TW202111577A - Data transmission method with code verification and system thereof - Google Patents

Data transmission method with code verification and system thereof Download PDF

Info

Publication number
TW202111577A
TW202111577A TW108132436A TW108132436A TW202111577A TW 202111577 A TW202111577 A TW 202111577A TW 108132436 A TW108132436 A TW 108132436A TW 108132436 A TW108132436 A TW 108132436A TW 202111577 A TW202111577 A TW 202111577A
Authority
TW
Taiwan
Prior art keywords
data
code
user
verification
requester
Prior art date
Application number
TW108132436A
Other languages
Chinese (zh)
Other versions
TWI718659B (en
Inventor
李嘉銘
孫書恩
Original Assignee
玉山商業銀行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 玉山商業銀行股份有限公司 filed Critical 玉山商業銀行股份有限公司
Priority to TW108132436A priority Critical patent/TWI718659B/en
Application granted granted Critical
Publication of TWI718659B publication Critical patent/TWI718659B/en
Publication of TW202111577A publication Critical patent/TW202111577A/en

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

A data transmission method with code verification and a system thereof are provided. The system provides an authentication server used to authenticate a user and generate a code that is verified for acquiring data within a deadline. In the data transmission method performed in the authentication server, a data provider firstly receives a data request, and then authenticates a user according to the data request. A code is generated after the user is authenticated. The code is configured to correspond to the data request and the data to be requested. After that, the code is provided to the user, and the user can provide the code to a data demander. The data demander then gets the data from the data provider after the code is delivered to the authentication server and the data provider approves the request. Therefore, a safe and convenient method to transmit the data can be achieved.

Description

使用代碼驗證的資料傳輸方法與系統Data transmission method and system using code verification

本發明涉及一種資料傳輸技術,特別是指由資料提供者提供代碼驗證服務的一種使用代碼驗證的資料傳輸方法與系統。The present invention relates to a data transmission technology, in particular to a data transmission method and system using code verification in which a data provider provides a code verification service.

在愈來愈重視個人隱私的現今社會,掌握個人隱私的政府、企業或是組織顯得十分重視資訊安全,雖保障了個人資訊,但也使得個人資料轉移不易而造成辦理一些事情的不方便。In today's society where personal privacy is increasingly valued, governments, companies, or organizations that master personal privacy seem to attach great importance to information security. Although personal information is protected, it also makes the transfer of personal data difficult and inconvenient to handle some things.

舉例來說,當有需要辦理金融方面的事項,若涉及個人隱私資訊,因為避免導致資料外洩或是不明人士冒名處理的問題,將使得整個處理程序更為複雜,或是需要當事人臨櫃處理。若是當事人在國外,或是不方便臨櫃處理,可能使得整個程序無法進行。For example, when there is a need to handle financial matters, if personal privacy information is involved, the entire processing procedure will be more complicated to avoid data leakage or improper handling by unknown persons, or the parties need to be handled at the counter. . If the person involved is abroad, or it is not convenient to handle it at the counter, it may make the whole procedure impossible.

更者,在一些需要個人出具資產、借貸證明、清償證明等敏感資料的金融方面的程序,若要相關單位(如銀行)協助出具證明,更是因為資訊安全與資料調閱問題讓整個程序冗長而顯得沒有效率。What's more, in some financial procedures that require individuals to issue sensitive information such as assets, loan certificates, and repayment certificates, if relevant units (such as banks) are required to assist in issuing certificates, the entire process is lengthy due to information security and data access It seems inefficient.

如此,習知技術並未提供兼具安全與便利的資料傳輸技術,即便網路更為便利,還是在各種敏感資料的限制下無法實現有效資料轉換的目標。As such, the conventional technology does not provide a data transmission technology that is both safe and convenient. Even if the network is more convenient, the goal of effective data conversion cannot be achieved under the restriction of various sensitive data.

揭露書公開一種使用代碼驗證的資料傳輸方法與系統,提供一種安全且方便傳遞資料的技術方案,讓使用者可以通過系統提供的代碼讓資料需求者可以順利取得經過使用者授權提供的資料。The disclosure discloses a data transmission method and system using code verification, and provides a secure and convenient data transmission technical solution, so that users can use the codes provided by the system to allow data demanders to smoothly obtain the data provided by the user.

所述系統實現一個資料提供者,設有驗證伺服器與資料庫(或一儲存媒體),驗證伺服器用於驗證使用者身份,以及產生具有資料取得期限的代碼,並執行一使用代碼驗證的資料傳輸方法。The system implements a data provider with a verification server and a database (or a storage medium). The verification server is used to verify the identity of the user, generate a code with a data acquisition period, and execute a code verification Data transmission method.

根據使用代碼驗證的資料傳輸方法的實施例,當資料提供者接收一資料請求,可以根據此資料請求與資料請求關聯的使用者資訊,由一驗證伺服器要求驗證使用者身份,經與使用者驗證後,也表示使用者同意提供資料,驗證伺服器產生一代碼,其中代碼對應資料請求與所請求的一筆資料,再將代碼提供給使用者,由使用者提供代碼至一資料需求者。According to the embodiment of the data transmission method using code verification, when a data provider receives a data request, a verification server can request the user to verify the identity of the user based on the user information associated with the data request. After verification, it also means that the user agrees to provide data. The verification server generates a code, where the code corresponds to the data request and the requested piece of data, and then provides the code to the user, and the user provides the code to a data requester.

當資料需求者得到此代碼後,提交給驗證伺服器,經確認後,資料提供者可根據代碼提供對應的資料至資料需求者,即完成依據代碼提供資料的傳輸方法。After the data requester obtains the code, it is submitted to the verification server. After confirmation, the data provider can provide the corresponding data to the data requester according to the code, which completes the data transmission method based on the code.

進一步地,當驗證伺服器根據資料請求演算代碼後,驗證伺服器可通過一資料庫或儲存媒體記載代碼對應的資料,以至於當資料需求者將代碼提供至資料提供者時,可以提供經過對應的資料。Further, after the verification server requests the calculation code according to the data, the verification server can record the data corresponding to the code through a database or storage medium, so that when the data requester provides the code to the data provider, it can provide the corresponding data. data of.

根據一實施例,所述資料請求可由使用者發出至資料提供者,當使用者得到代碼後,可以提供代碼給資料需求者,使得資料需求者可以憑代碼通過驗證伺服器驗證後取得對應的資料。According to an embodiment, the data request can be sent by the user to the data provider. After the user obtains the code, the code can be provided to the data requester, so that the data requester can obtain the corresponding data after verification by the verification server with the code. .

在另一實施例中,資料請求可由資料需求者發出,由驗證伺服器知道所要取得的資料關於某使用者,經產生代碼後,由驗證伺服器提供代碼至使用者裝置,再由使用者傳送代碼至資料需求者的電腦裝置,使得資料需求者可以憑代碼通過驗證伺服器驗證後取得對應的資料。In another embodiment, the data request can be sent by the data requester, and the verification server knows the data to be obtained about a certain user. After the code is generated, the verification server provides the code to the user device, and then the user sends it The code is sent to the computer device of the data requester, so that the data requester can obtain the corresponding data after verification by the verification server with the code.

進一步地,當驗證伺服器自資料需求者的電腦裝置接收代碼時,也會驗證資料需求者的身份,以依據資料需求者的權限判斷是否提供該筆資料,或是提供該筆資料之全部或部分。Further, when the verification server receives the code from the computer device of the data requester, it will also verify the identity of the data requester to determine whether to provide the data, or provide all or all of the data according to the authority of the data requester. section.

為使能更進一步瞭解本發明的特徵及技術內容,請參閱以下有關本發明的詳細說明與圖式,然而所提供的圖式僅用於提供參考與說明,並非用來對本發明加以限制。In order to further understand the features and technical content of the present invention, please refer to the following detailed description and drawings about the present invention. However, the provided drawings are only for reference and description, and are not used to limit the present invention.

以下是通過特定的具體實施例來說明本發明的實施方式,本領域技術人員可由本說明書所公開的內容瞭解本發明的優點與效果。本發明可通過其他不同的具體實施例加以施行或應用,本說明書中的各項細節也可基於不同觀點與應用,在不悖離本發明的構思下進行各種修改與變更。另外,本發明的附圖僅為簡單示意說明,並非依實際尺寸的描繪,事先聲明。以下的實施方式將進一步詳細說明本發明的相關技術內容,但所公開的內容並非用以限制本發明的保護範圍。The following are specific specific examples to illustrate the implementation of the present invention. Those skilled in the art can understand the advantages and effects of the present invention from the content disclosed in this specification. The present invention can be implemented or applied through other different specific embodiments, and various details in this specification can also be based on different viewpoints and applications, and various modifications and changes can be made without departing from the concept of the present invention. In addition, the drawings of the present invention are merely schematic illustrations, and are not drawn according to actual size, and are stated in advance. The following embodiments will further describe the related technical content of the present invention in detail, but the disclosed content is not intended to limit the protection scope of the present invention.

應當可以理解的是,雖然本文中可能會使用到“第一”、“第二”、“第三”等術語來描述各種元件或者信號,但這些元件或者信號不應受這些術語的限制。這些術語主要是用以區分一元件與另一元件,或者一信號與另一信號。另外,本文中所使用的術語“或”,應視實際情況可能包括相關聯的列出項目中的任一個或者多個的組合。It should be understood that although terms such as "first", "second", and "third" may be used herein to describe various elements or signals, these elements or signals should not be limited by these terms. These terms are mainly used to distinguish one element from another, or one signal from another signal. In addition, the term "or" used in this document may include any one or a combination of more of the associated listed items depending on the actual situation.

說明書揭示一種使用代碼驗證的資料傳輸方法與系統,所提出的方案主要是讓使用者方便且安全地提供資料給資料需求者,當中資料為儲存在第三方的資料提供者的伺服系統中,有別於提供資料(特別如敏感的資料)時需要使用者親自取得後交給資料需求者的傳統方式,使用代碼驗證的資料傳輸系統可以在使用者同意提供資料給資料需求者時,產生一個一次性代碼,讓使用者提供給資料需求者,讓資料需求者可以利用此代碼在一期限內向資料提供者取得資料。The manual discloses a data transmission method and system using code verification. The proposed solution is mainly to allow users to conveniently and securely provide data to data demanders. The data is stored in the server system of a third-party data provider. Different from the traditional way of providing data (especially sensitive data) that requires the user to obtain it personally and then hand it to the data demander, the data transmission system using code verification can generate one-time data when the user agrees to provide the data to the data demander. The sex code is provided by the user to the data demander, so that the data demander can use this code to obtain the data from the data provider within a period of time.

所述的資料主要在資料提供者保管與儲存,例如銀行可以出具的財力證明、存放款證明、信用證明等敏感資料,或是稅務機關可以提供的繳稅紀錄,或是學校可以提供的學歷證明,或是公家單位所保管的個人敏感資料等,這些資料一般是需要經過身份確認後才能提供的資料。當有資料需求者需要向使用者索取這些資料,可以向資料提供者提出請求,資料提供者將與使用者確認後,提供使用者對應本次要取得資料的代碼,讓使用者將此代碼提供給資料需求者,經資料提供者接收此代碼並驗證確認此代碼,能夠將對應的資料提供給資料需求者,免去習知需要使用者親自索取再給資料需求者的不方便。The said data is mainly kept and stored by the data provider, for example, sensitive data such as financial certificates, deposit certificates, credit certificates that can be issued by banks, or tax payment records that can be provided by tax authorities, or academic certificates that can be provided by schools , Or personal sensitive data kept by public units, etc. These data are generally information that can only be provided after identification. When a person who needs data needs to ask the user for these data, he can make a request to the data provider. The data provider will confirm with the user and provide the user with the code corresponding to the data to be obtained this time, so that the user can provide this code For data requesters, after the data provider receives this code and verifies the code, the corresponding data can be provided to the data requester, eliminating the inconvenience of requiring users to obtain it personally and then giving it to the data requester.

舉例來說,當使用者需要向銀行一(即資料需求者)申請貸款,身為借方的銀行一需要使用者提供財力與存放款記錄,但這些資料保留在銀行二中,這時,可由使用者向銀行二(即資料提供者)提出資料請求,銀行二中的驗證程序可以據此產生代碼,讓使用者取得後提供給銀行一,使得銀行一可以順利自銀行二取得財力與存放款記錄。For example, when a user needs to apply for a loan from Bank 1 (that is, the data demander), the bank 1 as a borrower needs the user to provide financial and deposit records, but these data are kept in Bank 2. At this time, the user can A data request is made to Bank 2 (the data provider), and the verification program in Bank 2 can generate a code based on this, so that the user can obtain it and provide it to Bank 1, so that Bank 1 can smoothly obtain financial resources and deposit records from Bank 2.

再列舉一例,當使用者向一公司(即資料需求者)應徵工作,公司需要使用者提供學歷證明,公司可以直接向學校(即資料提供者)要求得到使用者的學歷證明,這時,學校先與使用者確認,確認後產生一次性代碼,並將代碼提供給使用者,由使用者將代碼提供給公司,公司即可依據此代碼向學校取得學歷證明。To cite another example, when a user applies for a job from a company (that is, the data demander), the company needs the user to provide a certificate of academic qualifications, and the company can directly request the school (that is, the data provider) to obtain the user’s academic certificate. In this case, the school first Confirm with the user, generate a one-time code after confirmation, and provide the code to the user. The user provides the code to the company, and the company can obtain the academic certificate from the school based on this code.

過程中,因為資料提供者所保存的資料的原本擁有者為使用者,當要提供給資料需求者時,會讓使用者確認,通過使用代碼驗證的資料傳輸方法中的安全機制,產生提供給使用者的一次性代碼,再由使用者將此代碼提供給資料需求者,讓資料提供者可以在安全無虞的情況下提供資料給資料需求者。In the process, because the original owner of the data saved by the data provider is the user, when it is to be provided to the data demander, the user will be asked to confirm that it is generated and provided to the user through the security mechanism in the data transmission method using code verification The user’s one-time code, which is then provided by the user to the data requester, so that the data provider can provide the data to the data requester in a safe and secure manner.

圖1顯示使用代碼驗證的資料傳輸系統實施例示意圖,圖式顯示有資料提供者101、資料需求者103與使用者105三方,各方以電腦系統實現,並經由網路10通訊。FIG. 1 shows a schematic diagram of an embodiment of a data transmission system using code verification. The diagram shows three parties: a data provider 101, a data requester 103, and a user 105, each of which is implemented by a computer system and communicates via a network 10.

資料提供者101中設有以軟體搭配硬體實現的驗證伺服器111,驗證伺服器111用於驗證使用者身份,以及產生具有資料取得期限的代碼,特別是對應當次請求的資料的一次性代碼。資料提供者101設有資料庫113(可以為各式儲存媒體),資料庫113或特定儲存媒體用於記載每次產生的代碼與對應的資料,代碼的產生例如每次以一演算法演算得出,當以代碼產生器115每次動態產生代碼時,可以設定一可取得該筆資料的資料取得期限,代碼將於超過期限時失效。所述代碼產生器115可以為運行於驗證伺服器111中的軟體功能。The data provider 101 has a verification server 111 implemented with software and hardware. The verification server 111 is used to verify the identity of the user and generate a code with a data acquisition period, especially for the one-time data in response to the request Code. The data provider 101 has a database 113 (which can be a variety of storage media). The database 113 or a specific storage medium is used to record the codes generated each time and the corresponding data. For example, the code generation is calculated by an algorithm each time. In addition, when the code generator 115 dynamically generates a code every time, a data acquisition period for obtaining the data can be set, and the code will become invalid when the period expires. The code generator 115 may be a software function running in the verification server 111.

資料提供者101通過網路10提供各端資料傳輸的驗證服務,根據揭露書揭示的使用代碼驗證的資料傳輸方法,可以讓資料需求者103通過電腦軟體產生取得資料的請求,通過網路10傳送到資料提供者101,再讓其中驗證伺服器111與使用者105驗證身份後,確認是否同意提供資料需求者103的資料請求;或者,方法可以讓使用者105本身利用電腦軟體向資料提供者101發出資料請求,資料提供者101先驗證使用者身份,再於確認身份後根據資料請求產生代碼,提供代碼給使用者105,讓使用者105可以將此代碼轉給資料需求者103,由資料需求者103憑著這個代碼向資料提供者101取得資料。The data provider 101 provides verification services for data transmission at each end through the network 10. According to the data transmission method using code verification disclosed in the disclosure, the data requester 103 can generate a request for data through computer software and send it through the network 10. Go to the data provider 101 and let the authentication server 111 and the user 105 verify their identities, and then confirm whether they agree to the data request of the data requester 103; or, the method can allow the user 105 to use computer software to send the data to the data provider 101 When sending a data request, the data provider 101 first verifies the user's identity, and then generates a code based on the data request after confirming the identity, and provides the code to the user 105 so that the user 105 can transfer the code to the data requester 103, and the data requester 103 The person 103 obtains the data from the data provider 101 with this code.

值得一提的是,參與系統的資料服務的各端使用者可以先成為資料提供者的註冊使用者,使得資料提供者101中資料庫113更可記載使用者105或者加上資料需求者103的身份資料,因此,資料提供者101可以在提供資料前先認證提出資料請求的身份。並且,所述資料提供者101還可設定各端使用者可以取得資料的權限範圍(包括使用者權限、地區、時間等),當資料設有多層敏感性時,可以依據資料需求者103的身份與權限提供對應的資料。It is worth mentioning that all end users participating in the data service of the system can first become registered users of the data provider, so that the database 113 in the data provider 101 can record the user 105 or add the data requester 103. Identity data, therefore, the data provider 101 can verify the identity of the data request before providing the data. In addition, the data provider 101 can also set the scope of authority (including user authority, region, time, etc.) that users of each end can obtain data. When the data has multiple levels of sensitivity, it can be based on the identity of the data requester 103 Provide corresponding information with permissions.

圖2顯示使用代碼驗證的資料傳輸方法的實施例流程圖。Figure 2 shows a flowchart of an embodiment of a data transmission method using code verification.

在此流程中,開始如步驟S201,當使用者(資料擁有者)或資料需求者向資料提供者提出資料請求,能根據資料請求與資料請求所關聯的使用者,資料提供者即通過驗證伺服器要求驗證使用者或資料需求者身份。所述資料請求所關聯的使用者可以為一個請求信息中記載、提出或是對應的一個使用者識別資料。In this process, starting with step S201, when a user (data owner) or a data requester makes a data request to the data provider, the data provider can pass the authentication server according to the data request and the user associated with the data request The device requires verification of the identity of the user or data requester. The user associated with the data request may be a user identification data recorded, proposed, or corresponding to a request message.

於步驟S203中,當資料提供者驗證各端使用者身份後,將可對應資料請求產生一代碼,代碼的產生可以動態地以一演算法演算產生,代碼即對應本次資料請求與一筆資料,並可設定一取得資料的期限。其中,所述資料並非限定文件數量,而是可以一次傳送一個文件,或是多個文件的組合,如存款證明、貸款證明等。In step S203, after the data provider verifies the identity of each end user, a code can be generated corresponding to the data request. The generation of the code can be dynamically generated by an algorithm. The code corresponds to the current data request and a piece of data. And can set a time limit for obtaining data. Among them, the data is not limited to the number of documents, but can be transmitted one document at a time, or a combination of multiple documents, such as a deposit certificate, a loan certificate, and so on.

之後,不論是由使用者或是資料需求者提出資料請求,如步驟S205,代碼將先提供至使用者,提供代碼的方式例如以電子郵件傳送、將英數組合的代碼以口述講出,或是以圖形(如QR碼)傳送代碼,如傳送代碼至使用者註冊的使用者裝置,之後,使用者可以根據要取得資料的資料需求者的資訊得到傳送目的地,由使用者裝置傳送代碼至資料需求者的電腦裝置。After that, whether it is a data request from the user or the data requester, in step S205, the code will be provided to the user first. The method of providing the code is, for example, sending by email, dictating the combination of alphanumeric code, or The code is sent with graphics (such as QR code), such as sending the code to the user device registered by the user. After that, the user can get the sending destination based on the information of the data requester who wants to obtain the data, and the user device sends the code to The computer device of the data requester.

接著,由資料需求者傳送代碼至驗證伺服器,如步驟S207,驗證伺服器即自資料需求者的電腦裝置接收代碼,再如步驟S209,使得資料提供者根據代碼提供對應之資料。Then, the data requester transmits the code to the verification server, in step S207, the verification server receives the code from the computer device of the data requester, and then in step S209, the data provider provides the corresponding data according to the code.

根據實施例,所述資料提供者可根據使用者或是資料需求者發出的請求動態或依據當時的資料請求的內容產生一次性代碼(OTP),一次性建立此代碼對應了使用者可提供資料的全部或部分,除了為依據資料需求者的資料取得權限外,還可在每次使用者產生資料請求時,同時利用軟體工具設定本次取得的資料範圍。According to an embodiment, the data provider can generate a one-time code (OTP) based on the request dynamics sent by the user or the data demander or based on the content of the data request at the time. The one-time creation of this code corresponds to the data that the user can provide All or part of, in addition to obtaining the authority based on the data of the data requester, each time the user generates a data request, the software tool can be used to set the scope of the data obtained this time.

更者,資料提供者的伺服系統中可建立資料需求者清單,並針對各類資料需求者設定安全性等級(身份與權限),必要時應該都要通過認證,才能針對資料需求者的電腦設備傳送資料。傳送資料的方式可以為直接檔案傳送的服務,如FTP,或是利用電子郵件、即時通訊軟體、雲端存取檔案服務等方式。Moreover, the data provider’s server system can create a list of data demanders, and set the security level (identity and authority) for all kinds of data demanders. If necessary, authentication should be passed to target the data demanders’ computer equipment. Send data. The method of transferring data can be a direct file transfer service, such as FTP, or using e-mail, instant messaging software, cloud access to file services, etc.

圖3示意顯示使用代碼驗證取得資料的流程實施例。Figure 3 schematically shows an embodiment of the process of obtaining data using code verification.

此例自左向右示意表示第一畫面31為終端使用者(使用者本身或是資料需求者)利用執行於電腦裝置內的軟體程式設定資料請求的內容,例如可設定(1)使用者(如user ID、名稱、帳戶等)、(2)資料需求者(user ID、名稱、帳戶等),以及(3)欲請求得到的資料內容。This example indicates from left to right that the first screen 31 is the end user (the user himself or the data requester) using the software program running in the computer device to set the content of the data request. For example, you can set (1) the user ( Such as user ID, name, account, etc.), (2) data requester (user ID, name, account, etc.), and (3) the content of the data to be requested.

經產生資料請求,並傳送到資料提供者後,第二畫面32顯示使用者裝置接收代碼的示意圖,當資料提供者根據資料請求產生代碼後,傳送至使用者裝置,可以二維條碼(QR Code)形式(但不限於此)顯示。After the data request is generated and sent to the data provider, the second screen 32 displays a schematic diagram of the code received by the user device. After the data provider generates the code according to the data request, it is sent to the user device. The QR Code ) Form (but not limited to this) display.

第三畫面33顯示資料需求者可以掃描使用者裝置上顯示的二維條碼而取得代碼,但仍可以其他方式(如抄寫、一維條碼、無線識別碼)取得代碼,取得代碼後,傳送至資料提供者以供驗證。The third screen 33 shows that the data requester can scan the two-dimensional bar code displayed on the user’s device to obtain the code, but can still obtain the code in other ways (such as copying, one-dimensional bar code, wireless identification code), and send the code to the data after obtaining the code Provider for verification.

第四畫面34顯示代碼與身份經確認後,資料提供者可以提供資料需求者資料連結或是直接傳送資料,讓資料需求者下載。After the code and identity displayed on the fourth screen 34 are confirmed, the data provider can provide a data link to the data demander or directly send the data for the data demander to download.

圖4示意顯示運行於資料提供者端的伺服系統41、使用者裝置42與資料需求者的需求者裝置43之間的使用代碼驗證的資料傳輸方法的流程實施例。4 schematically shows an embodiment of the flow of a data transmission method using code verification between the server system 41, the user device 42 and the data requester's requester device 43 running on the data provider side.

根據圖示內容,一開始,由使用者裝置42發出資料請求至伺服系統41(S401),伺服系統41可根據資料請求與其關聯的使用者驗證使用者身份,並動態產生一次性代碼,並提供(電子郵件、口述或傳送圖形)代碼至使用者裝置42(S403),使用者裝置42將代碼提供給需求者裝置43(S405),由需求者裝置43傳送代碼至伺服系統41(S407),使得資料需求者憑藉著代碼通過伺服系統(或驗證伺服器)驗證,經伺服系統41中驗證程序驗證代碼,並得出對應的資料後,將資料本身或是資料連結傳送給需求者裝置43(S409)。之後,伺服系統41可以通知使用者已經完成驗證與傳遞資料的訊息。According to the content of the figure, at the beginning, the user device 42 sends a data request to the server system 41 (S401). The server system 41 can verify the user's identity according to the data request and the user associated with it, and dynamically generate a one-time code, and provide The code (email, dictation, or sending graphics) is sent to the user device 42 (S403), the user device 42 provides the code to the requester device 43 (S405), and the requester device 43 sends the code to the server 41 (S407), The data requester passes the server system (or verification server) verification by virtue of the code, verifies the code through the verification program in the server system 41, and obtains the corresponding data, and then sends the data itself or the data link to the requester device 43 ( S409). After that, the server system 41 can notify the user that the verification and data transmission has been completed.

在此一提的是,此實施例情況是由使用者主動向伺服系統41發出資料請求,但仍可能是由資料需求者向使用者要求資料,由需求者裝置43產生所述的資料請求,再由使用者裝置42轉送此資料需求至伺服系統41。It is mentioned here that in this embodiment, the user actively sends a data request to the server system 41, but it is still possible that the data demander requests data from the user, and the demander device 43 generates the data request. The user device 42 then forwards the data request to the server system 41.

圖5顯示運行伺服系統41、使用者裝置42與需求者裝置43之間的另一使用代碼驗證的資料傳輸方法的流程實施例。FIG. 5 shows an embodiment of the flow of another data transmission method using code verification between the running server 41, the user device 42 and the customer device 43.

此流程由需求者裝置43向伺服系統41發出資料請求(S501)的步驟開始,這時,伺服系統41從資料請求中可得出使用者與需求者的身份以及請求的資料,因此可以向使用者裝置42要求授權提供資料的信息(S503)。這時,使用者通過電腦裝置得知有資料需求者向資料提供者提供資料的請求,使用者可以根據這些資訊向伺服系統41發出確認授權的信息(S505)。反之,若使用者不同意提供資料,可以向伺服系統41發出不同意授權的信息。This process starts with the step of sending a data request (S501) from the requester device 43 to the server system 41. At this time, the server system 41 can obtain the identities of the user and the requester and the requested data from the data request, so that the user can The device 42 requests information that is authorized to provide data (S503). At this time, the user knows through the computer device that the data requester requests the data provider to provide the data, and the user can send the authorization confirmation message to the server system 41 based on the information (S505). Conversely, if the user does not agree to provide data, he can send a message that he does not agree to authorization to the server system 41.

一旦伺服系統41接收到使用者授權提供資料的信息後,即根據資料請求產生代碼,並提供至使用者裝置42(S507)。在一情況是,或者使用者僅同意提供部分資料給資料需求者,因此可以利用軟體工具調整資料請求的內容。Once the server 41 receives the information that the user authorizes to provide data, it generates a code according to the data request and provides it to the user device 42 (S507). In one case, or the user only agrees to provide part of the data to the data requester, software tools can be used to adjust the content of the data request.

當使用者取得代碼,即可提供代碼至需求者裝置43(S509),兩個裝置之間提供代碼的方式例如可以親到現場、郵寄、簡訊、即時通訊等,之後由需求者裝置43傳送代碼至伺服系統41(S511),使得資料需求者可以憑著這個代碼通過伺服系統(或驗證伺服器)驗證,並經伺服系統41驗證代碼、資料需求者權限後,即傳送資料至需求者裝置43(S513)。其中傳送資料的步驟中,可以依據資料需求者的權限判斷是否提供該筆資料,或是提供該筆資料之全部或部分。When the user obtains the code, the code can be provided to the requester device 43 (S509). The method of providing the code between the two devices can be, for example, on-site, mail, text message, instant messaging, etc., and then the requester device 43 transmits the code To the server system 41 (S511), the data requester can use this code to pass the server (or verification server) verification, and after the server system 41 verifies the code and the data requester's authority, the data is sent to the requester device 43 (S513). In the step of transmitting the data, it can be judged whether to provide the data, or to provide all or part of the data according to the authority of the data requester.

在此一提的是,此實施例情況是資料需求者一開始向伺服系統41發出資料請求,但仍可能是由使用者主動產生並提供資料請求給資料需求者,由需求者裝置43轉送所述的資料請求至伺服系統41。It is mentioned here that in this embodiment, the data requester sends a data request to the server system 41 at the beginning, but it may still be generated by the user and provide the data request to the data requester. The requester device 43 forwards the data request to the data requester. The aforementioned data is requested to the servo system 41.

進一步地,在此實施例中,一開始,可由使用者裝置42提供資料請求給需求者裝置43,並提供使用者的身份資料,由需求者裝置43轉送所得到的資料請求與使用者身份資料至伺服系統(或驗證伺服器)41,以驗證使用者身份,經伺服系統41驗證後產生代碼,除了可提供該筆資料給資料需求者的需求者裝置43外,還可同時傳送代碼至使用者裝置42,讓使用者查詢資料內容。Further, in this embodiment, at the beginning, the user device 42 may provide a data request to the requester device 43 and provide the user's identity data, and the requester device 43 forwards the obtained data request and user identity data. To the server system (or authentication server) 41 to verify the identity of the user, the code is generated after the server system 41 is verified. In addition to providing the data to the user device 43 of the data demander, the code can also be sent to the user at the same time The user device 42 allows the user to query the content of the data.

綜上所述,根據上述實施例可知,使用代碼驗證的資料傳輸方法提供使用者之間傳遞資料的一種方案,特別是需要由特定一方提供的使用者資料,如財力證明、學歷證明、親屬證明等敏感資料,讓資料需求者自使用者取得一次性代碼,以根據此代碼向資料提供者取得資料,達到簡便而兼顧安全的資料傳輸目的。In summary, according to the above embodiment, the data transmission method using code verification provides a solution for transferring data between users, especially user data that needs to be provided by a specific party, such as financial proof, education certificate, and family certificate For sensitive data such as data, the data demander can obtain a one-time code from the user to obtain the data from the data provider based on this code, so as to achieve the purpose of simple and secure data transmission.

以上所公開的內容僅為本發明的優選可行實施例,並非因此侷限本發明的申請專利範圍,所以凡是運用本發明說明書及圖式內容所做的等效技術變化,均包含於本發明的申請專利範圍內。The content disclosed above is only the preferred and feasible embodiments of the present invention, and does not limit the scope of the patent application of the present invention. Therefore, all equivalent technical changes made using the description and schematic content of the present invention are included in the application of the present invention. Within the scope of the patent.

10:網路 101:資料提供者 111:驗證伺服器 113:資料庫 115:代碼產生器 103:資料需求者 105:使用者 31:第一畫面 32:第二畫面 33:第三畫面 34:第四畫面 41:伺服系統 42:使用者裝置 43:需求者裝置 步驟S201~S209:使用代碼驗證的資料傳輸流程之一 步驟S401~S409:使用代碼驗證的資料傳輸流程之二 步驟S501~S513:使用代碼驗證的資料傳輸流程之三10: Internet 101: data provider 111: Verify server 113: Database 115: code generator 103: Data Demanders 105: User 31: The first screen 32: Second screen 33: The third screen 34: Fourth screen 41: Servo system 42: User device 43: Demander's Device Steps S201~S209: One of the data transmission processes using code verification Steps S401~S409: The second data transmission process using code verification Steps S501~S513: The third data transmission process using code verification

圖1顯示使用代碼驗證的資料傳輸系統實施例示意圖;Figure 1 shows a schematic diagram of an embodiment of a data transmission system using code verification;

圖2顯示使用代碼驗證的資料傳輸方法的實施例流程圖;Figure 2 shows a flowchart of an embodiment of a data transmission method using code verification;

圖3示意顯示使用代碼驗證取得資料的流程實施例;Figure 3 schematically shows an embodiment of the process of obtaining data using code verification;

圖4顯示使用代碼驗證的資料傳輸方法的流程實施例之一;Figure 4 shows one of the process embodiments of the data transmission method using code verification;

圖5顯示使用代碼驗證的資料傳輸方法的流程實施例之二。Fig. 5 shows the second embodiment of the flow of the data transmission method using code verification.

S201:要求驗證一使用者身份S201: Request to verify the identity of a user

S203:通過身份驗證後,對應資料請求演算一代碼S203: After passing the identity verification, calculate a code corresponding to the data request

S205:提供代碼至使用者裝置S205: Provide code to user device

S207:自一資料需求者接收代碼S207: Receive code from a data requester

S209:根據代碼提供對應之資料S209: Provide corresponding information according to the code

Claims (10)

一種使用代碼驗證的資料傳輸方法,包括: 根據一資料請求與該資料請求關聯之一使用者,一驗證伺服器要求驗證該使用者身份; 於驗證該使用者身份後,產生一代碼,其中該代碼對應該資料請求與一筆資料; 根據該資料請求關聯之該使用者,提供該代碼至一使用者裝置,由該使用者裝置提供該代碼至一資料需求者的電腦裝置; 該驗證伺服器自該資料需求者的電腦裝置接收該代碼;以及 根據該代碼提供對應的該筆資料至該資料需求者的電腦裝置。A data transmission method using code verification, including: According to a data request and the data request associating a user, a verification server requests to verify the identity of the user; After verifying the identity of the user, a code is generated, where the code corresponds to a data request and a piece of data; The user associated with the data request provides the code to a user device, and the user device provides the code to a computer device of a data requester; The verification server receives the code from the computer device of the data requester; and According to the code, the corresponding data is provided to the computer device of the data requester. 如請求項1所述的使用代碼驗證的資料傳輸方法,其中,於驗證伺服器驗證該使用者後,該驗證伺服器通過一資料庫或一儲存媒體記載該代碼對應之該筆資料。The data transmission method using code verification according to claim 1, wherein after the verification server verifies the user, the verification server records the data corresponding to the code through a database or a storage medium. 如請求項2所述的使用代碼驗證的資料傳輸方法,其中,由該使用者裝置發出該資料請求,經該驗證伺服器驗證該使用者後產生該代碼以提供至該使用者裝置後,由該使用者提供該代碼給該資料需求者的電腦裝置,使得該資料需求者可以憑該代碼通過該驗證伺服器驗證後取得該筆資料。The data transmission method using code verification as described in claim 2, wherein the data request is issued by the user device, and after the verification server verifies the user, the code is generated and provided to the user device. The user provides the code to the computer device of the data requester, so that the data requester can obtain the data after being verified by the verification server with the code. 如請求項2所述的使用代碼驗證的資料傳輸方法,其中,由該資料需求者發出該資料請求,經該驗證伺服器產生該代碼,再由該使用者自該驗證伺服器接收該代碼,確認可以提供該筆資料後,提供該代碼至該資料需求者的電腦裝置,使得該資料需求者可以憑該代碼通過該驗證伺服器驗證後取得該筆資料。The data transmission method using code verification as described in claim 2, wherein the data requester issues the data request, the verification server generates the code, and then the user receives the code from the verification server, After confirming that the data can be provided, the code is provided to the computer device of the data requester, so that the data requester can obtain the data after being verified by the verification server with the code. 如請求項2所述的使用代碼驗證的資料傳輸方法,其中,由該使用者裝置提供該資料請求給該資料需求者的電腦裝置,並提供該使用者的身份資料,由該資料需求者的電腦裝置轉送至該驗證伺服器,以驗證該使用者身份,經該驗證伺服器驗證後產生該代碼,提供該筆資料給該資料需求者的電腦裝置,亦同時傳送該代碼至該使用者裝置,藉以查詢資料內容。The data transmission method using code verification as described in claim 2, wherein the user device provides the data request to the computer device of the data requester, and provides the user’s identity data, and the data requester’s The computer device forwards to the verification server to verify the identity of the user, generates the code after verification by the verification server, provides the data to the computer device of the data requester, and sends the code to the user device at the same time To query the content of the data. 如請求項5所述的使用代碼驗證的資料傳輸方法,其中,當該驗證伺服器自該資料需求者的電腦裝置接收該代碼時,驗證該資料需求者的身份,以依據該資料需求者的權限判斷是否提供該筆資料,或是提供該筆資料之全部或部分。The data transmission method using code verification as described in claim 5, wherein when the verification server receives the code from the computer device of the data requester, it verifies the identity of the data requester, so as to be based on the data requester’s The authority determines whether to provide the data, or provide all or part of the data. 如請求項1至6中任一項所述的使用代碼驗證的資料傳輸方法,其中該代碼為一動態或依據該資料請求的內容產生的一次性代碼,並設有可取得該筆資料的一資料取得期限。For example, the data transmission method using code verification according to any one of request items 1 to 6, wherein the code is a dynamic or one-time code generated based on the content of the data request, and is provided with a data transmission method that can obtain the data Data acquisition period. 一種使用代碼驗證的資料傳輸系統,包括: 一驗證伺服器,用於驗證使用者身份,以及產生具有資料取得期限的代碼; 一資料庫或一儲存媒體,用於記載每次產生的代碼與對應的資料; 其中,以該驗證伺服器執行一使用代碼驗證的資料傳輸方法,包括: 根據一資料請求與該資料請求關聯之一使用者,該驗證伺服器要求驗證該使用者身份; 於驗證該使用者身份後,動態產生一次性的一代碼,並設有可取得一筆資料的資料取得期限,其中該代碼對應該資料請求與該筆資料; 根據該資料請求關聯之該使用者,提供該代碼至一使用者裝置,由該使用者裝置提供該代碼至一資料需求者的電腦裝置; 該驗證伺服器自該資料需求者的電腦裝置接收該代碼;以及 根據該代碼提供對應的該筆資料至該資料需求者的電腦裝置。A data transmission system using code verification, including: A verification server for verifying the identity of the user and generating a code with a data acquisition period; A database or a storage medium for recording the codes and corresponding data generated each time; Wherein, using the verification server to perform a data transmission method using code verification includes: According to a data request and a user associated with the data request, the verification server requires verification of the user's identity; After verifying the identity of the user, a one-time code is dynamically generated, and a data acquisition period for obtaining a piece of data is set, where the code corresponds to the data request and the piece of data; The user associated with the data request provides the code to a user device, and the user device provides the code to a computer device of a data requester; The verification server receives the code from the computer device of the data requester; and According to the code, the corresponding data is provided to the computer device of the data requester. 如請求項8所述的使用代碼驗證的資料傳輸系統,其中,由該使用者發出該資料請求,由該使用者得到該代碼後,提供該代碼給該資料需求者的電腦裝置,使得該資料需求者可以通過該代碼取得該筆資料,或依照該資料需求者的權限提供該筆資料之全部或部分。The data transmission system using code verification according to claim 8, wherein the user sends the data request, and after the user obtains the code, the code is provided to the computer device of the data requester, so that the data The requester can obtain the data through the code, or provide all or part of the data according to the authority of the data requester. 如請求項8所述的使用代碼驗證的資料傳輸系統,其中,由該資料需求者發出該資料請求,再由該使用者自該驗證伺服器接收該代碼,確認可以提供該筆資料後,提供該代碼至該資料需求者的電腦裝置,使得該資料需求者可以通過該代碼取得該筆資料,或依照該資料需求者的權限提供該筆資料之全部或部分。The data transmission system using code verification as described in claim 8, wherein the data requester issues the data request, and then the user receives the code from the verification server and confirms that the data can be provided. The code is sent to the computer device of the data demander, so that the data demander can obtain the data through the code, or provide all or part of the data according to the authority of the data demander.
TW108132436A 2019-09-09 2019-09-09 Data transmission method with code verification and system thereof TWI718659B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW108132436A TWI718659B (en) 2019-09-09 2019-09-09 Data transmission method with code verification and system thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108132436A TWI718659B (en) 2019-09-09 2019-09-09 Data transmission method with code verification and system thereof

Publications (2)

Publication Number Publication Date
TWI718659B TWI718659B (en) 2021-02-11
TW202111577A true TW202111577A (en) 2021-03-16

Family

ID=75745593

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108132436A TWI718659B (en) 2019-09-09 2019-09-09 Data transmission method with code verification and system thereof

Country Status (1)

Country Link
TW (1) TWI718659B (en)

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100088753A1 (en) * 2008-10-03 2010-04-08 Microsoft Corporation Identity and authentication system using aliases
CN103370688B (en) * 2010-07-29 2016-11-09 尼尔默尔·朱萨尼 A kind of system and method being generated multifactor personalization server strong encryption keys by ease of user password
ITMI20131455A1 (en) * 2013-09-05 2015-03-06 Aldo Ciavatta METHOD AND APPARATUS FOR REMOTE VISUALIZATION OF DYNAMIC INFORMATION CONTENT
CN112134708A (en) * 2014-04-15 2020-12-25 创新先进技术有限公司 Authorization method, authorization request method and device
CN104820944A (en) * 2015-05-11 2015-08-05 中国工商银行股份有限公司 Method and system for bank self-service terminal authentication, and device
CN104933560A (en) * 2015-05-22 2015-09-23 浙江弥谷网络科技有限公司 Method and system for recharging virtual account and recharging client

Also Published As

Publication number Publication date
TWI718659B (en) 2021-02-11

Similar Documents

Publication Publication Date Title
US11528138B2 (en) Methods and systems for a digital trust architecture
US20210351931A1 (en) System and method for securely processing an electronic identity
US20090271321A1 (en) Method and system for verification of personal information
JP3871300B2 (en) A method for job-based authorization between companies
TWI396112B (en) A system, method, service method, and program product for managing entitlement with identity and privacy applications for electronic commerce
JP5078257B2 (en) Attribute information providing server, attribute information providing method, and program
US20060080263A1 (en) Identity theft protection and notification system
US20070093234A1 (en) Identify theft protection and notification system
EP3455998A1 (en) Identity authentication and information exchange system and method
US9361436B2 (en) Multiple profile authentication
US10992683B2 (en) System and method for authenticating, storing, retrieving, and verifying documents
US11392949B2 (en) Use of mobile identification credential in know your customer assessment
KR102131206B1 (en) Method, service server and authentication server for providing corporate-related services, supporting the same
TWI718659B (en) Data transmission method with code verification and system thereof
NZ553284A (en) Identity theft protection and notification system
US20210250359A1 (en) System and method for authenticating, storing, retrieving, and verifying documents
US11663590B2 (en) Privacy-preserving assertion system and method
TWM589295U (en) Data transmission system with code verification
KR102458263B1 (en) A method and server for supporting the provision of financial services
US20230131095A1 (en) Computer method and graphical user interface for identity management
KR20230120750A (en) Part-time job relay system providing customized information of region and working time by ai and method providing customized information by the same
KR101171003B1 (en) A system for financial deals