TWI644279B - Methods and systems for effecting online opening of securities account - Google Patents

Methods and systems for effecting online opening of securities account Download PDF

Info

Publication number
TWI644279B
TWI644279B TW105128547A TW105128547A TWI644279B TW I644279 B TWI644279 B TW I644279B TW 105128547 A TW105128547 A TW 105128547A TW 105128547 A TW105128547 A TW 105128547A TW I644279 B TWI644279 B TW I644279B
Authority
TW
Taiwan
Prior art keywords
server
user
securities
uuid
authentication
Prior art date
Application number
TW105128547A
Other languages
Chinese (zh)
Other versions
TW201810160A (en
Inventor
林柏佳
杜青蓉
Original Assignee
台新綜合證券股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 台新綜合證券股份有限公司 filed Critical 台新綜合證券股份有限公司
Priority to TW105128547A priority Critical patent/TWI644279B/en
Publication of TW201810160A publication Critical patent/TW201810160A/en
Application granted granted Critical
Publication of TWI644279B publication Critical patent/TWI644279B/en

Links

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

在一方面,本發明提供一種用於促成線上證券戶開立之身分認證及憑證取得之系統,其包含:一網路銀行伺服器;及一證券商端,包括一閘道主機,一證券商伺服器,以及一憑證伺服器。另一方面,本發明提供一種用於促成線上證券戶開立之身分認證及憑證取得之方法。In one aspect, the present invention provides a system for facilitating identity authentication and voucher obtaining for online securities firms, comprising: an online banking server; and a securities broker, including a gateway host, a securities dealer Server, and a credential server. In another aspect, the present invention provides a method for facilitating identity authentication and voucher acquisition for online securities firms.

Description

用於促成線上證券戶開立之方法及系統Method and system for facilitating the opening of online securities households

本發明係關於一種用於促成線上證券戶開立之方法及系統,特別是針對其中之身分認證及憑證取得之方法及系統。 The present invention relates to a method and system for facilitating the opening of online securities firms, and in particular to a method and system for obtaining identity authentication and credentials therein.

現有的證券戶開立流程,或需線上視訊認證,或需臨櫃辦理交割銀行帳戶設定,較不方便。因此,仍亟需一種能夠簡化客戶申請手續之促成線上證券戶開立之方法或系統。 Existing securities companies open the process, or need online video certification, or need to settle the bank account settings, it is less convenient. Therefore, there is still a need for a method or system that facilitates the opening of online securities firms by simplifying customer application procedures.

在一方面,本發明提供一種用於促成線上證券戶開立之系統,其包含:一網路銀行伺服器;及一證券商端,包括一閘道主機,一證券商伺服器,以及一憑證伺服器;其中,該網路銀行伺服器係提供一第一使用者介面,其允許位於一使用者端之使用者輸入一交割戶帳號以及勾選同意扣款,並允許藉由晶片金融卡以及該使用者輸入的驗證資訊,來認證該使用者之身分;身分認證通過後,該網路銀行伺服器將一開戶資訊傳送至該閘道主機,該開戶資訊包括該使用者之身分證字號、該交割戶帳號及同意扣款註記;接獲該開戶資訊後,該閘道主機新增一客戶資料,該客戶資料包括該使用者之身分證字號、該交割戶帳號、該同意扣款註記以及新增的一通用唯一識別碼(UUID),並將該UUID傳送至該網路銀行伺服器;該網路銀行伺服器將該UUID傳送至該使用者端;在 該網路銀行伺服器控制下,由該使用者端向該證券商伺服器傳送一驗證請求,該驗證請求包括該身分證字號及該UUID;該證券商伺服器向該閘道主機傳送該認證請求;UUID認證通過後,該閘道主機將該交割戶帳號及該同意扣款註記傳送至該證券商伺服器;該證券商伺服器並允許該使用者透過其所提供的一第二使用者介面,藉由網頁信任機制,進入該憑證伺服器提供的一第三使用者介面,並進行憑證取得之認證;認證通過後,該第三使用者介面允許該使用者向該憑證伺服器提出一申請憑證請求;以及,該憑證伺服器依請求傳送一憑證至該使用者端。 In one aspect, the present invention provides a system for facilitating the opening of an online securities firm, comprising: an online banking server; and a securities broker, including a gateway host, a securities server, and a credential a server; wherein the online banking server provides a first user interface, which allows a user at a user end to enter a delivery account and check the consent deduction, and allows the use of the chip financial card and The authentication information input by the user is used to authenticate the identity of the user; after the identity authentication is passed, the online banking server transmits an account opening information to the gateway host, and the account opening information includes the identity card number of the user, The account of the delivery account and the consent deduction note; after receiving the account opening information, the gateway host adds a customer profile, the customer profile including the user's identity card number, the delivery account number, the consent deduction note, and Adding a universal unique identification code (UUID) and transmitting the UUID to the online banking server; the online banking server transmits the UUID to the user end; Under the control of the online banking server, the client sends a verification request to the securities server, the verification request including the identity card number and the UUID; the securities server transmits the authentication to the gateway host After the UUID certification is passed, the gateway host transmits the delivery account number and the consent deduction note to the securities server; the securities server allows the user to provide a second user through the request The interface, through the webpage trust mechanism, enters a third user interface provided by the credential server, and performs authentication of the credential acquisition; after the authentication is passed, the third user interface allows the user to present a credential server to the credential server. Requesting a voucher request; and the credential server transmits a credential to the client as requested.

在本發明之部分具體實施例中,於開戶資訊認證通過後,該閘道主機更將該開戶請求存入一交談識別碼(session ID)。 In some embodiments of the present invention, after the account opening information is authenticated, the gateway host further deposits the account opening request into a session ID.

在本發明之部分具體實施例中,在該證券商伺服器控制下,由該使用者端向該憑證伺服器傳送包括該身分證字號及認證碼之資訊,作為進入該第三使用者介面之請求。 In some embodiments of the present invention, under the control of the securities server, the user terminal transmits information including the identity card number and the authentication code to the credential server as access to the third user interface. request.

根據本發明之較佳具體實施例,該憑證申請之認證包含以下交互認證步驟:該憑證伺服器將該身分證字號傳送至該閘道主機;該閘道主機將該UUID傳送至該憑證伺服器;以及,該憑證伺服器將該UUID傳送至該使用者端,由該使用者端將該UUID傳送至該證券商伺服器。 According to a preferred embodiment of the present invention, the authentication of the voucher application includes the following interactive authentication step: the credential server transmits the identity card number to the gateway host; the gateway host transmits the UUID to the credential server And, the credential server transmits the UUID to the user end, and the UUID is transmitted by the user terminal to the securities server.

另一方面,本發明提供一種用於促成線上證券戶開立之方法,其包含:一網路銀行伺服器提供一第一使用者介面,其允許位於一使用者端之使用者輸入一交割戶帳號以及勾選同意扣款,並允許藉由晶片金融卡以及該使用者輸入的驗證資訊,來認證該使用者之身分;身分認證通過後,該網路銀行伺服器將一開戶資訊傳送至一閘道主機,該開戶資訊包括該使用者之身分證字號、該交割戶帳號及同意扣款註記;接獲該開戶資訊後,該閘道主機新增一客 戶資料,該客戶資料包括該使用者之身分證字號、該交割戶帳號、該同意扣款註記以及新增的一通用唯一識別碼(UUID),並將該UUID傳送至該網路銀行伺服器;該網路銀行伺服器將該UUID傳送至該使用者端;在該網路銀行伺服器控制下,由該使用者端向該證券商伺服器傳送一驗證請求,該驗證請求包括該身分證字號及該UUID;該證券商伺服器向該閘道主機傳送該認證請求,UUID認證通過後,該閘道主機將該交割戶帳號及該同意扣款註記傳送至該證券商伺服器;該證券商伺服器並允許該使用者透過其所提供的一第二使用者介面,藉由網頁信任機制,進入一憑證伺服器提供的一第三使用者介面,並進行憑證申請之認證;認證通過後,該第三使用者介面允許該使用者向該憑證伺服器提出一取得憑證請求;以及,該憑證伺服器依請求傳送一憑證至該使用者端。 In another aspect, the present invention provides a method for facilitating the opening of an online securities firm, comprising: an online banking server providing a first user interface that allows a user at a user to enter a payee Account and check the consent deduction, and allow the identity of the user to be authenticated by the chip financial card and the verification information entered by the user; after the identity authentication is passed, the online banking server transmits an account opening information to the The gateway host, the account opening information includes the identity card number of the user, the account of the delivery account and the consent note of the deduction; after receiving the account opening information, the gateway host adds a guest User profile, the customer profile includes the user's identity card number, the delivery account number, the consent debit note, and a new universal unique identification number (UUID), and the UUID is transmitted to the online banking server The online banking server transmits the UUID to the user terminal; under the control of the online banking server, the user terminal transmits a verification request to the securities server, the verification request including the identity card a font size and the UUID; the securities server sends the authentication request to the gateway host, and after the UUID authentication is passed, the gateway host transmits the delivery account number and the agreed debit note to the securities server; the security The server also allows the user to access a third user interface provided by a credential server through a web user trust mechanism through a second user interface provided by the user, and perform authentication of the voucher application; The third user interface allows the user to submit a request for obtaining a credential to the credential server; and the credential server transmits a credential to the user end upon request.

在本發明之部分具體實施例中,於開戶資訊認證通過後,該閘道主機更將該開戶請求存入一交談識別碼(session ID)。 In some embodiments of the present invention, after the account opening information is authenticated, the gateway host further deposits the account opening request into a session ID.

在本發明之部分具體實施例中,在該證券商伺服器控制下,由該使用者端向該憑證伺服器傳送包括該身分證字號及認證碼之資訊,作為進入該第三使用者介面之請求。 In some embodiments of the present invention, under the control of the securities server, the user terminal transmits information including the identity card number and the authentication code to the credential server as access to the third user interface. request.

根據本發明之較佳具體實施例,該憑證申請之認證包含以下交互認證步驟:該憑證伺服器將該身分證字號傳送至該閘道主機;該閘道主機將該UUID傳送至該憑證伺服器;以及,該憑證伺服器將該UUID傳送至該使用者端,由該使用者端將該UUID傳送至該證券商伺服器。 According to a preferred embodiment of the present invention, the authentication of the voucher application includes the following interactive authentication step: the credential server transmits the identity card number to the gateway host; the gateway host transmits the UUID to the credential server And, the credential server transmits the UUID to the user end, and the UUID is transmitted by the user terminal to the securities server.

本發明之其他目的及優點一部分記載於下述說明中,或可透過本發明的實施例而理解。應了解前文之發明內容及下文之實施方式僅為例示性及闡釋性之說明,而非如申請專利範圍般限定本發明。 Other objects and advantages of the invention will be set forth in the description which follows. It is to be understood that the foregoing description of the invention and the invention are intended to

100‧‧‧網路銀行伺服器 100 ‧‧‧Internet Banking Server

200‧‧‧證券商端 200 ‧ ‧ securities firm

300‧‧‧使用者端 300 ‧‧‧User side

10‧‧‧閘道主機 10 ‧‧‧Gateway host

20‧‧‧證券商伺服器 20 ‧ ‧ Securities Dealer Server

30‧‧‧憑證伺服器 30 ‧‧‧Voucher server

40‧‧‧第一使用者介面 40 ‧‧‧First user interface

50‧‧‧第二使用者介面 50 ‧‧‧Second user interface

60‧‧‧第三使用者介面 60 ‧‧‧ third user interface

圖1顯示對應於本發明之一較佳具體實施例之系統架構圖。 1 shows a system architecture diagram corresponding to a preferred embodiment of the present invention.

圖2係根據本發明之一較佳具體實施例繪製之不同使用者介面間轉換之示意圖。 2 is a schematic diagram of the transition between different user interfaces drawn in accordance with a preferred embodiment of the present invention.

圖3顯示對應於本發明之一較佳具體實施例之流程圖。 Figure 3 shows a flow chart corresponding to a preferred embodiment of the present invention.

除非另有指明,所有在此處使用的技術性和科學性術語具有如同本創作所屬技藝中之通常技術者一般所瞭解的意義。 All technical and scientific terms used herein have the meaning as commonly understood by one of ordinary skill in the art to which the present invention pertains, unless otherwise indicated.

本文所使用的「一」乙詞,如未特別指明,係指至少一個(一個或一個以上)之數量。 The term "a" as used herein, unless otherwise specified, refers to the quantity of at least one (one or more).

在一方面,本發明提供一種用於促成線上證券戶開立之系統,其包含一網路銀行伺服器及一證券商端。該證券商端包含一閘道主機、一證券商伺服器以及一憑證伺服器。該網路銀行伺服器係提供一第一使用者介面,其允許位於一使用者端之使用者輸入一交割戶帳號以及勾選同意扣款,並允許藉由晶片金融卡以及該使用者輸入的驗證資訊,來認證該使用者之身分;身分認證通過後,該網路銀行伺服器將一開戶資訊傳送至該閘道主機,該開戶資訊包括該使用者之身分證字號、該交割戶帳號及同意扣款註記;接獲該開戶資訊後,該閘道主機新增一客戶資料,該客戶資料包括該使用者之身分證字號、該交割戶帳號、該同意扣款註記以及新增的一通用唯一識別碼(UUID),並將該UUID傳送至該網路銀行伺服器;該網路銀行伺服器將該UUID傳送至該使用者端;在該網路銀行伺服器控制下,由該使用者端向該證券商伺服器傳送一驗證請求,該驗證請求包括該身分證字號及該UUID;該證券商伺服器向該閘道主機傳送該認證請求,UUID認證通過後,該閘道主機將該交割戶帳號及該同意扣款註記傳 送至該證券商伺服器;該證券商伺服器並允許該使用者透過其所提供一第二使用者介面,藉由網頁信任機制,進入該憑證伺服器提供的一第三使用者介面,並進行憑證申請之認證;認證通過後,該第三使用者介面允許該使用者向該憑證伺服器提出一取得憑證請求;以及,該憑證伺服器依請求傳送一憑證至該使用者端。 In one aspect, the present invention provides a system for facilitating the opening of an online securities firm, comprising an online banking server and a securities broker. The securities terminal includes a gateway host, a securities server and a credential server. The online banking server provides a first user interface that allows a user at a user end to enter a payee account number and check the consent deduction, and allows the wafer financial card and the user to input Verifying the information to authenticate the identity of the user; after the identity authentication is passed, the online banking server transmits an account opening information to the gateway host, the account opening information includes the identity card number of the user, the account number of the delivery account, and Agreeing with the debit note; after receiving the account opening information, the gateway host adds a customer profile, which includes the user's identity card number, the delivery account number, the consent deduction note, and a new one. a unique identification code (UUID), and the UUID is transmitted to the online banking server; the online banking server transmits the UUID to the user terminal; under the control of the online banking server, the user Sending a verification request to the securities server, the verification request including the identity card number and the UUID; the securities server sends the authentication request to the gateway host, and the UUID authentication is After that, the gateway host will transfer the account of the delivery account and the consent deduction note. Sent to the securities server; the securities server allows the user to access a third user interface provided by the credential server through a web trust mechanism through a second user interface provided by the server The authentication of the voucher application is performed; after the authentication is passed, the third user interface allows the user to submit a voucher request to the credential server; and the credential server transmits a credential to the user end upon request.

另一方面,本發明提供一種用於促成線上證券戶開立之方法,其包含:一網路銀行伺服器提供一第一使用者介面,其允許位於一使用者端之使用者輸入一交割戶帳號以及勾選同意扣款,並允許藉由晶片金融卡以及該使用者輸入的驗證資訊,來認證該使用者之身分;身分認證通過後,該網路銀行伺服器將一開戶資訊傳送至該閘道主機,該開戶資訊包括該使用者之身分證字號、該交割戶帳號及同意扣款註記;接獲該開戶資訊後,該閘道主機新增一客戶資料,該客戶資料包括該使用者之身分證字號、該交割戶帳號、該同意扣款註記以及新增的一通用唯一識別碼(UUID),並將該UUID傳送至該網路銀行伺服器;該網路銀行伺服器將該UUID傳送至該使用者端;在該網路銀行伺服器控制下,由該使用者端向該證券商伺服器傳送一驗證請求,該驗證請求包括該身分證字號及該UUID;該證券商伺服器向該閘道主機傳送該認證請求,UUID認證通過後,該閘道主機將該交割戶帳號及該同意扣款註記傳送至該證券商伺服器;該證券商伺服器並允許該使用者透過其所提供的一第二使用者介面,藉由網頁信任機制,進入一憑證伺服器提供的一第三使用者介面,並進行憑證申請之認證;認證通過後,該第三使用者介面允許該使用者向該憑證伺服器提出一取得憑證請求;以及,該憑證伺服器依請求傳送一憑證至該使用者端。 In another aspect, the present invention provides a method for facilitating the opening of an online securities firm, comprising: an online banking server providing a first user interface that allows a user at a user to enter a payee Account and check the consent deduction, and allow the identity of the user to be authenticated by the chip financial card and the verification information entered by the user; after the identity authentication is passed, the online banking server transmits an account opening information to the account The gateway information includes the user's identity card number, the delivery account number and the consent deduction note; after receiving the account opening information, the gateway host adds a customer profile, the customer profile including the user The identity card number, the delivery account number, the consent debit note, and a new universal unique identification number (UUID), and the UUID is transmitted to the online banking server; the online banking server uses the UUID Transmitting to the user terminal; under the control of the online banking server, the client sends a verification request to the securities server, the verification request including the identity card And the UUID; the securities server sends the authentication request to the gateway host, and after the UUID authentication is passed, the gateway host transmits the delivery account and the agreed debit note to the securities server; the broker The server allows the user to access a third user interface provided by a credential server through a webpage trust mechanism through a second user interface provided by the user, and authenticates the voucher application; after the authentication is passed, The third user interface allows the user to submit a request for obtaining a credential to the credential server; and the credential server transmits a credential to the user end upon request.

根據本發明,該驗證資訊可選自於由下列所組成的群組:該使用者之身分證字號、網路銀行使用者代號、晶片金融卡密碼及其組合。 According to the present invention, the verification information may be selected from the group consisting of: the identity card number of the user, the online banking user code, the chip financial card password, and combinations thereof.

在本發明之一具體實施例中,該閘道主機係根據該身分證字號、該UUID及一交談識別碼(session ID)認證該開戶請求。 In a specific embodiment of the present invention, the gateway host authenticates the account opening request according to the identity card number, the UUID, and a session ID.

在本發明之部分具體實施例中,於開戶資訊認證通過後,該閘道主機更將該開戶請求存入一交談識別碼(session ID)。 In some embodiments of the present invention, after the account opening information is authenticated, the gateway host further deposits the account opening request into a session ID.

根據本發明之一具體實施例,閘道主機將該交割戶帳號及該同意扣款註記傳送至該證券商伺服器後,該證券商伺服器將該身分證字號及該交割戶帳號儲存於一應用程式記憶體。 According to an embodiment of the present invention, after the gateway host transmits the delivery account number and the consent deduction note to the securities server, the securities server stores the identity card number and the delivery account number in one Application memory.

在本發明之部分具體實施例中,在該證券商伺服器控制下,由該使用者端向該憑證伺服器傳送包括該身分證字號及認證碼之資訊,作為進入該第三使用者介面之請求。該認證碼可為,例如,系統雙方談妥的一組計算公式所產生的字串,用以驗證對方是否為可信任之系統。 In some embodiments of the present invention, under the control of the securities server, the user terminal transmits information including the identity card number and the authentication code to the credential server as access to the third user interface. request. The authentication code may be, for example, a string generated by a set of calculation formulas negotiated by both parties to verify whether the other party is a trusted system.

根據本發明之較佳具體實施例,該憑證申請之認證包含以下交互認證步驟:該憑證伺服器將該身分證字號傳送至該閘道主機;該閘道主機將該UUID傳送至該憑證伺服器;以及,該憑證伺服器將該UUID傳送至該使用者端,由該使用者端將該UUID傳送至該證券商伺服器。 According to a preferred embodiment of the present invention, the authentication of the voucher application includes the following interactive authentication step: the credential server transmits the identity card number to the gateway host; the gateway host transmits the UUID to the credential server And, the credential server transmits the UUID to the user end, and the UUID is transmitted by the user terminal to the securities server.

根據本發明,該憑證可為一電子憑證。 According to the invention, the voucher can be an electronic voucher.

在本發明之一具體實施例中,允許該使用者經由該第二使用者介面進入該第一使用者介面,再認證該使用者之身分。 In an embodiment of the present invention, the user is allowed to enter the first user interface via the second user interface, and the identity of the user is authenticated.

藉由本發明之方法或系統取得憑證後,該使用者可透過該第二使用者介面繼續證券戶開立流程,例如,填寫資料、自我徵信、證件上傳、契約審閱等。該使用者透過該第三使用者介面取得憑證後,該憑證伺服器、閘道主機及該證券商伺服器交互認證後,回到該第二使用者介面,該證券商伺服器並可自動將該使用者之身分證字號及該交割戶帳號顯示於該第二使用者介面,並 鎖定不得修改。使用者所填寫的資料及上傳的證件照片等,可以使用者所申請之憑證進行簽章及驗章。 After obtaining the voucher by the method or system of the present invention, the user can continue the opening process of the securities account through the second user interface, for example, filling in information, self-acquisition, document uploading, contract review, and the like. After the user obtains the voucher through the third user interface, the credential server, the gateway host and the securities server are authenticated and returned to the second user interface, and the securities server can automatically The identity card number of the user and the account number of the delivery account are displayed in the second user interface, and Locking must not be modified. The information filled in by the user and the photos of the uploaded documents can be signed and verified by the user's application.

具體而言,本發明之方法或系統可透過包括程式設計或軟體之技術實現。 In particular, the method or system of the present invention can be implemented by techniques including programming or software.

同時參照圖1及圖2,其例示本發明之用於促成線上證券戶開立之系統的一具體實施例,該系統包含一網路銀行伺服器100及一證券商端200,該證券商端200包含一閘道主機10、一證券商伺服器20以及一憑證伺服器30。該網路銀行伺服器100係提供一第一使用者介面40,其允許位於一使用者端300之使用者,輸入一交割戶帳號以及勾選同意扣款(於閱讀相關同意條款後),並允許該使用者藉由晶片金融卡以及其所輸入的驗證資訊,來認證該使用者之身分。身分認證通過後,該網路銀行伺服器100將一開戶資訊傳送至該閘道主機10,該開戶資訊包括該使用者之身分證字號、該交割戶帳號以及同意扣款註記。接獲該開戶資訊後,該閘道主機10會自動新增一筆客戶資料,該客戶資料包括該使用者之身分證字號、該交割戶帳號、該同意扣款註記以及新增的一通用唯一識別碼(UUID),該閘道主機10並將該UUID傳送至該網路銀行伺服器100;該網路銀行伺服器100將該UUID傳送至該使用者端300;在該網路銀行伺服器100控制下,由該使用者端300向該證券商伺服器20傳送一驗證請求,該驗證請求包括該身分證字號及該UUID;該證券商伺服器20向該閘道主機10傳送該認證請求,UUID認證通過後,該閘道主機10將該交割戶帳號及該同意扣款註記傳送至該證券商伺服器20;該證券商伺服器20並允許該使用者端300透過其所提供的一第二使用者介面50,藉由網頁信任機制,進入該憑證伺服器30提供的一第三使用者介面60,並進行憑證申請之認證;認證通過後,該第三使用者介面60允許該使用者端300向該憑證伺服器30提出一取得憑證請求;以及,該憑證伺服器30依請求傳送一憑證至該使用者端300 1 and 2 , which illustrate a specific embodiment of the system for facilitating the opening of an online securities firm, the system includes an online banking server 100 and a securities broker 200 , the securities broker 200 includes a gateway host 10 , a broker server 20, and a credential server 30 . The online banking server 100 provides a first user interface 40 that allows a user at a user terminal 300 to enter a payee account number and check the consent deduction (after reading the relevant consent terms), and The user is allowed to authenticate the identity of the user by means of the wafer financial card and the verification information entered therein. After the identity authentication is passed, the online banking server 100 transmits an account opening information to the gateway host 10 , and the account opening information includes the user's identity card number, the delivery account number, and the consent debit note. After receiving the account opening information, the gateway host 10 automatically adds a customer profile, which includes the user's identity card number, the delivery account number, the consent deduction note, and a new universal unique identification. a code (UUID), the gateway host 10 transmits the UUID to the online banking server 100; the online banking server 100 transmits the UUID to the user terminal 300 ; at the online banking server 100 Under control, the client terminal 300 transmits a verification request to the securities server 20 , the verification request including the identity card number and the UUID; the securities server 20 transmits the authentication request to the gateway host 10 , After the UUID authentication is passed, the gateway host 10 transmits the delivery account number and the consent debit note to the dealer server 20 ; the broker server 20 allows the user terminal 300 to pass through the provided two UI 50, page by trust mechanisms, the credential user enters a third interface 60 provides server 30, and the application authentication credentials; after authentication, the third user interface 60 allows the use of To this end 300 certificate server to obtain a certificate request 30 made; and, the credential server 30 by sending a credentials request to the user terminal 300.

本發明之促成線上證券戶開立之方法可配合本發明之促成線上證券戶開立之系統實現,同時參照圖1-3詳述如下。 The method for facilitating the opening of an online securities firm of the present invention can be implemented in conjunction with the system for facilitating the opening of an online securities firm of the present invention, and is described in detail below with reference to Figures 1-3 .

3為對應於本發明之促成線上證券戶開立之方法的一較佳具體實施例之流程圖。如圖1-3所示,網路銀行伺服器100係提供第一使用者介面40,其允許位於使用者端300之使用者輸入一交割戶帳號以及勾選同意扣款,並允許藉由晶片金融卡以及該使用者輸入的驗證資訊,來認證該使用者之身分(步驟S110);身分認證通過後,網路銀行伺服器100將一開戶資訊傳送至閘道主機10,該開戶資訊包括該使用者之身分證字號、該交割戶帳號及同意扣款註記(步驟S120);接獲該開戶資訊後,該閘道主機10新增一客戶資料,該客戶資料包括該使用者之身分證字號、該交割戶帳號、該同意扣款註記以及新增的一通用唯一識別碼(UUID),並將該UUID傳送至該網路銀行伺服器100(步驟S210);接著,網路銀行伺服器100將該UUID傳送至使用者端300(步驟S310);在該網路銀行伺服器100控制下,由該使用者端300向該證券商伺服器20傳送一驗證請求,該驗證請求包括該身分證字號及該UUID(步驟S320);該證券商伺服器20向該閘道主機10傳送該認證請求(步驟S410);UUID認證通過後,該閘道主機10將該交割戶帳號及該同意扣款註記傳送至該證券商伺服器20(步驟S420);該證券商伺服器20並允許該使用者端300透過其所提供的第二使用者介面50,藉由網頁信任機制,進入該憑證伺服器30提供的一第三使用者介面60,並進行憑證申請之認證(步驟S510);認證通過後,該第三使用者介面60允許該使用者端300向該憑證伺服器30提出一取得憑證請求(步驟S520);以及該憑證伺服器30依請求傳送一憑證至該使用者端300(步驟S530)。如圖1-2所示,該使用者最初可先經由該證券商伺服器20提供的該第二使用者介面50,進入該第一使用者介面40,再認證該使用者之身分,身分認證通過後,再(自動)回到該第二使用者介面50,並藉由網頁信任機制,進入該憑證伺服器30提供的一第三使用者 介面60,取得憑證後可再(自動)回到該該第二使用者介面50,以繼續證券戶開立流程。 3 is a flow chart of a preferred embodiment of a method for facilitating the opening of a securities firm on the line in accordance with the present invention. As shown in FIG. 1-3 , the online banking server 100 provides a first user interface 40 that allows a user at the user terminal 300 to enter a delivery account and check the consent deduction and allow the wafer to be used. The financial card and the verification information input by the user are used to authenticate the identity of the user (step S110 ); after the identity authentication is passed, the online banking server 100 transmits an account opening information to the gateway host 10 , and the account opening information includes the The user's identity card number, the delivery account number, and the consent debit note (step S120 ); after receiving the account opening information, the gateway host 10 adds a customer profile, the customer profile including the user's identity card number The payee account number, the consent debit note, and a new universal unique identification code (UUID), and transmit the UUID to the online banking server 100 (step S210 ); then, the online banking server 100 the UUID sent to the user terminal 300 (step S310); bank 100 in the network server controlled by the user to the security provider server 300 transmits an authentication request terminal 20, the authentication request includes the identity card The securities firm server 20 transmits a gateway host 10 to the authentication request (step S410);; number and the UUID (step S320) UUID After authentication, the gateway host 10 and the delivery of the user consent debit account The annotation is transmitted to the broker server 20 (step S420 ); the broker server 20 allows the client 300 to enter the credential server through the web trust mechanism through the second user interface 50 provided by the client 300 30. A third user interface 60 is provided , and the certificate application is authenticated (step S510 ). After the authentication is passed, the third user interface 60 allows the user terminal 300 to submit a certificate request to the certificate server 30. (Step S520 ); and the credential server 30 transmits a credential to the user terminal 300 upon request (step S530 ). As shown in FIG. 1-2 , the user may first enter the first user interface 40 via the second user interface 50 provided by the dealer server 20 , and then authenticate the identity of the user, and authenticate the identity. After passing, (automatically) return to the second user interface 50 , and through the webpage trust mechanism, enter a third user interface 60 provided by the credential server 30 , and then obtain the credential and then (automatically) return The second user interface 50 is to continue the opening process of the securities account.

Claims (10)

一種用於促成線上證券戶開立之系統,其包含:一網路銀行伺服器;及一證券商端,包括一閘道主機,一證券商伺服器,以及一憑證伺服器;其中,該網路銀行伺服器係提供一第一使用者介面,其允許位於一使用者端之使用者輸入一交割戶帳號以及勾選同意扣款,並允許藉由晶片金融卡以及該使用者輸入的驗證資訊,來認證該使用者之身分;身分認證通過後,該網路銀行伺服器將一開戶資訊傳送至該閘道主機,該開戶資訊包括該使用者之身分證字號、該交割戶帳號及同意扣款註記;接獲該開戶資訊後,該閘道主機新增一客戶資料,該客戶資料包括該使用者之身分證字號、該交割戶帳號、該同意扣款註記以及新增的一通用唯一識別碼(UUID),並將該UUID傳送至該網路銀行伺服器;該網路銀行伺服器將該UUID傳送至該使用者端;在該網路銀行伺服器控制下,由該使用者端向該證券商伺服器傳送一驗證請求,該驗證請求包括該身分證字號及該UUID;該證券商伺服器向該閘道主機傳送該認證請求;UUID認證通過後,該閘道主機將該交割戶帳號及該同意扣款註記傳送至該證券商伺服器;該證券商伺服器並允許該使用者透過其所提供的一第二使用者介面,藉由網頁信任機制,進入該憑證伺服器提供的一第三使用者介面,並進行憑證申請之認證;認證通過後,該第三使用者介面允許該使用者向該憑證伺服器提出一取得憑證請求;以及,該憑證伺服器依請求傳送一憑證至該使用者端。 A system for facilitating the opening of an online securities firm, comprising: an online banking server; and a securities terminal, including a gateway host, a securities server, and a credential server; wherein the network The Banking Server provides a first user interface that allows a user at a user to enter a payee account and check the consent deduction, and allows the verification information to be entered by the chip financial card and the user. To authenticate the identity of the user; after the identity authentication is passed, the online banking server transmits an account opening information to the gateway host, and the account opening information includes the user's identity card number, the delivery account number, and the consent button. After receiving the account opening information, the gateway host adds a customer profile, the customer profile including the user's identity card number, the delivery account number, the consent deduction note, and a new universal unique identification. a UUID, and transmitting the UUID to the online banking server; the online banking server transmits the UUID to the user terminal; under the control of the online banking server Sending, by the user terminal, a verification request to the securities server, the verification request including the identity card number and the UUID; the securities server sends the authentication request to the gateway host; after the UUID authentication is passed, the gate is The host sends the delivery account number and the consent deduction note to the securities server; the securities server allows the user to enter through a web user trust mechanism through a second user interface provided by the server a third user interface provided by the credential server, and performing authentication of the voucher application; after the authentication is passed, the third user interface allows the user to submit a voucher request to the credential server; and the credential server The device transmits a credential to the client on request. 如請求項1之系統,其中,開戶資訊認證通過後,該閘道主機更將該開戶請求存入一交談識別碼(session ID)。 The system of claim 1, wherein the gateway host further deposits the account opening request into a session ID after the account information authentication is passed. 如請求項1之系統,其中,在該證券商伺服器控制下,由該使用者端向該憑證伺服器傳送包括該身分證字號及認證碼之資訊,作為進入該第三使用者介面之請求。 The system of claim 1, wherein, under the control of the securities server, the user terminal transmits information including the identity card number and the authentication code to the credential server as a request to enter the third user interface. . 如請求項3之系統,其中,該憑證申請之認證包含以下交互認證步驟:該憑證伺服器將該身分證字號傳送至該閘道主機;該閘道主機將該UUID傳送至該憑證伺服器;以及,該憑證伺服器將該UUID傳送至該使用者端,由該使用者端將該UUID傳送至該證券商伺服器。 The system of claim 3, wherein the authentication of the voucher application comprises the following interactive authentication step: the credential server transmits the identity card number to the gateway host; the gateway host transmits the UUID to the credential server; And the credential server transmits the UUID to the user end, and the UUID is transmitted by the user end to the securities server. 如請求項1之系統,其中該憑證為一電子憑證。 The system of claim 1, wherein the voucher is an electronic voucher. 一種用於促成線上證券戶開立之方法,其包含:一網路銀行伺服器提供一第一使用者介面,其允許位於一使用者端之使用者輸入一交割戶帳號以及勾選同意扣款,並允許藉由晶片金融卡以及該使用者輸入的驗證資訊,來認證該使用者之身分;身分認證通過後,該網路銀行伺服器將一開戶資訊傳送至該閘道主機,該開戶資訊包括該使用者之身分證字號、該交割戶帳號及同意扣款註記;接獲該開戶資訊後,該閘道主機新增一客戶資料,該客戶資料包括該使用者之身分證字號、該交割戶帳號、該同意扣款註記以及新增的一通用唯一識別碼(UUID),並將該UUID傳送至該網路銀行伺服器;該網路銀行伺服器將該UUID傳送至該使用者端;在該網路銀行伺服器控制下,由該使用者端向該證券商伺服器傳送一驗證請求,該驗證請求包括該身分證字號及該UUID;該證券商伺服器向該閘道主機傳送該認證請求,UUID認證通過後,該閘道主機將該交割戶帳號及該同意扣款註記傳送至該證券商伺服器;該證券商伺服器並允許該使用者透過其所提供的一第二使用者介面,藉由網頁信任機制,進入一憑證伺服器提供的一第三使用者介面,並進行憑證申請 之認證;認證通過後,該第三使用者介面允許該使用者向該憑證伺服器提出一取得憑證請求;以及,該憑證伺服器依請求傳送一憑證至該使用者端。 A method for facilitating the opening of an online securities firm, comprising: an online banking server providing a first user interface, allowing a user at a user end to enter a delivery account number and checking the consent deduction And permitting the identity of the user by using the chip financial card and the verification information input by the user; after the identity authentication is passed, the online banking server transmits an account opening information to the gateway host, the account information Including the identity card number of the user, the account number of the delivery account and the consent note. After receiving the account opening information, the gateway host adds a customer profile, the customer profile including the user's identity card number, the delivery a user account, the consent debit note, and a new universal unique identification number (UUID), and transmitting the UUID to the online banking server; the online banking server transmits the UUID to the user terminal; Under the control of the online banking server, the client sends a verification request to the securities server, the verification request including the identity card number and the UUID; the securities provider Transmitting the authentication request to the gateway host, after the UUID authentication is passed, the gateway host transmits the delivery account number and the consent deduction note to the securities server; the securities server allows the user to A second user interface provided by the webpage trust mechanism enters a third user interface provided by a credential server and applies for a voucher After the authentication is passed, the third user interface allows the user to submit a request for obtaining a credential to the credential server; and the credential server transmits a credential to the user end upon request. 如請求項6之方法,其中,開戶資訊認證通過後,該閘道主機更將該開戶請求存入一交談識別碼(session ID)。 The method of claim 6, wherein the gateway host further deposits the account opening request into a session ID after the account information authentication is passed. 如請求項6之方法,其中,在該證券商伺服器控制下,由該使用者端向該憑證伺服器傳送包括該身分證字號及認證碼之資訊,作為進入該第三使用者介面之請求。 The method of claim 6, wherein, under the control of the securities server, the user terminal transmits information including the identity card number and the authentication code to the credential server as a request to enter the third user interface. . 如請求項8之方法,其中,該憑證申請之認證包含以下交互認證步驟:該憑證伺服器將該身分證字號傳送至該閘道主機;該閘道主機將該UUID傳送至該憑證伺服器;以及,該憑證伺服器將該UUID傳送至該使用者端,由該使用者端將該UUID傳送至該證券商伺服器。 The method of claim 8, wherein the authentication of the voucher application comprises the following interactive authentication step: the credential server transmits the identity card number to the gateway host; the gateway host transmits the UUID to the credential server; And the credential server transmits the UUID to the user end, and the UUID is transmitted by the user end to the securities server. 如請求項6之方法,其中該憑證為一電子憑證。The method of claim 6, wherein the voucher is an electronic voucher.
TW105128547A 2016-09-02 2016-09-02 Methods and systems for effecting online opening of securities account TWI644279B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW105128547A TWI644279B (en) 2016-09-02 2016-09-02 Methods and systems for effecting online opening of securities account

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW105128547A TWI644279B (en) 2016-09-02 2016-09-02 Methods and systems for effecting online opening of securities account

Publications (2)

Publication Number Publication Date
TW201810160A TW201810160A (en) 2018-03-16
TWI644279B true TWI644279B (en) 2018-12-11

Family

ID=62189962

Family Applications (1)

Application Number Title Priority Date Filing Date
TW105128547A TWI644279B (en) 2016-09-02 2016-09-02 Methods and systems for effecting online opening of securities account

Country Status (1)

Country Link
TW (1) TWI644279B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI729535B (en) * 2019-10-18 2021-06-01 臺灣網路認證股份有限公司 System for using financial account to confirm identity and method thereof

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101978650B (en) * 2008-01-10 2012-08-15 任少华 A system and method of secure network authentication
CN103546292A (en) * 2013-10-08 2014-01-29 任少华 Third-party certification system or method with multiple identification codes
CN104767616A (en) * 2015-03-06 2015-07-08 北京石盾科技有限公司 Message processing method, system and related device
CN105245340A (en) * 2015-09-07 2016-01-13 天地融科技股份有限公司 Identity authentication method based on remote account opening and system
TWM518371U (en) * 2015-09-15 2016-03-01 Systex Corp Remote securities account-opening system
TWM518372U (en) * 2015-11-05 2016-03-01 Softmobile Technology Corp Remote account-opening system
CN105590257A (en) * 2015-12-22 2016-05-18 深圳前海微众银行股份有限公司 Bank remote account opening security processing method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101978650B (en) * 2008-01-10 2012-08-15 任少华 A system and method of secure network authentication
CN103546292A (en) * 2013-10-08 2014-01-29 任少华 Third-party certification system or method with multiple identification codes
CN104767616A (en) * 2015-03-06 2015-07-08 北京石盾科技有限公司 Message processing method, system and related device
CN105245340A (en) * 2015-09-07 2016-01-13 天地融科技股份有限公司 Identity authentication method based on remote account opening and system
TWM518371U (en) * 2015-09-15 2016-03-01 Systex Corp Remote securities account-opening system
TWM518372U (en) * 2015-11-05 2016-03-01 Softmobile Technology Corp Remote account-opening system
CN105590257A (en) * 2015-12-22 2016-05-18 深圳前海微众银行股份有限公司 Bank remote account opening security processing method and device

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
憑證申請-常見問題障礙排除,2015年5月11日,http://www.tcfhc-sec.com.tw/Files/download/合庫憑證問題障礙排除.pdf *
行政院第3456次院會,打造數位化金融環境3.0,金融監督管理委員會,2015年7月9日 *
行政院第3456次院會,打造數位化金融環境3.0,金融監督管理委員會,2015年7月9日。

Also Published As

Publication number Publication date
TW201810160A (en) 2018-03-16

Similar Documents

Publication Publication Date Title
US11895239B1 (en) Biometric electronic signature tokens
US11689370B2 (en) Dynamic management and implementation of consent and permissioning protocols using container-based applications
US8775814B2 (en) Personalized biometric identification and non-repudiation system
CN102202300B (en) A kind of based on twin-channel dynamic cipher authentication system and method
US20180234409A1 (en) Privacy ensured brokered identity federation
US11394712B2 (en) Secure account access
US20110276495A1 (en) One-time use password systems and methods
EP2343679A1 (en) Secure transaction systems and methods
TWI548249B (en) Method for verifying secruity data, system, and a computer-readable storage device
KR20100126291A (en) Method for reading attributes from an id token
JP2015526784A (en) Enhanced 2CHK authentication security through inquiry-type transactions
WO2017042023A1 (en) Method of managing credentials in a server and a client system
CN111832005B (en) Application authorization method, application authorization device and electronic equipment
KR20150106198A (en) Method, server and device for certification
KR101603963B1 (en) Authentication method using fingerprint information and certification number, user terminal and financial institution server
KR101404989B1 (en) Financial transaction information certification Method for responding MITB attack by Two-Channel authentication, and Financial server thereof
TWI644279B (en) Methods and systems for effecting online opening of securities account
EP3014539A1 (en) Electronic transaction method and computer system
US20190303928A1 (en) User authentication in transactions
TWM535365U (en) Systems for effecting online opening of securities account
KR102123405B1 (en) System and method for providing security membership and login hosting service
TW201101215A (en) Two-factor authentication method and system for securing online transactions
EP2916252A1 (en) Electronic transaction method and computer system
TWI600308B (en) System for using valid certificate to apply mobile certificate online and method thereof
EP2879073B1 (en) Electronic transaction method and computer system