download PDF

Info

Publication number
TW201911169A
TW201911169A TW106127725A TW106127725A TW201911169A TW 201911169 A TW201911169 A TW 201911169A TW 106127725 A TW106127725 A TW 106127725A TW 106127725 A TW106127725 A TW 106127725A TW 201911169 A TW201911169 A TW 201911169A
Authority
TW
Taiwan
Prior art keywords
server
transaction
authentication
online banking
data
Prior art date
Application number
TW106127725A
Other languages
Chinese (zh)
Other versions
TWI659374B (en
Inventor
李劍雄
林淑真
郭建志
朱倖誼
Original Assignee
臺灣銀行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 臺灣銀行股份有限公司 filed Critical 臺灣銀行股份有限公司
Priority to TW106127725A priority Critical patent/TWI659374B/en
Publication of TW201911169A publication Critical patent/TW201911169A/en
Application granted granted Critical
Publication of TWI659374B publication Critical patent/TWI659374B/en

Links

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

In a Mobile E-bank transaction authentication method and system, an authentication servo end stores a hash value and an identification code generated according to the transaction data from an E-bank servo end, the hash value and the identification code are transmitted to a mobile apparatus through the E-bank servo end, such that the mobile apparatus transmits the hash value, the identification code, and the certificate data which is read from an electronic card via a card reader to the authentication servo end. The authentication servo end transmits the transaction data to the mobile apparatus when determining that the received hash value and the identification code are matched with the stored hash value and an identification code, and returns the signature data packaged with the hash value, the identification code, and the certificate data, and verification data to the E-bank servo end when receiving a correct data notification from the mobile apparatus.

Description

行動網銀交易認證方法及系統Mobile online banking transaction authentication method and system

本發明是有關於行動網銀交易服務,特別是一種行動網銀交易認證方法及系統。The invention relates to a mobile internet banking transaction service, in particular to a mobile internet banking transaction authentication method and system.

現有利用例如一桌上型電腦進行一網銀交易操作時,須透過預先安裝於此電腦的元件與一連接此電腦且插置有例如一金融卡的讀卡機溝通,才能完成有關於認證授權的交易簽章作業。然而,現今利用行動裝置來執行行動商務需求與日俱增,有必要提供適用於行動裝置的行動認證授權功能及相關介面,以使得使用者能利用行動裝置並結合例如晶片金融卡或XML(Extensible Markup Language,可延伸標記式語言)簽章卡的一電子卡來進行例如非約定轉帳或大額轉帳的金融服務之確認應用。When an online banking transaction is performed using, for example, a desktop computer, it is necessary to communicate with a card reader connected to the computer and inserted with, for example, a financial card, through a component pre-installed on the computer to complete the authentication and authorization. Trading signature operations. However, todayadays, the use of mobile devices to perform mobile commerce needs is increasing, and it is necessary to provide a mobile authentication and authorization function and related interface suitable for mobile devices, so that users can utilize mobile devices and incorporate, for example, a chip financial card or XML (Extensible Markup Language, An extendable markup language) an electronic card of a signature card for confirmation of a financial service such as a non-contracted transfer or a large transfer.

為達到上述行動商務的需求,現有的行動網銀交易認證技術提出了利用一特定應用程式,並透過一專用於行動裝置的行動讀卡機來執行相關於一金融交易的交易驗證或憑證簽章操作。然而,此特定應用程式在執行交易驗證或憑證簽章時需傳輸具有相對較大資料量的交易原文資料,因而導致行動裝置必須提供較大的記憶體儲存空間,以及行動裝置執行效能降低的風險增加。In order to meet the above-mentioned mobile business requirements, the existing mobile online banking authentication technology proposes to utilize a specific application and perform transaction verification or voucher signing operations related to a financial transaction through a mobile card reader dedicated to mobile devices. . However, this particular application needs to transmit the transaction source data with a relatively large amount of data when performing transaction verification or voucher signature, thus causing the mobile device to provide a large memory storage space and the risk of the mobile device performing performance degradation. increase.

因此,現有行動網銀交易認證技術仍有很大的改良空間。Therefore, there is still much room for improvement in the existing mobile online banking certification technology.

因此,本發明的目的,即在提供一種行動網銀交易認證方法,其能克服習知技藝的缺點。Accordingly, it is an object of the present invention to provide a mobile internet transaction authentication method that overcomes the shortcomings of the prior art.

於是,本發明所提供的一種行動網銀交易認證方法,藉由一連接有一讀卡機且安裝有一行動安控應用程式的行動裝置、一插置於該讀卡機且儲存有對應於一特定客戶的憑證資料的電子卡、一網銀伺服端及一認證伺服端來執行。該行動網銀交易認證方法包含以下步驟::Therefore, the mobile banking transaction authentication method provided by the present invention is provided by a mobile device connected to a card reader and equipped with a mobile security application, and is inserted into the card reader and stored corresponding to a specific client. The voucher data is executed by an electronic card, an online banking server and an authentication server. The mobile online banking certification method includes the following steps:

(A)藉由該網銀伺服端,在接收到一來自該行動裝置且相關於一特定帳戶之金融交易並包含交易資料的交易請求時,將一包含該交易資料的認證請求傳送至該認證伺服端;(A) by the online banking server, when receiving a transaction request from the mobile device and relating to a financial transaction of a specific account and including transaction information, transmitting an authentication request including the transaction data to the authentication server end;

(B)藉由該認證伺服端,在接收到來自該網銀伺服端的該認證請求時,利用一預定雜湊演算法,根據該交易資料產生一雜湊值及一唯一對應於該雜湊值的識別碼,並儲存該雜湊值及該識別碼,且將該雜湊值及該識別碼傳送至該網銀伺服端;(B) by the authentication server, when receiving the authentication request from the online banking server, using a predetermined hash algorithm, generating a hash value and an identifier corresponding to the hash value according to the transaction data. And storing the hash value and the identification code, and transmitting the hash value and the identification code to the online banking server;

(C)藉由該網銀伺服端,在接收到來自該認證伺服端的該雜湊值及該識別碼時,將所接收到的該雜湊值及該識別碼傳送至該行動裝置;(C) transmitting, by the online banking server, the received hash value and the identification code to the mobile device when receiving the hash value and the identification code from the authentication server;

(D)藉由該行動裝置,在接收到來自該網銀伺服端的該雜湊值及該識別碼時,開始執行該行動安控應用程式,以建立與該認證伺服端的連接並使該讀卡機讀取該電子卡所儲存的該憑證資料,並將所接收到的該雜湊值與該識別碼以及來自該讀卡機的該憑證資料傳送至該認證伺服端;(D) by the mobile device, when receiving the hash value and the identification code from the online banking server, starting to execute the mobile security application to establish a connection with the authentication server and read the card reader Taking the voucher data stored by the electronic card, and transmitting the received hash value and the identification code and the voucher data from the card reader to the authentication server;

(E)藉由該認證伺服端,在接收到來自該行動裝置的該雜湊值、該識別碼及該認證資料後且判定出所接收的該雜湊值及該識別碼分別相符於所儲存的該雜湊值及該識別碼時,將該交易資料傳送至該行動裝置;及(E) by the authentication server, after receiving the hash value, the identification code and the authentication data from the mobile device, and determining that the received hash value and the identification code respectively correspond to the stored hash And the identification code, the transaction data is transmitted to the mobile device; and

(F)藉由該認證伺服端,在接收到一來自該行動裝置且指示出該交易資料正確無誤的通知時,將所接收的該雜湊值、該識別碼及該認證資料打包並簽章以獲得簽章資料,並將一對應於該認證請求且包含該簽章資料與該憑證資料的成功認證回覆傳送至該網銀伺服端。(F) by the authentication server, when receiving a notification from the mobile device and indicating that the transaction data is correct, the received hash value, the identification code and the authentication data are packaged and signed. Obtaining signature information, and transmitting a successful authentication reply corresponding to the authentication request and including the signature data and the credential data to the online banking server.

因此,本發明的另一目的,即在提供一種行動網銀交易認證系統,其能克服習知技藝的缺點。Accordingly, it is another object of the present invention to provide a mobile internet transaction authentication system that overcomes the shortcomings of the prior art.

於是,本發明所提供的一種行動網銀交易認證系統包含一行動裝置、一讀卡機、一網銀伺服端及一認證伺服端。該行動裝置安裝有一行動安控應用程式,該讀卡機電連接該行動裝置並插有一電子卡,該電子卡儲存有對應於一特定客戶的憑證資料,該認證伺服端連接該網銀伺服端。Therefore, the mobile internet transaction authentication system provided by the present invention comprises a mobile device, a card reader, an online banking server and an authentication server. The mobile device is equipped with an action security control application. The card is electrically connected to the mobile device and has an electronic card inserted therein. The electronic card stores a voucher data corresponding to a specific client, and the authentication server is connected to the online banking server.

當該網銀伺服端接收到一來自該行動裝置且相關於一特定帳戶之金融交易並包含交易資料的交易請求時,該網銀伺服端一包含該交易資料的認證請求傳送至該認證伺服端。When the online banking server receives a transaction request from the mobile device and is related to a specific account financial transaction and includes transaction data, the online banking server transmits an authentication request containing the transaction data to the authentication server.

當該認證伺服端接收到來自該網銀伺服端的該認證請求時,該認證伺服端利用一預定雜湊演算法,根據該交易資料產生一雜湊值及一唯一對應於該雜湊值的識別碼,並儲存該雜湊值及該識別碼,且將該雜湊值及該識別碼傳送至該網銀伺服端。When the authentication server receives the authentication request from the online banking server, the authentication server generates a hash value and an identifier corresponding to the hash value according to the transaction data by using a predetermined hash algorithm, and stores The hash value and the identification code, and the hash value and the identification code are transmitted to the online banking server.

當該網銀伺服端接收到來自該認證伺服端的該雜湊值及該識別碼時,該網銀伺服端將所接收到的該雜湊值及該識別碼傳送至該行動裝置。When the online banking server receives the hash value and the identification code from the authentication server, the online banking server transmits the received hash value and the identification code to the mobile device.

當該行動裝置接收到來自該網銀伺服端的該雜湊值及該識別碼時,開始執行該行動安控應用程式,以建立與該認證伺服端的連接並使該讀卡機讀取該電子卡所儲存的該憑證資料,並將所接收到的該雜湊值與該識別碼以及來自該讀卡機的該憑證資料傳送至該認證伺服端。When the mobile device receives the hash value and the identification code from the online banking server, the mobile security application is started to establish a connection with the authentication server and the card reader reads the electronic card for storage. The voucher data is transmitted to the authentication server by the received hash value and the identification code and the voucher data from the card reader.

當該認證伺服端接收到來自該行動裝置的該雜湊值、該識別碼及該認證資料後且判定出所接收的該雜湊值及該識別碼分別相符於所儲存的該雜湊值及該識別碼時,該認證伺服端將該交易資料傳送至該行動裝置。When the authentication server receives the hash value, the identification code and the authentication data from the mobile device, and determines that the received hash value and the identification code respectively correspond to the stored hash value and the identifier The authentication server transmits the transaction data to the mobile device.

當該認證伺服端接收到一來自該行動裝置且指示出該交易資料正確無誤的通知時,該認證伺服端將所接收的該雜湊值、該識別碼及該認證資料打包簽章以獲得簽章資料,並將一對應於該認證請求且包含該簽章資料與該憑證資料的成功認證回覆傳送至該網銀伺服端。When the authentication server receives a notification from the mobile device and indicates that the transaction data is correct, the authentication server packs the received hash value, the identification code and the authentication data to obtain a signature. Data, and a successful authentication reply corresponding to the authentication request and including the signature data and the credential data is transmitted to the online banking server.

本發明的功效在於:該認證伺服端先利用根據來自於該網銀伺服端的交易資料所產生的雜湊值來認證該行動裝置所安裝的行動安控應用程式為真時,才將該交易資料傳送至該行動裝置以供交易者確認其正確性,藉此達到雙向認證後,才將打包有該雜湊值、該識別碼及該憑證資料的該簽章資料與該憑證資料傳送至該網銀伺服端。因此,在利用現有系統架構下,不僅可確保該電子卡所儲存的憑證資料的安全性,而且可大幅降低認證期間的傳輸資料量。The effect of the present invention is that the authentication server first uses the hash value generated from the transaction data from the online banking server to authenticate that the mobile security application installed by the mobile device is true, and then transmits the transaction data to the transaction information. The mobile device transmits the signature data and the voucher data packaged with the hash value, the identification code and the voucher data to the online banking server, after the transaction device confirms the correctness of the transaction. Therefore, under the existing system architecture, not only the security of the voucher data stored in the electronic card can be ensured, but also the amount of data transmitted during the authentication period can be greatly reduced.

參閱圖1,本發明行動網銀交易認證系統100的一實施例可被應用於一銀行機構,並對於一想要經由網路銀行來進行相關於一特定帳戶的金融交易的客戶,提供相關此金融交易的認證服務。該行動網銀交易認證系統100包含一行動裝置1、一網銀伺服端2、一認證伺服端3、一讀卡機4、一電子卡5、及一驗證伺服端6。Referring to FIG. 1, an embodiment of the mobile internet transaction authentication system 100 of the present invention can be applied to a banking institution and provides related financial services to a customer who wants to conduct financial transactions related to a particular account via online banking. Trading certification services. The mobile internet transaction authentication system 100 includes a mobile device 1, an online banking server 2, an authentication server 3, a card reader 4, an electronic card 5, and a verification server 6.

在本實施例中,該行動裝置1例如為該客戶所持的一智慧型手機或一平板電腦,並事先安裝有一行動安控應用程式APP。該行動裝置1可經由一無線通訊網路(圖未示)建立與該網銀伺服端2及該認證伺服端3的連接。In this embodiment, the mobile device 1 is, for example, a smart phone or a tablet computer held by the client, and a mobile security application APP is installed in advance. The mobile device 1 can establish a connection with the online banking server 2 and the authentication server 3 via a wireless communication network (not shown).

在使用時,該讀卡機4係電連接該行動裝置1,並插有該電子卡5。該電子卡5儲存有對應於該特定客戶的憑證資料。In use, the card reader 4 is electrically connected to the mobile device 1 and is inserted with the electronic card 5. The electronic card 5 stores credential data corresponding to the particular customer.

該網銀伺服端2提供有一網銀網頁,並可經由例如網際網路(圖未示)連接該認證伺服端3、該驗證伺服端6、及一用於執行交易的交易執行伺服端200。The online banking server 2 provides an online banking webpage, and can connect to the authentication server 3, the verification server 6, and a transaction execution server 200 for executing a transaction via, for example, an internet (not shown).

該驗證伺服端6儲存有多筆分別對應於多個不同客戶的參考憑證資料。The verification server 6 stores a plurality of reference document materials respectively corresponding to a plurality of different clients.

以下,將參閱圖1及圖2來詳細地說明該行動網銀交易認證系統100如何對於該金融交易執行一行動網銀交易認證程序。該智慧銀行櫃檯交易服務程序包含以下步驟。Hereinafter, how the mobile banking transaction authentication system 100 performs a mobile banking transaction authentication procedure for the financial transaction will be described in detail with reference to FIGS. 1 and 2. The smart banking over-the-counter service program includes the following steps.

首先,在步驟S21中,當該行動裝置1與該網銀伺服2端所提供的該網銀網頁連結,並經過成功驗證使用者身分登入該特定帳戶後,該行動裝置1經由人為操作,產生一相關於該金融交易並包含交易資料的交易請求,並將該交易請求傳送至該網銀伺服端2。在本實施例中,該金融交易例如為一轉帳交易,但不在此限,且該交易資料例如為一至少包含交易日期、轉帳金額、該特定帳戶的帳號(即轉出帳號)、及轉入帳號的交易電文,但不在此限。First, in step S21, when the mobile device 1 is connected to the online banking webpage provided by the online banking servo 2 end, and after successfully verifying the user identity to log in to the specific account, the mobile device 1 generates a correlation through human operation. The financial transaction includes a transaction request for the transaction data, and the transaction request is transmitted to the online banking server 2. In this embodiment, the financial transaction is, for example, a transfer transaction, but not limited thereto, and the transaction data is, for example, an account including at least a transaction date, a transfer amount, the specific account (ie, an outgoing account), and a transfer The transaction message of the account, but not limited to this.

然後,在步驟S22中,該網銀伺服端2在接收到來自該行動裝置1的該交易請求時,儲存該交易資料,並將一包含該交易資料的認證請求傳送至該認證伺服端3。Then, in step S22, the online banking server 2 stores the transaction data upon receiving the transaction request from the mobile device 1, and transmits an authentication request containing the transaction data to the authentication server 3.

接著,在步驟S23中,該認證伺服端3在接收到來自該網銀伺服端2的該認證請求時,利用一預定雜湊演算法,根據該交易資料產生一雜湊值及一唯一對應於該雜湊值的識別碼,並儲存該雜湊值及該識別碼,且將該雜湊值及該識別碼傳送至該網銀伺服端2。Next, in step S23, the authentication server 3, when receiving the authentication request from the online banking server 2, generates a hash value and a unique corresponding to the hash value according to the transaction data by using a predetermined hash algorithm. And identifying the hash value and the identification code, and transmitting the hash value and the identification code to the online banking server 2.

接著,在步驟S24中,該網銀伺服端2在接收到來自該認證伺服端3的該雜湊值及該識別碼時,將所接收到的該雜湊值及該識別碼傳送至該行動裝置1,並且之後還持續傳送一對應於該認證請求的輪詢至該認證伺服端3。Next, in step S24, the online banking server 2 transmits the received hash value and the identification code to the mobile device 1 when receiving the hash value and the identification code from the authentication server 3, And then, a poll corresponding to the authentication request is continuously transmitted to the authentication server 3.

接著,在步驟S25中,該行動裝置1在接收到來自該網銀伺服端2的該雜湊值及該識別碼時,開始執行該行動安控應用程式APP,以便建立與該認證伺服端3的連結並使該讀卡機4讀取該電子卡5所儲存的該憑證資料,並將所接收到的該雜湊值與該識別碼以及來自該讀卡機4的該憑證資料傳送至該認證伺服端3。Next, in step S25, the mobile device 1 starts executing the mobile security application APP when the hash value and the identification code from the online banking server 2 are received, so as to establish a connection with the authentication server 3 And causing the card reader 4 to read the voucher data stored by the electronic card 5, and transmitting the received hash value and the identification code and the voucher data from the card reader 4 to the authentication server. 3.

接著,在步驟S26中,該認證伺服端3在接收到來自該行動裝置1的該雜湊值、該識別碼及該認證資料時,判定所接收的該雜湊值及該識別碼是否分別相符於步驟S23所儲存的該雜湊值及該識別碼,藉此來認證該行動裝置1所執行的該行動安控應用程式APP是否為真(即未經竄改)。若該判定結果為肯定時(即該行動安控應用程式APP被證明為真),流程進行至步驟S28,否則,該認證伺服端3將一指示(該行動安控應用程式APP)認證失敗的錯誤訊息傳送至該網銀伺服端2(步驟S27)。Next, in step S26, when receiving the hash value, the identification code and the authentication data from the mobile device 1, the authentication server 3 determines whether the received hash value and the identification code respectively correspond to the steps. The hash value stored in S23 and the identification code are used to authenticate whether the mobile security application APP executed by the mobile device 1 is true (ie, has not been tampered with). If the result of the determination is affirmative (ie, the action security application APP is proved to be true), the flow proceeds to step S28, otherwise, the authentication server 3 fails an authentication (the action security application APP). The error message is transmitted to the online banking server 2 (step S27).

在步驟S28中,當該行動安控應用程式APP被該認證伺服端3認證為真時,該認證伺服端3將步驟S22所儲存的該交易資料傳送至該行動裝置1。In step S28, when the mobile security application APP is authenticated by the authentication server 3, the authentication server 3 transmits the transaction data stored in step S22 to the mobile device 1.

之後,在步驟S29中,該行動裝置1在接收到來自該認證伺服端3的該交易資料時,經由該行動安控應用程式APP的執行,顯示該交易資料。在此情況下,該客戶可藉由顯示於該行動裝置1的該交易資料來確認其正確性。在經該客戶確認該交易資料無誤後,該行動裝置1經由人為操作產生一指示出該交易資料正確無誤的通知,並將該通知傳送至該認證伺服端。於是,該認證伺服端3與該行動裝置1所執行的該行動安控應用程式APP之間的雙向認證被完成。Then, in step S29, the mobile device 1 displays the transaction data via the execution of the mobile security application APP when receiving the transaction data from the authentication server 3. In this case, the customer can confirm the correctness by the transaction information displayed on the mobile device 1. After confirming that the transaction data is correct by the client, the mobile device 1 generates a notification indicating that the transaction data is correct through a human operation, and transmits the notification to the authentication server. Thus, the mutual authentication between the authentication server 3 and the mobile security application APP executed by the mobile device 1 is completed.

然後,在步驟S30中,該認證伺服端3在接收到來自該行動裝置1的該通知時,將所接收的該雜湊值、該識別碼及該認證資料打包並簽章以獲得簽章資料。在本實施例中,該簽章資料例如可為一簽章值。Then, in step S30, the authentication server 3, upon receiving the notification from the mobile device 1, packages and signs the received hash value, the identification code and the authentication data to obtain signature data. In this embodiment, the signature information may be, for example, a signature value.

之後,當該認證伺服端3接收到新近來自該網銀伺服端2的該輪詢時,在步驟S31中,該認證伺服端3回應於該輪詢將一對應於該認證請求且包含該簽章資料與該憑證資料的成功認證回覆傳送至該網銀伺服端2。於是,該網銀伺服端2取回該簽章資料及該憑證資料。值得注意的是,在該認證伺服端3與該行動安控應用程式APP所執行的雙向認證期間,大幅減少該交易資料的傳輸。Thereafter, when the authentication server 3 receives the polling from the online banking server 2, in step S31, the authentication server 3 responds to the polling to correspond to the authentication request and includes the signature. The data and the successful authentication reply of the voucher data are transmitted to the online banking server 2. Therefore, the online banking server 2 retrieves the signature data and the document data. It is worth noting that during the two-way authentication performed by the authentication server 3 and the mobile security application APP, the transmission of the transaction data is greatly reduced.

接著,在步驟S32中,該網銀伺服端2在接收到來自該認證伺服端的該成功認證回覆時,對於該金融交易,產生一包含所接收到的該簽章資料與該憑證資料、及該交易請求所包含的該交易資料的驗證請求,並將該驗證請求傳送至該驗證伺服端6。Next, in step S32, when receiving the successful authentication reply from the authentication server, the online banking server 2 generates, for the financial transaction, the received signature data and the voucher data, and the transaction. The verification request of the transaction data included in the request is requested, and the verification request is transmitted to the verification server 6.

接著,在步驟S33中,該驗證伺服端6在接收到來自該網銀伺服端2的該驗證請求時,判定該憑證資料是否相符於所儲存的該等筆參考憑證資料其中一筆參考憑證資料。若該判定結果為肯定時,流程進行步驟S35。相反地,若該驗證伺服端6判定出所儲存的該等筆參考憑證資料不存在任何一筆相符於該憑證資料的參考憑證資料時,也就是說,當該電子卡5所儲存的該憑證資料已遭毀損或過期時,該驗證伺服端6傳送一驗證失敗的錯誤訊息至該網銀伺服端2(步驟S34)。Next, in step S33, when receiving the verification request from the online banking server 2, the verification server 6 determines whether the voucher data matches one of the stored reference document data of the pen reference voucher data. If the result of this determination is affirmative, the flow proceeds to step S35. Conversely, if the verification server 6 determines that the stored reference document data does not have any reference document data corresponding to the document data, that is, when the electronic card 5 stores the document data When it is damaged or expires, the verification server 6 transmits a verification failure error message to the online banking server 2 (step S34).

在步驟S35中,該驗證伺服端6在判定出該憑證資料相符於所儲存的該等筆參考憑證資料其中一筆參考憑證資料時,利用該預定雜湊演算法,根據該交易資料以獲得一雜湊值。In step S35, the verification server 6 uses the predetermined hash algorithm to obtain a hash value based on the transaction data when it is determined that the voucher data matches the stored reference document data of the pen reference voucher data. .

在步驟S36中,該驗證伺服端6判定步驟S35所獲得的該雜湊值是否相符於該簽章結果所包含的該雜湊值,藉此判定該簽章資料是否被成功驗證。若該判定為肯定時,也就是說,該網銀伺服端2所接收的該交易資料相符於該客戶確認後的該交易資料,流程進行至步驟S37,否則,流程返回至步驟S34。In step S36, the verification server 6 determines whether the hash value obtained in step S35 matches the hash value included in the signature result, thereby determining whether the signature material is successfully verified. If the determination is affirmative, that is, the transaction data received by the online banking server 2 matches the transaction data confirmed by the customer, the flow proceeds to step S37, otherwise, the flow returns to step S34.

在步驟S37中,該驗證伺服端6在判定出該簽章資料被成功驗證時,將一回應於該驗證請求的驗證成功回覆傳送至該網銀伺服端2。In step S37, the verification server 6 transmits a verification success response replied to the verification request to the online banking server 2 when it is determined that the signature data is successfully verified.

接著,在步驟S38中,該網銀伺服端2在接收到來自該驗證伺服端6的該驗證成功回覆時,將該交易資料傳送至該交易執行伺服端200。於是,該交易執行伺服端200根據該交易資料執行該金融交易,以產生一指示出該金融交易完成的交易結果,並將該交易結果傳送至該網銀伺服端2。Next, in step S38, the online banking server 2 transmits the transaction data to the transaction execution server 200 upon receiving the successful verification reply from the verification server 6. Then, the transaction execution server 200 executes the financial transaction based on the transaction data to generate a transaction result indicating the completion of the financial transaction, and transmits the transaction result to the online banking server 2.

最後,該網銀伺服端2接收了來自該交易執行伺服端200的該交易結果,並將該交易結果傳送至該行動裝置1(步驟S39),以致該行動裝置1在接到來自該網銀伺服端2的該交易結果時,將該交易結果顯示,以供客戶作為憑藉(步驟S40)。至此,該行動網銀交易認證程序被完成。Finally, the online banking server 2 receives the transaction result from the transaction execution server 200, and transmits the transaction result to the mobile device 1 (step S39), so that the mobile device 1 is received from the online banking server. When the result of the transaction is 2, the result of the transaction is displayed for the customer to rely on (step S40). At this point, the mobile online banking transaction certification process was completed.

綜上所述,該認證伺服端3先利用根據來自於該網銀伺服端2的該交易資料所產生的該雜湊值來認證該行動裝置1所安裝的該行動安控應用程式APP為真時,才將該交易資料傳送至該行動裝置以供該客戶確認其正確性,藉此達到雙向認證後,將打包有該雜湊值、該識別碼及該憑證資料的該簽章資料以及該憑證資料一併傳送至該網銀伺服端。接著,經由該驗證伺服端6再次確認該網銀伺服端2所持有的該交易資料相符於該客戶所確認的該交易資料後,該網銀伺服端2才將該交易資料傳送至該交易執行伺服端200,以便實際執行該金融交易。因此,在利用現有系統架構下,不僅可確保該電子卡所儲存的憑證資料的安全性,而且可避免交易資料被串篡改,藉此提升行動網銀交易的安全性。此外,由於在認證期間無須如現有技術所需傳輸較大資料量的交易原文資料,因此可大幅降低傳輸資料量,故確實能達成本發明的目的。In summary, the authentication server 3 first uses the hash value generated from the transaction data from the online banking server 2 to authenticate that the mobile security application APP installed by the mobile device 1 is true. Transmitting the transaction data to the mobile device for the customer to confirm its correctness, thereby achieving the two-way authentication, the hash code, the identification code and the signature data of the voucher data and the voucher data And transmitted to the online banking server. Then, after the verification server 6 confirms that the transaction data held by the online banking server 2 matches the transaction data confirmed by the client, the online banking server 2 transmits the transaction data to the transaction execution servo. End 200 to actually execute the financial transaction. Therefore, under the existing system architecture, not only the security of the voucher data stored in the electronic card can be ensured, but also the transaction data can be prevented from being falsified, thereby improving the security of the mobile online banking transaction. In addition, since it is not necessary to transmit a large amount of transaction original data as required in the prior art, the amount of transmitted data can be greatly reduced, and the object of the present invention can be achieved.

惟以上所述者,僅為本發明的實施例而已,當不能以此限定本發明實施的範圍,凡是依本發明申請專利範圍及專利說明書內容所作的簡單的等效變化與修飾,皆仍屬本發明專利涵蓋的範圍內。However, the above is only the embodiment of the present invention, and the scope of the invention is not limited thereto, and all the simple equivalent changes and modifications according to the scope of the patent application and the patent specification of the present invention are still Within the scope of the invention patent.

100‧‧‧行動網銀交易認證系統100‧‧‧Mobile online banking transaction authentication system

1‧‧‧行動裝置1‧‧‧ mobile device

APP‧‧‧行動安控應用程式APP‧‧‧Action Security App

2‧‧‧網銀伺服端2‧‧‧Internet banking server

3‧‧‧認證伺服端3‧‧‧Certified server

4‧‧‧讀卡機4‧‧‧ card reader

5‧‧‧電子卡5‧‧‧Electronic card

6‧‧‧驗證伺服端6‧‧‧Verification server

200‧‧‧交易執行伺服端200‧‧‧Transaction execution server

S21-S40‧‧‧步驟 S21-S40‧‧‧Steps

本發明的其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中: 圖1是一方塊圖,示例地說明本發明行動網銀交易認證系統的一實施例;及 圖2及圖3是流程圖,示例地說明該實施例如何執行一行動網銀交易認證程序。Other features and advantages of the present invention will be apparent from the embodiments of the present invention, wherein: Figure 1 is a block diagram illustrating an embodiment of the mobile internet banking authentication system of the present invention; 3 is a flow chart exemplarily illustrating how the embodiment performs a mobile banking transaction authentication procedure.

Claims (12)

一種行動網銀交易認證方法,藉由一連接有一讀卡機且安裝有一行動安控應用程式的行動裝置、一插置於該讀卡機且儲存有對應於一特定客戶的憑證資料的電子卡、一網銀伺服端及一認證伺服端來執行,該行動網銀交易認證方法包含以下步驟: (A)藉由該網銀伺服端,在接收到一來自該行動裝置且相關於一特定帳戶之金融交易並包含交易資料的交易請求時,將一包含該交易資料的認證請求傳送至該認證伺服端; (B)藉由該認證伺服端,在接收到來自該網銀伺服端的該認證請求時,利用一預定雜湊演算法,根據該交易資料產生一雜湊值及一唯一對應於該雜湊值的識別碼,並儲存該雜湊值及該識別碼,且將該雜湊值及該識別碼傳送至該網銀伺服端; (C)藉由該網銀伺服端,在接收到來自該認證伺服端的該雜湊值及該識別碼時,將所接收到的該雜湊值及該識別碼傳送至該行動裝置; (D)藉由該行動裝置,在接收到來自該網銀伺服端的該雜湊值及該識別碼時,開始執行該行動安控應用程式,以建立與該認證伺服端的連結並使該讀卡機讀取該電子卡所儲存的該憑證資料,並將所接收到的該雜湊值與該識別碼以及來自該讀卡機的該憑證資料傳送至該認證伺服端; (E)藉由該認證伺服端,在接收到來自該行動裝置的該雜湊值、該識別碼及該認證資料後且判定出所接收的該雜湊值及該識別碼分別相符於所儲存的該雜湊值及該識別碼時,將該交易資料傳送至該行動裝置;及 (F)藉由該認證伺服端,在接收到一來自該行動裝置且指示出該交易資料正確無誤的通知時,將所接收的該雜湊值、該識別碼及該認證資料打包並簽章以獲得簽章資料,並將一對應於該認證請求且包含該簽章資料與該憑證資料的成功認證回覆傳送至該網銀伺服端。A mobile online banking transaction authentication method, comprising a mobile device connected to a card reader and having a mobile security application, an electronic card inserted in the card reader and storing a voucher data corresponding to a specific client, The online banking server and the authentication server perform the following steps: (A) receiving, by the online banking server, a financial transaction from the mobile device and related to a specific account. When the transaction request includes the transaction data, an authentication request including the transaction data is transmitted to the authentication server; (B) by the authentication server, when the authentication request from the online banking server is received, a reservation is utilized. a hash algorithm, generating a hash value and an identifier corresponding to the hash value according to the transaction data, storing the hash value and the identification code, and transmitting the hash value and the identification code to the online banking server; (C) by the online banking server, when receiving the hash value and the identification code from the authentication server, the received hash value and the knowledge Transmitting to the mobile device; (D) by the mobile device, when receiving the hash value and the identification code from the online banking server, starting to execute the mobile security application to establish a connection with the authentication server And causing the card reader to read the voucher data stored by the electronic card, and transmitting the received hash value and the identification code and the voucher data from the card reader to the authentication server; Receiving, by the authentication server, the hash value, the identification code and the authentication data from the mobile device, and determining that the received hash value and the identification code respectively correspond to the stored hash value and The identification code is transmitted to the mobile device; and (F) by the authentication server, when receiving a notification from the mobile device indicating that the transaction data is correct, the received The hash value, the identification code and the authentication data are packaged and signed to obtain signature information, and a successful authentication response corresponding to the authentication request and including the signature data and the certificate data is transmitted to Online banking server end. 如請求項1所述的行動網銀交易認證方法,在步驟(A)之前,還包含以下步驟: (G)藉由該行動裝置,在與該網銀伺服端所提供的一網銀網頁連結並登入該特定帳戶後,經由人為操作,產生該交易請求,並將該交易請求傳送至該網銀伺服端。The mobile internet transaction authentication method according to claim 1 further includes the following steps before the step (A): (G) by using the mobile device, connecting to the online banking webpage provided by the online banking server and logging in to the mobile banking website. After a specific account, the transaction request is generated through a human operation, and the transaction request is transmitted to the online banking server. 如請求項1所述的行動網銀交易認證方法,在步驟(E)及步驟(F)之間,還包含以下步驟: (H)藉由該行動裝置,在接收到來自該認證伺服端的該交易資料時,經由該行動安控應用程式的執行,顯示該交易資料,且經由人為操作產生該通知,並將該通知傳送至該認證伺服端。The mobile internet transaction authentication method according to claim 1, further comprising the following steps between step (E) and step (F): (H) receiving, by the mobile device, the transaction from the authentication server At the time of the data, the transaction data is displayed by the execution of the action security application, and the notification is generated by a human operation, and the notification is transmitted to the authentication server. 如請求項1所述的行動網銀交易認證方法,還藉由一連接該網銀伺服端並儲存有多筆參考憑證資料的驗證伺服端來執行,在步驟(F)之後,還包含以下步驟: (I)藉由該網銀伺服端,在接收到來自該認證伺服端的該成功認證回覆時,對於該金融交易,產生一包含所接收到的該簽章資料與該憑證資料、及該交易請求所包含的該交易資料的驗證請求,並將該驗證請求傳送至該驗證伺服端; (J)藉由該驗證伺服端,在接收到來自該網銀伺服端的該驗證請求後且判定出該憑證資料相符於所儲存的該等筆參考憑證資料其中一筆參考憑證資料時,利用該預定雜湊演算法,根據該交易資料所獲得一雜湊值,並經由判定所獲得的該雜湊值是否相符於該簽章結果所包含的該雜湊值,判定該簽章資料是否被成功驗證;及 (K)藉由該驗證伺服端,在判定出該簽章資料被成功驗證時,將一回應於該驗證請求的驗證成功回覆傳送至該網銀伺服端。The method for authenticating the online banking transaction described in claim 1 is also performed by a verification server connected to the online banking server and storing a plurality of reference document data. After the step (F), the method further comprises the following steps: I) by the online banking server, when receiving the successful authentication reply from the authentication server, generating, for the financial transaction, the received signature data and the voucher data, and the transaction request includes The verification request of the transaction data, and the verification request is transmitted to the verification server; (J) by the verification server, after receiving the verification request from the online banking server, and determining that the certificate data is consistent with And storing, by the predetermined hash algorithm, a hash value obtained according to the transaction data, and determining whether the hash value obtained by the judgment matches the signature result The hash value included, determining whether the signature data is successfully verified; and (K) by the verification server, when determining that the signature data is successfully verified And transmitting a verification success reply in response to the verification request to the online banking server. 如請求項4所述的行動網銀交易認證方法,在步驟(K)之後,還包含以下步驟: (L)藉由該網銀伺服端,在接收到來自該驗證伺服端的該驗證成功回覆時,將該交易資料傳送至一交易執行伺服端; (M)藉由該網銀伺服端,接收一來自該交易執行伺服端且指示出該金融交易完成的交易結果,並將該交易結果傳送至該行動裝置;及 (N)藉由該行動裝置,在接收到來自該網銀伺服端的該交易結果時,顯示該交易結果。The mobile banking transaction authentication method according to claim 4, after the step (K), further comprising the following steps: (L) by the online banking server, when receiving the successful reply from the verification server, Transmitting the transaction data to a transaction execution server; (M) receiving, by the online banking server, a transaction result from the transaction execution server indicating the completion of the financial transaction, and transmitting the transaction result to the mobile device And (N) by the mobile device, displaying the transaction result when receiving the transaction result from the online banking server. 如請求項1所述的行動網銀交易認證方法,其中: 在步驟(C)中,該網銀伺服端在該雜湊值及該識別碼被傳送至該行動裝置後,還持續傳送一對應於該認證請求的輪詢至該認證伺服端;及 在步驟(F)中,該認證伺服端係回應於新近來自該網銀伺服端的該輪詢,將該成功認證回覆傳送至該網銀伺服端。The mobile banking transaction authentication method according to claim 1, wherein: in the step (C), the online banking server continues to transmit a corresponding to the authentication after the hash value and the identification code are transmitted to the mobile device. The requested polling is sent to the authentication server; and in the step (F), the authentication server responds to the polling from the online banking server, and transmits the successful authentication reply to the online banking server. 一種行動網銀交易認證系統,包含: 一行動裝置,安裝有一行動安控應用程式; 一讀卡機,電連接該行動裝置,並插有一電子卡,該電子卡儲存有對應於一特定客戶的憑證資料; 一網銀伺服端;及 一認證伺服端,連接該網銀伺服端; 其中,當該網銀伺服端接收到一來自該行動裝置且相關於一特定帳戶之金融交易並包含交易資料的交易請求時,該網銀伺服端一包含該交易資料的認證請求傳送至該認證伺服端; 其中,當該認證伺服端接收到來自該網銀伺服端的該認證請求時,該認證伺服端利用一預定雜湊演算法,根據該交易資料產生一雜湊值及一唯一對應於該雜湊值的識別碼,並儲存該雜湊值及該識別碼,且將該雜湊值及該識別碼傳送至該網銀伺服端; 其中,當該網銀伺服端接收到來自該認證伺服端的該雜湊值及該識別碼時,該網銀伺服端將所接收到的該雜湊值及該識別碼傳送至該行動裝置; 其中,當該行動裝置接收到來自該網銀伺服端的該雜湊值及該識別碼時,開始執行該行動安控應用程式,以建立與該認證伺服端的連結並使該讀卡機讀取該電子卡所儲存的該憑證資料,並將所接收到的該雜湊值與該識別碼以及來自該讀卡機的該憑證資料傳送至該認證伺服端; 其中,當該認證伺服端接收到來自該行動裝置的該雜湊值、該識別碼及該認證資料後且判定出所接收的該雜湊值及該識別碼分別相符於所儲存的該雜湊值及該識別碼時,該認證伺服端將該交易資料傳送至該行動裝置;及 其中,當該認證伺服端接收到一來自該行動裝置且指示出該交易資料正確無誤的通知時,該認證伺服端將所接收的該雜湊值、該識別碼及該認證資料打包簽章以獲得簽章資料,並將一對應於該認證請求且包含該簽章資料與該憑證資料的成功認證回覆傳送至該網銀伺服端。A mobile online banking transaction authentication system comprising: a mobile device installed with a mobile security application; a card reader electrically connected to the mobile device and having an electronic card stored therein, the electronic card storing a certificate corresponding to a specific customer Data; an online banking server; and an authentication server connected to the online banking server; wherein, when the online banking server receives a transaction request from the mobile device and is related to a specific account financial transaction and includes transaction information The authentication request of the online banking server to the transaction server is transmitted to the authentication server; wherein, when the authentication server receives the authentication request from the online banking server, the authentication server uses a predetermined hash algorithm. Generating a hash value and an identifier corresponding to the hash value according to the transaction data, and storing the hash value and the identification code, and transmitting the hash value and the identification code to the network banking server; wherein, when When the online banking server receives the hash value and the identification code from the authentication server, the online banking server will connect Transmitting the received hash value and the identification code to the mobile device; wherein, when the mobile device receives the hash value and the identification code from the online banking server, the mobile control application is started to establish and The authentication server connects the card and reads the voucher data stored by the electronic card, and transmits the received hash value and the identification code and the voucher data from the card reader to the certificate. a server; after the authentication server receives the hash value, the identification code, and the authentication data from the mobile device, and determines that the received hash value and the identification code respectively match the stored hash value And the identification code, the authentication server transmits the transaction data to the mobile device; and wherein, when the authentication server receives a notification from the mobile device and indicates that the transaction data is correct, the authentication server The terminal packs the received hash value, the identification code and the authentication data into a signature to obtain signature information, and corresponds to the authentication request and includes the signature Material voucher information with the successful authentication reply transmitted to the online banking server end. 如請求項7所述的行動網銀交易認證系統,其中,該行動裝置在連結該網銀伺服端所提供的一網銀網頁連結且登入該特定帳戶後,經由人為操作,產生該交易請求,並將該交易請求傳送至該網銀伺服端。The action online banking transaction authentication system according to claim 7, wherein the mobile device generates a transaction request through a human operation after linking the online banking webpage provided by the online banking server and logging in to the specific account, and the The transaction request is transmitted to the online banking server. 如請求項7所述的行動網銀交易認證系統,其中,該行動裝置在接收到來自該認證伺服端的該交易資料時,經由該行動安控應用程式的執行,顯示該交易資料,且經由人為操作產生該通知,並將該通知傳送至該認證伺服端。The action online banking transaction authentication system according to claim 7, wherein the mobile device displays the transaction data via the action security application when the transaction data is received from the authentication server, and is operated by a human operation. The notification is generated and transmitted to the authentication server. 如請求項7所述的行動網銀交易認證系統,還包含一連接該網銀伺服端並儲存有多筆分別對應於多個不同客戶的參考憑證資料的驗證伺服端,其中: 該網銀伺服端在接收到來自該認證伺服端的該成功認證回覆時,對於該金融交易,產生一包含所接收到的該簽章資料與該憑證資料、及該交易請求所包含的該交易資料的驗證請求,並將該驗證請求傳送至該驗證伺服端; 該驗證伺服端在接收到來自該網銀伺服端的該驗證請求後且判定出該憑證資料相符於所儲存的該等筆參考憑證資料其中一筆參考憑證資料時,利用該預定雜湊演算法,根據該交易資料所獲得一雜湊值,並經由判定所獲得的該雜湊值是否相符於該簽章結果所包含的該雜湊值,判定該簽章資料是否被成功驗證;及 該驗證伺服端在判定出該簽章資料被成功驗證時,將一回應於該驗證請求的驗證成功回覆傳送至該網銀伺服端。The action online banking transaction authentication system according to claim 7, further comprising a verification server connected to the online banking server and storing a plurality of reference voucher data respectively corresponding to the plurality of different clients, wherein: the online banking server is receiving Upon the successful authentication reply from the authentication server, for the financial transaction, a verification request including the received signature data and the voucher data, and the transaction data included in the transaction request is generated, and the The verification request is transmitted to the verification server; after the verification server receives the verification request from the online banking server and determines that the certificate data matches the stored reference document data of the pen reference document, the verification server utilizes The predetermined hash algorithm obtains a hash value according to the transaction data, and determines whether the signature data is successfully verified by determining whether the hash value obtained by the judgment matches the hash value included in the signature result; and When the verification server determines that the signature data is successfully verified, the verification server responds to the verification request. The power reply is transmitted to the online banking server. 如請求項10所述的行動網銀交易認證系統,其中: 該網銀伺服端在接收到來自該驗證伺服端的該驗證成功回覆時,將該交易資料傳送至一交易執行伺服端; 該網銀伺服端接收到一來自該交易執行伺服端且指示出該金融交易完成的交易結果,並將該交易結果傳送至該行動裝置;及 該行動裝置在接收到來自該網銀伺服端的該交易結果時,顯示該交易結果。The action online banking transaction authentication system according to claim 10, wherein: the online banking server transmits the transaction data to a transaction execution server when receiving the verification success reply from the verification server; the online banking server receives Transmitting a transaction result from the transaction executing the server and indicating the completion of the financial transaction, and transmitting the transaction result to the mobile device; and the mobile device displays the transaction when receiving the transaction result from the online banking server result. 如請求項7所述的行動網銀交易認證系統,其中: 該網銀伺服端在該雜湊值及該識別碼被傳送至該行動裝置後,還持續傳送一對應於該認證請求的輪詢至該認證伺服端;及 該認證伺服端係回應於新近來自該網銀伺服端的該輪詢,將該成功認證回覆傳送至該網銀伺服端。The mobile internet transaction authentication system according to claim 7, wherein: the online banking server continues to transmit a poll corresponding to the authentication request to the authentication after the hash value and the identification code are transmitted to the mobile device. The server is in response to the polling from the online banking server, and the successful authentication reply is transmitted to the online banking server.
TW106127725A 2017-08-16 2017-08-16 Mobile internet banking transaction authentication method and system TWI659374B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW106127725A TWI659374B (en) 2017-08-16 2017-08-16 Mobile internet banking transaction authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW106127725A TWI659374B (en) 2017-08-16 2017-08-16 Mobile internet banking transaction authentication method and system

Publications (2)

Publication Number Publication Date
TW201911169A true TW201911169A (en) 2019-03-16
TWI659374B TWI659374B (en) 2019-05-11

Family

ID=66590211

Family Applications (1)

Application Number Title Priority Date Filing Date
TW106127725A TWI659374B (en) 2017-08-16 2017-08-16 Mobile internet banking transaction authentication method and system

Country Status (1)

Country Link
TW (1) TWI659374B (en)

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201135619A (en) * 2010-04-07 2011-10-16 Era Comm Co Ltd Electronic transaction method and system utilizing QR code
CN102118251B (en) * 2011-01-24 2013-01-02 郑州信大捷安信息技术股份有限公司 Security authentication method for internet banking remote payment based on multi-interface intelligent safety card
KR20130082948A (en) * 2011-12-23 2013-07-22 주식회사 케이티 Payment agency system, user terminal and market server
CN102737311B (en) * 2012-05-11 2016-08-24 福建联迪商用设备有限公司 Internet bank security authentication method and system
SE536683C2 (en) * 2012-11-16 2014-05-20 Mobile Payment Solutions Holding Nordic Ab Procedure for making a payment using a portable communication device
TW201423626A (en) * 2012-12-13 2014-06-16 Neweb Technologies Co Ltd Cloud trading fulfillment and trust management system for prepaid goods and services and operating method thereof
US20150095238A1 (en) * 2013-09-30 2015-04-02 Apple Inc. Online payments using a secure element of an electronic device
SG10201804297QA (en) * 2013-11-20 2018-06-28 Visa Int Service Ass Systems and methods for software based encryption

Also Published As

Publication number Publication date
TWI659374B (en) 2019-05-11

Similar Documents

Publication Publication Date Title
KR102242218B1 (en) User authentication method and apparatus, and wearable device registration method and apparatus
JP6787932B2 (en) Information interaction methods, devices and systems
CN105608577B (en) Method for realizing non-repudiation, payment management server and user terminal thereof
AU2019203267A1 (en) Method and apparatus for facilitating electronic payments using a wearable device
CN112805737A (en) Techniques for token proximity transactions
AU2020202106B2 (en) Method, device, server and system for authenticating a user
CN110930147B (en) Offline payment method and device, electronic equipment and computer-readable storage medium
TWI548249B (en) Method for verifying secruity data, system, and a computer-readable storage device
CN111742314B (en) Biometric sensor on portable device
KR101520511B1 (en) User authenication system by using personal identification number, user terminal device, inquiry apparatus, authenication server, and user authenication method therefor
KR101499906B1 (en) Smart card having OTP generation function and OTP authentication server
CN104835038A (en) Networking payment device and networking payment method
JP6657265B2 (en) Method and apparatus for service authentication
CN113904774B (en) Block chain address authentication method and device and computer equipment
US10671718B2 (en) System and method for authentication
KR20150050280A (en) Authentication method using fingerprint information and certification number, user terminal and financial institution server
EP2916509B1 (en) Network authentication method for secure user identity verification
KR101459283B1 (en) 2 Channel authentication device and method
KR101676719B1 (en) Method for running virtual machine, method for providing online financial service using virtualization and apparatus for performing the method
TW201911169A (en) Mobile E-bank transaction authentication method and system return the signature data packaged with the hash value, the identification code, and the certificate data, and verification data to the E-bank servo end
TWI600308B (en) System for using valid certificate to apply mobile certificate online and method thereof
CN115086090A (en) Network login authentication method and device based on UKey
TWM554592U (en) Authentication system of mobile banking transaction
TWI612436B (en) Citizen digital certificate authentication method
US20190122205A1 (en) Card issuing and payment system and method using mobile device