TWI545512B - Transaction method and transaction security system with authentication using personal device, and computer-readable medium - Google Patents
Transaction method and transaction security system with authentication using personal device, and computer-readable medium Download PDFInfo
- Publication number
- TWI545512B TWI545512B TW104116091A TW104116091A TWI545512B TW I545512 B TWI545512 B TW I545512B TW 104116091 A TW104116091 A TW 104116091A TW 104116091 A TW104116091 A TW 104116091A TW I545512 B TWI545512 B TW I545512B
- Authority
- TW
- Taiwan
- Prior art keywords
- transaction
- verification
- code
- personalization
- personalized
- Prior art date
Links
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Description
本發明為一種交易方法與系統,特別是一種採用個人化裝置執行身份驗證的交易方法與相關交易安全系統。 The invention is a transaction method and system, in particular a transaction method and related transaction security system for performing identity verification using a personalization device.
四處林立的自動櫃員機或是提款機,一般簡稱ATM(automatic teller machine),讓使用者可以方便地提領現金,但提領現金的同時也就形成歹徒覬覦的時機,比如,一旦有歹徒在此時機搶奪提款卡,並同時要脅取得提款密碼,進而取得現金。如此暴露出現行提領現金僅以提款卡搭配幾碼的密碼的安全保密方式過於簡單,安全性顯然不足。 ATMs or cash machines, often referred to as ATM (automatic teller machine), allow users to easily withdraw cash, but when they withdraw cash, they also create opportunities for gangsters, for example, if there are gangsters At this time, the ATM card is robbed, and at the same time, the withdrawal password is acquired, and cash is obtained. It is too simple and safe to use the security and confidentiality of the cash withdrawal card with a few yards of passwords.
為了加強在交易時的安全性,包括一般購物交易、自動櫃員提款等,本發明提出一種採用個人化裝置驗證之交易方法以及相關系統,其目的之一就是在交易完成前先透過使用者隨身的裝置執行一個驗證程序,透過第三方驗證單位證明身份後才完成交易,可以提昇交易安全,即便其中有任何一種裝置遺失、被盜用,但是仍可確保財產不損失。 In order to enhance the security at the time of transaction, including general shopping transactions, automatic teller withdrawals, etc., the present invention proposes a transaction method using personalized device verification and related systems, one of the purposes of which is to carry the user through the transaction before the transaction is completed. The device performs a verification procedure, and the transaction is completed after the third-party verification unit proves the identity, which can improve the transaction security, and even if any of the devices is lost or stolen, the property can be ensured without loss.
根據採用個人化裝置驗證之交易方法之實施例,在此方法中,在處理一金額的交易程序中,先以一個人化裝置讀取於一交易裝置上顯示的一交易碼,此交易碼之產生係根據要處理的交易金額運算所得,於個人化裝置中所執行的程式產生一驗證碼,驗證碼與最初註冊相關驗證服務時所產生的種值有關,因此可以據此處理身份驗證。之後,傳送此驗證碼至一驗證伺服器,由驗證伺服器根據個人化裝置的種值取出一伺服器端種值,對此驗證碼執行一對稱運算,根據運算結果驗證個人化裝置。若驗證成功,即能繼續完成交易;若驗證失敗,於交易裝置顯示驗證失敗的訊息。 According to an embodiment of a transaction method using personalized device verification, in this method, in a transaction program for processing an amount, a transaction code displayed on a transaction device is first read by a personalization device, and the transaction code is generated. Based on the transaction amount to be processed, the program executed in the personalization device generates a verification code, which is related to the value generated when the original verification service is registered, so that the authentication can be processed accordingly. Then, the verification code is transmitted to a verification server, and the verification server extracts a server end value according to the value of the personalized device, performs a symmetric operation on the verification code, and verifies the personalized device according to the operation result. If the verification is successful, the transaction can be completed; if the verification fails, a message indicating verification failure is displayed on the transaction device.
以從自動櫃員機前提款為例,當使用者於自動櫃員機上輸出提款金額,自動櫃員機前將根據一些交易資訊產生一交易碼,比如顯示QR碼,使用者可採用個人化裝置讀取此QR碼,讀出當中交易資訊,並據此產生驗證身份用的驗證碼,由驗證伺服器對此驗證使用者身份,於驗證成功後完成交易,輸出現金。 Taking the premise of the ATM as an example, when the user outputs the withdrawal amount on the ATM, the ATM will generate a transaction code based on some transaction information, such as displaying the QR code, and the user can read the QR by using a personalization device. The code reads the transaction information and generates a verification code for verifying the identity. The verification server authenticates the user identity, completes the transaction after successful verification, and outputs cash.
在另一實施例中,採用個人化裝置驗證之交易方法包括先以個人化裝置讀取於交易裝置根據交易金額等資訊所產生的交易碼,再於個人化裝置產生驗證碼,並傳送至驗證伺服器進行驗證,此時,當驗證成功,驗證伺服器再產生一授權碼,並傳送至個人化裝置,並顯示於個人化裝置之一顯示屏幕上。 In another embodiment, the transaction method using the personalized device verification includes first reading, by the personalization device, the transaction code generated by the transaction device according to the transaction amount and the like, and generating a verification code on the personalized device, and transmitting the verification code to the verification device. The server performs verification. At this time, when the verification is successful, the verification server generates an authorization code and transmits it to the personalization device and displays it on one of the display devices of the personalization device.
接著,授權碼係提供使用者再行輸入至交易裝置上的一次式密碼,交易裝置再以此授權碼至驗證伺服器,由驗證伺服器根據接收之授權碼進行驗證,若再次驗證成功,才完成交易。 Then, the authorization code provides a one-time password that the user inputs to the transaction device again, and the transaction device then uses the authorization code to authenticate the server, and the verification server performs verification according to the received authorization code, and if the verification is successful again, Seal the deal.
根據揭露書所載的實施例,採用個人化裝置驗證之交易安全系統主要設有一載於個人化裝置中的程式,程式為處理個人化裝置端的交易程序,其中主要包括用以讀取交易裝置顯示之交易碼的交易碼讀取指令、用以顯示交易碼以及交易金額的裝置端顯示指令,以及用以產生傳送到驗證伺服器的驗證碼的驗證碼產生指 令。在一實施例中,前述程式更可包括一授權碼取得指令,能自驗證伺服器取得繼續完成交易的授權碼。 According to the embodiment disclosed in the disclosure, the transaction security system using the personalized device verification mainly has a program carried in the personalization device, and the program is a transaction program for processing the personalized device, which mainly includes reading the transaction device display. a transaction code reading instruction of the transaction code, a device side display instruction for displaying the transaction code and the transaction amount, and a verification code generation index for generating a verification code transmitted to the verification server make. In an embodiment, the foregoing program may further include an authorization code acquisition instruction, and the self-authentication server may obtain an authorization code for continuing to complete the transaction.
在此交易安全系統中的交易系統則包括有一系統端顯示模組,用以產生顯示於交易裝置上的交易金額輸入介面,並顯示交易碼;系統包括一交易金額取得模組,係自交易金額輸入介面取得交易金額;系統包括一交易碼產生模組,可根據交易金額運算產生交易碼;系統包括一驗證處理模組,用以自驗證伺服器取得驗證結果,其中驗證伺服器係接收個人化裝置產生的驗證碼後驗證個人化裝置;系統包括一輸出模組,可於驗證伺服器取得驗證結果後,輸出交易成功或失敗的訊息。在另一實施例中,交易系統更包括一授權碼處理模組,用以接收個人化裝置的使用者填寫授權碼,並傳送至驗證伺服器,透過授權碼確保安全性。 The transaction system in the transaction security system includes a system-side display module for generating a transaction amount input interface displayed on the transaction device and displaying the transaction code; the system includes a transaction amount acquisition module, which is a transaction amount. The input interface obtains the transaction amount; the system includes a transaction code generation module, and the transaction code can be generated according to the transaction amount calculation; the system includes a verification processing module for obtaining the verification result from the verification server, wherein the verification server receives the personalization The verification device generates a verification code to verify the personalized device; the system includes an output module, which can output a success or failure message after the verification server obtains the verification result. In another embodiment, the transaction system further includes an authorization code processing module for receiving the authorization code of the user of the personalized device and transmitting the authorization code to the verification server to ensure security through the authorization code.
為了能更進一步瞭解本發明為達成既定目的所採取之技術、方法及功效,請參閱以下有關本發明之詳細說明、圖式,相信本發明之目的、特徵與特點,當可由此得以深入且具體之瞭解,然而所附圖式僅提供參考與說明用,並非用來對本發明加以限制者。 In order to further understand the technology, method and effect of the present invention in order to achieve the intended purpose, reference should be made to the detailed description and drawings of the present invention. The drawings are to be considered in all respects as illustrative and not restrictive
10‧‧‧自動櫃員機 10‧‧‧Automatic Teller Machine
101‧‧‧二維條碼 101‧‧‧2D barcode
103‧‧‧代碼 103‧‧‧ Code
105‧‧‧吐鈔出口 105‧‧‧Withdrawal export
12‧‧‧個人化裝置 12‧‧‧ Personalized device
121‧‧‧二維條碼 121‧‧‧2D barcode
123‧‧‧一維條碼 123‧‧‧1D barcode
14‧‧‧收銀裝置 14‧‧‧ cash register
141‧‧‧交易金額 141‧‧‧ transaction amount
143‧‧‧一維條碼 143‧‧‧1D barcode
20‧‧‧交易裝置 20‧‧‧ trading device
201‧‧‧交易金額 201‧‧‧ transaction amount
203‧‧‧交易條碼 203‧‧‧ transaction bar code
205‧‧‧交易號碼 205‧‧‧Transaction number
207‧‧‧授權碼 207‧‧‧Authorization code
209‧‧‧驗證訊息 209‧‧‧Verification message
步驟S301~S311‧‧‧交易流程 Step S301~S311‧‧‧ transaction process
41‧‧‧個人化裝置 41‧‧‧personalized device
42‧‧‧交易裝置 42‧‧‧ trading device
43‧‧‧交易服務主機 43‧‧‧Transaction Service Host
44‧‧‧驗證伺服器 44‧‧‧Verification server
401‧‧‧填寫金額 401‧‧‧ Fill in the amount
402‧‧‧讀取交易碼 402‧‧‧Read transaction code
403‧‧‧傳送交易資訊 403‧‧‧Transfer transaction information
404‧‧‧傳送驗證碼 404‧‧‧Transfer verification code
405‧‧‧回覆驗證結果 405‧‧‧Reply verification results
406‧‧‧確認交易 406‧‧‧Confirm transaction
407‧‧‧交易成功 407‧‧‧Transaction success
501‧‧‧填寫金額 501‧‧‧ Fill in the amount
502‧‧‧傳送交易資訊 502‧‧‧Transfer transaction information
503‧‧‧產生交易碼 503‧‧‧ Generate transaction code
504‧‧‧讀取交易碼 504‧‧‧Read transaction code
505‧‧‧傳送驗證碼 505‧‧‧Transfer verification code
506‧‧‧回覆驗證結果 506‧‧‧Reply verification results
507‧‧‧確認交易 507‧‧‧Confirm transaction
508‧‧‧交易成功 508‧‧‧Transaction success
601‧‧‧填寫金額 601‧‧‧ Fill in the amount
602‧‧‧傳送交易資訊 602‧‧‧Transfer transaction information
603‧‧‧產生交易碼 603‧‧‧ Generate transaction code
604‧‧‧讀取交易碼 604‧‧‧Read transaction code
605‧‧‧傳送驗證碼 605‧‧‧Transfer verification code
606‧‧‧產生授權碼 606‧‧‧ Generate authorization code
607‧‧‧填寫授權碼 607‧‧‧ Fill in the authorization code
608‧‧‧傳送授權碼 608‧‧‧Transfer authorization code
609‧‧‧傳送授權碼 609‧‧‧Transfer authorization code
610‧‧‧回覆驗證結果 610‧‧‧Reply verification results
611‧‧‧確認交易 611‧‧‧Confirm transaction
612‧‧‧交易成功 612‧‧‧Transaction success
71‧‧‧驗證伺服器 71‧‧‧Verification server
72‧‧‧交易系統 72‧‧‧ trading system
721‧‧‧系統端顯示模組 721‧‧‧System-side display module
722‧‧‧交易金額取得模組 722‧‧‧ transaction amount acquisition module
723‧‧‧交易碼產生模組 723‧‧‧transaction code generation module
724‧‧‧驗證處理模組 724‧‧‧Verification processing module
725‧‧‧輸出模組 725‧‧‧Output module
726‧‧‧授權碼處理模組 726‧‧‧Authorization code processing module
73‧‧‧個人化裝置 73‧‧‧personalized device
731‧‧‧裝置端顯示模組 731‧‧‧Device display module
732‧‧‧交易碼讀取模組 732‧‧‧transaction code reading module
733‧‧‧驗證碼產生模組 733‧‧‧Verification Code Generation Module
734‧‧‧授權碼取得模組 734‧‧‧Authorization code acquisition module
圖1A顯示本發明採用個人化裝置驗證之交易安全系統的相關裝置實施例之一示意圖;圖1B顯示本發明採用個人化裝置驗證之交易安全系統的相關裝置實施例之二示意圖;圖2A至圖2D顯示本發明採用個人化裝置驗證之交易安全系統運作時實施例圖;圖3顯示本發明採用個人化裝置驗證之交易方法的實施例流程圖之一;圖4顯示本發明採用個人化裝置驗證之交易方法的實施例流 程圖之二;圖5顯示本發明採用個人化裝置驗證之交易方法的實施例流程圖之三;圖6顯示本發明採用個人化裝置驗證之交易方法的實施例流程圖之四;圖7顯示本發明採用個人化裝置驗證之交易安全系統的功能方塊實施例圖。 1A is a schematic diagram showing an embodiment of a related apparatus for a transaction security system using a personalized device verification according to the present invention; FIG. 1B is a schematic diagram showing a second embodiment of a related apparatus for a transaction security system using the personalized device verification of the present invention; FIG. 2A to FIG. 2D shows an embodiment of the present invention using a personalization device to verify the operation of the transaction security system; FIG. 3 shows one of the flowcharts of an embodiment of the transaction method using the personalized device verification of the present invention; and FIG. 4 shows the verification of the present invention using a personalized device. Embodiment flow of the transaction method FIG. 5 shows a third flowchart of an embodiment of a transaction method using the personalized device verification method of the present invention; FIG. 6 shows a fourth flowchart of an embodiment of the transaction method using the personalized device verification method of the present invention; FIG. The present invention employs a functional block diagram of a transaction security system verified by a personalization device.
有鑑於習知技術在信用卡購物、網路交易,以及可以提領現金的自動櫃員機(ATM,automatic teller machine)的交易程序僅以帳號、密碼,或是配合提款卡方式進行驗證,而並未提供有效且安全性高的措施,本發明揭露書提出一種採用個人化裝置驗證之交易方法,以及交易安全系統,可以透過使用者隨身的個人化裝置執行身份驗證,並配合第三方驗證手段,提供高安全性的交易安全措施,可免得在交易程序中部分驗證資訊被擷取或是盜用時的財產損失。 In view of the prior art, the credit card shopping, online transactions, and ATM (automatic teller machine) transaction procedures can only be verified by account number, password, or with a cash card. Providing effective and high-security measures, the present invention proposes a transaction method using personalized device verification, and a transaction security system, which can perform identity verification through a personalized device carried by the user, and cooperate with a third-party verification means to provide High-security transaction security measures can avoid partial loss of property damage in the transaction process when information is captured or stolen.
實施例示意圖可參閱圖1A以及圖1B所呈現的使用情境圖,其中示意表示本發明採用個人化裝置驗證之交易安全系統的相關運用。 BRIEF DESCRIPTION OF THE DRAWINGS Referring to the usage context diagram presented in Figures 1A and 1B, there is shown a schematic representation of the associated use of the transaction security system of the present invention using personalized device verification.
如圖1A所示,圖中呈現有一自動櫃員機10,當使用者欲透過此自動櫃員機10執行交易時,比如提款、存款、轉帳等交易程序,當透過其中介面輸入一金額時,自動櫃員機10將呈現出根據此金額或是當下交易資訊運算產生的交易碼,比如根據交易金額、交易裝置之代碼(自動櫃員機10之識別代碼)與一交談識別碼(session code)運算所產生的交易碼,此例係以二維條碼101方式呈現,但並非限於二維條碼的形式,另可以一維條碼、無線訊號傳輸(如NFC)、英數字碼等方式表示此交易碼。 As shown in FIG. 1A, there is shown an automatic teller machine 10. When a user wants to execute a transaction through the automatic teller machine 10, such as a withdrawal, deposit, transfer, etc., when an amount is input through the interface, the automatic teller machine 10 A transaction code generated based on this amount or the current transaction information operation, such as a transaction code generated based on the transaction amount, the code of the transaction device (the identification code of the automated teller machine 10), and a session code, will be presented. This example is presented in the form of a two-dimensional barcode 101, but is not limited to the form of a two-dimensional barcode. The transaction code can be represented by one-dimensional barcode, wireless signal transmission (such as NFC), and alphanumeric code.
此例以二維條碼101表示交易碼,並仍可輔以一字串代碼103表示,以免使用者裝置無法讀取二維條碼101。經使用者操作個人化裝置12,執行相關驗證程式,開啟照相機模組,拍攝二維條碼101,產生在裝置12上顯示器顯示的二維條碼121(或僅拍攝時顯示,卻不用顯示掃描結果),透過軟體可識別其中所載的資訊。之後的程序包括根據二維條碼121中的交易資訊產生驗證碼、傳遞至驗證伺服器,經驗證成功後可自吐鈔出口105提款。其中細節將於以下揭露內容描述。 In this example, the transaction code is represented by a two-dimensional barcode 101, and can still be represented by a string code 103, so that the user device cannot read the two-dimensional barcode 101. After the user operates the personalization device 12, the relevant verification program is executed, the camera module is turned on, the two-dimensional barcode 101 is captured, and the two-dimensional barcode 121 displayed on the display of the device 12 is generated (or displayed only when shooting, but the scanning result is not displayed). The software can identify the information contained in it. The subsequent procedure includes generating a verification code based on the transaction information in the two-dimensional barcode 121 and transmitting it to the verification server, and after the verification is successful, the withdrawal may be made from the money discharge outlet 105. Details will be described below.
另一實施態樣如圖1B所示,本發明採用個人化裝置驗證之交易安全系統可以應用於一般購物付款時的交易程序中,此例顯示消費者或是收銀員在一交易裝置(如POS的收銀裝置14)上輸入一交易金額141,裝置14上顯示交易金額141並產生一根據此交易金額141與相關交易資訊所產生的一維條碼143,再由消費者確認此筆交易金額141後,操作圖中個人化裝置12中程式掃描收銀裝置14上顯示的一維條碼143,形成在個人化裝置12呈現的一維條碼123(或可不用顯示)。之後的程序包括根據此一維條碼123所載交易資訊產生驗證碼、傳送驗證碼、由驗證伺服器進行驗證,驗證成功後,該筆交易才會成立。 In another embodiment, as shown in FIG. 1B, the transaction security system of the present invention using personalized device verification can be applied to a transaction procedure in general shopping payment. This example shows a consumer or a cashier in a transaction device (such as a POS). The cash register device 14) inputs a transaction amount 141, and the device 14 displays the transaction amount 141 and generates a one-dimensional barcode 143 generated according to the transaction amount 141 and the related transaction information, and then the consumer confirms the transaction amount 141. The one-dimensional bar code 143 displayed on the program of the personalization device 12 in the personalization device 12 is formed in the one-dimensional bar code 123 presented by the personalization device 12 (or may not be displayed). Subsequent procedures include generating a verification code based on the transaction information contained in the one-dimensional barcode 123, transmitting the verification code, and verifying by the verification server. After the verification is successful, the transaction is established.
圖2A至圖2D接著顯示本發明採用個人化裝置驗證之交易安全系統運作時實施例圖。 2A through 2D are diagrams showing an embodiment of the operation of the transaction security system in accordance with the present invention using personalized device verification.
圖2A顯示一交易裝置20的顯示器上產生一輸入金額的介面,由使用者輸入交易金額201後,如圖2B所示,交易裝置20中的作業程式根據此交易金額201,以及當下交易資訊,比如納入交易時間、裝置代碼,或/以及表示此階段交易的一種交談識別碼(session code)等資訊進行運算,得出一交易碼,此例以圖示的交易條碼203以及交易號碼205表示此交易碼,提供使用者操作個人化裝置讀取。經個人化裝置讀取的交易資訊繼續運算形成驗證碼,作為本次交易安全驗證的依據,經驗證伺服器驗證成功後 才完成交易。 2A shows an interface for generating an input amount on the display of a transaction device 20. After the user inputs the transaction amount 201, as shown in FIG. 2B, the operation program in the transaction device 20 is based on the transaction amount 201 and the current transaction information. For example, the transaction time, the device code, or / and a session code indicating the transaction at this stage are calculated to obtain a transaction code. This example represents the transaction bar code 203 and the transaction number 205. The transaction code provides the user to operate the personalized device to read. The transaction information read by the personalization device continues to calculate to form a verification code, which serves as the basis for the security verification of the transaction. After the verification by the verification server is successful Only complete the transaction.
在另一實施例中,當驗證伺服器接收到個人化裝置傳送的驗證碼後,再繼續產生一授權碼,可以一字串表示,如一種一次式密碼,傳送給個人化裝置後,由使用者讀取再輸入到交易裝置20所產生的介面上,如圖2C中填入授權碼207的欄位。交易裝置20接受到這組授權碼207後,將傳送到驗證伺服器確認本次交易的安全性,若其中任一環節無法驗證成功,都會使得本次交易失敗;此例在圖2D中呈現出完成交易等的驗證訊息209。 In another embodiment, after the verification server receives the verification code transmitted by the personalization device, it continues to generate an authorization code, which can be expressed in a string, such as a one-time password, transmitted to the personalization device, and used by The reader reads and re-enters the interface generated by the transaction device 20, as in Figure 2C, the field of the authorization code 207 is filled. After receiving the authorization code 207, the transaction device 20 will transmit to the verification server to confirm the security of the transaction. If any of the links cannot be verified successfully, the transaction will fail; this example is shown in Figure 2D. A verification message 209 for completing the transaction or the like is completed.
值得一提的是,為了要執行本揭露書所揭示的採用個人化裝置驗證之交易方法,使用者需要使用一具有運算處理、通訊、顯示與照相機功能的個人化裝置,細節來看,個人化裝置應為具備讀取一維條碼、二維條碼或無線訊號能力的行動裝置。裝置在運作前執行一初始化程序,包括於此個人化裝置安裝一執行交易驗證的程式,並對一驗證伺服器進行註冊。 It is worth mentioning that in order to implement the transaction method using personalization device verification disclosed in the disclosure, the user needs to use a personalization device with arithmetic processing, communication, display and camera functions, detailing, personalization The device should be a mobile device capable of reading 1D barcode, 2D barcode or wireless signal. The device performs an initialization process prior to operation, including installing a program for performing transaction verification on the personalization device, and registering a verification server.
前述由個人化裝置產生驗證碼所使用的種值(seed)為在驗證伺服器註冊時由驗證伺服器(或其他經授權的主機)內演算產生的個人化的種值。根據一實施方式,註冊時,驗證伺服器將要求使用者傳送個人化資訊,比如使用者所使用的行動通訊裝置的硬體資訊,如硬體相關代碼(如電話號碼、國際移動設備識別碼(International Mobile,Equipment Identity,IMEI)等)、網路硬體資訊等,更可為行動通訊裝置所支援的近場通訊(NFC)電路的通訊資料;個人化資訊也不排除使用者所提供的一般資訊,比如使用者個人資料、或是設定的一組認證碼(pin code),這些個人化資訊之一或是組合都可成為產生一種值(seed)的資料來源。 The seed used by the personalization device to generate the verification code is the personalized value generated by the verification server (or other authorized host) during the verification server registration. According to an embodiment, upon registration, the authentication server will ask the user to transmit personalized information, such as hardware information of the mobile communication device used by the user, such as a hardware related code (such as a phone number, an international mobile device identification code ( International Mobile, Equipment Identity, IMEI, etc.), network hardware information, etc., can also be the communication data of the near field communication (NFC) circuit supported by the mobile communication device; the personalized information does not exclude the general information provided by the user. Information, such as user profiles, or a set of pin codes, can be a source of information that produces a seed.
利用個人化資訊產生的種值因此具有唯一性,不同裝置或使用者都會取得不同的種值,且具有不可移植性,也就是換個裝置就無法使用。種值可以為一字串,經驗證伺服器(或是其他主機)產生後,分別儲存在個人化裝置以及驗證伺服器中。 The value generated by using personalized information is therefore unique. Different devices or users will obtain different kinds of values, and they are not portable, that is, they cannot be used after changing devices. The values can be a string that is generated by the authentication server (or other host) and stored in the personalization device and the authentication server.
前述於個人化裝置產生的驗證碼即可以儲存於個人化裝置的種值根據當下交易資訊運算得到,可以一字串組成,其中載有可以識別出驗證碼來源(即該個人化裝置)的資訊,讓驗證伺服器可以取得對應的種值,而對應的驗證伺服器將透過伺服器端的種值對該驗證碼執行一對稱運算,因此可以根據運算結果驗證是否驗證碼來自經授權的個人化裝置。 The verification code generated by the personalization device can be stored in the personalized device according to the current transaction information, and can be composed of a string, which contains information that can identify the source of the verification code (ie, the personalized device). The verification server can obtain the corresponding seed value, and the corresponding verification server will perform a symmetric operation on the verification code through the value of the server end, so that it can be verified according to the operation result whether the verification code is from an authorized personalization device. .
根據實施例所載的範例,若個人化裝置支援近場通訊(near-field communication,NFC),種值的儲存方式可以由此近場通訊電路的通訊資訊所保護。當個人化裝置接收到交易碼時,即可以裝置內之近場通訊電路之通訊資訊開啟種值,以運算產生驗證碼。比如,使用者手持一近場通訊的近場認證載具,經近距離連線行動通訊裝置後,所產生的近場通訊資訊將用以取得授權而開啟其中所預載的種值。 According to the example set forth in the embodiment, if the personalization device supports near-field communication (NFC), the storage method of the seed value can be protected by the communication information of the near field communication circuit. When the personalization device receives the transaction code, the communication information of the near field communication circuit in the device can be turned on to generate a verification code. For example, if the user holds a near field authentication vehicle for near field communication, the near field communication information generated by the proximity communication device will be used to obtain authorization and open the preloaded value.
值得一提的是,本發明所採用的交易方法中將根據個人化裝置內程式所產生的驗證碼或是其他資訊而實現,所應用的個人化裝置應載有系統提供的應用程式,如智慧型手機、平板電腦內所載的應用程式(APP),此應用程式用於取得種值、取得系統資訊而產生驗證碼、接收訊息、掃描交易裝置產生的交易碼、接收授權碼(在一實施例)、傳送相關資訊等的功能,並可透過訊息系統取得系統端所推播的訊息、解密種值,以及提供輸入內容的介面等。 It is worth mentioning that the transaction method used in the present invention will be implemented according to the verification code generated by the program in the personalization device or other information, and the applied personalization device should carry the application program provided by the system, such as wisdom. An application (APP) contained in a mobile phone or tablet. This application is used to obtain the value, obtain the system information, generate the verification code, receive the message, scan the transaction code generated by the transaction device, and receive the authorization code. For example, the function of transmitting related information, etc., and obtaining the message pushed by the system side, decrypting the seed value, and providing an interface for inputting the content through the message system.
圖3顯示本發明採用個人化裝置驗證之交易方法的實施例流程圖之一。此例描述交易的流程,包括一開始如步驟S301,於一交易裝置(自動櫃員機、收銀機、網路購物介面等)填入交易金額;接著,如步驟S303,由交易裝置內的程式根據交易金額以及當下的交易資訊運算產生一交易碼,並顯示在顯示器上。 Figure 3 shows one of the flow charts of an embodiment of the transaction method of the present invention using personalized device verification. This example describes the flow of the transaction, including initially filling in the transaction amount at a transaction device (automated teller machine, cash register, online shopping interface, etc.) as in step S301; then, in step S303, the transaction is executed by the program in the transaction device. The amount and the current transaction information calculation generate a transaction code and display it on the display.
使用者此時(或之前)啟動個人化裝置內程式,讀取(或由使用者根據交易碼填入)交易碼,如步驟S305,並根據個人化裝 置上顯示的交易資訊(如金額、交易相關內容)確認內容。經確認後,如步驟S307,由個人化裝置內程式以前述註冊產生的種值運算產生驗證碼,其中可以一儲存於個人化裝置的種值根據當下交易資訊運算得到此驗證碼。 The user activates the program in the personalization device at this time (or before), reads (or is filled in by the user according to the transaction code), in step S305, and according to the personalization Confirm the content by displaying the displayed transaction information (such as the amount, transaction related content). After confirming, in step S307, the verification code is generated by the program in the personalization device by the seed value generated by the registration, wherein the verification code can be obtained according to the current transaction information.
再如步驟S309,將驗證碼傳送到驗證伺服器,由驗證伺服器根據對應的系統端種值運算而驗證資訊是否來自註冊授權的個人化裝置,也就是對個人化裝置的使用者身份進行驗證,再如步驟S311,於驗證結果將傳送相關訊息到交易裝置上,若為驗證成功,即完成交易;否則,將產生交易失敗的訊息。 In step S309, the verification code is transmitted to the verification server, and the verification server verifies whether the information is from the authorized authorized personalization device according to the corresponding system end value calculation, that is, verifying the identity of the user of the personalized device. Then, in step S311, the verification result will transmit the relevant message to the transaction device, and if the verification is successful, the transaction is completed; otherwise, the transaction failure message will be generated.
圖4顯示交易方法的實施例流程,流程為運行在個人化裝置41、交易裝置42、交易服務主機43與驗證伺服器44之間的安全驗證流程,其中個人化裝置41如使用者手持的電腦系統,其中執行的程式配合交易裝置42與交易服務主機43形成本發明的交易安全系統,驗證伺服器44則可為第三方提供驗證服務的主機,但不排除可為設於交易服務主機43內的硬體或軟體模組。 4 shows an embodiment flow of a transaction method, which is a security verification process running between the personalization device 41, the transaction device 42, the transaction service host 43 and the verification server 44, wherein the personalization device 41 is a computer held by a user. The system, wherein the executed program cooperates with the transaction device 42 and the transaction service host 43 to form the transaction security system of the present invention, and the verification server 44 can provide a host for the authentication service to the third party, but does not exclude that it can be located in the transaction service host 43. Hardware or software module.
流程開始時,由使用者(或另一服務人員、收銀員)在交易裝置42上填寫金額(401),由交易裝置42根據交易金額以及/或當下交易相關資訊運算得到交易碼,由個人化裝置41讀取交易碼(402),如讀取一維條碼、二維條碼或是無線訊號;若以字串顯示的交易碼為例,可由使用者將交易碼抄寫輸入至個人化裝置41。同時,交易裝置42也將交易碼或相關交易資訊(交易金額、交易裝置代碼、時間、交談識別碼等)傳送到交易服務主機43(403)。其中交易服務主機43可能同時服務設於各處的多部交易裝置42,因此需要取得該次交易的相關資訊後才能識別交易的來源。 At the beginning of the process, the user (or another service person, cashier) fills in the amount (401) on the transaction device 42, and the transaction device 42 calculates the transaction code based on the transaction amount and/or the current transaction related information, and is personalized. The device 41 reads the transaction code (402), such as reading a one-dimensional barcode, a two-dimensional barcode, or a wireless signal; if the transaction code displayed in the string is taken as an example, the transaction code can be transcribed and input to the personalization device 41 by the user. At the same time, the transaction device 42 also transmits the transaction code or related transaction information (transaction amount, transaction device code, time, chat identification code, etc.) to the transaction service host 43 (403). The transaction service host 43 may simultaneously serve a plurality of transaction devices 42 located at various locations, so that it is necessary to obtain relevant information of the transaction before the source of the transaction can be identified.
當個人化裝置41讀取了交易碼,確認交易相關資訊後,運用其中程式取出其中種值,並以種值對特定個人化資訊(如使用者資訊、交易金額、交易裝置之代碼與一交談識別碼)運算形成驗 證碼,將驗證碼傳送到驗證伺服器44(404),其中攜帶著個人化裝置41的識別資訊,讓驗證伺服器44可以識別出驗證碼的來源。接著,驗證伺服器44接收個人化裝置所傳送的驗證碼,從驗證碼中得知個人化裝置端的識別資料,如種值、裝置硬體資訊等,因此可對應得到伺服器端種值,以此伺服器端種值對該驗證碼執行一對稱運算,根據運算結果驗證個人化裝置41。之後,將驗證結果傳送到交易服務主機43(405)。其中,若驗證成功,交易服務主機43將確認交易(406)的訊息傳送到交易裝置42,個人化裝置41之使用者於驗證成功後完成交易(407);反之,當驗證失敗,表示交易不成功,並於交易裝置將顯示驗證失敗的訊息。 When the personalization device 41 reads the transaction code, confirms the transaction related information, uses the program to take out the value, and uses the value to talk to the specific personalized information (such as user information, transaction amount, transaction device code). Identification code) The verification code is transmitted to the verification server 44 (404), which carries the identification information of the personalization device 41, so that the verification server 44 can identify the source of the verification code. Then, the verification server 44 receives the verification code transmitted by the personalization device, and obtains the identification data of the personalized device end, such as the seed value and the device hardware information, from the verification code, so that the server end value can be correspondingly obtained. The server end value performs a symmetric operation on the verification code, and the personalization device 41 is verified based on the operation result. Thereafter, the verification result is transmitted to the transaction service host 43 (405). If the verification is successful, the transaction service host 43 transmits the message confirming the transaction (406) to the transaction device 42, and the user of the personalization device 41 completes the transaction after the verification is successful (407); otherwise, when the verification fails, the transaction is not Successful, and the transaction device will display a message that the verification failed.
不同於圖4顯示的流程中係由交易裝置42運算產生交易碼,圖5顯示的實施例流程圖表示係由交易服務主機43進行運算產生交易碼的工作。 Unlike the flow shown in FIG. 4, the transaction code is generated by the transaction device 42. The flowchart of the embodiment shown in FIG. 5 indicates that the transaction service host 43 performs the operation to generate the transaction code.
同樣先於交易裝置42上填寫交易金額(501),由交易裝置42將此交易資訊傳送到交易服務主機43(502),由交易服務主機43根據交易資訊產生交易碼,先傳回到對應的交易裝置42(503),顯示出來,由個人化裝置41讀取(504)。交易碼的方式比如一維或二維條碼,或是透過無線訊號傳遞,由個人化裝置41的相關通訊模組讀取,再由其中程式解譯出來,形成提供給使用者確認交易內容的資訊。 Similarly, the transaction amount (501) is filled in before the transaction device 42, and the transaction information is transmitted by the transaction device 42 to the transaction service host 43 (502), and the transaction service host 43 generates the transaction code based on the transaction information, and first transmits the transaction code to the corresponding Transaction device 42 (503), displayed, is read (504) by personalization device 41. The transaction code is processed by a one-dimensional or two-dimensional barcode, or transmitted by a wireless signal, and is read by the relevant communication module of the personalization device 41, and then decoded by the program to form a message for providing the user with confirmation of the transaction content. .
經使用者確認交易內容後,個人化裝置41取出種值,並對相關個人化資訊運算產生驗證碼,傳送到驗證伺服器44(505),由驗證伺服器44取得驗證碼中所攜帶的個人化裝置41端的識別資訊,可以取得對應的系統端種值,根據對應的種值執行對稱運算,以驗證資訊來源,之後回覆驗證結果(506)至交易服務主機43,交易服務主機43根據其中攜帶的資訊(如裝置相關資訊、該次交易相關資訊等)判斷對應的交易裝置42,通知交易裝置42確認該次交易(507),顯示給使用者看,表示交易成功的訊息(508)。 反之,若驗證失敗,則顯示交易失敗的訊息。 After the user confirms the transaction content, the personalization device 41 takes out the seed value, generates a verification code for the related personalized information operation, and transmits the verification code to the verification server 44 (505), and the verification server 44 obtains the individual carried in the verification code. The identification information of the device 41 can obtain the corresponding system end value, perform a symmetric operation according to the corresponding seed value to verify the information source, and then reply the verification result (506) to the transaction service host 43, and the transaction service host 43 carries according to the information. The information (such as device related information, the transaction related information, etc.) determines the corresponding transaction device 42 and notifies the transaction device 42 to confirm the transaction (507), and displays the message indicating that the transaction was successful (508). Conversely, if the verification fails, a message indicating that the transaction failed is displayed.
圖6接著顯示本發明交易方法的再一實施例流程圖,此流程同樣運作於個人化裝置41、交易裝置42、交易服務主機43以及驗證伺服器44之間。 6 is a flow chart showing still another embodiment of the transaction method of the present invention, which also operates between the personalization device 41, the transaction device 42, the transaction service host 43, and the verification server 44.
開始一交易程序,需要填寫金額(601)至某交易裝置42上,此例中,交易裝置42將此交易資訊,包括裝置相關識別資訊,傳送到交易服務主機43(602),由交易服務主機43產生交易碼,並傳回到交易裝置42(603),交易碼比如以QR碼等二維條碼表示,由交易主機42顯示在顯示器上,由個人化裝置41讀取(604),並透過顯示交易內容讓使用者確認。 To start a transaction procedure, an amount (601) needs to be filled into a transaction device 42. In this example, the transaction device 42 transmits the transaction information, including device-related identification information, to the transaction service host 43 (602), by the transaction service host. 43 generates a transaction code and returns it to the transaction device 42 (603). The transaction code is represented, for example, by a two-dimensional bar code such as a QR code, displayed on the display by the transaction host 42, read by the personalization device 41 (604), and transmitted through Display the transaction content for the user to confirm.
其中,若以自動櫃員機為例,不排除由ATM(即交易裝置)或是ATM主機(即交易服務主機)根據ATM裝置代碼、交易金額與代表此階段工作的交談識別碼(session ID)算得到交易碼,交易碼可以二維條碼、一維條碼或無線訊號等方式表示,而個人化裝置應以對應的程式指令讀取這些訊息。 Wherein, if the ATM is taken as an example, it is not excluded that the ATM (ie, the transaction device) or the ATM host (ie, the transaction service host) is calculated according to the ATM device code, the transaction amount, and the session ID (work ID) working on behalf of this stage. Transaction code, transaction code can be represented by 2D barcode, 1D barcode or wireless signal, and the personalization device should read these messages with the corresponding program instructions.
經讀取交易碼並確認交易金額,個人化裝置41將利用其中程式產生驗證碼,驗證碼的產生為利用其中裝置端種值,也就是交易前於驗證伺服器註冊產生的加密種值,對交易裝置42的識別代碼、交易金額與交談識別碼,連同種值進行編碼,產生驗證碼,再將驗證碼傳送到驗證伺服器44(605),由驗證伺服器44執行安全驗證。 After reading the transaction code and confirming the transaction amount, the personalization device 41 will use the program to generate the verification code, and the verification code is generated by using the device end value, that is, the encryption type value generated by the verification server registration before the transaction, The identification code of the transaction device 42, the transaction amount and the conversation identification code are encoded along with the seed value, a verification code is generated, and the verification code is transmitted to the verification server 44 (605), and the verification server 44 performs security verification.
經驗證成功後,此實施例表示,由驗證伺服器44產生一根據當下資訊產生的授權碼,此授權碼如同一次式密碼(OTP),比如可根據一時間資訊產生,為動態產生,產生的方式同樣可根據交易裝置機器識別碼、交易金額、交談識別碼,以及/或時間資訊等資訊運算產生,授權碼將可以一字串透過網路傳送到個人化裝置41(606),經顯示給使用者看,由使用者再行填寫授權碼至交易裝置42上的輸入介面上(607)。授權碼的表示除了顯示在個人化 裝置41上的字串外,不排除可以條碼形式或無線訊號呈現,由交易裝置42安裝讀取器讀取。 After the verification succeeds, this embodiment indicates that the authentication server 44 generates an authorization code generated according to the current information, and the authorization code is generated as a one-time password (OTP), for example, generated according to a time information, and generated dynamically. The method can also be generated according to the transaction device machine identification code, the transaction amount, the conversation identification code, and/or the time information, and the authorization code can be transmitted to the personalization device 41 (606) through the network, and displayed. The user sees that the user re-fills the authorization code to the input interface on the transaction device 42 (607). The representation of the authorization code is displayed in addition to the personalization The word string on the device 41 is not excluded from being presented in the form of a bar code or a wireless signal, and is read by the transaction device 42 to install the reader.
經交易裝置42取得授權碼後,經交易服務主機43(608)傳送到驗證伺服器44(609),讓驗證伺服器44可以比對之前所產生的授權碼,而據此執行二次驗證,再回覆驗證結果(610),驗證成功後,經交易服務主機43傳送確認交易(611)資訊給交易主機42,以達成交易(612)。 After obtaining the authorization code by the transaction device 42, it is transmitted to the verification server 44 (609) via the transaction service host 43 (608), so that the verification server 44 can compare the previously generated authorization code and perform secondary verification accordingly. The verification result (610) is replied again, and after the verification is successful, the confirmation transaction (611) information is transmitted to the transaction host 42 via the transaction service host 43 to complete the transaction (612).
圖7顯示本發明採用個人化裝置驗證之交易安全系統的功能方塊實施例圖。 Figure 7 is a diagram showing an embodiment of a functional block of a transaction security system using the personalized device verification of the present invention.
此圖例顯示完成本發明交易程序至少需要一驗證伺服器71,驗證伺服器71也不排除可為載於特定主機,或是交易系統72內的軟體功能;交易安全系統包括交易系統72,交易系統72如前述實施例中的交易裝置與交易服務主機所組成;交易安全系統於個人化裝置73端上安裝有處理交易程序中驗證功能的軟體程式。 This illustration shows that at least one verification server 71 is required to complete the transaction program of the present invention, and the verification server 71 does not exclude software functions that may be carried in a particular host or transaction system 72; the transaction security system includes a transaction system 72, a transaction system 72. The transaction device and the transaction service host are configured as in the foregoing embodiment; the transaction security system is installed on the personalization device 73 with a software program for processing the verification function in the transaction program.
在此採用個人化裝置驗證之交易安全系統中,包括載於個人化裝置73之記憶體的程式,程式主要執行本發明在個人化裝置73端的交易程序,相關的軟體模組如圖顯示裝置端顯示模組731,此如一裝置端顯示指令,經執行此程式後,透過裝置顯示器顯示出所讀取的交易碼以及交易金額,使用者可以根據顯示的交易內容確認內容是否正確,以及是否繼續當次交易。此裝置端顯示指令亦可提示使用者執行交易時的各項步驟,包括在特定實施例中所接收到的授權碼,如圖6所描述的流程。 Here, the transaction security system using the personalized device verification includes a program loaded in the memory of the personalization device 73. The program mainly executes the transaction program of the present invention at the end of the personalization device 73, and the related software module is as shown in the display device. The display module 731 displays a command as shown in a device. After executing the program, the displayed transaction code and the transaction amount are displayed on the display of the device. The user can confirm whether the content is correct according to the displayed transaction content, and whether the content continues. transaction. The device side display command may also prompt the user to perform various steps in the transaction, including the authorization code received in a particular embodiment, such as the process described in FIG.
程式中的軟體模組比如有交易碼讀取模組732,如一交易碼讀取指令,當交易裝置根據交易資訊產生交易碼後,個人化裝置所執行的程式可以讀取交易裝置顯示的交易碼,並可根據交易碼的形式轉換讀取的功能,比如交易碼若以一維或二維條碼表示,交易碼讀取指令將可啟動照相機模組掃描條碼;交易碼若以無線訊號呈現,交易碼讀取指令將啟動裝置中的無線通訊模組(如 NFC),用以讀取無線訊號;若交易碼為顯示在交易裝置端的字串,交易碼讀取指令則產生一個輸入欄位,提供使用者輸入字串。 The software module in the program is, for example, a transaction code reading module 732, such as a transaction code reading instruction. When the transaction device generates a transaction code according to the transaction information, the program executed by the personalization device can read the transaction code displayed by the transaction device. And can read the function according to the transaction code. For example, if the transaction code is represented by one-dimensional or two-dimensional bar code, the transaction code reading command can activate the camera module to scan the barcode; if the transaction code is presented by wireless signal, the transaction The code read command will activate the wireless communication module in the device (eg NFC) is used to read the wireless signal; if the transaction code is a string displayed on the transaction device side, the transaction code reading instruction generates an input field to provide a user input string.
程式包括驗證碼產生模組733,相關指令如一驗證碼產生指令,用以產生驗證碼,並傳送到驗證伺服器。在此指令中,包括取出儲存於個人化裝置內的種值,能夠根據交易金額、交易裝置之代碼與交談識別碼等當下交易資訊運算產生驗證碼。 The program includes a verification code generation module 733, and the related instruction, such as a verification code generation instruction, is used to generate a verification code and transmitted to the verification server. In this instruction, including extracting the seed value stored in the personalization device, the verification code can be generated according to the current transaction information such as the transaction amount, the transaction device code and the conversation identification code.
在一實施例中,個人化裝置73的程式中設有一授權碼取得模組734,此如一授權碼取得指令,用以可自驗證伺服器取得一繼續完成交易的授權碼,如圖6所描述的實施例,當驗證伺服器驗證個人化裝置後,伺服器再產生一如一次式密碼的授權碼,再傳送至個人化裝置73,並顯示於個人化裝置73上,其目的是能夠在完成交易前,再次確認使用者是否在交易裝置前,使用者將可依照授權碼顯示的字串抄寫輸入到交易裝置上,最後由驗證伺服器於接收授權碼後進行驗證,才能依此完成交易。 In an embodiment, the program of the personalization device 73 is provided with an authorization code acquisition module 734, such as an authorization code acquisition command, for obtaining an authorization code for continuing the transaction from the verification server, as described in FIG. In an embodiment, after the verification server verifies the personalization device, the server generates an authorization code such as a one-time password, transmits it to the personalization device 73, and displays it on the personalization device 73, the purpose of which is to be completed. Before the transaction, it is confirmed again whether the user is in front of the transaction device, and the user can input the string that can be displayed according to the authorization code to the transaction device, and finally the verification server can perform the verification after receiving the authorization code, in order to complete the transaction accordingly.
交易安全系統包括交易系統72,其中包括由軟體或硬體實現的功能模組,如一系統端顯示模組721,此包括形成顯示內容的軟硬體,以及呈現內容的顯示螢幕。系統端顯示模組721用以產生顯示於交易裝置上的交易金額輸入介面,以及顯示運算產生的交易碼,並可以包括接收使用者輸入授權碼的相關介面。 The transaction security system includes a transaction system 72, which includes functional modules implemented by software or hardware, such as a system-side display module 721, which includes software and hardware for forming display content, and a display screen for presenting content. The system side display module 721 is configured to generate a transaction amount input interface displayed on the transaction device, and display the transaction code generated by the operation, and may include receiving a relevant interface for inputting the authorization code by the user.
交易系統72包括有交易金額取得模組722,此模組用以自交易金額輸入介面取得使用者或是相關人員所輸入的交易金額,接著交易系統72據此產生交易碼,其中包括有一交易碼產生模組723,即能根據至少交易金額運算產生交易碼,交易碼的運算主要是依照輸入金額,或可參考交易裝置之代碼與交談識別碼等資訊運算得到。 The transaction system 72 includes a transaction amount obtaining module 722 for obtaining the transaction amount input by the user or the related person from the transaction amount input interface, and then the transaction system 72 generates the transaction code according to the transaction code, including a transaction code. The generating module 723 can generate a transaction code according to at least the transaction amount calculation. The operation of the transaction code is mainly based on the input amount, or can be calculated by referring to the information of the transaction device and the conversation identification code.
交易系統72包括有驗證處理模組724,能夠取得自驗證伺服器71根據個人化裝置73傳送的驗證碼的驗證結果,交易系統72將根據這個驗證結果判斷是否完成交易。 The transaction system 72 includes a verification processing module 724 that can obtain the verification result of the verification code transmitted by the verification server 71 according to the personalization device 73, and the transaction system 72 will determine whether to complete the transaction based on the verification result.
交易系統72設有輸出模組725,主要是能夠根據驗證結輸出交易成功或失敗的訊息。在特定實施例中,輸出模組725除了可以單張輸出交易成功或失敗的訊息,還在提款的實施例中輸出現金。 The transaction system 72 is provided with an output module 725, which is mainly capable of outputting a successful or failed message according to the verification result. In a particular embodiment, the output module 725, in addition to being able to output a message of a successful or failed transaction, also outputs cash in an embodiment of the withdrawal.
在一實施例中,對應前述個人化裝置73中的授權碼取得模組734,交易系統72更可包括一授權碼處理模組726,可用以接收個人化裝置73的使用者在交易裝置上填寫的授權碼,並傳送至驗證伺服器71上。 In an embodiment, corresponding to the authorization code obtaining module 734 in the personalization device 73, the transaction system 72 further includes an authorization code processing module 726, and the user who can receive the personalized device 73 fills in the transaction device. The authorization code is transmitted to the verification server 71.
本發明更涉及處理以上交易程序的一種電腦可讀取儲存裝置,其中儲存由電腦系統中一處理器執行的採用個人化裝置驗證之交易方法的程式碼。電腦系統以一個人化裝置實現,其中執行的程式碼至少包括讀取交易裝置上顯示的交易碼的指令、以種值根據當下交易資訊運算產生驗證碼的指令、傳送驗證碼至驗證伺服器的指令。另可包括接收驗證伺服器產生的授權碼的指令、顯示此授權碼的指令等。 The invention further relates to a computer readable storage device for processing the above transaction program, wherein a code for a transaction method for verification by a personalized device executed by a processor in the computer system is stored. The computer system is implemented by a personalization device, wherein the executed code includes at least an instruction for reading a transaction code displayed on the transaction device, an instruction for generating a verification code according to the current transaction information operation, and an instruction for transmitting the verification code to the verification server. . It may also include an instruction to receive an authorization code generated by the verification server, an instruction to display the authorization code, and the like.
是以,以上揭露書所描述的採用個人化裝置驗證之交易方法,以及相關交易安全系統,其主要應用在交易程序中身份驗證的程序,包括可以應用在自動櫃員機提款、存款、轉帳等動作的驗證程序,也可應用在一般購物交易時的驗證程序中,使得交易程序具有高安全性,其中除了個人化裝置之外並無需要密碼、信用卡或提款卡等物品,可避免被盜用。其中特別是在交易過程中,由交易裝置產生交易碼,由個人化裝置讀取,再以程式產生的驗證碼由第三方驗證單位執行身份驗證。藉著本發明的運行,可以提供高安全性的交易程序。 Therefore, the transaction method using personalized device verification described in the above disclosure, and the related transaction security system, which are mainly applied to the authentication process in the transaction program, include actions that can be applied to ATM withdrawal, deposit, transfer, etc. The verification procedure can also be applied to the verification procedure in the general shopping transaction, so that the transaction procedure has high security, and no password, credit card or ATM card is needed except the personalization device, so as to avoid being stolen. In particular, during the transaction process, the transaction code is generated by the transaction device, read by the personalization device, and the verification code generated by the program is used by the third-party verification unit to perform identity verification. By the operation of the present invention, a highly secure transaction program can be provided.
惟以上所述僅為本發明之較佳可行實施例,非因此即侷限本發明之專利範圍,故舉凡運用本發明說明書及圖示內容所為之等效結構變化,均同理包含於本發明之範圍內,合予陳明。 However, the above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Therefore, equivalent structural changes that are made by using the specification and the contents of the present invention are equally included in the present invention. Within the scope, it is combined with Chen Ming.
S301‧‧‧填入交易金額 S301‧‧‧ Fill in the transaction amount
S303‧‧‧顯示交易碼 S303‧‧‧ Display transaction code
S305‧‧‧讀取交易碼,並確認內容 S305‧‧‧Read the transaction code and confirm the content
S307‧‧‧產生驗證碼 S307‧‧‧ Generate verification code
S309‧‧‧傳送驗證碼 S309‧‧‧Transfer verification code
S311‧‧‧驗證成功後完成交易 S311‧‧‧Complete the transaction after successful verification
Claims (20)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW104116091A TWI545512B (en) | 2015-05-20 | 2015-05-20 | Transaction method and transaction security system with authentication using personal device, and computer-readable medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW104116091A TWI545512B (en) | 2015-05-20 | 2015-05-20 | Transaction method and transaction security system with authentication using personal device, and computer-readable medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TWI545512B true TWI545512B (en) | 2016-08-11 |
| TW201642191A TW201642191A (en) | 2016-12-01 |
Family
ID=57183720
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW104116091A TWI545512B (en) | 2015-05-20 | 2015-05-20 | Transaction method and transaction security system with authentication using personal device, and computer-readable medium |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI545512B (en) |
-
2015
- 2015-05-20 TW TW104116091A patent/TWI545512B/en active
Also Published As
| Publication number | Publication date |
|---|---|
| TW201642191A (en) | 2016-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11943231B2 (en) | Token and cryptogram using transaction specific information | |
| US20140310182A1 (en) | Systems and methods for outputting information on a display of a mobile device | |
| CN114637979A (en) | Wireless biometric authentication system and method | |
| EP3259877A1 (en) | Secure authentication of user and mobile device | |
| JP6704009B2 (en) | Mobile payment method using barcodes, device, and server for using the method | |
| CN111742314B (en) | Biometric sensor on portable device | |
| WO2015000365A1 (en) | Quick payment method and system based on location information | |
| US20160092876A1 (en) | On-device shared cardholder verification | |
| US9811829B2 (en) | System and method for guided passcode entry | |
| US20170076285A1 (en) | Payment Method and Apparatus and Payment Factor Processing Method and Apparatus | |
| KR101804182B1 (en) | Online financial transactions, identity authentication system and method using real cards | |
| EP3533172B1 (en) | System for secure authentication of a user's identity in an electronic system for banking transactions | |
| US9589265B2 (en) | Mobile payment method | |
| KR101865879B1 (en) | System and method for providing financial transaction using pre-approval | |
| CN115362462A (en) | Financial transaction system and method | |
| TWM512772U (en) | Transaction device and transaction security system with authentication using personal device | |
| EP4142216A1 (en) | Digital identity authentication system and method | |
| TWI545512B (en) | Transaction method and transaction security system with authentication using personal device, and computer-readable medium | |
| TWM596933U (en) | System for withdrawing cash via external system | |
| KR101626942B1 (en) | Otp generating system linked with pin using nfc and the method thereof | |
| EP3404600A1 (en) | A strong user authentication method on non-virtual payment devices | |
| CN115829577A (en) | Authentication method, apparatus, system, medium, and program product | |
| EP3082087A1 (en) | Mobile payment method |