TW202025051A - System for assisting a financial card holder in setting password for the first time and method thereof - Google Patents
System for assisting a financial card holder in setting password for the first time and method thereof Download PDFInfo
- Publication number
- TW202025051A TW202025051A TW107146634A TW107146634A TW202025051A TW 202025051 A TW202025051 A TW 202025051A TW 107146634 A TW107146634 A TW 107146634A TW 107146634 A TW107146634 A TW 107146634A TW 202025051 A TW202025051 A TW 202025051A
- Authority
- TW
- Taiwan
- Prior art keywords
- financial card
- password
- authentication
- app
- cardholder
- Prior art date
Links
Images
Abstract
Description
本發明係關於一種用於幫助持卡人首次設定金融卡密碼之系統及其方法,特別係關於一種無需紙本金融卡密碼函的系統及方法。The present invention relates to a system and method for helping a cardholder to set a financial card password for the first time, and particularly relates to a system and method that does not require a paper financial card password letter.
現行金融卡密碼函係由金融卡系統相關功能產出密碼檔後,由特定安管人員於指定環境下,以人工操作指定機器設備與交易功能,完成金融卡密碼函列印作業;之後,經由專人打包、運送、郵遞到各指定分行;最後,由各分行指定專人清點收妥後入庫、儲藏、保管;於客戶到分行臨櫃辦理新金融卡申請時,再經指定專人於主管審核後,自保險庫取得該金融卡之密碼函,連同新申請之金融卡一起交付持卡人簽收。The current financial card cipher letter is generated by the relevant functions of the financial card system, and the designated security personnel will manually operate the designated machinery and transaction functions in a designated environment to complete the printing of the financial card cipher letter; Special personnel will pack, transport and post to designated branches; finally, the designated personnel of each branch will check the receipt and put them in the warehouse, store and keep them; when the customer goes to the branch to apply for a new financial card, it will be reviewed by the designated personnel in the supervisor. Obtain the cipher letter of the financial card from the safe, and deliver it to the cardholder for signature along with the newly applied financial card.
因此,對於金融業者而言,仍需要一種系統或方法,以取代現行通過人工操作列印密碼函的繁瑣程序,節省其間配套的相關人工作業、環境設施、列印機器、紙張、郵遞、保管儲存、資安控管及風險稽查等等作業成本負擔。此外,若能消除紙本金融卡密碼函之使用,亦能達到節能減碳的效果,有助於地球之環境保護。Therefore, for the financial industry, there is still a need for a system or method to replace the current cumbersome procedures for printing cipher letters through manual operations, and save the related manual operations, environmental facilities, printing machines, paper, mailing, storage and storage. , Information security control and risk inspection, etc. operating cost burden. In addition, if the use of paper financial card cipher letters can be eliminated, the effect of energy saving and carbon reduction can also be achieved, which will contribute to the environmental protection of the earth.
有鑑於此,本發明提供用於幫助持卡人首次設定金融卡密碼之系統及其方法,其無需紙本金融卡密碼函即可完成金融卡密碼之首次設定,並能兼顧密碼設定之安全性。In view of this, the present invention provides a system and method for helping cardholders to set the financial card password for the first time, which can complete the first setting of the financial card password without a paper financial card password letter, and can take into account the security of the password setting .
在一方面,本發明揭示一種用於幫助持卡人首次設定金融卡密碼之系統,包含: 一第一伺服器,設有一密碼設定模組,其包括一儲存子模組; 一第二伺服器,與該第一伺服器電性連接,並設有一金融卡管理模組; 一軟體產品(App),與該第一伺服器通訊連接,該App係安裝於該持卡人所持有的一行動裝置,且該App係經該密碼設定模組認證;以及 一認證裝置,與該第二伺服器通訊連接,該認證裝置具有一顯示元件、一輸入元件及一金融卡讀寫元件; 其中: 該密碼設定模組於一預先註冊程序中:接收一第一認證資料,其係由該行動裝置的識別資訊以及該持卡人的個人資訊所組成,並將該第一認證資料儲存於該儲存子模組;以及,接收一第二認證資料,其為一自選文摘,並將該第二認證資料儲存於該儲存子模組; 該認證裝置藉由該金融卡讀寫元件讀取該金融卡,並藉由該顯示元件提供一第一使用者介面,顯示首次設定金融卡密碼之選項,該選項經選擇後,該認證裝置向該金融卡管理模組發送首次設定金融卡密碼之請求; 該金融卡管理模組將該首次設定金融卡密碼之請求傳送予該密碼設定模組; 該密碼設定模組:根據一組合方法組合該第一認證資料,以產生一第一金鑰,其中,該組合方法係隨機挑選自複數個組合方法,並具有一第一編號;將該第一編號儲存於該儲存子模組;基於該第一金鑰對一原碼內容進行加密,產生一二維條碼,其中,該原碼內容包括該自選文摘;將該二維條碼傳送予該認證裝置; 該認證裝置藉由該顯示元件於該第一使用者介面顯示該二維條碼; 該App於啟動後自動觸發一事件,要求輸入個人資訊及金融卡之帳號,並將輸入之個人資訊及帳號傳送予該密碼設定模組; 該密碼設定模組於確認該App合法性後:根據儲存在儲存子模組中的第一編號,使用對應的組合方法組合該第一認證資料,以產生一第二金鑰;自複數個加密方法中隨機挑選一加密方法,該加密方法具有一第二編號;以及,向該App傳送該第一編號,及基於該第二金鑰加密後的確認資料,該確認資料包括一加密資訊,其中,該加密資訊包括該第二編號,及一開始取樣位置; 該App自該行動裝置取得該行動裝置的識別資訊以及該持卡人的個人資訊,並根據該第一編號所對應的組合方法,組合所述識別資訊及個人資訊,以產生一第三金鑰; 經由該行動裝置掃描讀取顯示於該認證裝置的該顯示元件上的該二維條碼後,該App使用該第三金鑰解譯該二維條碼得到該原碼內容,並根據該第二編號所對應的加密方法及該開始取樣位置,對該自選文摘進行加密,得到一加密值;以及,基於該第三金鑰對該加密值進行加密後傳送予該密碼設定模組; 該密碼設定模組於確認該加密值的正確性後,向該金融卡管理模組發送取得認證碼之請求,並取得一認證碼;以及,產生一認證碼圖像,並傳送予該App; 該App顯示該認證碼圖像,以供該持卡人藉由認證裝置首次設定該金融卡之密碼時使用;以及 該認證裝置藉由該顯示元件於該第一使用者介面顯示欄位,供該持卡人藉由該輸入元件輸入該認證碼以及該金融卡之新密碼,以完成首次密碼設定。In one aspect, the present invention discloses a system for helping a cardholder to set a financial card password for the first time, comprising: a first server, provided with a password setting module, which includes a storage sub-module; a second server , Which is electrically connected to the first server, and is provided with a financial card management module; a software product (App), which communicates and connects to the first server, and the App is installed in a card held by the cardholder A mobile device, and the App is authenticated by the password setting module; and an authentication device, which is in communication with the second server, and the authentication device has a display element, an input element, and a financial card read-write element; where: The password setting module is in a pre-registration process: receiving a first authentication data, which is composed of the identification information of the mobile device and the personal information of the cardholder, and storing the first authentication data in the storage Sub-module; and, receiving a second authentication data, which is a self-selected digest, and storing the second authentication data in the storage sub-module; the authentication device reads the financial card through the financial card reading and writing component , And provide a first user interface through the display element to display the option of setting the financial card password for the first time. After the option is selected, the authentication device sends a request for the first setting of the financial card password to the financial card management module; The financial card management module transmits the request to set the financial card password for the first time to the password setting module; the password setting module: combines the first authentication data according to a combination method to generate a first key, wherein the The combination method is randomly selected from a plurality of combination methods and has a first number; the first number is stored in the storage sub-module; an original code content is encrypted based on the first key to generate a two-dimensional barcode , Wherein the content of the original code includes the self-selected abstract; the two-dimensional barcode is sent to the authentication device; the authentication device displays the two-dimensional barcode on the first user interface through the display element; the App is automatically activated after activation Trigger an event that requires the input of personal information and the account number of the financial card, and sends the entered personal information and account number to the password setting module; after the password setting module confirms the legality of the App: according to the storage submodule Using the corresponding combination method to combine the first authentication data to generate a second key; randomly select an encryption method from a plurality of encryption methods, and the encryption method has a second number; and The App transmits the first number and the confirmation data encrypted based on the second key. The confirmation data includes encrypted information, where the encrypted information includes the second number and the initial sampling position; the App starts from the The mobile device obtains the identification information of the mobile device and the personal information of the cardholder, and combines the identification information and the personal information according to the combination method corresponding to the first number to generate a third key; After the device scans and reads the two-dimensional barcode displayed on the display element of the authentication device, the App uses the third key to interpret the two-dimensional barcode to obtain the original code content, and according to the second number corresponding Encryption method and The start sampling position encrypts the self-selected abstract to obtain an encrypted value; and, based on the third key, encrypts the encrypted value and sends it to the password setting module; the password setting module confirms the encrypted value After the correctness of the authentication code, a request for obtaining an authentication code is sent to the financial card management module, and an authentication code is obtained; and an authentication code image is generated and sent to the App; the App displays the authentication code image to For the cardholder to use the authentication device to set the password of the financial card for the first time; and the authentication device uses the display element to display a field on the first user interface for the cardholder to input through the input element The authentication code and the new password of the financial card are used to complete the first password setting.
在本發明之部分具體實施例中,該密碼設定模組提供一第二使用者介面,供該金融卡之發卡方作業人員輸入該第一認證資料及該第二認證資料。In some specific embodiments of the present invention, the password setting module provides a second user interface for an operator of the financial card issuer to input the first authentication data and the second authentication data.
在本發明之部分具體實施例中,該App要求一啟動密碼。In some specific embodiments of the present invention, the App requires an activation password.
在本發明之部分具體實施例中,該認證裝置的該第一使用者介面要求輸入認證碼及新密碼,以及該個人資訊的至少一部分,並基於所輸入的資料向該金融卡管理模組發送設定新密碼之請求。在特定具體實施例中,該金融卡管理模組確認接收到的認證碼及個人資料無誤後,取得經亂碼化的新密碼,並傳送予該認證裝置,供其藉由該金融卡讀寫元件寫入該經亂碼化的新密碼至該金融卡。In some specific embodiments of the present invention, the first user interface of the authentication device requires the input of an authentication code and a new password, as well as at least a part of the personal information, and sends to the financial card management module based on the input data Request to set a new password. In a specific embodiment, after confirming that the received authentication code and personal data are correct, the financial card management module obtains a garbled new password and sends it to the authentication device for it to use the financial card to read and write components Write the garbled new password to the financial card.
另一方面,本發明提供一種用於幫助持卡人首次設定金融卡密碼之方法,包含: 提供一第一伺服器,設有一密碼設定模組,其包括一儲存子模組; 一第二伺服器,與該第一伺服器電性連接,並設有一金融卡管理模組;一軟體產品(App),與該第一伺服器通訊連接,該App係安裝於該持卡人所持有的一行動裝置,且該App係經該密碼設定模組認證;以及一認證裝置,與該第二伺服器通訊連接,該認證裝置具有一顯示元件、一輸入元件及一金融卡讀寫元件; 該密碼設定模組於一預先註冊程序中:接收一第一認證資料,其係由該行動裝置的識別資訊以及該持卡人的個人資訊所組成,並將該第一認證資料儲存於該儲存子模組;以及,接收一第二認證資料,其為一自選文摘,並將該第二認證資料儲存於該儲存子模組; 該認證裝置藉由該金融卡讀寫元件讀取該金融卡,並藉由該顯示元件提供一第一使用者介面,顯示首次設定金融卡密碼之選項,該選項經選擇後,該認證裝置向該金融卡管理模組發送首次設定金融卡密碼之請求; 該金融卡管理模組將該首次設定金融卡密碼之請求傳送予該密碼設定模組; 該密碼設定模組:根據一組合方法組合該第一認證資料,以產生一第一金鑰,其中,該組合方法係隨機挑選自複數個組合方法,並具有一第一編號;將該第一編號儲存於該儲存子模組;基於該第一金鑰對一原碼內容進行加密,產生一二維條碼,其中,該原碼內容包括該自選文摘;將該二維條碼傳送予該認證裝置; 該認證裝置藉由該顯示元件於該第一使用者介面顯示該二維條碼; 該App於啟動後自動觸發一事件,要求輸入個人資訊及金融卡之帳號,並將輸入之個人資訊及帳號傳送予該密碼設定模組; 該密碼設定模組於確認該App合法性後:根據儲存在儲存子模組中的第一編號,使用對應的組合方法組合該第一認證資料,以產生一第二金鑰;自複數個加密方法中隨機挑選一加密方法,該加密方法具有一第二編號;以及,向該App傳送該第一編號,及基於該第二金鑰加密後的確認資料,該確認資料包括一加密資訊,其中,該加密資訊包括該第二編號,及一開始取樣位置; 該App自該行動裝置取得該行動裝置的識別資訊以及該持卡人的個人資訊,並根據該第一編號所對應的組合方法,組合所述識別資訊及個人資訊,以產生一第三金鑰; 經由該行動裝置掃描讀取顯示於該認證裝置的該顯示元件上的該二維條碼後,該App使用該第三金鑰解譯該二維條碼得到該原碼內容,並根據該第二編號所對應的加密方法及該開始取樣位置,對該自選文摘進行加密,得到一加密值;以及,基於該第三金鑰對該加密值進行加密後傳送予該密碼設定模組; 該密碼設定模組於確認該加密值的正確性後,向該金融卡管理模組發送取得認證碼之請求,並取得一認證碼;以及,產生一認證碼圖像,並傳送予該App; 該App顯示該認證碼圖像,以供該持卡人藉由認證裝置首次設定該金融卡之密碼時使用;以及 該認證裝置藉由該顯示元件於該第一使用者介面顯示欄位,供該持卡人藉由該輸入元件輸入該認證碼以及該金融卡之新密碼,以完成首次密碼設定。On the other hand, the present invention provides a method for helping a cardholder to set a financial card password for the first time, including: providing a first server with a password setting module, which includes a storage sub-module; a second server The device is electrically connected to the first server, and is provided with a financial card management module; a software product (App), which is in communication with the first server, and the App is installed in the card holder’s possession A mobile device, and the App is authenticated by the password setting module; and an authentication device communicating with the second server, the authentication device having a display element, an input element, and a financial card read-write element; The password setting module is in a pre-registration process: receives a first authentication data, which is composed of the identification information of the mobile device and the cardholder’s personal information, and stores the first authentication data in the storage Module; and, receiving a second authentication data, which is a self-selected digest, and storing the second authentication data in the storage submodule; the authentication device reads the financial card through the financial card reading and writing component, A first user interface is provided by the display element to display the option to set the financial card password for the first time. After the option is selected, the authentication device sends a request to set the financial card password for the first time to the financial card management module; The card management module transmits the request to set the financial card password for the first time to the password setting module; the password setting module: combines the first authentication data according to a combination method to generate a first key, wherein the combination The method is to randomly select a plurality of combination methods and have a first number; store the first number in the storage submodule; encrypt the content of an original code based on the first key to generate a two-dimensional barcode, Wherein, the content of the original code includes the self-selected abstract; the two-dimensional barcode is sent to the authentication device; the authentication device displays the two-dimensional barcode on the first user interface through the display element; the App is automatically triggered after activation An event requires the input of personal information and the account number of the financial card, and sends the entered personal information and account number to the password setting module; the password setting module confirms the legality of the App: according to the storage sub-module Using the corresponding combination method to combine the first authentication data to generate a second key; randomly select an encryption method from a plurality of encryption methods, and the encryption method has a second number; and The App transmits the first number and the confirmation data encrypted based on the second key. The confirmation data includes encrypted information, where the encrypted information includes the second number and the initial sampling location; the App starts from the action The device obtains the identification information of the mobile device and the personal information of the cardholder, and combines the identification information and personal information according to the combination method corresponding to the first number to generate a third key; via the mobile device After scanning and reading the two-dimensional bar code displayed on the display element of the authentication device, the App uses the third key to interpret the two-dimensional bar code to obtain the original code content, and encrypts the content according to the second number Method and what to start In such a position, the self-selected abstract is encrypted to obtain an encrypted value; and the encrypted value is encrypted based on the third key and then sent to the password setting module; the password setting module confirms that the encrypted value is correct After verification, send a request to obtain an authentication code to the financial card management module, and obtain an authentication code; and, generate an authentication code image and send it to the App; the App displays the authentication code image for the The cardholder uses the authentication device to set the password of the financial card for the first time; and the authentication device uses the display element to display a field on the first user interface for the cardholder to input the authentication through the input element And the new password of the financial card to complete the first password setting.
在本發明之部分具體實施例中,該密碼設定模組提供一第二使用者介面,供該金融卡之發卡方作業人員輸入該第一認證資料及該第二認證資料。In some specific embodiments of the present invention, the password setting module provides a second user interface for an operator of the financial card issuer to input the first authentication data and the second authentication data.
在本發明之部分具體實施例中,該App要求一啟動密碼。In some specific embodiments of the present invention, the App requires an activation password.
在本發明之部分具體實施例中,該認證裝置的該第一使用者介面要求輸入認證碼及新密碼,以及該個人資訊的至少一部分,並基於所輸入的資料向該金融卡管理模組發送設定新密碼之請求。在特定具體實施例中,該金融卡管理模組確認接收到的認證碼及個人資料無誤後,取得經亂碼化的新密碼,並傳送予該認證裝置,供其藉由該金融卡讀寫元件寫入該經亂碼化的新密碼至該金融卡。In some specific embodiments of the present invention, the first user interface of the authentication device requires the input of an authentication code and a new password, as well as at least a part of the personal information, and sends to the financial card management module based on the input data Request to set a new password. In a specific embodiment, after confirming that the received authentication code and personal data are correct, the financial card management module obtains a garbled new password and sends it to the authentication device for it to use the financial card to read and write components Write the garbled new password to the financial card.
本發明之其他目的及優點一部分記載於下述說明中,或可透過本發明的實施例而理解。應了解前文之發明內容及下文之實施方式僅為例示性及闡釋性之說明,而非如申請專利範圍般限定本發明。Other objects and advantages of the present invention are partially described in the following description, or can be understood through the embodiments of the present invention. It should be understood that the foregoing invention content and the following embodiments are only illustrative and explanatory descriptions, rather than limiting the present invention as in the scope of the patent application.
需注意的是,除非另有指明,所有在此處使用的技術性和科學性術語具有如同本發明所屬技術領域中之通常技術者一般所瞭解的意義。再者,本說明書所使用的「一」乙詞,如未特別指明,係指至少一個(一個或一個以上)之數量,合先說明。It should be noted that, unless otherwise specified, all technical and scientific terms used herein have the meaning generally understood by those skilled in the art to which the present invention belongs. Furthermore, the word "一" and B used in this manual, unless otherwise specified, refers to at least one (one or more) quantity, which shall be explained first.
在一方面,本發明提供一種用於幫助持卡人首次設定金融卡密碼之系統。所述系統包含:一第一伺服器、一第二伺服器、一軟體產品(App)以及一認證裝置。In one aspect, the present invention provides a system for helping a cardholder to set a financial card password for the first time. The system includes: a first server, a second server, a software product (App), and an authentication device.
該第一伺服器設有一密碼設定模組,其包括一儲存子模組。The first server is provided with a password setting module, which includes a storage sub-module.
該第二伺服器係與該第一伺服器電性連接,並設有一金融卡管理模組。The second server is electrically connected with the first server, and is provided with a financial card management module.
根據本發明之較佳具體實施例,該第一及第二伺服器係設於該金融卡的發卡方。According to a preferred embodiment of the present invention, the first and second servers are located at the issuer of the financial card.
該軟體產品(App)係與該第一伺服器通訊連接,並安裝於該持卡人所持有的一行動裝置,且該App係經該密碼設定模組認證。根據本發明,該行動裝置包括但不限於一平板電腦或一智慧型手機,且較佳為一智慧型手機。該行動裝置較佳不包括一筆記型電腦。所述通訊連接較佳為藉由一網際網路通訊連接。根據本發明,該軟體產品較佳係為一行動軟體產品(mobile application)。根據本發明,該行動裝置可包含一儲存單元,儲存有該軟體產品之程式碼,以及一處理單元,用於執行該軟體產品之程式碼。The software product (App) communicates with the first server and is installed on a mobile device held by the cardholder, and the App is authenticated by the password setting module. According to the present invention, the mobile device includes but is not limited to a tablet computer or a smart phone, and preferably a smart phone. The mobile device preferably does not include a notebook computer. The communication connection is preferably via an Internet communication connection. According to the present invention, the software product is preferably a mobile application. According to the present invention, the mobile device may include a storage unit storing the program code of the software product, and a processing unit for executing the program code of the software product.
該認證裝置係與該第二伺服器通訊連接,且其具有一顯示元件、一輸入元件及一金融卡讀寫元件。在本發明之部分具體實施例中,該認證裝置為一自動櫃員機或一自動存提款機。根據本發明,該認證裝置較佳係藉由一專屬網路與該第二伺服器通訊連接。The authentication device is in communication connection with the second server, and it has a display element, an input element and a financial card read-write element. In some specific embodiments of the present invention, the authentication device is an automatic teller machine or an automatic deposit and withdrawal machine. According to the present invention, the authentication device preferably communicates with the second server via a dedicated network.
在一預先註冊程序中,該密碼設定模組接收一第一認證資料及一第二認證資料,並將該第一及第二認證資料儲存於該儲存子模組。該第一認證資料係由該行動裝置的識別資訊以及該持卡人的個人資訊所組成,該第二認證資料則為一自選文摘。在該預先註冊程序中,該密碼設定模組可提供一第二使用者介面,以供該金融卡之發卡的方作業人員輸入該第一認證資料及該第二認證資料。前述識別資訊包含IMEI、UDID、鑰匙圈(Keychain)、MAC位址或其組合。該自選文摘可由該持卡人自行提供、或由該作業人員自該儲存子模組的資料庫中挑選、或由該密碼設定模組隨機自該儲存子模組的資料庫中挑選。In a pre-registration process, the password setting module receives a first authentication data and a second authentication data, and stores the first and second authentication data in the storage submodule. The first authentication data is composed of the identification information of the mobile device and the personal information of the cardholder, and the second authentication data is an optional abstract. In the pre-registration procedure, the password setting module can provide a second user interface for the operator of the issuing party of the financial card to input the first authentication data and the second authentication data. The aforementioned identification information includes IMEI, UDID, Keychain, MAC address or a combination thereof. The self-selected digest can be provided by the cardholder, or selected by the operator from the database of the storage sub-module, or randomly selected by the password setting module from the database of the storage sub-module.
該認證裝置藉由 該金融卡讀寫元件讀取該金融卡,並藉由該顯示元件提供一第一使用者介面,顯示首次設定金融卡密碼之選項,該選項經選擇後,該認證裝置向該金融卡管理模組發送首次設定金融卡密碼之請求。The authentication device reads the financial card through the financial card reading and writing component, and provides a first user interface through the display component, which displays the option to set the financial card password for the first time. After this option is selected, the authentication device The financial card management module sends a request to set the financial card password for the first time.
該金融卡管理模組將該首次設定金融卡密碼之請求傳送予該密碼設定模組。接著,該密碼設定模組執行以下步驟:(1) 根據一組合方法組合該第一認證資料,以產生一第一金鑰,其中,該組合方法係隨機挑選自複數個組合方法,並具有一第一編號;(2) 將該第一編號儲存於該儲存子模組;(3) 基於該第一金鑰對一原碼內容進行加密,產生一二維條碼,其中,該原碼內容包括該自選文摘;以及(4) 將該二維條碼傳送予該認證裝置。根據本發明,所述組合方法包括但不限於:對該第一認證資料的單一欄位、或多個欄位的完整資料進行組合、或對該第一認證資料的多個欄位之部份資料進行組合、或對該第一認證資料的同一欄位資料進行多次組合。The financial card management module transmits the request to set the financial card password for the first time to the password setting module. Then, the password setting module performs the following steps: (1) Combine the first authentication data according to a combination method to generate a first key, wherein the combination method is randomly selected from a plurality of combination methods, and has a A first number; (2) The first number is stored in the storage submodule; (3) An original code content is encrypted based on the first key to generate a two-dimensional barcode, wherein the original code content includes The self-selected abstract; and (4) transmitting the two-dimensional barcode to the authentication device. According to the present invention, the combination method includes, but is not limited to: combining the complete data of a single field or multiple fields of the first authentication data, or a part of multiple fields of the first authentication data Combine data, or combine data in the same field of the first authentication data multiple times.
然後,該認證裝置會藉由該顯示元件於該第一使用者介面顯示該二維條碼。根據本發明的較佳具體實施例,該二維條碼為一QR碼。Then, the authentication device displays the two-dimensional barcode on the first user interface through the display element. According to a preferred embodiment of the present invention, the two-dimensional bar code is a QR code.
該App於啟動後會自動觸發一事件,要求輸入個人資訊及金融卡之帳號,並將輸入之個人資訊及帳號傳送予該密碼設定模組。根據本發明的較佳具體實施例,該App要求一啟動密碼,驗證啟動密碼為正確後才會啟動該App。所述啟動密碼包括但不限於:圖形密碼、按鍵式密碼、指紋辨識或臉部辨識。After the App is activated, an event will be automatically triggered to request the input of personal information and the account number of the financial card, and the entered personal information and account number will be sent to the password setting module. According to a preferred embodiment of the present invention, the App requires an activation password, and the App can be activated only after verifying that the activation password is correct. The activation password includes, but is not limited to: a graphic password, a key-press password, fingerprint recognition or facial recognition.
該密碼設定模組於確認該App合法性後,執行以下步驟:(1) 根據儲存在儲存子模組中的第一編號,使用對應的組合方法組合該第一認證資料,以產生一第二金鑰;(2) 自複數個加密方法中隨機挑選一加密方法,該加密方法具有一第二編號;以及,(3) 向該App傳送該第一編號,及基於該第二金鑰加密後的確認資料,該確認資料包括一加密資訊,其中,該加密資訊包括該第二編號,及一開始取樣位置。所述開始取樣位置係用於指示加密方法從該自選文摘的哪個位置的文字開始取樣進行加密。After confirming the validity of the App, the password setting module performs the following steps: (1) According to the first number stored in the storage sub-module, use the corresponding combination method to combine the first authentication data to generate a second Key; (2) randomly select an encryption method from a plurality of encryption methods, the encryption method has a second number; and, (3) send the first number to the App, and encrypt based on the second key The confirmation data includes an encrypted information, wherein the encrypted information includes the second number and the initial sampling position. The start sampling position is used to indicate the position of the text in the self-selected abstract from which the encryption method starts sampling for encryption.
接著,該App自該行動裝置取得該行動裝置的識別資訊以及該持卡人的個人資訊,並根據該第一編號所對應的組合方法,組合所述識別資訊及個人資訊,以產生一第三金鑰。該持卡人的個人資訊可由該持卡人自行登錄並儲存於該行動裝置。Then, the App obtains the identification information of the mobile device and the personal information of the cardholder from the mobile device, and combines the identification information and personal information according to the combination method corresponding to the first number to generate a third Key. The personal information of the cardholder can be registered by the cardholder and stored in the mobile device.
經由該行動裝置掃描讀取顯示於該認證裝置的該顯示元件上的該二維條碼後,該App使用該第三金鑰解譯該二維條碼得到該原碼內容,並根據該第二編號所對應的加密方法及該開始取樣位置,對該自選文摘進行加密,得到一加密值;然後,該App基於該第三金鑰對該加密值進行加密後傳送予該密碼設定模組。After scanning and reading the two-dimensional barcode displayed on the display element of the authentication device through the mobile device, the App uses the third key to interpret the two-dimensional barcode to obtain the original code content, and according to the second number The corresponding encryption method and the start sampling position encrypt the self-selected digest to obtain an encrypted value; then, the App encrypts the encrypted value based on the third key and sends it to the password setting module.
該密碼設定模組則於確認該加密值的正確性後,向該金融卡管理模組發送取得認證碼之請求,並取得一認證碼;以及,產生一認證碼圖像,並傳送予該App。所述認證碼較佳為6至8碼的隨機數字,但不以此為限。在本發明之一具體實施例中,採用視覺密碼學理論方法對該認證碼加密產出所述認證碼圖像,使其明碼值需要人工以眼睛目視方式才能正確讀取。After confirming the correctness of the encrypted value, the password setting module sends a request for obtaining an authentication code to the financial card management module, and obtains an authentication code; and, generates an authentication code image, and sends it to the App . The authentication code is preferably a random number of 6 to 8, but is not limited to this. In a specific embodiment of the present invention, the authentication code is encrypted to produce the authentication code image by using the method of visual cryptography theory, so that the clear code value can be read correctly by human eyes.
接著,該App會顯示該認證碼圖像,以供該持卡人藉由認證裝置首次設定該金融卡之密碼時使用。Then, the App will display the authentication code image for the cardholder to use the authentication device to set the password of the financial card for the first time.
最後,該認證裝置藉由該顯示元件於該第一使用者介面顯示欄位,供該持卡人藉由該輸入元件輸入該認證碼以及該金融卡之新密碼,以完成首次密碼設定。Finally, the authentication device displays a field on the first user interface through the display element, so that the cardholder can input the authentication code and the new password of the financial card through the input element to complete the first password setting.
在本發明之部分具體實施例中,該認證裝置的該第一使用者介面要求輸入認證碼及新密碼,以及該個人資訊的至少一部分,並基於所輸入的資料向該金融卡管理模組發送設定新密碼之請求。在特定具體實施例中,該金融卡管理模組確認接收到的認證碼及個人資料無誤後,取得經亂碼化的新密碼,並傳送予該認證裝置,供其藉由該金融卡讀寫元件寫入該經亂碼化的新密碼至該金融卡。In some specific embodiments of the present invention, the first user interface of the authentication device requires the input of an authentication code and a new password, as well as at least a part of the personal information, and sends to the financial card management module based on the input data Request to set a new password. In a specific embodiment, after confirming that the received authentication code and personal data are correct, the financial card management module obtains a garbled new password and sends it to the authentication device for it to use the financial card to read and write components Write the garbled new password to the financial card.
另一方面,本發明提供一種用於幫助持卡人首次設定金融卡密碼之方法,包含: 提供一第一伺服器,設有一密碼設定模組,其包括一儲存子模組; 一第二伺服器,與該第一伺服器電性連接,並設有一金融卡管理模組;一軟體產品(App),與該第一伺服器通訊連接,該App係安裝於該持卡人所持有的一行動裝置,且該App係經該密碼設定模組認證;以及一認證裝置,與該第二伺服器通訊連接,該認證裝置具有一顯示元件、一輸入元件及一金融卡讀寫元件; 該密碼設定模組於一預先註冊程序中:接收一第一認證資料,其係由該行動裝置的識別資訊以及該持卡人的個人資訊所組成,並將該第一認證資料儲存於該儲存子模組;以及,接收一第二認證資料,其為一自選文摘,並將該第二認證資料儲存於該儲存子模組; 該認證裝置藉由該金融卡讀寫元件讀取該金融卡,並藉由該顯示元件提供一第一使用者介面,顯示首次設定金融卡密碼之選項,該選項經選擇後,該認證裝置向該金融卡管理模組發送首次設定金融卡密碼之請求; 該金融卡管理模組將該首次設定金融卡密碼之請求傳送予該密碼設定模組; 該密碼設定模組:根據一組合方法組合該第一認證資料,以產生一第一金鑰,其中,該組合方法係隨機挑選自複數個組合方法,並具有一第一編號;將該第一編號儲存於該儲存子模組;基於該第一金鑰對一原碼內容進行加密,產生一二維條碼,其中,該原碼內容包括該自選文摘;將該二維條碼傳送予該認證裝置; 該認證裝置藉由該顯示元件於該第一使用者介面顯示該二維條碼; 該App於啟動後自動觸發一事件,要求輸入個人資訊及金融卡之帳號,並將輸入之個人資訊及帳號傳送予該密碼設定模組; 該密碼設定模組於確認該App合法性後:根據儲存在儲存子模組中的第一編號,使用對應的組合方法組合該第一認證資料,以產生一第二金鑰;自複數個加密方法中隨機挑選一加密方法,該加密方法具有一第二編號;以及,向該App傳送該第一編號,及基於該第二金鑰加密後的確認資料,該確認資料包括一加密資訊,其中,該加密資訊包括該第二編號,及一開始取樣位置; 該App自該行動裝置取得該行動裝置的識別資訊以及該持卡人的個人資訊,並根據該第一編號所對應的組合方法,組合所述識別資訊及個人資訊,以產生一第三金鑰; 經由該行動裝置掃描讀取顯示於該認證裝置的該顯示元件上的該二維條碼後,該App使用該第三金鑰解譯該二維條碼得到該原碼內容,並根據該第二編號所對應的加密方法及該開始取樣位置,對該自選文摘進行加密,得到一加密值;以及,基於該第三金鑰對該加密值進行加密後傳送予該密碼設定模組; 該密碼設定模組於確認該加密值的正確性後,向該金融卡管理模組發送取得認證碼之請求,並取得一認證碼;以及,產生一認證碼圖像,並傳送予該App; 該App顯示該認證碼圖像,以供該持卡人藉由認證裝置首次設定該金融卡之密碼時使用;以及 該認證裝置藉由該顯示元件於該第一使用者介面顯示欄位,供該持卡人藉由該輸入元件輸入該認證碼以及該金融卡之新密碼,以完成首次密碼設定。On the other hand, the present invention provides a method for helping a cardholder to set a financial card password for the first time, including: providing a first server with a password setting module, which includes a storage sub-module; a second server The device is electrically connected to the first server, and is provided with a financial card management module; a software product (App), which is in communication with the first server, and the App is installed in the card holder’s possession A mobile device, and the App is authenticated by the password setting module; and an authentication device communicating with the second server, the authentication device having a display element, an input element, and a financial card read-write element; The password setting module is in a pre-registration process: receives a first authentication data, which is composed of the identification information of the mobile device and the cardholder’s personal information, and stores the first authentication data in the storage Module; and, receiving a second authentication data, which is a self-selected digest, and storing the second authentication data in the storage submodule; the authentication device reads the financial card through the financial card reading and writing component, A first user interface is provided by the display element to display the option to set the financial card password for the first time. After the option is selected, the authentication device sends a request to set the financial card password for the first time to the financial card management module; The card management module transmits the request to set the financial card password for the first time to the password setting module; the password setting module: combines the first authentication data according to a combination method to generate a first key, wherein the combination The method is to randomly select a plurality of combination methods and have a first number; store the first number in the storage submodule; encrypt the content of an original code based on the first key to generate a two-dimensional barcode, Wherein, the content of the original code includes the self-selected abstract; the two-dimensional barcode is sent to the authentication device; the authentication device displays the two-dimensional barcode on the first user interface through the display element; the App is automatically triggered after activation An event requires the input of personal information and the account number of the financial card, and sends the entered personal information and account number to the password setting module; the password setting module confirms the legality of the App: according to the storage sub-module Using the corresponding combination method to combine the first authentication data to generate a second key; randomly select an encryption method from a plurality of encryption methods, and the encryption method has a second number; and The App transmits the first number and the confirmation data encrypted based on the second key. The confirmation data includes encrypted information, where the encrypted information includes the second number and the initial sampling location; the App starts from the action The device obtains the identification information of the mobile device and the personal information of the cardholder, and combines the identification information and personal information according to the combination method corresponding to the first number to generate a third key; via the mobile device After scanning and reading the two-dimensional bar code displayed on the display element of the authentication device, the App uses the third key to interpret the two-dimensional bar code to obtain the original code content, and encrypts the content according to the second number Method and what to start In such a position, the self-selected abstract is encrypted to obtain an encrypted value; and the encrypted value is encrypted based on the third key and then sent to the password setting module; the password setting module confirms that the encrypted value is correct After verification, send a request to obtain an authentication code to the financial card management module, and obtain an authentication code; and, generate an authentication code image and send it to the App; the App displays the authentication code image for the The cardholder uses the authentication device to set the password of the financial card for the first time; and the authentication device uses the display element to display a field on the first user interface for the cardholder to input the authentication through the input element And the new password of the financial card to complete the first password setting.
在該預先註冊程序中,該密碼設定模組可提供一第二使用者介面,以供該金融卡之發卡的方作業人員輸入該第一認證資料及該第二認證資料。前述識別資訊包含IMEI、UDID、鑰匙圈(Keychain)、MAC位址或其組合。該自選文摘可由該持卡人自行提供、或由該作業人員自該儲存子模組的資料庫中挑選、或由該密碼設定模組隨機自該儲存子模組的資料庫中挑選。In the pre-registration procedure, the password setting module can provide a second user interface for the operator of the issuing party of the financial card to input the first authentication data and the second authentication data. The aforementioned identification information includes IMEI, UDID, Keychain, MAC address or a combination thereof. The self-selected digest can be provided by the cardholder, or selected by the operator from the database of the storage sub-module, or randomly selected by the password setting module from the database of the storage sub-module.
在本發明之部分具體實施例中,該App要求一啟動密碼。所述啟動密碼包括但不限於:圖形密碼、按鍵式密碼、指紋辨識或臉部辨識。In some specific embodiments of the present invention, the App requires an activation password. The activation password includes, but is not limited to: a graphic password, a key-press password, fingerprint recognition or facial recognition.
在本發明之部分具體實施例中,該認證裝置的該第一使用者介面要求輸入認證碼及新密碼,以及該個人資訊的至少一部分,並基於所輸入的資料向該金融卡管理模組發送設定新密碼之請求。在特定具體實施例中,該金融卡管理模組確認接收到的認證碼及個人資料無誤後,取得經亂碼化的新密碼,並傳送予該認證裝置,供其藉由該金融卡讀寫元件寫入該經亂碼化的新密碼至該金融卡。In some specific embodiments of the present invention, the first user interface of the authentication device requires the input of an authentication code and a new password, as well as at least a part of the personal information, and sends to the financial card management module based on the input data Request to set a new password. In a specific embodiment, after confirming that the received authentication code and personal data are correct, the financial card management module obtains a garbled new password and sends it to the authentication device for it to use the financial card to read and write components Write the garbled new password to the financial card.
現配合圖 1 及圖 2 說明本發明之幫助持卡人首次設定金融卡密碼之系統及方法的特定較佳具體實施例。Now with FIGS. 1 and 2 to help illustrate the present invention and a method setting system Cardholder first debit card passwords specific preferred embodiments.
首先請參見圖 1
,所示為本發明之一具體實施例之幫助持卡人首次設定金融卡密碼之系統。在本具體實施例中,幫助持卡人首次設定金融卡密碼之系統1
包含一第一伺服器10
、一第二伺服器20
、一軟體產品(App)30
以及一認證裝置40
。該軟體產品30
可為一行動軟體產品,例如,金融業者發行之App。First, see FIG. 1, the present invention is shown in one particular embodiment the first cardholder help embodiments set passwords debit card system. In this embodiment, the
該第一伺服器10
設有一密碼設定模組12
,其包括一儲存子模組122
。 該第二伺服器20
係與該第一伺服器10
電性連接,並設有一金融卡管理模組22
。該第一及第二伺服器10
及20
可設於該金融卡的發卡方。The
該App30
係與該第一伺服器10
通訊連接,並安裝於該持卡人所持有的一行動裝置70
,且該App30
係經該密碼設定模組12
認證。該行動裝置70
可為一平板電腦或一智慧型手機,較佳為一智慧型手機。The App 30 is in communication with the
該認證裝置40
藉由一專屬網路與該第二伺服器20
通訊連接,且其具有一顯示元件42
、一輸入元件44
及一金融卡讀寫元件46
。在部分實例中,該認證裝置40
為一自動櫃員機或一自動存提款機。The
在一預先註冊程序中,該密碼設定模組12
接收一第一認證資料及一第二認證資料,並將該第一及第二認證資料儲存於該儲存子模組122
。該第一認證資料係由該行動裝置70
的識別資訊以及該持卡人的個人資訊所組成,該第二認證資料則為一自選文摘。該文摘之位元數較佳係介於512位元至1024位元之間。In a pre-registration process, the
該認證裝置40
藉由該金融卡讀寫元件46
讀取該金融卡,並藉由該顯示元件42
提供一第一使用者介面,顯示首次設定金融卡密碼之選項,該選項經選擇後,該認證裝置40
向該金融卡管理模組22
發送首次設定金融卡密碼之請求。該金融卡管理模組22
將該首次設定金融卡密碼之請求傳送予該密碼設定模組12
。接著,該密碼設定模組12
執行以下步驟:(1) 根據一組合方法組合該第一認證資料,以產生一第一金鑰,其中,該組合方法係隨機挑選自複數個組合方法,並具有一第一編號;(2) 將該第一編號儲存於該儲存子模組122
;(3) 基於該第一金鑰對一原碼內容進行加密,產生一二維條碼,其中,該原碼內容包括該自選文摘;以及(4) 將該二維條碼傳送予該認證裝置40
。The
然後,該認證裝置40
會藉由該顯示元件42
於該第一使用者介面顯示該二維條碼,其較佳為一QR碼。Then, the
另外,該App30
於啟動後會自動觸發一事件,要求輸入個人資訊及金融卡之帳號,並將輸入之個人資訊及帳號傳送予該密碼設定模組22
。該密碼設定模組22
於確認該App30
的合法性後,執行以下步驟:(1) 根據儲存在儲存子模組122
中的第一編號,使用對應的組合方法組合該第一認證資料,以產生一第二金鑰;(2) 自複數個加密方法中隨機挑選一加密方法,該加密方法具有一第二編號;以及,(3) 向該App30
傳送該第一編號,及基於該第二金鑰加密後的確認資料,該確認資料包括一加密資訊,其中,該加密資訊包括該第二編號,及一開始取樣位置,其係用於指示加密方法從該自選文摘的哪個位置的文字開始取樣進行加密。In addition, the App 30 will automatically trigger an event after activation, requesting the input of personal information and the account number of the financial card, and sending the entered personal information and account number to the
接著,該App30
自該行動裝置取得該行動裝置70
的識別資訊以及該持卡人的個人資訊,並根據該第一編號所對應的組合方法,組合所述識別資訊及個人資訊,以產生一第三金鑰。此時,該持卡人可使用該行動裝置70
掃描讀取顯示於該認證裝置40
的該顯示元件42
上的該二維條碼,之後,該App30
藉由該第三金鑰解譯該二維條碼得到該原碼內容,並根據該第二編號所對應的加密方法及該開始取樣位置,對該自選文摘進行加密,得到一加密值。然後,該App30
基於該第三金鑰對該加密值進行加密後傳送予該密碼設定模組12
。Then, the App 30 obtains the identification information of the
該密碼設定模組12
於確認該加密值的正確性後,向該金融卡管理模組22
發送取得認證碼之請求,取得一認證碼,並產生一認證碼圖像傳送予該App30
。接著,該App30
顯示該認證碼圖像,以供該持卡人藉由認證裝置40
首次設定該金融卡之密碼時使用。After confirming the correctness of the encrypted value, the
最後,該認證裝置40
藉由該顯示元件42
於該第一使用者介面顯示欄位,供該持卡人藉由該輸入元件44
輸入該認證碼以及該金融卡之新密碼,以完成首次密碼設定。Finally, the
另一方面,本發明提供一種幫助持卡人首次設定金融卡密碼之方法。請參見圖 2 ,其為本發明之幫助持卡人首次設定金融卡密碼之方法的一具體實施例之流程圖。如圖所示,該方法包含下列步驟:(S110 )提供一第一伺服器,設有一密碼設定模組,其包括一儲存子模組; 一第二伺服器,與該第一伺服器電性連接,並設有一金融卡管理模組;一軟體產品(App),與該第一伺服器通訊連接,該App係安裝於該持卡人所持有的一行動裝置,且該App係經該密碼設定模組認證;以及一認證裝置,與該第二伺服器通訊連接,該認證裝置具有一顯示元件、一輸入元件及一金融卡讀寫元件;(S120 )該密碼設定模組於一預先註冊程序中:接收一第一認證資料,其係由該行動裝置的識別資訊以及該持卡人的個人資訊所組成,並將該第一認證資料儲存於該儲存子模組;以及,接收一第二認證資料,其為一自選文摘,並將該第二認證資料儲存於該儲存子模組;(S210 )該認證裝置藉由該金融卡讀寫元件讀取該金融卡,並藉由該顯示元件提供一第一使用者介面,顯示首次設定金融卡密碼之選項,該選項經選擇後,該金融卡管理模組確認該金融卡之狀態,接著向該金融卡管理模組發送首次設定金融卡密碼之請求;(S220 )該金融卡管理模組將該首次設定金融卡密碼之請求傳送予該密碼設定模組;(S230 )該密碼設定模組:根據一組合方法組合該第一認證資料,以產生一第一金鑰,其中,該組合方法係隨機挑選自複數個組合方法,並具有一第一編號;將該第一編號儲存於該儲存子模組;基於該第一金鑰對一原碼內容進行加密,產生一二維條碼,其中,該原碼內容包括該自選文摘;將該二維條碼傳送予該認證裝置;(S240 )該認證裝置藉由該顯示元件於該第一使用者介面顯示該二維條碼;(S310 )該App於啟動後自動觸發一事件,要求輸入個人資訊及金融卡之帳號,並將輸入之個人資訊及帳號傳送予該密碼設定模組;(S320 )該密碼設定模組於確認該App合法性後:根據儲存在儲存子模組中的第一編號,以對應的組合方法組合該第一認證資料,以產生一第二金鑰;自複數個加密方法中隨機挑選一加密方法,該加密方法具有一第二編號;以及,向該App傳送該第一編號,及基於該第二金鑰加密後的確認資料,該確認資料包括一加密資訊,其中,該加密資訊包括該第二編號,及一開始取樣位置;(S330 )該App自該行動裝置取得該行動裝置的識別資訊以及該持卡人的個人資訊,並根據該第一編號所對應的組合方法,組合所述識別資訊及個人資訊,以產生一第三金鑰;(S340 )經由該行動裝置掃描讀取顯示於該認證裝置的該顯示元件上的該二維條碼後,該App使用該第三金鑰解譯該二維條碼得到該原碼內容,並根據該第二編號所對應的加密方法及該開始取樣位置,對該自選文摘進行加密,得到一加密值;以及,基於該第三金鑰對該加密值進行加密後傳送予該密碼設定模組;(S410 )該密碼設定模組於確認該加密值的正確性後,向該金融卡管理模組發送取得認證碼之請求,並取得一認證碼;以及,產生一認證碼圖像,並傳送予該App;(S510 )該App顯示該認證碼圖像,以供該持卡人藉由認證裝置首次設定該金融卡之密碼時使用;以及(S610 )該認證裝置藉由該顯示元件於該第一使用者介面顯示欄位,供該持卡人藉由該輸入元件輸入該認證碼以及該金融卡之新密碼,以完成首次密碼設定。On the other hand, the present invention provides a method for helping the cardholder to set the financial card password for the first time. See flowchart of FIG. 2, which helps the present invention a method of setting the first cardholder financial card of a particular embodiment of a password. As shown in the figure, the method includes the following steps: ( S110 ) a first server is provided, and a password setting module is provided, which includes a storage sub-module; a second server is electrically connected to the first server Is connected with a financial card management module; a software product (App) communicates with the first server, the App is installed on a mobile device held by the cardholder, and the App is Password setting module authentication; and an authentication device communicating with the second server, the authentication device having a display element, an input element, and a financial card reading and writing element; ( S120 ) the password setting module is in a preset During the registration process: receiving a first authentication data, which is composed of the identification information of the mobile device and the personal information of the cardholder, and storing the first authentication data in the storage submodule; and receiving a The second authentication data, which is a self-selected abstract, and stores the second authentication data in the storage submodule; ( S210 ) the authentication device reads the financial card through the financial card reading and writing component, and uses the The display element provides a first user interface that displays the option to set the financial card password for the first time. After this option is selected, the financial card management module confirms the status of the financial card, and then sends the financial card management module the first set of financial Card password request; ( S220 ) the financial card management module transmits the request to set the financial card password for the first time to the password setting module; ( S230 ) the password setting module: combining the first authentication data according to a combination method , To generate a first key, wherein the combination method is randomly selected from a plurality of combination methods, and has a first number; the first number is stored in the storage submodule; based on the first key pair An original code content is encrypted to generate a two-dimensional bar code, wherein the original code content includes the self-selected abstract; the two-dimensional bar code is sent to the authentication device; ( S240 ) the authentication device uses the display element in the first The user interface displays the two-dimensional bar code; ( S310 ) After the App is activated, an event is automatically triggered to request the input of personal information and the account number of the financial card, and the entered personal information and account number are sent to the password setting module; ( S320) ) After the password setting module confirms the validity of the App: according to the first number stored in the storage submodule, combine the first authentication data with the corresponding combination method to generate a second key; An encryption method is randomly selected among the encryption methods, and the encryption method has a second number; and, the first number is sent to the App, and the confirmation data encrypted based on the second key, the confirmation data includes an encryption information, Wherein, the encrypted information includes the second number and the initial sampling location; ( S330 ) the App obtains the identification information of the mobile device and the personal information of the cardholder from the mobile device, and corresponds to the first number The combination method of combining the identification information and personal information to generate a third key; ( S340 ) scanning and reading the display on the certificate through the mobile device After the 2D barcode on the display element of the device, the App uses the third key to interpret the 2D barcode to obtain the original code content, and according to the encryption method corresponding to the second number and the start sampling position, Encrypting the self-selected digest to obtain an encrypted value; and, encrypting the encrypted value based on the third key and sending it to the password setting module; ( S410 ) the password setting module confirms that the encrypted value is correct After verification, send a request to obtain an authentication code to the financial card management module, and obtain an authentication code; and, generate an authentication code image and send it to the App; ( S510 ) the App displays the authentication code image, For the cardholder to use the authentication device to set the password of the financial card for the first time; and ( S610 ) the authentication device uses the display element to display a field on the first user interface for the cardholder to use The input component inputs the authentication code and the new password of the financial card to complete the first password setting.
本發明之幫助持卡人首次設定金融卡密碼之方法可配合或不配合前述之幫助持卡人首次設定金融卡密碼之系統1
完成。The method of the present invention for helping the cardholder to set the financial card password for the first time can be completed with or without the
藉由以下實例更詳細地描述本發明的具體實施方式,但本發明並不受限於其中提供的特定配置、條件及方法。The specific embodiments of the present invention are described in more detail with the following examples, but the present invention is not limited to the specific configurations, conditions and methods provided therein.
實例Instance 11 :前置作業: Pre-work
金融業者提供一管理伺服器(第一伺服器),其安裝有密碼設定模組,供行員為申請辦理新金融卡的使用者(金融卡持卡人,在實例中以「使用者」稱之),註冊登錄所約定的認證資料,該註冊資料儲存於密碼設定模組的資料庫內。其相關交易功能及註冊內容如下:The financial industry provider provides a management server (the first server), which is installed with a password setting module for the bank staff to apply for a new financial card user (the financial card holder, in the example referred to as "user" ), the authentication data agreed by the registration and login, the registration data is stored in the database of the password setting module. The related transaction functions and registration content are as follows:
1. 綁定使用者行動裝置設備認證資料(第一認證資料): a. 登錄IMEI/UDID/Keychain/MAC/身份證號/生日/手機電話號碼/等認證資料。 此處可由辦理新金融卡的使用者先到金融業者之分行櫃檯或預先在官方網站,自所屬手機查得IMEI/UDID/Keychain/MAC等資料後填入申請表單,行員配合申請單填寫內容將資料登錄系統。前述認證資料可與使用者的身份證號綁定。 b. 第一認證資料之使用: (1) 於綁定第一認證資料時,密碼設定模組當下自動隨機亂數指定其組合方法之初始值,並將該組合方法儲存於資料庫(3個Bytes)。 (2) 該組合方法係用於將IMEI/UDID/Keychain/MAC/身份證號/生日/手機電話號碼/等欄位資料做隨機組合。 (3) 在資料庫儲存的「組合方法」(3個Bytes),實質是個數字,資料庫不 儲存經組合後的資料原始內容。此處資料庫儲存的「組合方法」值,僅為一個初始值,密碼設定模組於每次受理請求須產出二維條碼(在本實例中為QR碼)之前,應重新自動隨機亂數產出「組合方法」值,以新的「組合方法」值更新資料庫該欄值。 (4) 經組合後的資料原始內容,後續以「Current_key」(此處為第一金鑰)稱之,其長度應至少128個Bytes。此「Current_key」即為後續欲對敏感性資料以進階加密標準(AES)加密時的金鑰。欲知Current_key需先知它的「組合方法」以及其相對應程式碼,當原註冊登錄綁定的第一認證資料外洩時,亦未直接暴露該使用者的Current_key內容。1. Binding the user’s mobile device authentication data (first authentication data): a. Log in the IMEI/UDID/Keychain/MAC/ID number/birthday/mobile phone number/and other authentication data. Here, the user who applies for the new financial card can first go to the branch counter of the financial company or on the official website in advance, and fill in the application form after checking the IMEI/UDID/Keychain/MAC information from their mobile phone. Data logging system. The aforementioned authentication data can be bound with the user's ID number. b. Use of the first authentication data: (1) When binding the first authentication data, the password setting module will now automatically randomize the initial value of the combination method and store the combination method in the database (3 Bytes). (2) This combination method is used to randomly combine IMEI/UDID/Keychain/MAC/ID number/birthday/mobile phone number/ etc. column data. (3) The "combination method" (3 Bytes) stored in the database is essentially a number, and the database does not store the original content of the combined data. The "Combination Method" value stored in the database here is only an initial value. The password setting module should automatically randomize random numbers before generating a two-dimensional barcode (QR code in this example) every time a request is accepted. Generate the value of "Combination Method" and update the column value in the database with the new "Combination Method" value. (4) The original content of the combined data will be referred to as "Current_key" (here, the first key), and its length should be at least 128 Bytes. This "Current_key" is the key for subsequent encryption of sensitive data using Advanced Encryption Standard (AES). To know Current_key, you need to know its "combination method" and its corresponding code. When the first authentication data bound to the original registration and login is leaked, the user's Current_key content is not directly exposed.
2. 綁定使用者識別資料(第二認證資料): 行員為申辦新金融卡的使用者登錄自選文摘1則(512 Bytes≦ 文摘 ≦1024 Bytes)。第二認證資料亦可與使用者的身份證號綁定。該自選文摘可由使用者提供、或由行員、或由系統隨機自資料庫為使用者挑選。 a. 系統產出QR碼的內容:系統依據資料庫儲存該使用者的「組合方法」,以使用者原始綁定之行動裝置認證資料產出「Current_key」,再使用相對應加解密程式碼以「Current_key」AES(網頁識別碼 + 自選文摘 + SHA-256 (「Current_key」))加密產出QR 碼亂碼化後之內容。欲知QR碼原碼內容,唯有使用正確的交易裝置掃描讀取QR碼、以正確的「組合方法」產出正確的「Current_key」,以相對應加解密程式碼才能解譯出QR碼的原碼內容。 (1) 解譯後QR碼原碼內容 =網頁識別碼 +自選文摘 + SHA-256 (Current_key)。 (2) 解譯前QR碼內容 =以「Current_key」AES(網頁識別碼 +自選文摘 + SHA-256(Current_key))。 (3) QR碼原碼內容需要經由「組合方法」之相對應加解密程式碼篩選 處理產出「Current_key」內容之後,始能據之解譯出來。 b. 系統產出QR碼的時機:金融卡持卡人在自動存提款機操作特定交易,於上行電文經由金融卡管理模組對密碼設定模組發動交易當下密碼設定模組產出包含「QR碼圖像」的下行電文回覆給金融卡管理模組;密碼設定模組另須將該上行電文內容等資訊儲存於資料庫: (1) 上行電文內容包括:金融卡帳號、交易日期、交易時間、ATM機號、ATM交易序號等資料。 (2) 以身份證號、網頁識別碼等值作為金鑰,將該上行電文內容儲存於密碼設定模組的資料庫(儲存子模組)。網頁識別碼為密碼設定模組、「初始密碼應用程式」(軟體產品(App))、金融卡管理模組等多方系統針對同一請求交易的共同識別序號,網頁識別碼值由初始密碼函系統(密碼設定模組)產生。網頁識別碼值生命週期,於金融卡系統(金融卡管理模組)向初始密碼函系統發動「QR碼圖像」請求時產生、於初始密碼應用程式取得認證碼值圖像、持卡人操作自動存提款機(認證裝置)特定功能完成金融卡新密碼設定後結束。 (3) 將上行電文內容儲存於資料庫的目的: (i) 供後續交易裝置之初始密碼應用程式於讀取「QR碼圖像」之後,對初始密碼函系統發動取得認證碼請求交易時,初始密碼函系統將之做為對交易勾稽核驗之用; (ii) 當資料庫無該金融卡帳號資料時,拒絕該交易需求,要求金融卡持卡人先持新申請金融卡操作自動存提款機,於自動存提款機介面顯示「QR碼圖像」後,再操作執行App;及 (iii) 當資料庫有該金融卡帳號資料,但已逾時(例如,10分鐘以上),則可拒絕該App之交易請求。2. Binding user identification data (second authentication data): The operator logs in 1 self-selected abstract (512 Bytes≦Abstract≦1024 Bytes) for the user applying for a new financial card. The second authentication data can also be bound with the user's ID number. The self-selected digest can be provided by the user, or selected by the operator, or randomly selected by the system from the database. a. The content of the QR code generated by the system: the system stores the user’s "combination method" based on the database, generates the "Current_key" from the user’s original mobile device authentication data, and then uses the corresponding encryption and decryption code to "Current_key" AES (webpage identification code + self-selected digest + SHA-256 ("Current_key")) encrypts the content of QR code garbled. To know the original content of the QR code, only use the correct transaction device to scan and read the QR code, use the correct "combination method" to generate the correct "Current_key", and use the corresponding encryption and decryption code to decode the QR code. Original code content. (1) The content of the original QR code after interpretation = webpage identification code + self-selected abstract + SHA-256 (Current_key). (2) QR code content before interpretation = "Current_key" AES (webpage identification code + self-selected abstract + SHA-256(Current_key)). (3) The original QR code content needs to be screened by the corresponding encryption and decryption code of the "Combination Method", and then the content of the "Current_key" can be generated before it can be interpreted. b. The timing of the QR code generated by the system: the financial card holder performs a specific transaction at the ATM, and initiates the transaction via the financial card management module to the password setting module in the uplink message. The current password setting module output contains " The “QR code image” of the downlink message will reply to the financial card management module; the password setting module must also store the content of the uplink message in the database: (1) The content of the uplink message includes: financial card account number, transaction date, transaction Time, ATM machine number, ATM transaction serial number, etc. (2) Using the ID number, webpage identification code, etc. as the key, store the content of the uplink message in the database (storage submodule) of the password setting module. The webpage identification code is the common identification number of the password setting module, "initial password application" (software product (App)), financial card management module and other multi-party systems for the same transaction request. The webpage identification code value is determined by the initial password letter system ( Password setting module) generated. The life cycle of the webpage identification code value is generated when the financial card system (financial card management module) sends a "QR code image" request to the initial password letter system, the authentication code value image is obtained from the initial password application, and the cardholder operates The specific function of the automatic cash deposit machine (authentication device) is finished after the new password setting of the financial card is completed. (3) The purpose of storing the content of the uplink message in the database: (i) After reading the "QR code image" for the initial password application of the subsequent transaction device, when the initial password letter system is issued to obtain the authentication code to request a transaction, The initial cipher letter system uses it as a transaction check and verification; (ii) When the database does not have the financial card account information, the transaction request is rejected, and the financial card holder is required to operate the automatic deposit and withdrawal with the new application financial card For the cash machine, after displaying the "QR code image" on the ATM interface, operate and execute the App; and (iii) when the bank has the financial card account information, but it has expired (for example, more than 10 minutes), You can reject the transaction request of the App.
使用者於前述作業註冊資料完成後,即可操作交易裝置,從網路環境(Internet)下載/安裝「初始密碼應用程式」(軟體產品(App)),於完成安裝作業後,始告前置作業完成:The user can operate the transaction device after completing the above-mentioned registration information, download/install the "initial password application" (software product (App)) from the network environment (Internet). After the installation is completed, the notification Assignment completed:
1. App須強制提供圖形密碼、按鍵式密碼、指紋辨識、或臉部辨識等選項,供使用者設定App的啟動密碼。1. App must provide graphical password, key-press password, fingerprint recognition, or face recognition options for the user to set the activation password of the App.
2. 使用者於每次執行該App時,App須要求使用者輸入使用者身份證號、生日、及金融卡帳號,並即時發送上行電文給密碼設定模組完成初步鑑別使用者身份。 a. 上行電文內容需包含身份證號、生日、金融卡帳號、及App的版號、日期等資訊。 b. 伺服器端的密碼設定模組鑑別使用者身份及其行動裝置設備無誤之後,須儲存該App的版號、日期、本次申請金融卡帳號等上行電文資訊,供未來在交易作業階段鑑別App合法性之用。 c. 該「金融卡帳號」須為新申請且尚未變更金融卡初始密碼之金融卡帳號。2. Every time the user runs the App, the App must ask the user to enter the user's ID number, birthday, and financial card account number, and immediately send an uplink message to the password setting module to complete the initial authentication of the user's identity. a. The content of the uplink message must include information such as ID number, birthday, financial card account number, and App version number and date. b. After the password setting module on the server side authenticates the user's identity and the correct mobile device equipment, it must store the version number, date, and the financial card account number of this application, and other upstream text information for future transaction identification. The use of legality. c. The "financial card account number" must be a newly applied financial card account number that has not yet changed the initial password of the financial card.
3. 初始密碼應用程式於取得初始密碼函系統下行電文回覆鑑別無誤之後,即直接顯示讀取QR碼的準備畫面於交易裝置(使用者之個人裝置)介面,等待使用者人工操作交易裝置,對準顯示在自動存提款機上的「QR碼圖像」,掃描讀取QR碼內容。3. After the initial password application program obtains the initial password letter, the system will directly display the preparation screen for reading the QR code on the interface of the transaction device (user’s personal device), and wait for the user to manually operate the transaction device. Scan and read the QR code image on the "QR code image" displayed on the ATM.
實例Instance 22 :交易作業: Trading operations
1. 使用者以新申請實體金融卡插入自動存提款機(認證裝置)並操作特定交易,自動存提款機隨即發動上行電文,經由金融卡系統主機(第二伺服器)傳遞到初始密碼函系統主機(第一伺服器),初始密碼函系統(密碼設定模組)除了將該上行電文內容儲存於資料庫(儲存子模組)外,並產出、回覆「QR碼圖像」等下行電文資料,經金融卡系統(金融卡管理模組)將「QR碼圖像」等下行電文資料回覆給自動存提款機;自動存提款機將「QR碼」顯示於自動存提款機介面。 a. 較佳地,禁止使用者同時在多部自動存提款機操作多張新申請金融卡交易。 b. 初始密碼函系統以身份證號、網頁識別碼等值作為金鑰將上行電文內容儲存於資料庫。 (1) 該金融卡帳號須為新申請且尚未變更金融卡初始密碼之金融卡帳號。 (2) 網頁識別碼為初始密碼函系統、初始密碼應用程式(App)、金融卡系統等多方系統針對同一請求交易的共同識別序號,網頁識別碼值由初始密碼函系統產生。網頁識別碼值生命週期,於金融卡系統向初始密碼函系統發動「QR碼圖像」請求時產生、於初始密碼應用程式(App)取得認證碼值圖像、及完成金融卡新密碼設定後結束。 c. 初始密碼函系統將上行電文內容儲存於資料庫之目的: (1) 供後續使用者啟動交易裝置之初始密碼APP,於登錄身份資料後,供初始密碼函系統確認使用者是否已先以新申請實體金融卡插入自動存提款機,完成操作特定交易,取得「QR碼圖像」。 (2) 供後續交易裝置之初始密碼應用程式於掃描讀取「QR碼圖像」之後、對初始密碼函系統發動取得認證碼請求交易時,初始密碼函系統將之做為對交易勾稽核驗之用。 (a) 當資料庫無該金融卡帳號資料時,拒絕App的交易需求,要求金融卡持卡人先持新申請金融卡操作自動存提款機,於自動存提款機介面顯示「QR碼圖像」後,再操作執行App。 (b) 當資料庫有該金融卡帳號資料、但已逾時(例如,10分鐘以上),同前述說明拒絕App之交易需求。 d. 初始密碼函系統於當下須先自動隨機亂數產出「組合方法」值並更新資料庫該欄值,之後,以該「組合方法」值執行其相對應程式碼(將原登錄綁定行動裝置認證資料做組合),產出組合後的資料原始內容即為「Current_key」(第一金鑰)。前述「組合方法」值於交易當下隨機亂數產出,此隨機亂數值較佳係異於前三次記錄。 e. 初始密碼函系統於當下再以該「Current_key」、以及使用者所綁定的識別資料(自選文摘),產出QR碼內容、「QR碼圖像」、以及下行電文等資料(含「QR碼圖像」)。 (1) QR碼原碼內容 = 網頁識別碼 +自選文摘 + SHA-256(Current_key)。 (2) QR碼亂碼內容 = 「QR碼圖像」內容 = 以「Current_key」AES(網頁識別碼 +自選文摘 + SHA-256(Current_key)) ,其中,SHA-256為一雜湊函式。 (3) 欲解譯QR碼原碼內容,需先經「組合方法」之相對應程式碼產出「Current_key」內容,之後,始能以「Current_key」解譯出QR碼原碼內容。 f. 「QR碼圖像」等下行電文資料,經金融卡系統回覆給自動存提款機之後;自動存提款機即將「QR碼圖像」顯示於自動存提款機介面,供後續使用者人工手持交易裝置(行動裝置)掃描讀取QR碼內容。 g. 金融卡系統應檢核上行電文內容,若不符合條件,應拒絕該交易請求: (1) 確認該金融卡為有效卡、而且初始密碼尚未被變更完成。 (2) 確認該金融卡持卡人已經綁定行動裝置設備認證資料及使用者識別資料。1. The user inserts the newly applied physical financial card into the ATM (authentication device) and performs a specific transaction. The ATM immediately sends an uplink message, which is transmitted to the initial password via the financial card system host (second server) The host of the letter system (first server), the initial password letter system (password setting module) saves the content of the uplink message in the database (storage submodule), and generates and responds to "QR code images", etc. Downlink message data, through the financial card system (financial card management module), reply the "QR code image" and other downlink message data to the ATM; the ATM will display the "QR code" on the automatic deposit and withdrawal Machine interface. a. Preferably, users are prohibited from operating multiple newly applied financial card transactions at multiple ATMs at the same time. b. The initial cipher letter system uses the ID number, webpage identification code, etc. as the key to store the content of the uplink message in the database. (1) The financial card account must be a newly applied financial card account that has not changed the initial password of the financial card. (2) The webpage identification code is the common identification serial number of the initial password letter system, initial password application (App), financial card system and other systems for the same request transaction. The webpage identification code value is generated by the initial password letter system. The life cycle of the webpage identification code value is generated when the financial card system sends a "QR code image" request to the initial password letter system, after obtaining the authentication code value image from the initial password application (App), and after completing the new password setting of the financial card End. c. The purpose of the initial password letter system to store the contents of the uplink message in the database: (1) For subsequent users to activate the initial password APP of the transaction device, after logging in the identity data, the initial password letter system can confirm whether the user has first Insert the newly applied physical financial card into the automatic deposit and withdrawal machine, complete the operation specific transaction, and obtain the "QR code image". (2) After the initial password application program of the subsequent transaction device scans and reads the "QR code image", when the initial password letter system is launched to obtain the authentication code to request a transaction, the initial password letter system will use it as a transaction check check use. (a) When the database does not have the financial card account information, the App’s transaction request is rejected, and the financial card holder is required to operate the ATM with the newly applied financial card, and display the "QR code" on the interface of the ATM "Image", then operate and execute the App. (b) When the financial card account information is available in the database, but the time has expired (for example, more than 10 minutes), the transaction request of the App is rejected as described above. d. The initial password letter system must first automatically generate a random random number and update the value of the column in the database, and then execute its corresponding code with the value of the “combination method” (bind the original login Mobile device authentication data is combined), the original content of the combined data is "Current_key" (the first key). The aforementioned "combination method" value is generated at a random random number at the moment of the transaction, and this random random number is preferably different from the previous three records. e. The initial password letter system now uses the "Current_key" and the identification data bound to the user (optional digest) to generate QR code content, "QR code image", and downlink text and other data (including " QR code image"). (1) The content of the original QR code = webpage identification code + self-selected abstract + SHA-256 (Current_key). (2) QR code garbled content = "QR code image" content = "Current_key" AES (webpage identification code + self-selected abstract + SHA-256(Current_key)), where SHA-256 is a hash function. (3) To interpret the content of the original QR code, you must first generate the content of the "Current_key" through the corresponding code of the "Combination Method", and then use the "Current_key" to interpret the original content of the QR code. f. After the “QR code image” and other downlink text data are replied to the ATM through the financial card system; the ATM will display the “QR code image” on the ATM interface for subsequent use The user manually holds the transaction device (mobile device) to scan and read the QR code content. g. The financial card system should check the content of the uplink message, and if the conditions are not met, the transaction request should be rejected: (1) Confirm that the financial card is a valid card and the initial password has not been changed. (2) Confirm that the financial card holder has bound mobile device authentication data and user identification data.
2. 使用者在交易裝置介面登入「啟動密碼」後啟動如實例1之App,App要求使用者輸入身份鑑別資訊: a. App於個人裝置介面顯示訊息,要求輸入使用者身份證號、生日、及金融卡帳號。 b. 上行電文關鍵內容包括:身份證號、生日、金融卡帳號、以及安裝該App之版號與日期等資訊。 c. 上行電文訊息經防火牆(Web AP F/W)解譯SSL加密內容後傳遞給密碼設定模組主機。 d. 密碼設定模組依據上行電文訊息審核該使用者所安裝App的合法性、以及確認使用者是否已先以新申請實體金融卡插入自動存提款機操作特定交易。 (1) 以身份證號、網頁識別碼等值作為金鑰查詢資料庫,當資料庫無該帳號資料時,拒絕App的交易需求,要求金融卡持卡人先持新申請金融卡操作自動存提款機,於自動存提款機介面顯示「QR Code圖像」後,再操作執行App。 (2) 當資料庫有該帳號資料、但已逾時(例如,10分鐘以上),同前述說明拒絕App之交易需求。 (3) 於鑑別使用者身份(身份證號、生日)不符合時,密碼設定模組須同步透過簡訊、電子郵件等通報持卡人。於累積錯誤次數超過4次時,系統應拒絕交易,並請使用者聯繫客服人員審核使用者身份之後重設累積錯誤次數。 e. 密碼設定模組審核上行電文訊息無誤後,產出下行電文回覆App: (1) 系統依據資料庫儲存該使用者的「組合方法」,以使用者原始綁定之行動裝置認證資料產出「Current_key」(第二金鑰)。 (2) 下行電文關鍵內容 = 網頁識別碼 + 組合方法 + 以「Current_key」AES(加密方法 + SHA-256(「Current_key」(第二金鑰))) + App合法性鑑別結果,其中,SHA-256為一雜湊函式。 (a) 「加密方法」欄共計10個Bytes,前3個Bytes放置產出「Current_key」的「組合方法」、第4~6個Bytes放置當次加密方法項目、末4個Bytes放置當次加密時「自選文摘」的開始取樣位置。 (b) 上述「加密方法」值及「開始取樣位置」值均於交易當下隨機亂數產出,此隨機亂數值較佳係異於前三次記錄。 f. 將前述上行電文及下行電文內容儲存於密碼設定模組的資料庫,供後續交易鑑別勾稽使用者身份之用。2. After the user logs in the "activation password" on the transaction device interface, the app like example 1 is activated. The app asks the user to enter the identification information: a. The app displays a message on the personal device interface, asking for the user's ID number, birthday, And financial card account number. b. The key content of the uplink message includes: ID number, birthday, financial card account number, and information such as the version number and date of installation of the App. C. The uplink message is decoded by the firewall (Web AP F/W) and then sent to the password setting module host. d. The password setting module checks the legality of the app installed by the user based on the uplink message, and confirms whether the user has inserted the newly applied physical financial card into the ATM to perform a specific transaction. (1) Use the ID number, webpage identification code, etc. as the key to query the database. When the database does not have the account information, the App’s transaction requirements are rejected, and the financial card holder is required to automatically deposit the new application financial card. At the cash machine, after the "QR Code image" is displayed on the interface of the cash machine, operate the App. (2) When the account data is available in the database, but the time has expired (for example, more than 10 minutes), the transaction request of the App is rejected as described above. (3) When the identification of the user's identity (ID number, birthday) does not match, the password setting module must simultaneously notify the cardholder through SMS, email, etc. When the cumulative number of errors exceeds 4, the system should reject the transaction and ask the user to contact customer service to verify the user's identity and reset the cumulative number of errors. e. After the password setting module verifies that the upstream telegram message is correct, it will generate a downstream telegram response App: (1) The system stores the user's "combination method" based on the database, and generates the authentication data of the mobile device originally bound to the user "Current_key" (second key). (2) The key content of the downlink message = webpage identification code + combination method + "Current_key" AES (encryption method + SHA-256 ("Current_key" (second key)))) + App legality verification result, where SHA- 256 is a hash function. (a) The "Encryption Method" column has a total of 10 Bytes, the first 3 Bytes are placed in the "Combination Method" that produces "Current_key", the 4th to 6th Bytes are placed in the current encryption method item, and the last 4 Bytes are placed in the current encryption The start sampling position of the "Optional Digest" at the time. (b) The above-mentioned "Encryption Method" value and "Start Sampling Position" value are both random random numbers generated at the moment of the transaction, and this random random value is preferably different from the previous three records. f. Store the contents of the aforementioned uplink messages and downlink messages in the database of the password setting module for subsequent transaction identification and verification of user identity.
3. App於收到密碼設定模組的下行電文後: a. 當下行電文內容之「App合法性鑑別結果」值是成功時,依據下行電文之「組合方法」值(下行電文之「加密方法」欄的前3個Bytes值),自使用者的行動裝置取得該裝置資料(包含IMEI/UDID/ Keychain/MAC等資訊),以及該使用者的個人資訊(身份證號/生日等資訊,可由該使用者自行登錄並儲存於該行動裝置),以 產出「Current_key」(第三金鑰)(亦即,該App內建有複數個組合方法,可依據所接獲的編號來確定使用的組合方法),一來對下行電文之「加密方法」欄做解密,取得當次「加密方法」明碼值;二來鑑別下行電文之SHA-256 (「Current_key」)欄值的一致性(鑑別當下App所連結之密碼設定模組主機的合法性)。 b. App於交易裝置介面顯示可掃描讀取QR碼的環境,指示持卡人持交易裝 置對自動存提款機的「QR碼圖像」掃描讀取其內容。 c. App掃描讀取「QR碼圖像」,並解譯其原始內容: (1) 使用上述「Current_key」(第三金鑰)解譯「QR 碼圖像」之原始內容。 (a) QR碼原碼內容=網頁識別碼 + 自選文摘 + SHA-256 (「Current_key」)。 (b) QR碼亂碼內容=「QR碼圖像」內容 = 以「Current_key」AES(網頁識別碼 +自選文摘 + SHA-256(Current_key)) (2) 解譯後再以交易裝置本機產出的Current_key驗證該QR碼內容之 SHA-256(「Current_key」)值的一致性(鑑別當下該「QR碼圖像」的合法性)。 d. 再次產出上行電文,對初始密碼函系統發動請求取得使用者認證碼值: (1) 上行電文關鍵內容 = 網頁識別碼 + Mobile值 + Verify值 + 前述各步驟上下行電文的部份資料。 (a) Mobile值 = SHA-256(從交易裝置本機產出的「Current_key」 (b) Verify值 = 以「Current_key」AES{(依加密方法對「解譯後的QR碼內容」內容做加密) + SHA-256(「解譯後的QR碼內容)} 。此處的「解譯後的QR碼內容」係指經解譯後的「自選文摘」原始內容。App依據前述下行電文取得的「加密方法」值,以所指定「自選文摘」的「開始取樣位置」值做開始取樣、以所指定的「加密方法」編號值執行對應的加密用程式碼,經加密後產出x值,其長度應至少128個Bytes。之後,再以「Current_key」(第三金鑰)AES加密保護該x值以及相關雜湊函數值。 (2) App將本次上行電文經SSL加密後,傳送給初始密碼函系統主機。3. After the app receives the downlink message from the password setting module: a. When the value of the "App legitimacy authentication result" of the downlink message content is successful, it will be based on the value of the "combination method" of the downlink message (the "encryption method of the downlink message" The first 3 Bytes values in the "column), the device data (including IMEI/UDID/Keychain/MAC and other information) and the user’s personal information (ID number/birthday and other information can be obtained from the user’s mobile device) The user logs in and saves it on the mobile device to generate the "Current_key" (third key) (that is, the App has multiple combination methods built in, which can be determined according to the received number Combination method), firstly, decrypt the "Encryption Method" column of the downlink message to obtain the clear value of the current "Encryption Method"; secondly, verify the consistency of the SHA-256 ("Current_key") column value of the downlink message (identify the current The validity of the password setting module host connected by the App). b. The App displays the environment where the QR code can be scanned and read on the transaction device interface, instructing the cardholder to hold the transaction device to scan the "QR code image" of the ATM to read its content. c. App scans and reads "QR code image" and interprets its original content: (1) Use the above "Current_key" (third key) to interpret the original content of "QR code image". (a) The original QR code content = webpage identification code + self-selected digest + SHA-256 ("Current_key"). (b) QR code garbled content = "QR code image" content = "Current_key" AES (webpage identification code + self-selected abstract + SHA-256(Current_key)) (2) After interpretation, it will be generated locally by the transaction device Current_key verifies the consistency of the SHA-256 ("Current_key") value of the QR code content (identifies the validity of the current "QR code image"). d. Generate the uplink message again, and send a request to the initial password letter system to obtain the user authentication code value: (1) The key content of the uplink message = web page identification code + Mobile value + Verify value + partial data of the uplink and downlink messages in the previous steps . (a) Mobile value = SHA-256 ("Current_key" generated locally from the transaction device (b) Verify value = "Current_key" AES{ (encryption of the contents of "Interpreted QR Code" according to the encryption method ) + SHA-256("Interpreted QR code content)}. The "interpreted QR code content" here refers to the original content of the "self-selected abstract" after interpretation. The App is obtained based on the aforementioned downlink message The value of "Encryption Method" starts sampling with the value of "Start Sampling Position" of the specified "Selected Digest", executes the corresponding encryption code with the specified "Encryption Method" number value, and generates x value after encryption, Its length should be at least 128 Bytes. After that, the value of x and the related hash function value are protected by "Current_key" (third key) AES encryption. (2) The App will send this uplink message to the original after SSL encryption Password letter system host.
4. 密碼設定模組於收到App的上行電文(請求取得認證碼)後: a. 依據該使用者本次交易資訊,檢核App的本次上行電文內容,鑑別該行動裝置設備內容(IMEI/UDID/Keychain/MAC)、該使用者的個人資訊(身份證號/生日)等資料的合法性、以及所安裝App的正確性,從而達到鑑別使用者身份的目的。 b. 於鑑別使用者身份不符合時,密碼設定模組須同步透過簡訊、電子郵件等通報持卡人。於累積錯誤次數超過4次時,系統應拒絕交易,並請使用者聯繫客服人員審核使用者身份之後重設累積錯誤次數。 c. 於鑑別使用者身份符合後,密碼設定模組產出上行電文內容,向金融卡系統主機(第二伺服器)發動請求取得當次認證碼值。 (1) 上行電文內容包括:網頁識別碼、金融卡帳號、交易日期、交易時間、ATM機號、ATM交易序號、認證碼值(此處為空白值)等資料。 (2) 金融卡系統(金融卡管理模組)核驗上行電文無誤後,隨機產出「認證碼值」並回覆給密碼設定模組。 (a)「認證碼」係為後續供持卡人以新申請實體金融卡插入自動存提款機(認證裝置)並操作特定交易、完成金融卡新密碼設定作業時,做為金融卡系統對持卡人身份鑑別之用。 (b) 金融卡管理模組每次動態隨機產出的「認證碼」,有效期10分鐘、認證碼值為6~8碼隨機數字。 (c) 金融卡管理模組儲存此交易需求內容,供後續持卡人以新申請實體金融卡插入自動存提款機並操作特定交易、完成金融卡新密碼設定作業時,做為金融卡系統對持卡人身份鑑別之用。 d. 密碼設定模組於收妥認證碼值後,先採「視覺密碼學理論方法」對金融卡初始密碼值明碼 產出「認證碼值圖像」,之後再產出下行電文(含加密後認證碼值圖像),經SSL加密後回覆給App。 (1) 採「視覺密碼學理論方法」加密產出「認證碼值圖像」: (a) 步驟一:隨機取得底圖或底色 (b) 步驟二:在背景產製數條干擾線(線條顏色、粗細、長短、位置均隨機產生) (c) 步驟三:產製數字(隨機數字顏色、字體、字形、向不同方向(PIXEL)移位產製多 次相同數字) (d) 步驟四:在前景產製數條干擾線(線條顏色、粗細、長短、位置均隨機產生) (e) 步驟五:產生JPEG圖檔 (f) 經此方法將密碼值明碼做妥適加密保護之後,該圖像之明碼值需要人工以眼睛目視方式才能正確讀取。 (2) 下行電文關鍵內容:網頁識別碼、認證碼值圖像、App合法性鑑別結果等資料。 (3) 密碼設定模組更新資料庫之該使用者本次交易處理狀況與身份鑑別結果等資訊。 (4) 本次下行電文內容除了包含認證碼值圖像,另應包含通知持卡人儘速在限時內(例如,10分鐘) 操作自動存提款機特定功能完成金融卡新密碼設定。 (5) 密碼設定模組須同步透過簡訊、電子郵件通知持卡人:認證碼值完成交付,請持卡人儘速在限時內操作自動存提款機特定功能完成金融卡新密碼設定等訊息。4. After the password setting module receives the uplink message from the App (request to obtain the authentication code): a. Based on the user’s current transaction information, check the content of the App’s current uplink message and identify the content of the mobile device (IMEI) /UDID/Keychain/MAC), the legality of the user’s personal information (ID/Birthday) and the correctness of the installed App, so as to achieve the purpose of authenticating the user’s identity. b. When identifying the user's identity as inconsistent, the password setting module must simultaneously notify the cardholder through SMS, email, etc. When the cumulative number of errors exceeds 4, the system should reject the transaction and ask the user to contact customer service to verify the user's identity and reset the cumulative number of errors. c. After verifying the user's identity, the password setting module generates the content of the uplink message and sends a request to the financial card system host (second server) to obtain the current authentication code value. (1) The content of the uplink message includes: webpage identification code, financial card account number, transaction date, transaction time, ATM machine number, ATM transaction serial number, authentication code value (blank value here), etc. (2) After the financial card system (financial card management module) verifies that the uplink message is correct, it randomly generates an "authentication code value" and responds to the password setting module. (a) The "Authentication Code" is for the cardholder to insert the newly applied physical financial card into the automatic deposit and withdrawal machine (authentication device) and operate a specific transaction, complete the financial card new password setting operation, as the financial card system For the identification of cardholders. (b) The "Authentication Code" dynamically and randomly generated by the financial card management module each time, the validity period is 10 minutes, and the authentication code value is 6-8 random numbers. (c) The financial card management module stores the content of the transaction requirements for subsequent cardholders to use the newly applied physical financial card to insert the automatic deposit and withdrawal machine and operate specific transactions, complete the financial card new password setting work, as a financial card system For the identification of cardholders. d. After the password setting module receives the authentication code value, it first uses the "visual cryptography theory method" to produce the "authentication code value image" for the initial password value of the financial card, and then generates the downlink message (including encrypted Authentication code value image), and reply to App after SSL encryption. (1) Adopt the "visual cryptography theory method" to encrypt and produce the "authentication code value image": (a) Step 1: Obtain the base map or background color randomly (b) Step 2: Generate several interference lines in the background ( Line color, thickness, length, and position are randomly generated) (c) Step 3: Generate numbers (random number color, font, font, shift to different directions (PIXEL) to produce the same number multiple times) (d) Step 4 : Produce several interference lines in the foreground (line color, thickness, length, and position are randomly generated) (e) Step 5: Generate JPEG image file (f) After the password value is properly encrypted and protected by this method, the The clear code value of the image needs to be read by human eyes. (2) The key content of the downlink message: webpage identification code, authentication code value image, App legitimacy authentication result, etc. (3) The password setting module updates the user's current transaction processing status and identity authentication result in the database. (4) In addition to the image of the authentication code value, the content of this downlink message should also include informing the cardholder to operate the specific function of the automatic cash deposit machine within a limited time (for example, 10 minutes) to complete the new password setting of the financial card. (5) The password setting module must synchronously notify the cardholder via SMS or email: the authentication code value is delivered, please operate the specific function of the automatic deposit machine as soon as possible within a limited time to complete the new password setting of the financial card and other information .
5. App於收到密碼設定模組的下行電文(含認證碼值圖像)後: a. 顯示認證碼值圖像於個人裝置介面。 b. 顯示通知持卡人儘速在限時內操作自動存提款機特定功能完成金融卡新密碼設定等訊息於個人裝置介面。 c. App將本筆交易選擇重點資料儲存於個人裝置設備端的加密型檔案。該檔 案採先進先出法,最多儲存十筆交易記錄軌跡。5. After the App receives the downlink message (including the authentication code value image) from the password setting module: a. Display the authentication code value image on the personal device interface. b. Display and inform the cardholder to operate the specific functions of the ATM within a limited time to complete the new password setting of the financial card and other messages on the personal device interface. c. App stores the key data of this transaction selection in an encrypted file on the personal device. The file adopts the first-in-first-out method and stores up to ten transaction records.
6. 使用者(持卡人)於取得認證碼後,須在限時內,以新申請實體金融卡插入自動存提款機(認證裝置)並操作特定交易,完成金融卡新密碼的設定作業。 a. 認證裝置的特定交易功能: (1) 該特定交易功能係參照現行分行櫃檯「金融卡重設密碼」交易功能(非金融卡密碼變更交易),供持卡人以新申請實體金融卡插入自動存提款機、在自動存提款機介面輸入當次認證碼值、以及自行設定的金融卡新密碼值,完成金融卡新密碼的設定作業。 (2) 特定交易功能資料處理流程: (a) 特定交易功能連線呼叫實體金融卡晶片內軟體,請其隨機產出一組亂數。 (b) 產出上行電文,向金融卡管理模組發動產出該金融卡新密碼值請求。上行電文關鍵資料:金融卡帳號、認證碼、金融卡新密碼、金融卡晶片軟體當次產出之亂數值等資料。 (c) 金融卡管理模組審核上行電文無誤後,連線呼叫實體亂碼化設備(Hardware DES)產出經亂碼化後的金融卡新密碼值。 (d) 金融卡管理模組產出下行電文(內含「經亂碼化後的金融卡新密碼值」)回覆給自動存提款機特定交易功能。 (e) 特定交易功能連線呼叫實體金融卡晶片內軟體,請其解鎖卡片、以及寫入「經亂碼化後的金融卡新密碼值」至晶片。 b. 金融卡管理模組每次動態隨機產出的「認證碼」,其具有特定有效時限,持卡人須在限時內)完成設定金融卡新密碼。 c. 當該金融卡已完成新密碼設定作業,自動存提款機應拒絕持卡人重覆執行特定交易功能。6. After obtaining the authentication code, the user (cardholder) must insert the newly applied physical financial card into the ATM (authentication device) and perform specific transactions within a limited time to complete the setting of the new financial card password. a. The specific transaction function of the authentication device: (1) The specific transaction function refers to the current branch counter "Financial Card Reset Password" transaction function (non-financial card password change transaction), for cardholders to insert a new physical financial card application Automatic deposit and withdrawal machine, enter the current authentication code value in the automatic deposit and withdrawal machine interface, and the new password value of the financial card set by yourself to complete the setting of the new password of the financial card. (2) Specific transaction function data processing flow: (a) The specific transaction function calls the software in the physical financial card chip, and asks it to randomly generate a set of random numbers. (b) Generate an uplink message and send a request to the financial card management module to generate a new password value for the financial card. Key information of the uplink message: financial card account number, authentication code, new financial card password, random value generated by financial card chip software at the time, etc. (c) After the financial card management module verifies that the uplink message is correct, the hardware DES connected to the calling entity will generate a new password value of the financial card that has been garbled. (d) The financial card management module generates a downlink message (containing "the new password value of the financial card after garbled code") to reply to the specific transaction function of the ATM. (e) The specific transaction function connects to the software in the chip of the physical financial card. Please unlock the card and write "the new password value of the financial card after garbled" to the chip. b. The "Authentication Code" dynamically and randomly generated by the financial card management module each time has a specific valid time limit, and the cardholder must complete the setting of a new financial card password within the time limit. c. When the financial card has completed the new password setting operation, the ATM should refuse the cardholder to repeat the specific transaction function.
7. 當使用者(持卡人)忘記認證碼值時,使用者須重新執行交易作業(上述步驟1.~6.)的完整程序,以取得新的認證碼值。7. When the user (cardholder) forgets the authentication code value, the user must re-execute the complete procedure of the transaction operation (the above steps 1.~6.) to obtain a new authentication code value.
8. 當使用者(持卡人)未能在限時內從自動存提款機完成金融卡新密碼設定時,當次認證碼將逾時失效,使用者須重新執行交易作業(上述步驟1.~6.)的完整程序,以取得新的認證碼值。8. When the user (cardholder) fails to complete the new password setting of the financial card from the ATM within the time limit, the authentication code will expire after the time limit, and the user must perform the transaction again (
綜上所述,本發明在交易裝置(行動裝置設備)及認證裝置(自動存提款機)兩個實體裝置相互分離下,藉由持卡人以人工操作行動裝置,對準顯示在自動存提款機介面的「QR碼圖像」做掃描讀取,促使兩個實體裝置分工處理同一筆交易請求,限時限次的完成身份勾稽暨鑑別程序,讓持卡人可及時手持金融卡在自動存提款機操作完成金融卡新密碼的設定作業。此等多因子交易安全模式,不僅符合主管機關對於交易安全設計應具使用「兩項(含)以上技術」的要求、更可確保該電子交易為人工操作完成,完全防範木馬程式自遠端操控交易的風險。To sum up, in the present invention, the transaction device (mobile device) and the authentication device (automated deposit and withdrawal machine) are separated from each other, and the cardholder manually operates the mobile device to align the display on the automatic depositor. The "QR code image" on the ATM interface is scanned and read, prompting the two physical devices to divide the labor to process the same transaction request, and complete the identity verification and authentication procedures within a limited time, so that the cardholder can hold the financial card in time The operation of the deposit and withdrawal machine completes the setting of the new password of the financial card. These multi-factor transaction security models not only meet the requirements of the competent authority for the use of "two (including) more than two technologies" in transaction security design," but also ensure that the electronic transaction is completed manually, completely preventing the remote control of Trojan horse programs. The risk of trading.
本發明係採二階段身份鑑別模式(包含對使用者個資資料、對所綁定的交易裝置認證資料及使用者識別資料、對交易是否為人工操作),有別於往常以「密碼」為唯一鑑別模式,對於使用者身份鑑別的交易安全門檻,可收到全面性的、實質性的強化效果。The present invention adopts a two-stage identity authentication mode (including the personal information of the user, the authentication data of the binding transaction device and the user identification data, and whether the transaction is manual operation), which is different from the usual "password" The unique authentication mode can receive a comprehensive and substantive strengthening effect on the transaction security threshold of user identity authentication.
本發明之交易框架的操作行為,需要使用者手持實體金融卡片插入自動存提款機取得「QR碼圖像」、需要使用者手持已綁定的實體行動裝置掃描讀取「QR碼圖像」。縱使交易裝置被植入遠端操控型(monitoring remote programs)木馬程式,駭客仍無法自遠端操控完成上述人工操作行為來取得認證碼值。The operating behavior of the transaction framework of the present invention requires the user to hold the physical financial card into the ATM to obtain the "QR code image", and the user needs to hold the bound physical mobile device to scan and read the "QR code image" . Even if the transaction device is implanted with monitoring remote programs (monitoring remote programs) Trojan horse programs, hackers are still unable to remotely control to complete the above manual operations to obtain the authentication code value.
對於使用者而言,可排除紙本密碼函之相關保管、遺失、遭竊的負擔與風險。對於歹徒、駭客而言,需要同時取得使用者的實體金融卡、綁定的實體行動裝置、App的「啟動密碼」以及使用者個資之後,才有機會取得認證碼值 ,並需在限時內完成金融卡新密碼的設定作業。較諸往常只要取得紙本密碼函及實體金融卡後就可犯案,其防範門檻已明顯提昇。For users, the burden and risk related to storage, loss, and theft of the paper cipher can be eliminated. For gangsters and hackers, they need to obtain the user’s physical financial card, the bound physical mobile device, the App’s "activation password" and the user’s personal information at the same time before they have the opportunity to obtain the authentication code value, and within a limited time Complete the setting operation of the new password of the financial card. Compared with the usual cases, you can commit crimes only after obtaining the paper code letter and the physical financial card, and the threshold for prevention has been significantly improved.
對於金融機構而言,本發明除了確保資訊安全門檻提昇外,可為金融機構取代現行人工操作列印密碼函的繁瑣程序,節省其間配套的相關人工作業、環境設施、列印機器、紙張、郵遞、保管儲存、資安控管及風險稽查等等作業成本負擔,並能達到節能減碳的效果。For financial institutions, in addition to ensuring an increase in the threshold of information security, the present invention can replace the current cumbersome procedures of manual printing of cipher letters for financial institutions, saving related manual operations, environmental facilities, printing machines, paper, and mailing. , Storage, information security control and risk inspection, etc. operating cost burden, and can achieve the effect of energy saving and carbon reduction.
1:用於幫助持卡人首次設定金融卡密碼之系統10第一伺服器12:密碼設定模組122:儲存子模組20:第二伺服器22:金融卡管理模組30:軟體產品40:認證裝置42:顯示元件44:輸入元件46:金融卡讀寫元件70:行動裝置S110~S610:步驟流程 1 : A system for helping cardholders to set a financial card password for the
圖 1 係繪示本發明之一具體實施例之系統之方塊圖。 Fig. 1 is a block diagram of a system according to a specific embodiment of the present invention.
圖 2 係繪示本發明之一具體實施例之方法之流程圖。 Fig. 2 is a flowchart showing a method according to a specific embodiment of the present invention.
無no
1:用於幫助持卡人首次設定金融卡密碼之系統 1 : A system used to help cardholders set up a financial card password for the first time
10:第一伺服器 10 : First server
12:密碼設定模組 12 : Password setting module
122:儲存子模組 122 : Storage submodule
20:第二伺服器 20 : second server
22:金融卡管理模組 22 : Financial card management module
30:軟體產品 30 : Software products
40:認證裝置 40 : authentication device
42:顯示元件 42 : Display element
44:輸入元件 44 : Input components
46:金融卡讀寫元件 46 : Financial card reading and writing components
70:行動裝置 70 : mobile device
Claims (10)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW107146634A TWI677842B (en) | 2018-12-22 | 2018-12-22 | System for assisting a financial card holder in setting password for the first time and method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW107146634A TWI677842B (en) | 2018-12-22 | 2018-12-22 | System for assisting a financial card holder in setting password for the first time and method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TWI677842B TWI677842B (en) | 2019-11-21 |
| TW202025051A true TW202025051A (en) | 2020-07-01 |
Family
ID=69188976
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW107146634A TWI677842B (en) | 2018-12-22 | 2018-12-22 | System for assisting a financial card holder in setting password for the first time and method thereof |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI677842B (en) |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9258296B2 (en) * | 2010-07-29 | 2016-02-09 | Nirmal Juthani | System and method for generating a strong multi factor personalized server key from a simple user password |
| TWI614636B (en) * | 2013-06-10 | 2018-02-11 | Jie Chen | Content verification method based on digital signature code |
| TW201545125A (en) * | 2014-05-30 | 2015-12-01 | Utechzone Co Ltd | Access control apparatus and register system and register method thereof |
| CN105323063B (en) * | 2014-06-13 | 2019-01-08 | 广州涌智信息科技有限公司 | The auth method of mobile terminal and fixed intelligent terminal based on two dimensional code |
| CN106713518B (en) * | 2015-11-18 | 2019-04-26 | 腾讯科技(深圳)有限公司 | Method for device registration and device |
| TWI643086B (en) * | 2016-02-23 | 2018-12-01 | 遊戲橘子數位科技股份有限公司 | Method for binding by scanning two-dimensional barcode |
| TWM578411U (en) * | 2018-12-22 | 2019-05-21 | 台新國際商業銀行股份有限公司 | System for assisting a financial card holder in setting password for the first time |
-
2018
- 2018-12-22 TW TW107146634A patent/TWI677842B/en active
Also Published As
| Publication number | Publication date |
|---|---|
| TWI677842B (en) | 2019-11-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10475015B2 (en) | Token-based security processing | |
| CN106688004B (en) | Transaction authentication method and device, mobile terminal, POS terminal and server | |
| AU2011205391B2 (en) | Anytime validation for verification tokens | |
| CN108667789B (en) | Multidimensional bar code action identity authentication method, digital certificate device and authentication servo mechanism | |
| US10045210B2 (en) | Method, server and system for authentication of a person | |
| CN101340294A (en) | Cipher keyboard apparatus and implementing method thereof | |
| CN103778728A (en) | Method and system for realizing transaction without bank card through automatic teller machine | |
| CN105027153A (en) | Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data | |
| CN102790767B (en) | Information safety control method, information safety display equipment and electronic trading system | |
| CN104464117A (en) | Automatic tell machine money withdrawing method and system based on dynamic two-dimensional code | |
| CN101335754B (en) | Method for information verification using remote server | |
| KR20120108599A (en) | Credit card payment service using online credit card payment device | |
| US20140344162A1 (en) | Method and system for enhancing the security of electronic transactions | |
| CN105591746B (en) | A kind of processing method and processing system of online binding accepting terminal | |
| US20180167202A1 (en) | Account asset protection via an encoded physical mechanism | |
| CN113595714A (en) | Contactless card with multiple rotating security keys | |
| US11880840B2 (en) | Method for carrying out a transaction, corresponding terminal, server and computer program | |
| CN107395600A (en) | Business datum verification method, service platform and mobile terminal | |
| JP2021108088A (en) | Authentication request system and authentication request method | |
| TWM578411U (en) | System for assisting a financial card holder in setting password for the first time | |
| TWM578432U (en) | System for assisting a financial card holder in setting password for the first time | |
| TWI677842B (en) | System for assisting a financial card holder in setting password for the first time and method thereof | |
| TWI679603B (en) | System for assisting a financial card holder in setting password for the first time and method thereof | |
| TWM580720U (en) | System for assisting a network service user in setting password for the first time | |
| JP2005065035A (en) | Substitute person authentication system using ic card |