TW202030629A - Login application method and login application system - Google Patents

Login application method and login application system Download PDF

Info

Publication number
TW202030629A
TW202030629A TW108104021A TW108104021A TW202030629A TW 202030629 A TW202030629 A TW 202030629A TW 108104021 A TW108104021 A TW 108104021A TW 108104021 A TW108104021 A TW 108104021A TW 202030629 A TW202030629 A TW 202030629A
Authority
TW
Taiwan
Prior art keywords
login
fingerprint
module
application
user
Prior art date
Application number
TW108104021A
Other languages
Chinese (zh)
Inventor
張銘志
張鎬麟
Original Assignee
臺灣銀行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 臺灣銀行股份有限公司 filed Critical 臺灣銀行股份有限公司
Priority to TW108104021A priority Critical patent/TW202030629A/en
Publication of TW202030629A publication Critical patent/TW202030629A/en

Links

Images

Abstract

A login application method is applied to an login application system which has a fingerprint identification module. The fingerprint identification module includes a fingerprint capturing module and a fingerprint database. The fingerprint database stores the fingerprint login data. The fingerprint capturing module captures the user fingerprint data of a user. The login application method includes: receiving a login request; determining if a verification condition of an application corresponded to the login request includes a fingerprint identification login; if the verification condition includes the fingerprint identification login, determining if the fingerprint login data stored in the fingerprint database has changed; if the fingerprint login data has changed, requesting the user to reset the fingerprint login data.

Description

應用程式登入方法和應用程式登入系統Application program login method and application program login system

本發明係關於一種應用程式登入方法和應用程式登入系統,特別是一種可以提高軟體登入安全性的應用程式登入方法和應用程式登入系統。The invention relates to an application program login method and an application program login system, in particular to an application program login method and an application program login system that can improve software login security.

現在市面上有許多手機具有指紋辨識器,其可供使用者以手指按壓,以感應使用者的指紋。許多行動網路銀行軟體皆可透過指紋辨識來讓使用者登入軟體。當使用者需要登入該些軟體時,可將手指按壓在指紋辨識器上,讓指紋辨識器感應指紋;若是感應到的指紋符合手機作業系統指紋資料庫中任一個所紀錄的指紋識別資料,就視為辨識成功,如此一來使用者即可登入該軟體。Nowadays, many mobile phones on the market have fingerprint readers, which can be pressed by a user to sense the user's fingerprint. Many mobile online banking software can allow users to log in to the software through fingerprint recognition. When the user needs to log in to the software, he can press his finger on the fingerprint reader to make the fingerprint reader sense the fingerprint; if the sensed fingerprint matches any fingerprint identification data recorded in the fingerprint database of the mobile phone operating system, then The recognition is deemed successful, so the user can log in to the software.

然而,有的使用者會在手機裡記錄親友的指紋,以方便親友共同使用手機。因此,在按壓的指紋符合手機作業系統指紋資料庫中任一個紀錄的指紋識別資料,就視為辨識成功的操作機制下,手機原使用者的親友,也可以輕鬆得登入原使用者的行動網路銀行軟體。更甚者,若是有不懷好意的他人,故意將自己的指紋登記在原使用者的手機裡,也可以順利登入原使用者的行動網路銀行軟體;如此一來,將難以保障原使用者的財務隱私。However, some users will record the fingerprints of relatives and friends in their mobile phones to facilitate the use of mobile phones together. Therefore, if the pressed fingerprint matches any of the fingerprint identification data recorded in the fingerprint database of the mobile phone operating system, it is regarded as a successful identification operation mechanism. The relatives and friends of the original mobile phone user can also easily log in to the original user’s mobile network. Road banking software. What's more, if someone with bad intentions deliberately register their fingerprints in the original user’s mobile phone, they can also log in to the original user’s mobile online banking software smoothly. As a result, it will be difficult to protect the original user’s Financial privacy.

因此,有必要提供一種可以提高軟體登入安全性的應用程式登入方法。Therefore, it is necessary to provide an application login method that can improve software login security.

本發明之主要目的係在提供一種可以提高軟體登入安全性的應用程式登入方法。The main purpose of the present invention is to provide an application login method that can improve software login security.

為達成上述之目的,本發明之一種應用程式登入方法應用於設有一指紋辨識模組之一應用程式登入系統。指紋辨識模組包括一指紋擷取模組及一指紋資料庫,指紋資料庫儲存登入指紋資料,指紋擷取模組擷取使用者之使用者指紋資料。應用程式登入方法包括:接收一登入請求;判斷該入請求對應之一應用程式的一驗證條件是否包括一指紋驗證登入;若驗證條件包括指紋驗證登入,則判斷指紋資料庫儲存的登入指紋資料是否變更過;若變更過,則要求使用者重新設定登入指紋資料。To achieve the above objective, an application login method of the present invention is applied to an application login system provided with a fingerprint recognition module. The fingerprint recognition module includes a fingerprint capture module and a fingerprint database. The fingerprint database stores login fingerprint data, and the fingerprint capture module captures user fingerprint data of the user. The application login method includes: receiving a login request; determining whether a verification condition of an application corresponding to the request includes a fingerprint verification login; if the verification condition includes fingerprint verification login, determining whether the login fingerprint data stored in the fingerprint database Changed; if changed, the user is required to reset the login fingerprint data.

根據本發明之一實施例,應用程式登入方法更包括:若沒有變更過,則提供一指紋驗證式登入指示,以擷取使用者之使用者指紋資料。According to an embodiment of the present invention, the application login method further includes: if there is no change, providing a fingerprint verification type login instruction to retrieve user fingerprint data of the user.

根據本發明之一實施例,應用程式登入方法更包括:判斷使用者指紋資料是否符合登入指紋資料;若使用者指紋資料符合登入指紋資料,則核准登入請求。According to an embodiment of the present invention, the application login method further includes: determining whether the user fingerprint data matches the login fingerprint data; if the user fingerprint data matches the login fingerprint data, approving the login request.

根據本發明之一實施例,其中若應用程式的驗證條件不包括指紋驗證登入,則提供一非指紋驗證式登入介面。According to an embodiment of the present invention, if the verification condition of the application does not include fingerprint verification login, a non-fingerprint verification login interface is provided.

本發明之主要目的係在提供一種可以提高軟體登入安全性的應用程式登入系統。應用程式登入系統包括一指紋辨識模組、一應用程式登入模組、一判斷模組和一控制模組。指紋辨識模組包括一指紋擷取模組及一指紋資料庫,指紋資料庫儲存登入指紋資料,指紋擷取模組擷取一使用者之一使用者指紋資料。應用程式登入模組訊號連接指紋辨識模組,應用程式登入模組接收一登入請求。判斷模組訊號連接應用程式登入模組及指紋資料庫,判斷模組判斷登入請求對應之一應用程式的一驗證條件是否包括一指紋驗證登入,若包括,則判斷模組判斷指紋資料庫儲存的登入指紋資料是否變更過。控制模組訊號連接判斷模組,若指紋資料庫儲存的登入指紋資料變更過,則控制模組要求使用者重新設定登入指紋資料。The main purpose of the present invention is to provide an application login system that can improve the security of software login. The application login system includes a fingerprint recognition module, an application login module, a judgment module and a control module. The fingerprint identification module includes a fingerprint capture module and a fingerprint database. The fingerprint database stores login fingerprint data. The fingerprint capture module captures fingerprint data of a user. The application login module signal is connected to the fingerprint recognition module, and the application login module receives a login request. The judgment module signal is connected to the application login module and the fingerprint database. The judgment module judges whether an authentication condition of an application corresponding to the login request includes a fingerprint authentication login. If it does, the judgment module judges the fingerprint database stored Whether the login fingerprint information has been changed. The control module signal connection judgment module, if the login fingerprint data stored in the fingerprint database is changed, the control module requires the user to reset the login fingerprint data.

根據本發明之一實施例,應用程式登入系統更包括一加密及解密模組,加密及解密模組訊號連接指紋資料庫,加密及解密模組用以對指紋資料庫儲存的登入指紋資料進行加密處理。According to an embodiment of the present invention, the application login system further includes an encryption and decryption module. The encryption and decryption module signals are connected to the fingerprint database. The encryption and decryption module is used to encrypt the login fingerprint data stored in the fingerprint database. deal with.

為能讓 貴審查委員能更瞭解本發明之技術內容,特舉較佳具體實施例說明如下。In order to allow your reviewer to better understand the technical content of the present invention, preferred specific embodiments are described as follows.

以下請一併參考圖1至圖6關於本發明之一實施例之應用程式登入系統和應用程式登入方法。圖1係本發明之一實施例之應用程式登入系統和伺服器之系統架構圖;圖2係本發明之一實施例之應用程式登入方法之步驟流程圖;圖3係本發明之一實施例之登入方式選單之示意圖;圖4係本發明之一實施例之非指紋驗證式登入介面之示意圖;圖5係本發明之一實施例之登入指紋資料重新設定指示之示意圖;圖6係本發明之一實施例之指紋驗證式登入指示之示意圖。Please refer to FIG. 1 to FIG. 6 for the application login system and application login method of an embodiment of the present invention. Fig. 1 is a system architecture diagram of an application login system and a server according to an embodiment of the present invention; Fig. 2 is a step flow chart of an application login method according to an embodiment of the present invention; Fig. 3 is an embodiment of the present invention The schematic diagram of the login method menu; Figure 4 is a schematic diagram of the non-fingerprint verification login interface of an embodiment of the present invention; Figure 5 is a schematic diagram of the login fingerprint data reset instruction of an embodiment of the present invention; Figure 6 is the present invention A schematic diagram of fingerprint verification login instructions in one embodiment.

如圖1和圖2所示,在本發明的一實施例之中,本發明的應用程式登入方法是編輯為一電腦程式,並應用於設有一指紋辨識模組之一應用程式登入系統1,其中應用程式登入系統1可以是行動裝置或平板電腦,但本發明之應用程式登入系統1不以前述實施例為限。應用程式登入系統1包括一指紋辨識模組10、一應用程式登入模組20、一判斷模組30、一控制模組40、一傳輸模組50、一加密及解密模組60和一儲存模組70。在本實施例中,應用程式為一行動網路銀行軟體,且使用者於本次使用該應用程式前已同意將指紋驗證登入納入應用程式的驗證條件,藉此使用者可藉由指紋辨識模組10進行指紋驗證,以登入行動網路銀行軟體而連線至銀行的一伺服器900以進行金融交易。在本實施例中,伺服器900包括一身分認證模組910,其可接收應用程式登入系統1的指紋驗證結果而讓使用者連線。As shown in FIGS. 1 and 2, in an embodiment of the present invention, the application login method of the present invention is edited as a computer program and applied to an application login system 1 provided with a fingerprint recognition module. The application login system 1 can be a mobile device or a tablet computer, but the application login system 1 of the present invention is not limited to the foregoing embodiment. The application login system 1 includes a fingerprint recognition module 10, an application login module 20, a judgment module 30, a control module 40, a transmission module 50, an encryption and decryption module 60, and a storage module. Group 70. In this embodiment, the application is a mobile online banking software, and the user has agreed to include fingerprint authentication login into the authentication conditions of the application before using the application, so that the user can use the fingerprint recognition model Group 10 performs fingerprint verification to log in the mobile online banking software and connect to a server 900 of the bank for financial transactions. In this embodiment, the server 900 includes an identity authentication module 910, which can receive the fingerprint verification result of the application login to the system 1 and allow the user to connect.

根據本發明之一具體實施例,指紋辨識模組10感應並辨識使用者的指紋,指紋辨識模組10是應用程式登入系統內建之模組。指紋辨識模組10包括一指紋擷取模組11及一指紋資料庫12。指紋擷取模組11擷取使用者之一使用者指紋資料。指紋資料庫12儲存至少一登入指紋資料,其中因為登入該應用程式的一驗證條件包括指紋驗證,故指紋資料庫12儲存之登入指紋資料得作為登入該應用程式的指紋驗證依據。在本發明的一實施例之中,使用者要登入行動網路銀行軟體時,使用者須先以手指按壓應用程式登入系統1之觸控螢幕上的行動網路銀行軟體之圖示,以開啟該應用程式,開啟應用程式的動作會被應用程式登入模組20接收並視為行動網路銀行軟體對應的登入請求。According to a specific embodiment of the present invention, the fingerprint recognition module 10 senses and recognizes the user's fingerprint. The fingerprint recognition module 10 is a built-in module of the application login system. The fingerprint recognition module 10 includes a fingerprint capture module 11 and a fingerprint database 12. The fingerprint capture module 11 captures user fingerprint data of one of the users. The fingerprint database 12 stores at least one login fingerprint data. Because a verification condition for logging in the application includes fingerprint verification, the login fingerprint data stored in the fingerprint database 12 can be used as a fingerprint verification basis for logging in the application. In an embodiment of the present invention, when the user wants to log in to the mobile online banking software, the user must first press the icon of the mobile online banking software on the touch screen of the system 1 to open the application with a finger For the application, the action of opening the application will be received by the application login module 20 and regarded as a login request corresponding to the mobile online banking software.

判斷模組30訊號連接指紋辨識模組10之指紋資料庫12、應用程式登入模組20、傳輸模組50、加密及解密模組60和儲存模組70。在本發明的一實施例之中,判斷模組30判斷於此次登入前,使用者是否已同意將指紋驗證登入納入應用程式的驗證條件,若是,則登入請求對應之應用程式的驗證條件包括指紋驗證登入;若否,則登入請求對應之應用程式的驗證條件不包括指紋驗證登入。The judgment module 30 signals the fingerprint database 12 of the fingerprint identification module 10, the application login module 20, the transmission module 50, the encryption and decryption module 60, and the storage module 70. In an embodiment of the present invention, the determining module 30 determines whether the user has agreed to include fingerprint verification login into the verification condition of the application before this login. If so, the verification condition of the application corresponding to the login request includes Fingerprint authentication login; if not, the authentication condition of the application corresponding to the login request does not include fingerprint authentication login.

如圖3所示,當應用程式的驗證條件包括指紋驗證登入且使用者選擇指紋驗證登入時,判斷模組30將進一步判斷指紋資料庫12儲存的登入指紋資料於此次登入前是否變更過,例如,判斷模組30會檢視於此次登入前指紋資料庫12是否有新增另一登入指紋資料,或是於此次登入前,使用者原本儲存在指紋資料庫12裡的登入指紋資料是否被刪除或變更;若於此次登入前指紋資料庫12有新增另一指紋,或是於此次登入前原本的登入指紋資料被刪除或變更,則判定指紋資料庫12儲存的登入指紋資料有變更過。若判斷模組30判斷指紋資料庫12儲存的登入指紋資料於此次登入前沒有變更過,此時判斷模組30將進一步判斷使用者指紋資料是否符合登入指紋資料,若使用者指紋資料與指紋資料庫12儲存的登入指紋資料相符,則該使用者得登入行動網路銀行軟體而連線至銀行的一伺服器900已進行金融交易。As shown in Figure 3, when the verification conditions of the application include fingerprint verification login and the user selects fingerprint verification login, the judgment module 30 will further determine whether the login fingerprint data stored in the fingerprint database 12 has been changed before this login. For example, the judgment module 30 will check whether another login fingerprint data has been added to the fingerprint database 12 before this login, or whether the user's original login fingerprint data stored in the fingerprint database 12 before this login Deleted or changed; if another fingerprint is added to the fingerprint database 12 before this login, or the original login fingerprint data is deleted or changed before this login, the login fingerprint data stored in the fingerprint database 12 will be determined Has changed. If the judgment module 30 judges that the login fingerprint data stored in the fingerprint database 12 has not been changed before this login, the judgment module 30 will further judge whether the user fingerprint data matches the login fingerprint data. If the login fingerprint data stored in the database 12 matches, the user has to log in to the mobile online banking software and connect to a server 900 of the bank to conduct financial transactions.

在本發明的一實施例之中,控制模組40訊號連接判斷模組30;若判斷模組30進一步判斷指紋資料庫12儲存的登入指紋資料於此次登入前變更過,則如圖5所示,控制模組40可控制應用程式登入模組20於行動裝置1之顯示螢幕產生提供一登入指紋資料重新設定指示C,以要求使用者重新設定登入指紋資料,此時控制模組40會於應用程式登入模組20顯示一登入指紋資料重新設定指示C,以告知使用者再次將手指按壓在指紋辨識模組10上,讓指紋辨識模組10感應指紋,且控制模組40會將該指紋重新設定為唯一的登入指紋資料;另外,登入指紋資料重新設定指示C也會顯示帳號和密碼的輸入欄位,以供原使用者輸入帳號和密碼,以確保重新輸入指紋的人是原使用者。待登入指紋資料重新設定好之後,使用者可以再次開啟行動網路銀行軟體以重新登入。藉此,本發明的應用程式登入方法提高應用程式登入安全性以確保使用者的隱私,以避免非行動網路銀行軟體所屬帳號的合法使用者利用指紋資料庫12儲存的登入指紋資料登入行動網路銀行軟體的情況發生,解決了先前技術所述之問題。In an embodiment of the present invention, the control module 40 signals the connection judgment module 30; if the judgment module 30 further judges that the login fingerprint data stored in the fingerprint database 12 has been changed before this login, as shown in FIG. 5 The control module 40 can control the application login module 20 to generate and provide a login fingerprint data reset instruction C on the display screen of the mobile device 1 to request the user to reset the login fingerprint data. At this time, the control module 40 will The application login module 20 displays a login fingerprint data reset instruction C to inform the user to press the finger on the fingerprint recognition module 10 again, so that the fingerprint recognition module 10 senses the fingerprint, and the control module 40 will Reset to the only login fingerprint data; in addition, the login fingerprint data reset instruction C will also display the account and password input fields for the original user to enter the account and password to ensure that the person who re-enters the fingerprint is the original user . After the login fingerprint data is reset, the user can open the mobile online banking software again to log in again. Thereby, the application login method of the present invention improves the application login security to ensure user privacy, and prevents legitimate users of accounts belonging to non-mobile online banking software from using the login fingerprint data stored in the fingerprint database 12 to log in to the mobile network The occurrence of the Bank’s software has solved the problem described in the previous technology.

在本發明的一實施例之中,傳輸模組50為一網路模組,其可以訊號連接網路上的伺服器900。加密及解密模組60訊號連接指紋資料庫12,加密及解密模組60用以對指紋資料庫12儲存的登入指紋資料進行加密處理,以確保資料安全;加密及解密模組60也可以對加密後的資料進行解密,以供判斷模組30讀取資料。儲存模組70例如為一記憶體,其用以儲存應用程式登入方法所編輯成的電腦程式。In an embodiment of the present invention, the transmission module 50 is a network module, which can signal to connect to the server 900 on the network. The encryption and decryption module 60 signals the fingerprint database 12, and the encryption and decryption module 60 is used to encrypt the login fingerprint data stored in the fingerprint database 12 to ensure data security; the encryption and decryption module 60 can also encrypt The subsequent data is decrypted for the judgment module 30 to read the data. The storage module 70 is, for example, a memory, which is used to store the computer program edited by the application login method.

在本發明的一實施例之中,使用者要登入行動網路銀行軟體時,使用者可以開啟行動網路銀行軟體,此時,應用程式登入系統1會啟動應用程式登入方法的電腦程式,並執行步驟101:接收一登入請求。In an embodiment of the present invention, when the user wants to log in to the mobile online banking software, the user can open the mobile online banking software. At this time, the application login system 1 will start the computer program of the application login method, and Step 101: Receive a login request.

使用者要登入行動網路銀行軟體時,使用者須先以手指按壓應用程式登入模組20之觸控螢幕上的行動網路銀行軟體之圖示,以開啟該應用程式,開啟應用程式的動作會被應用程式登入模組20接收並視為行動網路銀行軟體對應的登入請求且傳給判斷模組30。When the user wants to log in to the mobile online banking software, the user must first press the icon of the mobile online banking software on the touch screen of the application login module 20 with a finger to open the application and start the action of the application It will be received by the application login module 20 and regarded as a login request corresponding to the mobile online banking software and passed to the judgment module 30.

接著,應用程式登入系統1會執行步驟102:判斷登入請求對應之一應用程式的一驗證條件是否包括一指紋驗證登入。如圖3所示,判斷模組30會判斷該應用程式的一驗證條件是否包括一指紋驗證登入;根據本發明之一具體實施例,判斷模組30判斷於此次登入前,使用者是否已同意將指紋驗證登入納入應用程式的驗證條件,若是,則登入請求對應之應用程式的驗證條件包括指紋驗證登入;若否,則登入請求對應之應用程式的驗證條件不包括指紋驗證登入。若包括,執行步驟103。若判斷模組30確認登入請求不包括指紋驗證登入,則會進行步驟104:提供一非指紋驗證式登入介面。Then, the application login system 1 will perform step 102: determine whether an authentication condition of an application corresponding to the login request includes a fingerprint authentication login. As shown in FIG. 3, the judgment module 30 judges whether a verification condition of the application includes a fingerprint authentication login; according to a specific embodiment of the present invention, the judgment module 30 judges whether the user has already logged in before this login. It is agreed to include fingerprint verification login into the verification condition of the application. If it is, the verification condition of the application corresponding to the login request includes fingerprint verification login; if not, the verification condition of the application corresponding to the login request does not include fingerprint verification login. If included, go to step 103. If the judgment module 30 confirms that the login request does not include fingerprint verification login, it will proceed to step 104: providing a non-fingerprint verification login interface.

如圖4所示,判斷模組30確認登入請求不適用指紋驗證登入之後,控制模組40會控制應用程式登入模組20以提供一非指紋驗證式登入介面B。非指紋驗證式登入介面B具有輸入帳號和密碼的欄位,以供使用者輸入帳號密碼以登入軟體。但是非指紋驗證式登入介面B之態樣不以此為限,其亦可為輸入圖形鎖以進行驗證的登入介面。當使用者輸入帳號和密碼後,判斷模組30會檢查帳號和密碼是否正確以確認是否允許登入,然而,使用帳號密碼或圖形鎖的登入方式是本領域之先前技術,且其並非本案重點,故不多作贅述。As shown in FIG. 4, after the judgment module 30 confirms that the login request is not applicable to fingerprint verification login, the control module 40 controls the application login module 20 to provide a non-fingerprint verification login interface B. The non-fingerprint authentication login interface B has fields for entering account and password for users to enter the account and password to log in to the software. However, the aspect of the non-fingerprint authentication type login interface B is not limited to this, and it can also be a login interface for entering a pattern lock for authentication. After the user enters the account and password, the judgment module 30 checks whether the account and password are correct to confirm whether login is allowed. However, the login method using the account password or the pattern lock is a prior art in the field, and it is not the focus of this case. Therefore, I will not repeat it.

請回到步驟102,若是判斷模組30確認登入請求適用指紋驗證登入,則會進行步驟103:判斷指紋資料庫儲存的登入指紋資料是否變更過。Please go back to step 102. If the judgment module 30 confirms that the login request is suitable for fingerprint authentication login, it will proceed to step 103: determine whether the login fingerprint data stored in the fingerprint database has been changed.

如圖3所示,應用程式登入模組20於行動裝置1之顯示螢幕產生一登入方式選擇介面A,當應用程式的驗證條件包括指紋驗證登入且使用者選擇指紋驗證登入時判斷模組30控制加密及解密模組60先對指紋資料庫12儲存的登入指紋資料進行解密,再判斷指紋資料庫12儲存的登入指紋資料是否變更過;例如,判斷模組30會檢視指紋資料庫12是否有新增另一登入指紋資料,或是使用者原本儲存在指紋資料庫12裡的登入指紋資料是否被刪除或變更;若指紋資料庫12有新增另一指紋,或是原本的登入指紋資料被刪除或變更,則判定指紋資料庫12儲存的登入指紋資料有變更過。As shown in FIG. 3, the application login module 20 generates a login mode selection interface A on the display screen of the mobile device 1. When the authentication conditions of the application include fingerprint authentication login and the user selects fingerprint authentication login, the judgment module 30 controls The encryption and decryption module 60 first decrypts the login fingerprint data stored in the fingerprint database 12, and then determines whether the login fingerprint data stored in the fingerprint database 12 has been changed; for example, the determination module 30 will check whether the fingerprint database 12 is new Add another login fingerprint data, or whether the user's original login fingerprint data stored in the fingerprint database 12 is deleted or changed; if another fingerprint is added to the fingerprint database 12, or the original login fingerprint data is deleted Or change, it is determined that the login fingerprint data stored in the fingerprint database 12 has been changed.

若是指紋資料庫12儲存的登入指紋資料變更過,則表示行動網路銀行軟體有可能會被非行動網路銀行軟體所屬帳號的合法使用者利用指紋資料庫12儲存的登入指紋資料登入行動網路銀行軟體的情況發生;此時,會進行步驟106:要求使用者重新設定登入指紋資料。If the login fingerprint data stored in the fingerprint database 12 has been changed, it means that the mobile online banking software may be used by legitimate users of the account of the non-mobile online banking software to log in to the mobile network using the login fingerprint data stored in the fingerprint database 12 The bank software situation occurs; at this time, step 106 will be performed: the user is required to reset the login fingerprint data.

如圖5所示,判斷模組30確認指紋資料庫12儲存的登入指紋資料變更過之後,控制模組40會於應用程式登入模組20顯示一登入指紋資料重新設定指示C,以告知使用者再次將手指按壓在指紋辨識模組10上,讓指紋辨識模組10感應指紋,且控制模組40會將該指紋重新設定為唯一的登入指紋資料;另外,登入指紋資料重新設定指示C也會顯示帳號和密碼的輸入欄位,以供原使用者輸入帳號和密碼,以確保重新輸入指紋的人是原使用者。待登入指紋資料重新設定好之後,使用者可以再次開啟行動網路銀行軟體以重新登入。As shown in FIG. 5, after the judgment module 30 confirms that the login fingerprint data stored in the fingerprint database 12 has been changed, the control module 40 displays a login fingerprint data reset instruction C in the application login module 20 to inform the user Press the finger on the fingerprint recognition module 10 again to allow the fingerprint recognition module 10 to sense the fingerprint, and the control module 40 will reset the fingerprint as the only login fingerprint data; in addition, the login fingerprint data reset instruction C will also Display the account and password input fields for the original user to enter the account and password to ensure that the person who re-enters the fingerprint is the original user. After the login fingerprint data is reset, the user can open the mobile online banking software again to log in again.

請再回到步驟103,若是判斷模組30確認判斷指紋資料庫儲存的登入指紋資料沒變更過,則表示行動網路銀行軟體不會被他人的指紋登入,因此會進行步驟105:提供一指紋驗證式登入指示,以擷取使用者之使用者指紋資料。Please go back to step 103. If the judgment module 30 confirms that the login fingerprint data stored in the fingerprint database has not been changed, it means that the mobile online banking software will not be logged in by someone else's fingerprint, so it will proceed to step 105: provide a fingerprint Authenticated login instructions to retrieve user fingerprint data of the user.

如圖6所示,控制模組40會控制應用程式登入模組20提供一指紋驗證式登入指示D,其會告知使用者將手指按壓在指紋辨識模組10上,讓指紋辨識模組10感應指紋。As shown in FIG. 6, the control module 40 will control the application login module 20 to provide a fingerprint verification type login instruction D, which will inform the user to press the finger on the fingerprint recognition module 10 to make the fingerprint recognition module 10 sense fingerprint.

當使用者將手指按壓在指紋辨識模組10上,則會進行步驟107:接收一使用者指紋資料。When the user presses the finger on the fingerprint recognition module 10, step 107 is performed: receiving a user fingerprint data.

指紋辨識模組10會感應使用者指紋,並接收使用者指紋資料,該使用者指紋資料會傳送給判斷模組30。The fingerprint recognition module 10 senses the user's fingerprint and receives the user's fingerprint data, and the user's fingerprint data is sent to the judgment module 30.

接著,會進行步驟108:判斷使用者指紋資料是否符合登入指紋資料。Then, step 108 is performed: it is determined whether the user fingerprint data matches the login fingerprint data.

判斷模組30會判斷接收到的使用者指紋資料是否符合指紋資料庫12所儲存的登入指紋資料。若不符合,則表示當下輸入指紋的人並非原使用者,因此控制模組40會拒絕登入請求。若是符合,則表示當下輸入指紋的人即為原使用者,因此會進行步驟109:核准登入請求。The judgment module 30 judges whether the received user fingerprint data matches the login fingerprint data stored in the fingerprint database 12. If not, it means that the person who currently inputs the fingerprint is not the original user, and therefore the control module 40 will reject the login request. If it is true, it means that the person who entered the fingerprint is the original user, so step 109: approve the login request.

若是判斷模組30判斷接收到的使用者指紋資料符合指紋資料庫12所儲存的登入指紋資料,則控制模組40會核准登入請求,並控制傳輸模組50將登入請求傳送給伺服器900之身分認證模組910,使得應用程式登入系統1連線到伺服器900,以供使用者登入行動網路銀行軟體並使用伺服器900提供的行動銀行功能。If the determination module 30 determines that the received user fingerprint data matches the login fingerprint data stored in the fingerprint database 12, the control module 40 will approve the login request, and control the transmission module 50 to send the login request to the server 900 The identity authentication module 910 connects the application login system 1 to the server 900 for the user to log in to the mobile online banking software and use the mobile banking functions provided by the server 900.

藉由本發明之應用程式登入方法和應用程式登入系統,可以確保只有應用程式登入系統的原使用者可以藉由指紋驗證的方式來登入軟體,他人即使變更應用程式登入系統所儲存的登入指紋資料,也無法藉由指紋驗證的方式來登入軟體,因此可以提高軟體登入安全性。With the application login method and application login system of the present invention, it can be ensured that only the original user of the application login system can log in to the software by means of fingerprint verification, even if others change the login fingerprint data stored in the application login system, It is also not possible to log in to the software by means of fingerprint verification, so the software login security can be improved.

需注意的是,上述僅為實施例,而非限制於實施例。譬如 此不脫離本發明基本架構者,皆應為本專利所主張之權利範圍,而應以專利申請範圍為準。It should be noted that the above are only examples, not limited to the examples. For example, those that do not deviate from the basic structure of the present invention should be the scope of the rights claimed by this patent, and the scope of the patent application shall prevail.

1:應用程式登入系統 10:指紋辨識模組 11:指紋擷取模組 12:指紋資料庫 20:應用程式登入模組 30:判斷模組 40:控制模組 50:傳輸模組 60:加密及解密模組 70:儲存模組 900:伺服器 910:身分認證模組 A:登入方式選擇介面 B:非指紋驗證式登入介面 C:登入指紋資料重新設定指示 D:指紋驗證式登入指示 1: Application login system 10: Fingerprint recognition module 11: Fingerprint capture module 12: Fingerprint database 20: Application login module 30: Judgment module 40: control module 50: Transmission module 60: Encryption and decryption module 70: storage module 900: server 910: Identity Authentication Module A: Login method selection interface B: Non-fingerprint authentication login interface C: Login fingerprint data reset instruction D: Fingerprint authentication login instructions

圖1係本發明之一實施例之應用程式登入系統和伺服器之系統架構圖。 圖2係本發明之一實施例之應用程式登入方法之步驟流程圖。 圖3係本發明之一實施例之登入方式選單之示意圖。 圖4係本發明之一實施例之非指紋驗證式登入介面之示意圖。 圖5係本發明之一實施例之登入指紋資料重新設定指示之示意圖。 圖6係本發明之一實施例之指紋驗證式登入指示之示意圖。Figure 1 is a system architecture diagram of an application login system and a server according to an embodiment of the present invention. FIG. 2 is a flowchart of the steps of an application login method according to an embodiment of the present invention. FIG. 3 is a schematic diagram of a login method menu of an embodiment of the present invention. 4 is a schematic diagram of a non-fingerprint authentication type login interface according to an embodiment of the present invention. FIG. 5 is a schematic diagram of a reset instruction of login fingerprint data according to an embodiment of the present invention. Fig. 6 is a schematic diagram of a fingerprint-verified login instruction according to an embodiment of the present invention.

1:應用程式登入系統 1: Application login system

10:指紋辨識模組 10: Fingerprint recognition module

11:指紋擷取模組 11: Fingerprint capture module

12:指紋資料庫 12: Fingerprint database

20:應用程式登入模組 20: Application login module

30:判斷模組 30: Judgment module

40:控制模組 40: control module

50:傳輸模組 50: Transmission module

60:加密及解密模組 60: Encryption and decryption module

70:儲存模組 70: storage module

900:伺服器 900: server

910:身分認證模組 910: Identity Authentication Module

Claims (9)

一種應用程式登入方法,應用於設有一指紋辨識模組之一應用程式登入系統,該指紋辨識模組包括一指紋擷取模組及一指紋資料庫,該指紋資料庫儲存至少一登入指紋資料,該指紋擷取模組擷取一使用者之一使用者指紋資料,該應用程式登入方法包括: 接收一登入請求; 判斷該登入請求對應之一應用程式的一驗證條件是否包括一指紋驗證登入; 若該驗證條件包括該指紋驗證登入,則判斷該指紋資料庫儲存的該至少一登入指紋資料是否變更過;以及 若變更過,則要求該使用者重新設定該至少一登入指紋資料。An application program login method applied to an application program login system provided with a fingerprint recognition module. The fingerprint recognition module includes a fingerprint capture module and a fingerprint database. The fingerprint database stores at least one login fingerprint data, The fingerprint capture module captures user fingerprint data of one of the users. The application login method includes: Receive a login request; Determine whether a verification condition of an application corresponding to the login request includes a fingerprint verification login; If the verification condition includes the fingerprint verification login, determine whether the at least one login fingerprint data stored in the fingerprint database has been changed; and If it has been changed, the user is required to reset the at least one login fingerprint data. 如申請專利範圍第1項所述之應用程式登入方法,更包括: 若沒有變更過,則提供一指紋驗證式登入指示,以擷取該使用者之該使用者指紋資料。The application login method described in item 1 of the scope of patent application includes: If it has not been changed, a fingerprint authentication type login instruction is provided to retrieve the user's fingerprint data of the user. 如申請專利範圍第2項所述之應用程式登入方法,更包括: 判斷該使用者指紋資料是否符合該至少一登入指紋資料;以及 若該使用者指紋資料符合該至少一登入指紋資料,則核准該登入請求。The application login method described in item 2 of the scope of patent application includes: Determine whether the user fingerprint data matches the at least one login fingerprint data; and If the user fingerprint data matches the at least one login fingerprint data, the login request is approved. 如申請專利範圍第3項所述之應用程式登入方法,其中若該應用程式的該驗證條件不包括該指紋驗證登入,則提供一非指紋驗證式登入介面。For example, in the application login method described in item 3 of the scope of patent application, if the authentication condition of the application does not include the fingerprint authentication login, a non-fingerprint authentication login interface is provided. 一種應用程式登入系統,包括: 一指紋辨識模組,包括一指紋擷取模組及一指紋資料庫,該指紋資料庫儲存至少一登入指紋資料,該指紋擷取模組擷取一使用者之一使用者指紋資料; 一應用程式登入模組,訊號連接該指紋辨識模組,該應用程式登入模組接收一登入請求; 一判斷模組,訊號連接該應用程式登入模組及該指紋資料庫,該判斷模組判斷該登入請求對應之一應用程式的一驗證條件是否包括一指紋驗證登入,若包括,則該判斷模組判斷該指紋資料庫儲存的該至少一登入指紋資料是否變更過;以及 一控制模組,訊號連接該判斷模組,若該指紋資料庫儲存的該至少一登入指紋資料變更過,則該控制模組要求該使用者重新設定該至少一登入指紋資料。An application login system, including: A fingerprint recognition module, including a fingerprint capture module and a fingerprint database, the fingerprint database stores at least one login fingerprint data, the fingerprint capture module captures a user fingerprint data; An application login module, the signal is connected to the fingerprint recognition module, and the application login module receives a login request; A judgment module, the signal is connected to the application login module and the fingerprint database, the judgment module judges whether a verification condition of an application corresponding to the login request includes a fingerprint authentication login, if it includes, the judgment module The group determines whether the at least one login fingerprint data stored in the fingerprint database has been changed; and A control module, a signal connected to the judgment module, if the at least one login fingerprint data stored in the fingerprint database has been changed, the control module requires the user to reset the at least one login fingerprint data. 如申請專利範圍第5項所述之應用程式登入系統,其中若該判斷模組判斷該指紋資料庫儲存的該至少一登入指紋資料沒有變更過,則該應用程式登入模組提供一指紋驗證式登入指示,以便該指紋辨識模組擷取該使用者之該使用者指紋資料。For example, the application login system described in item 5 of the scope of patent application, wherein if the judgment module determines that the at least one login fingerprint data stored in the fingerprint database has not been changed, the application login module provides a fingerprint verification type Login instructions so that the fingerprint identification module can retrieve the user's fingerprint data of the user. 如申請專利範圍第6項所述之應用程式登入系統,其中該判斷模組更用以判斷該使用者指紋資料是否符合該至少一登入指紋資料,若符合,則該控制模組核准該登入請求。For example, the application login system described in item 6 of the scope of patent application, wherein the determination module is further used to determine whether the user fingerprint data matches the at least one login fingerprint data, and if so, the control module approves the login request . 如申請專利範圍第7項所述之應用程式登入系統,其中若該驗證條件不包括該指紋驗證登入要求,則該控制模組提供一非指紋驗證式登入介面。For example, in the application login system described in item 7 of the scope of patent application, if the verification condition does not include the fingerprint verification login request, the control module provides a non-fingerprint verification login interface. 如申請專利範圍第8項所述之應用程式登入系統,更包括一加密及解密模組,該加密及解密模組訊號連接該指紋資料庫,該加密及解密模組用以對該指紋資料庫儲存的該至少一登入指紋資料進行加密處理。For example, the application login system described in item 8 of the scope of patent application further includes an encryption and decryption module, the encryption and decryption module signal is connected to the fingerprint database, and the encryption and decryption module is used for the fingerprint database The stored at least one login fingerprint data is encrypted.
TW108104021A 2019-02-01 2019-02-01 Login application method and login application system TW202030629A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW108104021A TW202030629A (en) 2019-02-01 2019-02-01 Login application method and login application system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108104021A TW202030629A (en) 2019-02-01 2019-02-01 Login application method and login application system

Publications (1)

Publication Number Publication Date
TW202030629A true TW202030629A (en) 2020-08-16

Family

ID=73002801

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108104021A TW202030629A (en) 2019-02-01 2019-02-01 Login application method and login application system

Country Status (1)

Country Link
TW (1) TW202030629A (en)

Similar Documents

Publication Publication Date Title
US10440019B2 (en) Method, computer program, and system for identifying multiple users based on their behavior
US9531710B2 (en) Behavioral authentication system using a biometric fingerprint sensor and user behavior for authentication
US10038555B2 (en) Biometric authentication system
US10432620B2 (en) Biometric authentication
US11157905B2 (en) Secure on device cardholder authentication using biometric data
US11824642B2 (en) Systems and methods for provisioning biometric image templates to devices for use in user authentication
US20180268415A1 (en) Biometric information personal identity authenticating system and method using financial card information stored in mobile communication terminal
JP2006209697A (en) Individual authentication system, and authentication device and individual authentication method used for the individual authentication system
CN114175078A (en) System and method for providing online and hybrid card interaction
JP5043857B2 (en) Transaction confirmation method and system
JP2023501018A (en) Steganographic image encoding of biometric template information on the card
CN114556356A (en) User authentication framework
KR20110002968A (en) Method and system for providing financial trading service by using biometrics and portable memory unit therefor
US20200111102A1 (en) Secure transfer of tokens between devices
TWI725443B (en) Method of registration and access control of identity for third-party certification
US20220052997A1 (en) Authentication information processing method and apparatus and user terminal including authentication information processing method and apparatus
US11153308B2 (en) Biometric data contextual processing
TW202030629A (en) Login application method and login application system
US11410170B2 (en) Systems, methods and computer program products for securing OTPS
KR20110002967A (en) Method and system for providing authentication service by using biometrics and portable memory unit therefor
EP3876120A1 (en) Authentication information processing method and apparatus and user terminal including authentication information processing method apparatus
TWM556877U (en) Login verification device and login verification system
JP2023507619A (en) Secure authentication based on passport data stored on contactless cards
TWM581719U (en) Login application system
US20230316270A1 (en) Apparatus, system and method for on-device mutlifactor authentication security