1374652 九、發明說明: 【發明所屬之技術領域】 本發明係關於一種網路身份認證之方法,係透過會員 打電話以加強確認合法身份。 【先前技術】 由於透過網路以提供服務在目前社會是非常的重要, φ 也不可或缺。譬如網路遊戲、網路購物、網路金融等等, 而這些服務由於常牽涉的個人機密,或與個人權益(如金 錢等)等,會員之合法認證是相當重要。 但由於網路上的許多服務牽涉不少會員之利益,因此 有許多網路駭客會想辦法得知會員之會員帳號及密碼,譬 如網路駭客透過木馬程式等方式得知,網路駭客因此可以 利用會員身份進行金融轉帳,或是免費使用他人之網路遊 戲點數,或盜取網路遊戲寶物等等。 鲁 因此多一層會員身份認證則可多加一份保障。 【發明内容】 本發明之主要目的係在提供網路身份認證之方法及其 系統。 為達成上述之目的,本發明網路身份認證系統包括至 少一台數位電話系統及一認證主機。數位電話系統與認證 主機可以透過内部或外部網路之方式電性連接。 5 1374652 有一台或數台服務端伺服器透過網路與認證主機連 接,這些服務端伺服器譬如可為網路遊戲伺服器。 譬如會員想用電腦玩網路遊戲時,會員打電話給數位 電話系統,因此數位電話系統會接收到該會員之一會員電 話號碼及一服務目標號碼。 接著數位電話系統將會員電話號碼及服務目標號碼傳 送至認證主機。認證主機可以檢查會員電話號碼是否為合 法登記之會員電話號碼;若是合法的,認證主機傳送一會 員身份確認訊號至服務端伺服器,以使得會員登錄程序得 以完整。 【實施方式】 為能讓貴審查委員能更瞭解本發明之技術内容,特舉 一個較佳具體實施例說明如下。 以下請先參考圖1關於本發明網|身^^認_證~系1 10使 用之環境示意圖。 本發明網路身份認證系統10包括兩台數位電話系統 20及一認證主機30。其實亦可使用一台數位電話系統20 即可,在本實施例中使用兩台或兩台以上之數位電話系統 20最主要之用意係做為緊急或備份之目的。數位電話系統 20與認證主機30可以為内部網路之連線,但數位電話系 統20與認證主機30亦可為外部網路之連線(譬如透過網 際網路),當採外部網路之連線的話,數位電話系統20與 認證主機30不需要放置在近距離之位置,甚至數位電話系 統20與認證主機30可以放在不同之區域或國家。 1374652 有一台或數台服務端伺服器40透過網路82與認證主 機30連接,這些服務端伺服器40譬如可為網路遊戲伺服 器、網路教學伺服器及金融服務伺服器等等。 會員90利用其會員電話91透過電信網路81可與數位 電話系統20聯絡;而會員90也可透過電腦92及網路82 連結到服務端伺服器40。 以下請參考圖2,以瞭解本發明之重點,圖2係顯示網 路身份認證系統10 —般正常狀態之處理流程。以下服務端 伺服器40以網路遊戲伺服器為例,亦即會員90想用電腦 92玩網路遊戲。 步驟201 : 透過數位電話系統20接收該會員90之一會員電話號 碼50及一服務目標號碼60。 會員90想用電腦92玩網路遊戲時,服務端伺服器40 會傳送一會員登錄晝面70 (如圖4)至電腦92。會員登錄 晝面70除一般傳統要求會員90鍵入『會員編號』及『密 碼』外,會員登錄晝面70並顯示一確認會員身份訊息:『請 以您登入會員之手機撥打0958000888,並在撥打後十分鐘 内完成會員登錄』。 所以當會員90利用其會員電話91 (譬如電話號碼為 0991666333 )打電話給數位電話系統20時,數位電話系統 20與會員電話91會建立連線,因此數位電話系統20會接 收到會員90之會員電話號碼50 (譬如為手機號碼 0991666333 )及一服務目標號碼60 (譬如0958000888)。 1374652 另一種方式是會員90鍵入『會員編號』及『密碼』後, 若服務端伺服器40確認『會員編號』及『密碼』之資料正 確,則顯示一訊息如:『請以您登入會員之手機在十分鐘内 撥打0958000888以完成登錄』。 不管哪一種方式,本發明都需要會員90利用其免電 話91打電話給數位電話系統20。需注意的是,當然數位 電話系統20是有登記管理該服務目標號碼60 (譬如 0958000888 ),所以當會員90利用其會員電話91 (譬如 0991666333 )撥打某一服務目標號碼60時,數位電話系統 20才會與會員電話91建立連線。 另外需注意的是,數位電話系統20是可以登記管理複 數個服務目標號碼60,在較佳的設計中,每一服務目標號 碼60可以對應一服務端伺服器40。 步驟202 : 數位電話系統20將會員電話號碼50 (譬如 0991666333 )及服務目標號碼60 (譬如為0958000888)傳 送至認證主機30。 認證主機30最好先檢查該會員電話號碼50是否為有 效登記,或是否失效等。因此認證主機30内最好有一會員 資料庫,會員資料庫記載各會員之會員電話號碼50。 認證主機30最好接收到之會員電話號碼50,服務目標 號碼60以及接到這兩個號碼的時間登記下來,以便做為曰 後管理之用(譬如會員宣稱有打電話,但系統沒回應等問 題)。 1374652 步驟203 : <吸主機30傳送一不接聽命令訊號31至該數位電話 • 系統20。 步驟204 : 數位電話系統20接到不接聽命令訊號31之後仍不會 『接聽』會員電話91,此時數位電話系統2〇可以發送一 鲁語音』給會員電話9卜這『忙線語音』譬如為『恭 吾您兀成電話身份確認,請於十分鐘内完成會員登錄』。 这個好處在於會員90雖有打電話(譬如以手機打電話) 給數位電話系統20,但事實上沒有計算費用,因為數位電 話系統20可以設定『忙線中』’因此數位電話系統2〇可以 發送一『忙線語音』給會員電話91。如此一來,本發明之 設計不但保障會員的帳號不會被盜用外,因為又不會增加 會員打電話的費用,因此會員就會樂於使用本發明之網路 • 身份認證系統10。 步驟205 : 依據該服務目標號碼60,認證主機30傳送一會員身份 確認訊號33至一服務端伺服器40。 會員身份確認訊號33譬如採用URL的格式, https://game.provider/?access=0958000888&caller=0991666 333,會員身份確認訊號33也夾藏了會員電話號碼50 (譬 如0991666333)及服務目標號碼6〇(譬如為0958000888)。 1374652 服務端伺服器40接到會員身份確認訊號33後,即可更確 認會員90是否為真,當會員90完成上述電話認證後及完 成『會員編號』及『密碼』之鍵入後,整個登入才完成, • 這時會員90才可玩網路遊戲。 以下請參考圖3,係顯示較特殊狀態之處理流程,譬如 認證主機30知道此會員為黑名單,或是會員的點數用完 (如網路遊戲的點數)之狀況: 步驟301 : 請參考步驟201。 步驟302 : 請參考步驟202。 步驟303 : • 認證主機30傳送一異常通知35至服務端伺服器40, 譬如認證主機30知道此會員為黑名單,或是會員的點數用 完(如網路遊戲的點數)之狀況。 步驟304 : 服務端伺服器40接到異常通知35之後,回傳一『回 應訊號41』給認證主機30。 步驟305 : 20 ° 1374652 認證主機30傳送一『轉接訊號37』給數位電話系統 • 步驟306 : • 數位電話系統20與會員電話91進行接通。 步驟307 : 經過步驟306之後,使得服務端伺服器40透過數位電 • 話系統20之轉接能與會員電話91進行通話。此時服務端 伺服器40之客服人員可以與會員電話91通話 步驟308 : 客服人員與會員電話91結束通話後,服務端伺服器40 傳送一切斷訊號43至數位電話系統20。 步驟309 : # 數位電話系統20與會員電話91切斷電話。 綜上所陳,本發明無論就目的、手段及功效,在在均 顯示其迥異於習知技術之特徵,懇請貴審查委員明察, 早曰賜准專利,俾嘉惠社會,實感德便。惟應注意的是, 上述諸多實施例僅係為了便於說明而舉例而已,本發明所 主張之權利範圍自應以申請專利範圍所述為準,而非僅限 於上述實施例。 1374652 【圖式簡單說明】 圖1係本發明網路身份認證系統使用之環境示意圖。 ' 圖2係本發明網路身份認證系統之動作流程圖,係顯示一般 . 正常狀態之處理流程。 圖3係本發明網路身份認證系統之動作流程圖,係顯示較特 殊狀態之處理流程。 圖4係會員登錄晝面之實施例。 數位電話系統20 不接聽命令訊號31 異常通知35 服務端伺服器40 切斷訊號43 服務目標號碼60 網路82 會員電話91 【主要元件符號說明 網路身份認證系統10 認證主機30 會員身份確認訊號33 轉接訊號37 回應訊號41 會員電話號碼50 • 電信網路81 會員90 電腦92 121374652 IX. Description of the Invention: [Technical Field of the Invention] The present invention relates to a method for authenticating a network identity by calling a member to enhance the identification of a legitimate identity. [Prior Art] Since providing services through the Internet is very important in the current society, φ is also indispensable. For example, online games, online shopping, online finance, etc., and these services are very important because of the personal secrets often involved, or with personal rights (such as money, etc.). However, since many services on the Internet involve the interests of many members, many Internet hackers will find ways to know the member's account number and password, such as Internet hackers, through trojans, etc. So you can use your membership to make financial transfers, or use other people's online game points for free, or steal online game treasures and more. Lu, therefore, an additional layer of membership certification can add one more guarantee. SUMMARY OF THE INVENTION The primary object of the present invention is to provide a method and system for network identity authentication. To achieve the above objects, the network identity authentication system of the present invention includes at least one digital telephone system and an authentication host. The digital telephone system and the authentication host can be electrically connected through an internal or external network. 5 1374652 One or several server servers are connected to the authentication host through the network. These server servers can be used as network game servers. For example, when a member wants to use a computer to play online games, the member calls the digital telephone system, so the digital telephone system receives one of the member's telephone number and a service target number. The digital telephone system then transmits the member telephone number and the service target number to the authentication host. The authentication host can check whether the member phone number is a legally registered member phone number; if it is legal, the authentication host transmits a member identity confirmation signal to the server server to complete the member login process. [Embodiment] In order to enable the reviewing committee to better understand the technical contents of the present invention, a preferred embodiment will be described below. Please refer to FIG. 1 for an environment diagram of the invention of the present invention. The network identity authentication system 10 of the present invention includes two digital telephone systems 20 and an authentication host 30. In fact, a digital telephone system 20 can also be used. In this embodiment, the most important use of two or more digital telephone systems 20 is for emergency or backup purposes. The digital telephone system 20 and the authentication host 30 can be connected to the internal network, but the digital telephone system 20 and the authentication host 30 can also be connected to an external network (for example, through the Internet), when an external network is connected. In the case of the line, the digital telephone system 20 and the authentication host 30 need not be placed in close proximity, and even the digital telephone system 20 and the authentication host 30 can be placed in different regions or countries. 1374652 One or more server servers 40 are connected to the authentication host 30 via a network 82. The server servers 40 can be, for example, network game servers, network teaching servers, and financial service servers. Member 90 can communicate with digital telephone system 20 via telecommunications network 81 using its member telephone 91; member 90 can also be coupled to server server 40 via computer 92 and network 82. Please refer to FIG. 2 for the purpose of understanding the present invention. FIG. 2 shows the processing flow of the network identity authentication system 10 in a normal state. The following server server 40 takes the online game server as an example, that is, the member 90 wants to use the computer 92 to play online games. Step 201: Receive a member phone number 50 and a service target number 60 of the member 90 through the digital telephone system 20. When the member 90 wants to play the online game with the computer 92, the server server 40 transmits a member login screen 70 (Fig. 4) to the computer 92. Member login page 70 In addition to the general requirements for members 90 to type "member number" and "password", the member login page 70 and display a confirmation membership message: "Please dial 0958000888 on your mobile phone, and after dialing Complete member login within ten minutes. Therefore, when the member 90 calls the digital telephone system 20 by using his member telephone 91 (for example, the telephone number is 0991666333), the digital telephone system 20 and the member telephone 91 will establish a connection, so the digital telephone system 20 will receive the member of the member 90. Phone number 50 (such as mobile number 0991666333) and a service target number 60 (such as 0958000888). 1374652 Another way is that after the member 90 types "member number" and "password", if the server server 40 confirms that the information of "member number" and "password" is correct, a message such as: "Please log in as a member. The phone dials 0958000888 in ten minutes to complete the login. Either way, the present invention requires member 90 to make a call to digital telephone system 20 using its telephone-free 91. It should be noted that, of course, the digital telephone system 20 is registered to manage the service target number 60 (e.g., 0958000888), so when the member 90 dials a service target number 60 using its member telephone 91 (e.g., 0991666333), the digital telephone system 20 The connection to the member phone 91 will be established. It should also be noted that the digital telephone system 20 can register and manage a plurality of service target numbers 60. In a preferred design, each service target number 60 can correspond to a server server 40. Step 202: The digital telephone system 20 transmits the member telephone number 50 (e.g., 0991666333) and the service target number 60 (e.g., 0958000888) to the authentication host 30. Preferably, the authentication host 30 first checks if the member phone number 50 is validly registered, or is invalid. Therefore, it is preferable to have a member database in the authentication host 30, and the member database records the member phone number 50 of each member. The authentication host 30 preferably receives the member phone number 50, the service target number 60, and the time of receiving the two numbers, so as to be used for post-mortem management (for example, the member claims to have a call, but the system does not respond, etc.) problem). 1374652 Step 203: <Sucking host 30 transmits a missed command signal 31 to the digital telephone • System 20. Step 204: After the digital telephone system 20 receives the unanswered command signal 31, it will not "receive" the member telephone 91. At this time, the digital telephone system 2 can send a Lu voice to the member telephone 9 and the "busy voice". For "Gongwu, please confirm your identity as a phone call, please complete the member registration within 10 minutes". This advantage is that although the member 90 has a telephone call (such as calling by mobile phone) to the digital telephone system 20, in fact, there is no calculation fee, because the digital telephone system 20 can be set to "busy" "so the digital telephone system can be 2" Send a "busy voice" to the member phone 91. In this way, the design of the present invention not only protects the member's account from being stolen, but also increases the cost of the member's call, so the member will be happy to use the network authentication system 10 of the present invention. Step 205: According to the service target number 60, the authentication host 30 transmits a membership confirmation signal 33 to a server server 40. The membership confirmation signal 33 is in the form of a URL, https://game.provider/?access=0958000888&caller=0991666 333, and the membership confirmation signal 33 also has a member phone number 50 (such as 0991666333) and a service target number. 6〇 (for example, 0958000888). 1374652 After the server server 40 receives the membership confirmation signal 33, it can further confirm whether the member 90 is true. After the member 90 completes the above-mentioned telephone authentication and completes the "member number" and "password" type, the entire login is completed. Completion, • At this time, member 90 can play online games. Please refer to FIG. 3 below, which shows the processing flow of a special state, for example, the authentication host 30 knows that the member is blacklisted, or the member's points are exhausted (such as the number of points of the online game): Step 301: Please Refer to step 201. Step 302: Please refer to step 202. Step 303: • The authentication host 30 transmits an exception notification 35 to the server server 40, for example, the authentication host 30 knows that the member is blacklisted or the member's points are exhausted (such as the number of points in the online game). Step 304: After receiving the abnormality notification 35, the server server 40 returns a "reaction signal 41" to the authentication host 30. Step 305: 20 ° 1374652 The authentication host 30 transmits a "switching signal 37" to the digital telephone system. • Step 306: • The digital telephone system 20 is connected to the member telephone 91. Step 307: After the step 306, the server server 40 is caused to make a call with the member phone 91 through the transfer function of the digital telephone system 20. At this time, the agent of the server server 40 can talk to the member phone 91. Step 308: After the agent and the member phone 91 end the call, the server server 40 transmits a disconnection signal 43 to the digital phone system 20. Step 309: # The digital telephone system 20 disconnects the telephone from the member telephone 91. To sum up, the present invention, regardless of its purpose, means and efficacy, shows its distinctive features of the prior art. You are requested to review the examinations and grant the patents as soon as possible. It is to be noted that the various embodiments described above are intended to be illustrative only, and the scope of the invention is intended to be limited by the scope of the appended claims. 1374652 BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a schematic diagram of an environment used by the network identity authentication system of the present invention. Figure 2 is a flow chart showing the operation of the network identity authentication system of the present invention. Fig. 3 is a flow chart showing the operation of the network identity authentication system of the present invention, showing the processing flow of a special state. Figure 4 is an embodiment of a member login page. Digital telephone system 20 does not answer command signal 31 Abnormal notification 35 Server server 40 Switch off signal 43 Service target number 60 Network 82 Member phone 91 [Main component symbol description Network identity authentication system 10 Authentication host 30 Membership confirmation signal 33 Transfer signal 37 response signal 41 member phone number 50 • telecommunication network 81 member 90 computer 92 12