TWI691863B - Conversational online bank system and executing method for supplying safety financial service - Google Patents

Conversational online bank system and executing method for supplying safety financial service Download PDF

Info

Publication number
TWI691863B
TWI691863B TW109100218A TW109100218A TWI691863B TW I691863 B TWI691863 B TW I691863B TW 109100218 A TW109100218 A TW 109100218A TW 109100218 A TW109100218 A TW 109100218A TW I691863 B TWI691863 B TW I691863B
Authority
TW
Taiwan
Prior art keywords
interface
terminal host
signal
terminal
sends
Prior art date
Application number
TW109100218A
Other languages
Chinese (zh)
Other versions
TW202032405A (en
Inventor
江哲宇
Original Assignee
華南商業銀行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 華南商業銀行股份有限公司 filed Critical 華南商業銀行股份有限公司
Priority to TW109100218A priority Critical patent/TWI691863B/en
Application granted granted Critical
Publication of TWI691863B publication Critical patent/TWI691863B/en
Publication of TW202032405A publication Critical patent/TW202032405A/en

Links

Images

Abstract

This disclosure provides an executing method for supplying financial service, which comprises the following steps. A first interface triggers a second interface to send a verification signal at least including device information to a first server through a network, and the first server determines whether a first database comprises customer data corresponding to the verification signal. When the first database comprises customer data, the first server sends a confirmation signal to the second interface, and the second interface triggers the first interface to send an execution signal to a second server. After the second server receives the execution signal, the first server determines whether the confirmation signal is sent during a preset period. When the first server sends the confirmation signal during the preset period, the second server executes a financial transaction corresponding to the execution signal. On the contrary, the first server sends a warning signal to the second server.

Description

提供安全性金融服務的對話式行動銀行系統與執行方法Dialogue mobile banking system and execution method for providing secure financial services

本發明係關於一種提供金融服務的系統與執行方法,特別是一種基於行動裝置且提供安全性金融服務的對話式行動銀行系統與執行方法。The invention relates to a system and execution method for providing financial services, in particular to a conversational mobile banking system and execution method for providing secure financial services based on mobile devices.

時至今日,因行動裝置已普及化,加上行動裝置具有攜帶方便、容易操作等優點;因此,許多金融機構使用行動應用程式(mobile application, APP)提供金融服務,讓用戶能透過行動裝置與網路即可完成換匯或轉帳等金融事務。一般而言,上述提供金融服務的方式可稱為「行動銀行」。Today, due to the popularity of mobile devices, and the advantages of mobile devices that are easy to carry and easy to operate; therefore, many financial institutions use mobile applications (APP) to provide financial services, allowing users to use mobile devices and Internet can complete financial transactions such as foreign exchange or transfer. Generally speaking, the above-mentioned way of providing financial services can be called "mobile banking".

由上述的內容可得知,「行動銀行」所提供的金融服務皆需透過網路才能執行,因此相關的安全驗證機制顯得更加重要。然而,當前的行動銀行,都是將安全驗證機制與金融服務設計在同一個行動應用程式上,並且與同一台終端主機做資料傳輸。因此,當上述唯一的資料傳輸路徑被攔截,用戶的個資與交易密碼很可能因此而外洩,進而造成嚴重的資安問題。From the above, we can see that the financial services provided by "Mobile Banking" all need to be performed through the Internet, so the relevant security verification mechanism is even more important. However, the current mobile banks are all designed with the security verification mechanism and financial services on the same mobile application, and do data transmission with the same terminal host. Therefore, when the above-mentioned unique data transmission path is intercepted, the user's personal information and transaction password are likely to be leaked as a result, thereby causing serious security problems.

因此,目前尚需要一種提供安全性金融服務的對話式行動銀行系統與執行方法,以改善上述問題。Therefore, there is still a need for a conversational mobile banking system and execution method for providing secure financial services to improve the above problems.

本發明在於提供一種提供安全性金融服務的對話式行動銀行系統與執行方法,各別為金融服務與安全驗證設計不同的資料傳輸路徑,以改善先前技術所提及的問題。The present invention is to provide a conversational mobile banking system and execution method for providing secure financial services, respectively designing different data transmission paths for financial services and security verification to improve the problems mentioned in the prior art.

本發明提供一種提供安全性金融服務的執行方法,包含:以一行動裝置的一第一介面觸發該行動裝置的一第二介面透過一網路傳送至少包含一裝置資訊的一驗證訊號到一第一終端主機;以該第一終端主機判斷一第一資料庫中是否包含對應該驗證訊號的一客戶資料;當該第一終端主機判斷該第一資料庫包含該客戶資料,以該第一終端主機傳送一確認訊號到該第二介面;以接收該確認訊號的該第二介面,觸發該第一介面傳送一執行訊號到一第二終端主機;在該第二終端主機接獲該執行訊號後,以該第一終端主機判斷是否在一預設時段內發送該確認訊號;當該第一終端主機在該預設時段內發送該確認訊號,以該第二終端主機執行對應該執行訊號的金融事務;以及當該第一終端主機未在該預設時段內發送該確認訊號,以該第一終端主機傳送一警示訊號到該第二終端主機,該警示訊號包含該驗證訊號;在該第二終端主機接獲該警示訊號後,以該第二終端主機產生一再確認訊號,並根據該驗證訊號中的該裝置資訊發送該再確認訊號;以及當該第一終端主機判斷該第一資料庫不包含該客戶資料,以該第一終端主機傳送一拒絕訊息到該第二介面。The invention provides an execution method for providing secure financial services, including: triggering a second interface of a mobile device with a first interface of a mobile device to transmit a verification signal including at least one device information to a first interface through a network A terminal host; use the first terminal host to determine whether a first database contains a customer data corresponding to the verification signal; when the first terminal host determines that the first database contains the customer data, use the first terminal The host sends a confirmation signal to the second interface; the second interface receiving the confirmation signal triggers the first interface to send an execution signal to a second terminal host; after the second terminal host receives the execution signal , The first terminal host determines whether to send the confirmation signal within a preset time period; when the first terminal host sends the confirmation signal within the preset time period, the second terminal host executes the finance corresponding to the execution signal Transaction; and when the first terminal host does not send the confirmation signal within the preset time period, the first terminal host sends a warning signal to the second terminal host, the warning signal includes the verification signal; in the second After receiving the warning signal, the terminal host generates a reconfirmation signal with the second terminal host, and sends the reconfirmation signal according to the device information in the verification signal; and when the first terminal host determines that the first database is not Containing the customer data, the first terminal host sends a rejection message to the second interface.

本發明提供一種提供安全性金融服務的對話式行動銀行系統,包含:一行動裝置,包含一第一介面、一第二介面及一聲音收發器,其中該第一介面於被觸發後產生一執行訊號;該第二介面與該第一介面電性連接,當該第二介面被該第一介面觸發後,該第二介面產生至少包含一裝置資訊的一驗證訊號,以及接收一確認訊號並觸發該第一介面產生該執行訊號,該聲音收發器與該第一介面電性連接,並且在接收一語音訊息後,觸發該第一介面以使該第二介面產生至少包含該裝置資訊的該驗證訊號;一第一終端主機,與該第二介面通訊連接以接收該驗證訊號,且該第一終端主機包含儲存有多筆客戶資料的一第一資料庫;當該第一終端主機判斷該第一資料庫儲存有對應該驗證訊號的該客戶資料,以該第一終端主機傳送該確認訊號到該第二介面;當該第一終端主機判斷該第一資料庫不包含該客戶資料,該第一終端主機傳送一拒絕訊息到該第二介面;以及一第二終端主機,與該第一終端主機連接以接收一警示訊號,並且和該第一介面通訊連接以接收該執行訊號;其中在該第二終端主機接收該執行訊號後,該第一終端主機判斷是否在該預設時段內發送該確認訊號;當該第一終端主機在該預設時段內發送該確認訊號,該第二終端主機執行對應該執行訊號的金融事務;當該第一終端主機在該預設時段內沒有發送該確認訊號,以該第一終端主機傳送該警示訊號到該第二終端主機;其中該驗證訊號更包含一個人資訊,以供該第一終端主機判斷該客戶資料是否符合該個人資訊;當該客戶資料符合該個人資訊,該第一終端主機傳送該確認訊號到該第二介面;當該客戶資料不符合該個人資訊,該第一終端主機傳送該拒絕訊息到該第二介面。The present invention provides a conversational mobile banking system for providing secure financial services, including: a mobile device including a first interface, a second interface, and an audio transceiver, wherein the first interface generates an execution after being triggered Signal; the second interface is electrically connected to the first interface, when the second interface is triggered by the first interface, the second interface generates a verification signal including at least a device information, and receives a confirmation signal and triggers The first interface generates the execution signal, the audio transceiver is electrically connected to the first interface, and after receiving a voice message, the first interface is triggered to cause the second interface to generate the verification including at least the device information Signal; a first terminal host that is in communication with the second interface to receive the verification signal, and the first terminal host includes a first database that stores multiple pieces of customer data; when the first terminal host determines the first A database stores the customer data corresponding to the verification signal, and the first terminal host sends the confirmation signal to the second interface; when the first terminal host determines that the first database does not contain the customer data, the first A terminal host sends a rejection message to the second interface; and a second terminal host connects to the first terminal host to receive a warning signal, and communicates with the first interface to receive the execution signal; After the second terminal host receives the execution signal, the first terminal host determines whether to send the confirmation signal within the preset time period; when the first terminal host sends the confirmation signal within the preset time period, the second terminal host Perform financial transactions corresponding to the execution signal; when the first terminal host does not send the confirmation signal within the preset time period, the first terminal host transmits the warning signal to the second terminal host; wherein the verification signal further includes One person's information for the first terminal host to determine whether the customer data matches the personal information; when the customer data matches the personal information, the first terminal host sends the confirmation signal to the second interface; when the customer data does not match For the personal information, the first terminal host sends the rejection message to the second interface.

本發明提供一種提供安全性金融服務的對話式行動銀行系統,包含:一行動裝置,包含一第一介面、一第二介面及一記憶體,其中該第一介面於被觸發後產生一執行訊號;該第二介面與該第一介面電性連接,當該第二介面被該第一介面觸發後,該第二介面產生至少包含一裝置資訊的一驗證訊號,以及接收一確認訊號並觸發該第一介面產生該執行訊號;該記憶體與該第二介面電性連接,且該記憶體係儲存該裝置資訊,並於該第二介面被該第一介面觸發後,提供該裝置資訊給該第二介面;一第一終端主機,與該第二介面通訊連接以接收該驗證訊號,且該第一終端主機包含儲存有多筆客戶資料的一第一資料庫;當該第一終端主機判斷該第一資料庫儲存有對應該驗證訊號的該客戶資料,以該第一終端主機傳送該確認訊號到該第二介面;當該第一終端主機判斷該第一資料庫不包含該客戶資料,該第一終端主機傳送一拒絕訊息到該第二介面;以及一第二終端主機,與該第一終端主機連接以接收一警示訊號,並且和該第一介面通訊連接以接收該執行訊號;其中在該第二終端主機接收該執行訊號後,該第一終端主機判斷是否在一預設時段內發送該確認訊號;當該第一終端主機在該預設時段內發送該確認訊號,該第二終端主機執行對應該執行訊號的金融事務;當該第一終端主機在該預設時段內沒有發送該確認訊號,以該第一終端主機傳送該警示訊號到該第二終端主機;其中該驗證訊號更包含一個人資訊,以供該第一終端主機判斷該客戶資料是否符合該個人資訊;當該客戶資料符合該個人資訊,該第一終端主機傳送該確認訊號到該第二介面;當該客戶資料不符合該個人資訊,該第一終端主機傳送該拒絕訊息到該第二介面。The present invention provides a conversational mobile banking system for providing secure financial services, including: a mobile device including a first interface, a second interface, and a memory, wherein the first interface generates an execution signal after being triggered The second interface is electrically connected to the first interface. When the second interface is triggered by the first interface, the second interface generates a verification signal including at least device information, and receives a confirmation signal and triggers the The first interface generates the execution signal; the memory is electrically connected to the second interface, and the memory system stores the device information, and provides the device information to the first interface after the second interface is triggered by the first interface Two interfaces; a first terminal host, which is in communication with the second interface to receive the verification signal, and the first terminal host includes a first database storing multiple pieces of customer data; when the first terminal host determines the The first database stores the customer data corresponding to the verification signal, and the first terminal host sends the confirmation signal to the second interface; when the first terminal host determines that the first database does not contain the customer data, the The first terminal host sends a rejection message to the second interface; and a second terminal host connects to the first terminal host to receive a warning signal, and communicates with the first interface to receive the execution signal; wherein After the second terminal host receives the execution signal, the first terminal host determines whether to send the confirmation signal within a preset period; when the first terminal host sends the confirmation signal within the preset period, the second terminal The host executes the financial transaction corresponding to the execution signal; when the first terminal host does not send the confirmation signal within the preset period of time, the first terminal host sends the warning signal to the second terminal host; wherein the verification signal is changed Contains a person's information for the first terminal host to determine whether the customer data matches the personal information; when the customer data matches the personal information, the first terminal host sends the confirmation signal to the second interface; when the customer data is not According to the personal information, the first terminal host sends the rejection message to the second interface.

本發明在於提供一種提供安全性金融服務的對話式行動銀行系統與執行方法,為金融服務與安全驗證各別設計不同的資料傳輸路徑,將安全驗證的機制複雜化,有效降低資料被攔截的風險,並提升使用行動裝置執行金融交易的安全性。The present invention is to provide a conversational mobile banking system and execution method for providing secure financial services, design different data transmission paths for financial services and security verification, complicate the security verification mechanism, and effectively reduce the risk of data interception , And improve the security of using mobile devices to perform financial transactions.

以上之關於本揭露內容之說明及以下之實施方式之說明係用以示範與解釋本發明之精神與原理,並且提供本發明之專利申請範圍更進一步之解釋。The above description of the disclosure and the following description of the embodiments are used to demonstrate and explain the spirit and principle of the present invention, and provide a further explanation of the scope of the patent application of the present invention.

以下在實施方式中詳細敘述本發明之詳細特徵以及優點,其內容足以使任何熟習相關技藝者了解本發明之技術內容並據以實施,且根據本說明書所揭露之內容、申請專利範圍及圖式,任何熟習相關技藝者可輕易地理解本發明相關之目的及優點。以下之實施例係進一步詳細說明本發明之觀點,但非以任何觀點限制本發明之範疇。The following describes in detail the detailed features and advantages of the present invention in the embodiments. The content is sufficient for any person skilled in the relevant art to understand and implement the technical content of the present invention, and according to the contents disclosed in this specification, the scope of patent application and the drawings Anyone skilled in the relevant art can easily understand the purpose and advantages of the present invention. The following examples further illustrate the views of the present invention in detail, but do not limit the scope of the present invention in any way.

請參考圖1,圖1為本發明一實施例提供安全性金融服務的對話式行動銀行系統的結構圖。上述系統係以行動裝置1與終端裝置2組成,且兩者透過網路通訊連接,其中該網路可以網際網路 (Internet)實現。行動裝置1包含第一介面11、第二介面12與記憶體13,並可視需求配置聲音收發器14;其中第二介面12係電性連接於第一介面11和記憶體13之間,並且當行動裝置1配置了聲音收發器14時,第一介面11則電性連接於第二介面12與聲音收發器14之間。詳細來說,第一介面11係用於提供金融服務,例如線上開戶、轉帳或是換匯;第二介面12則用於提供上述金融服務所需的安全驗證機制。舉例來說,第二介面12可取得行動裝置1的裝置資訊而據以綁定行動裝置1,並將上述的裝置資訊傳送到終端裝置2,以供該終端裝置2儲存該裝置資訊。當用戶在使用第一介面11時,便可觸發第二介面12將裝置資訊傳送到終端裝置2,以供該終端裝置2確認該裝置資訊是否與先前儲存的資料相符。另一方面,記憶體13可用於儲存上述的裝置資訊,以供第二介面12執行安全驗證。此外,聲音收發器14係用於提供語音操作第一介面11的功能。用戶可對聲音收發器14說出需要的金融服務以產生一語音訊息,且該語音訊息會被傳送到第一介面11。第一介面11可透過語意分析的功能,分析該語音訊息欲執行的金融事務,並且更進一步地觸發第二介面12傳送訊號給終端裝置2,以執行安全驗證。需注意的是,當環境聲音太吵雜時,用戶亦可用手動輸入或其他方式選取所需的金融服務,本實施例不以此為限。上述的行動裝置1可以手機、平板電腦或其他能安裝行動應用程式(mobile application, APP)的裝置實現。Please refer to FIG. 1, which is a structural diagram of a conversational mobile banking system that provides secure financial services according to an embodiment of the present invention. The above system is composed of a mobile device 1 and a terminal device 2, and the two are connected through network communication, wherein the network can be realized by the Internet. The mobile device 1 includes a first interface 11, a second interface 12, and a memory 13, and a sound transceiver 14 can be configured as required; wherein the second interface 12 is electrically connected between the first interface 11 and the memory 13, and When the mobile device 1 is equipped with the audio transceiver 14, the first interface 11 is electrically connected between the second interface 12 and the audio transceiver 14. In detail, the first interface 11 is used to provide financial services, such as online account opening, transfer or currency exchange; the second interface 12 is used to provide the security verification mechanism required by the above financial services. For example, the second interface 12 can obtain the device information of the mobile device 1 and bind the mobile device 1 accordingly, and transmit the above device information to the terminal device 2 for the terminal device 2 to store the device information. When the user is using the first interface 11, the second interface 12 can be triggered to send the device information to the terminal device 2 for the terminal device 2 to confirm whether the device information matches the previously stored data. On the other hand, the memory 13 can be used to store the above device information for the second interface 12 to perform security verification. In addition, the sound transceiver 14 is used to provide the function of voice operation of the first interface 11. The user can tell the voice transceiver 14 the financial services needed to generate a voice message, and the voice message is sent to the first interface 11. The first interface 11 can analyze the financial transaction to be performed by the voice message through the semantic analysis function, and further trigger the second interface 12 to send a signal to the terminal device 2 to perform security verification. It should be noted that when the environmental sound is too noisy, the user can also use manual input or other methods to select the desired financial service, which is not limited in this embodiment. The above-mentioned mobile device 1 can be implemented by a mobile phone, a tablet computer, or other devices that can install a mobile application (mobile application, APP).

為說明終端裝置2,請繼續參考圖1。終端裝置2包含第一終端主機21與第二終端主機22,其中第一終端主機21更包含第一資料庫211。第一終端主機21與第二終端主機22可透過區域網路(local area network, LAN)通訊連接,亦可架設在同一個機架上並與彼此電性連接,本發明不對第一終端主機21與第二終端主機22的配置方式予以限制。詳細來說,第一終端主機21的第一資料庫211儲存有已綁定的裝置資訊,並可透過網路與第二介面12通訊連接,以執行安全驗證機制。另一方面,第二終端主機22則透過網路與第一介面11通訊連接,以執行用戶所選擇的金融服務。To explain the terminal device 2, please continue to refer to FIG. The terminal device 2 includes a first terminal host 21 and a second terminal host 22, wherein the first terminal host 21 further includes a first database 211. The first terminal host 21 and the second terminal host 22 can be connected by local area network (LAN) communication, or can be erected on the same rack and electrically connected to each other. The present invention does not treat the first terminal host 21 The configuration with the second terminal host 22 is restricted. In detail, the first database 211 of the first terminal host 21 stores the bound device information, and can communicate with the second interface 12 through the network to perform a security verification mechanism. On the other hand, the second terminal host 22 communicates with the first interface 11 via the network to execute the financial service selected by the user.

為具體說明上述系統的運作流程,請參考圖2,並一併參考圖1。圖2為本發明一實施例提供安全性金融服務的執行方法的流程圖。當用戶透過行動裝置1的第一介面11執行金融服務,請參考步驟S10:第一介面11觸發第二介面12透過網路傳送至少包含裝置資訊的驗證訊號ES到第一終端主機21;其中上述的裝置資訊係關聯於行動裝置1。在第一終端主機21接收到驗證訊號ES後,請參考步驟S11:第一終端主機21判斷第一資料庫211中是否包含對應驗證訊號ES的客戶資料。當第一終端主機21判斷第一資料庫211不包含客戶資料時,請接續步驟S12:第一終端主機21傳送拒絕訊息RM到第二介面12,以結束本次身份驗證的流程。相反地,當第一終端主機21判斷第一資料庫211包含客戶資料時,請接續步驟S13:第一終端主機21傳送確認訊號CS到第二介面12,以使第二介面12可據以觸發第一介面11,執行接續的步驟。在第二介面12接收到確認訊號CS後,請接續步驟S14:第二介面12觸發第一介面11傳送執行訊號PS到第二終端主機22,以使第一介面11對第二終端主機22提出本次的金融服務要求;其中該執行訊號PS係包含確認訊號CS、裝置資訊以及執行本次金融服務所需的相關資料。具體來說,因執行訊號PS包含了用戶的金融資料(例如:帳戶號碼),故當第一介面11 發送的執行訊號PS有較高的風險被駭客攔截且修改金融資料(例如:修改轉帳交易的轉入帳戶) ,才由第二終端主機22接收。因此,當執行訊號PS 包含完整的確認訊號CS,第二終端主機22便可辨識該執行訊號PS 是否由第一終端主機21所產生,以增加金融交易的安全性。To specifically describe the operation flow of the above system, please refer to FIG. 2 and refer to FIG. 1 together. 2 is a flowchart of an execution method of providing a secure financial service according to an embodiment of the present invention. When the user performs financial services through the first interface 11 of the mobile device 1, please refer to step S10: the first interface 11 triggers the second interface 12 to send an authentication signal ES including at least device information to the first terminal host 21 via the network; Of device information is associated with mobile device 1. After the first terminal host 21 receives the verification signal ES, please refer to step S11: the first terminal host 21 determines whether the first database 211 contains customer data corresponding to the verification signal ES. When the first terminal host 21 determines that the first database 211 does not contain customer data, please proceed to step S12: the first terminal host 21 sends a rejection message RM to the second interface 12 to end the current authentication process. Conversely, when the first terminal host 21 determines that the first database 211 contains customer data, please proceed to step S13: the first terminal host 21 sends a confirmation signal CS to the second interface 12 so that the second interface 12 can be triggered accordingly The first interface 11 performs the following steps. After the second interface 12 receives the confirmation signal CS, please proceed to step S14: the second interface 12 triggers the first interface 11 to send the execution signal PS to the second terminal host 22, so that the first interface 11 presents to the second terminal host 22 This financial service request; where the execution signal PS includes the confirmation signal CS, device information, and related data required to execute this financial service. Specifically, because the execution signal PS contains the user's financial information (for example: account number), when the execution signal PS sent by the first interface 11 has a higher risk of being intercepted by hackers and modifying the financial data (for example: modifying the transfer The transaction is transferred to the account) before it is received by the second terminal host 22. Therefore, when the execution signal PS includes the complete confirmation signal CS, the second terminal host 22 can recognize whether the execution signal PS is generated by the first terminal host 21 to increase the security of financial transactions.

請繼續參考圖2,並一併參考圖1。承上所述,在第二終端主機22接收到執行訊號PS後,為更進一步確認該執行訊號PS是否由該行動裝置1所傳送,請參考步驟S15:第一終端主機21判斷是否在預設時段內發送確認訊號CS。具體來說,當第二終端主機22接收到執行訊號PS,第二終端主機22可從第一終端主機21取得發送確認訊號CS的時間點,並計算第二終端主機22接收執行訊號PS與第一終端主機21發送確認訊號CS,兩事件之間的時間差。當上述的時間差未超出預設時段,表示本次待執行的金融事務係由行動裝置1所觸發;反之,當上述的時間差超出預設時段,則需更進一步地確認執行訊號PS是否由行動裝置1所發送。一般而言,當預設時段設定過短,便可能會因為網路傳輸的異常延遲,造成第二終端主機22誤判第一終端主機21未在預設時段內發送確認訊號CS;另一方面,當預設時段設定過長,不但會增加第二終端主機22的運算時間,第二終端主機22也有較高的機率將第一終端主機21在前幾次所發送的確認訊號CS,誤做為本次的確認訊號CS,進而降低了安全性。因此,預設時段可設定為五分鐘到十分鐘之間,以使第二終端主機22能有效率地判斷上述的時間差是否超過預設時段。當第一終端主機21在預設時段內發送確認訊號CS,請接續步驟S16:第二終端主機22執行對應該執行訊號PS的金融事務,其中該金融事務即為用戶透過第一介面11所選取的金融服務。相反地,當第一終端主機21未在預設時段內發送確認訊號CS,請接續步驟S17:第一終端主機21傳送警示訊號WS到第二終端主機22,其中該警示訊號WS係包含前述的驗證訊號ES。在此情形下,表示第一介面11發送的執行訊號PS很可能在資料傳輸途中被攔截,且其訊號傳輸內容也被修改,因此第一終端主機21需傳送警示訊號WS到第二終端主機22,以透過第二終端主機22告知該行動裝置1的用戶。此外,選擇性地,在第二終端主機22接收到警示訊號WS後,可更執行步驟S18:第二終端主機22產生再確認訊號RCS,並根據驗證訊號ES中的裝置資訊發送再確認訊號RCS。詳細來說,在此情形下,因為執行訊號PS很可能在資料傳輸途中被攔截且被修改其訊號內容,因此第二終端主機22需先依據裝置資訊找出該用戶所綁定的行動裝置1,並將再確認訊號RCS發送到該用戶的行動裝置1,以期能確認發出執行訊號PS的行動裝置確實是經過第一終端主機21驗證的行動裝置1。需補充的是,行動裝置1可以第一介面11接收再確認訊號RCS,並以文字訊息、聲音或震動等方式提醒用戶。Please continue to refer to Figure 2 and refer to Figure 1 as well. As mentioned above, after the second terminal host 22 receives the execution signal PS, in order to further confirm whether the execution signal PS is transmitted by the mobile device 1, please refer to step S15: the first terminal host 21 determines whether it is in the preset A confirmation signal CS is sent during the period. Specifically, when the second terminal host 22 receives the execution signal PS, the second terminal host 22 can obtain the time point of sending the confirmation signal CS from the first terminal host 21, and calculate the second terminal host 22 to receive the execution signal PS and the second A terminal host 21 sends a confirmation signal CS, the time difference between the two events. When the above time difference does not exceed the preset time period, it means that the financial transaction to be executed is triggered by the mobile device 1; otherwise, when the above time difference exceeds the preset time period, it is necessary to further confirm whether the execution signal PS is from the mobile device 1 sent. Generally speaking, when the preset time period is set too short, the second terminal host 22 may misjudge that the first terminal host 21 did not send the confirmation signal CS within the preset time period due to an abnormal delay in network transmission; on the other hand, When the preset time period is set too long, it will not only increase the calculation time of the second terminal host 22, the second terminal host 22 also has a higher probability to mistake the confirmation signal CS sent by the first terminal host 21 in the previous few times as The confirmation signal CS this time further reduces the security. Therefore, the preset time period may be set between five minutes and ten minutes, so that the second terminal host 22 can efficiently determine whether the above-mentioned time difference exceeds the preset time period. When the first terminal host 21 sends the confirmation signal CS within the preset time period, please proceed to step S16: the second terminal host 22 executes the financial transaction corresponding to the execution signal PS, wherein the financial transaction is selected by the user through the first interface 11 Financial services. Conversely, when the first terminal host 21 does not send the confirmation signal CS within the preset time period, please proceed to step S17: the first terminal host 21 transmits a warning signal WS to the second terminal host 22, where the warning signal WS includes the aforementioned Verification signal ES. In this case, it means that the execution signal PS sent by the first interface 11 is likely to be intercepted during data transmission, and its signal transmission content is also modified. Therefore, the first terminal host 21 needs to send a warning signal WS to the second terminal host 22 To inform the user of the mobile device 1 through the second terminal host 22. In addition, optionally, after receiving the warning signal WS, the second terminal host 22 may further perform step S18: the second terminal host 22 generates a reconfirmation signal RCS, and sends the reconfirmation signal RCS according to the device information in the verification signal ES . In detail, in this case, because the execution signal PS is likely to be intercepted during data transmission and its signal content is modified, the second terminal host 22 needs to first find out the mobile device 1 to which the user is bound according to the device information , And sends the re-confirmation signal RCS to the user's mobile device 1 in order to confirm that the mobile device sending out the execution signal PS is indeed the mobile device 1 verified by the first terminal host 21. It should be added that the mobile device 1 can receive the re-confirmation signal RCS through the first interface 11 and remind the user by text message, sound or vibration.

於本發明另一實施例中,於圖2所示的步驟S12,該拒絕訊息RM可更包含部分金融服務項目,且上述的部分金融服務項目可透過第二介面12被傳送到第一介面11,以便第一介面11將上述的部分金融服務項目提供給第二終端主機22。當第二終端主機22判斷行動裝置1所選擇的金融服務係包含於上述的部分金融服務項目時,第二終端主機22才執行該金融服務。具體來說,於此步驟中,因第一資料庫211尚未儲存對應行動裝置1的客戶資料,故可將該行動裝置1能選擇的金融服務項目限制在開戶、申辦信用卡等需提供個人資料的服務項目,以便第一資料庫211能藉由本次服務取得並儲存該用戶的客戶資料。In another embodiment of the present invention, in step S12 shown in FIG. 2, the rejection message RM may further include some financial service items, and the aforementioned partial financial service items may be transmitted to the first interface 11 through the second interface 12 , So that the first interface 11 provides the above-mentioned partial financial service items to the second terminal host 22. When the second terminal host 22 determines that the financial service selected by the mobile device 1 is included in some of the financial service items described above, the second terminal host 22 executes the financial service. Specifically, in this step, since the first database 211 has not yet stored the customer data corresponding to the mobile device 1, the financial service items that can be selected by the mobile device 1 can be limited to those who need to provide personal data such as opening an account and applying for a credit card. Service items so that the first database 211 can obtain and store the user's customer data through this service.

為說明圖2的步驟S11的細部運作,請參考圖3,並一併參考圖1。圖3為本發明一實施例提供安全性金融服務的對話式行動銀行系統的執行方法的細部流程圖。請參考步驟S111:第一終端主機21判斷客戶資料是否符合個人資訊,其中該個人資訊係被包含在驗證訊號ES內。具體來說,個人資訊係由第一介面11所產生,並關聯於該用戶所選擇的金融服務,例如:轉帳所需的轉出帳戶(即該用戶的金融帳戶)、開戶所需的身分證號碼等等。當客戶資料不符合個人資訊,請接續步驟S12:第一終端主機21傳送拒絕訊息RM到第二介面12。在此情形下,因第一資料庫211沒有儲存對應的客戶資料,故藉由傳送拒絕訊息RM到第二介面12,進而結束本次的身份驗證流程。相反地,當該客戶資料符合該個人資訊,請接續步驟S13:第一終端主機21傳送確認訊號CS到第二介面12。因步驟S13已在圖2說明,故不於此重複敘述。To illustrate the detailed operation of step S11 in FIG. 2, please refer to FIG. 3, and refer to FIG. 1 together. FIG. 3 is a detailed flowchart of an execution method of a conversational mobile banking system for providing secure financial services according to an embodiment of the invention. Please refer to step S111: the first terminal host 21 judges whether the customer data conforms to personal information, wherein the personal information is included in the verification signal ES. Specifically, the personal information is generated by the first interface 11 and is associated with the financial service selected by the user, for example: the transfer-out account required for the transfer (ie, the user’s financial account), and the identity card required for account opening Number, etc. When the customer information does not match the personal information, please proceed to step S12: the first terminal host 21 sends a rejection message RM to the second interface 12. In this case, because the first database 211 does not store the corresponding customer data, the identity verification process is ended by sending a rejection message RM to the second interface 12. Conversely, when the customer data matches the personal information, please proceed to step S13: the first terminal host 21 sends a confirmation signal CS to the second interface 12. Since step S13 has been described in FIG. 2, the description will not be repeated here.

綜上所述,本發明在於提供一種提供安全性金融服務的對話式行動銀行系統與執行方法,為金融服務與安全驗證各別設計不同的資料傳輸路徑,將安全驗證的機制複雜化,有效降低資料被攔截的風險,並提升使用行動裝置執行金融交易的安全性。In summary, the present invention is to provide a conversational mobile banking system and execution method for providing secure financial services, designing different data transmission paths for financial services and security verification, which complicates the security verification mechanism and effectively reduces The risk of data being intercepted and enhance the security of using mobile devices to execute financial transactions.

雖然本發明以前述之實施例揭露如上,然其並非用以限定本發明。在不脫離本發明之精神和範圍內,所為之更動與潤飾,均屬本發明之專利保護範圍。關於本發明所界定之保護範圍請參考所附之申請專利範圍。Although the present invention is disclosed as the foregoing embodiments, it is not intended to limit the present invention. Without departing from the spirit and scope of the present invention, all modifications and retouching are within the scope of patent protection of the present invention. For the protection scope defined by the present invention, please refer to the attached patent application scope.

1:行動裝置 11:第一介面 12:第二介面 13:記憶體 14:聲音收發器 2:終端裝置 21:第一終端主機 211:第一資料庫 22:第二終端主機 ES:驗證訊號 CS:確認訊號 PS:執行訊號 RCS:再確認訊號 WS:警示訊號 RM:拒絕訊息1: mobile device 11: The first interface 12: Second interface 13: Memory 14: voice transceiver 2: terminal device 21: the first terminal host 211: The first database 22: Second terminal host ES: Verification signal CS: confirmation signal PS: execution signal RCS: reconfirm the signal WS: Warning signal RM: rejection message

圖1為本發明一實施例提供安全性金融服務的對話式行動銀行系統的結構圖。 圖2為本發明一實施例提供安全性金融服務的執行方法的流程圖。 圖3為本發明一實施例提供安全性金融服務的執行方法的細部流程圖。 FIG. 1 is a structural diagram of an interactive mobile banking system for providing secure financial services according to an embodiment of the present invention. 2 is a flowchart of an execution method of providing a secure financial service according to an embodiment of the present invention. FIG. 3 is a detailed flowchart of an execution method of providing a secure financial service according to an embodiment of the present invention.

Claims (3)

一種提供安全性金融服務的執行方法,包含:以一行動裝置的一第一介面觸發該行動裝置的一第二介面透過網路傳送至少包含一裝置資訊的一驗證訊號到一第一終端主機;以該第一終端主機判斷一第一資料庫中是否包含對應該驗證訊號的一客戶資料;當該第一終端主機判斷該第一資料庫包含該客戶資料,以該第一終端主機傳送一確認訊號到該第二介面;以接收該確認訊號的該第二介面,觸發該第一介面傳送一執行訊號到一第二終端主機;在該第二終端主機接獲該執行訊號後,以該第一終端主機判斷是否在一預設時段內發送該確認訊號;當該第一終端主機在該預設時段內發送該確認訊號,以該第二終端主機執行對應該執行訊號的金融事務; 當該第一終端主機未在該預設時段內發送該確認訊號,以該第一終端主機傳送一警示訊號到該第二終端主機,該警示訊號包含該驗證訊號;在該第二終端主機接獲該警示訊號後,以該第二終端主機產生一再確認訊號,並根據該驗證訊號中的該裝置資訊發送該再確認訊號;以及當該第一終端主機判斷該第一資料庫不包含該客戶資料,以該第一終端主機傳送一拒絕訊息到該第二介面。An execution method for providing secure financial services includes: triggering a second interface of a mobile device with a first interface of a mobile device to send a verification signal including at least a device information to a first terminal host via a network; The first terminal host determines whether a first database contains a client data corresponding to the verification signal; when the first terminal host determines that the first database contains the client data, the first terminal host sends a confirmation Signal to the second interface; the second interface to receive the confirmation signal, triggering the first interface to send an execution signal to a second terminal host; after the second terminal host receives the execution signal, the second interface A terminal host determines whether to send the confirmation signal within a preset time period; when the first terminal host sends the confirmation signal within the preset time period, the second terminal host executes the financial transaction corresponding to the execution signal; when the The first terminal host does not send the confirmation signal within the preset time period, and the first terminal host sends a warning signal to the second terminal host, the warning signal includes the verification signal; the second terminal host receives the verification signal After the warning signal, the second terminal host generates a reconfirmation signal and sends the reconfirmation signal according to the device information in the verification signal; and when the first terminal host determines that the first database does not contain the customer data, The first terminal host sends a rejection message to the second interface. 一種提供安全性金融服務的對話式行動銀行系統,包含:一行動裝置,包含一第一介面、一第二介面及一聲音收發器,其中該第一介面於被觸發後產生一執行訊號;該第二介面與該第一介面電性連接,當該第二介面被該第一介面觸發後,該第二介面產生至少包含一裝置資訊的一驗證訊號,以及接收一確認訊號並觸發該第一介面產生該執行訊號,該聲音收發器與該第一介面電性連接,並且在接收一語音訊息後,觸發該第一介面以使該第二介面產生至少包含該裝置資訊的該驗證訊號;一第一終端主機,與該第二介面通訊連接以接收該驗證訊號,且該第一終端主機包含儲存有多筆客戶資料的一第一資料庫;當該第一終端主機判斷該第一資料庫儲存有對應該驗證訊號的該客戶資料,以該第一終端主機傳送該確認訊號到該第二介面;當該第一終端主機判斷該第一資料庫不包含該客戶資料,該第一終端主機傳送一拒絕訊息到該第二介面;以及一第二終端主機,與該第一終端主機連接以接收一警示訊號,並且和該第一介面通訊連接以接收該執行訊號;其中在該第二終端主機接收該執行訊號後,該第一終端主機判斷是否在一預設時段內發送該確認訊號;當該第一終端主機在該預設時段內發送該確認訊號,該第二終端主機執行對應該執行訊號的金融事務;當該第一終端主機在該預設時段內沒有發送該確認訊號,以該第一終端主機傳送該警示訊號到該第二終端主機;其中該驗證訊號更包含一個人資訊,以供該第一終端主機判斷該客戶資料是否符合該個人資訊;當該客戶資料符合該個人資訊,該第一終端主機傳送該確認訊號到該第二介面;當該客戶資料不符合該個人資訊,該第一終端主機傳送該拒絕訊息到該第二介面。A conversational mobile banking system for providing secure financial services, including: a mobile device including a first interface, a second interface, and an audio transceiver, wherein the first interface generates an execution signal after being triggered; The second interface is electrically connected to the first interface. After the second interface is triggered by the first interface, the second interface generates a verification signal including at least device information, and receives a confirmation signal to trigger the first interface The interface generates the execution signal, the sound transceiver is electrically connected to the first interface, and after receiving a voice message, the first interface is triggered to cause the second interface to generate the verification signal including at least the device information; The first terminal host is in communication connection with the second interface to receive the verification signal, and the first terminal host includes a first database storing a plurality of customer data; when the first terminal host judges the first database The client data corresponding to the verification signal is stored, and the first terminal host sends the confirmation signal to the second interface; when the first terminal host determines that the first database does not contain the client data, the first terminal host Send a rejection message to the second interface; and a second terminal host connected to the first terminal host to receive a warning signal, and communicated with the first interface to receive the execution signal; wherein at the second terminal After the host receives the execution signal, the first terminal host determines whether to send the confirmation signal within a preset period; when the first terminal host sends the confirmation signal within the preset period, the second terminal host executes the corresponding Perform financial transactions of the signal; when the first terminal host does not send the confirmation signal within the preset time period, the first terminal host sends the warning signal to the second terminal host; wherein the verification signal further includes a person's information, For the first terminal host to determine whether the customer data matches the personal information; when the customer data matches the personal information, the first terminal host sends the confirmation signal to the second interface; when the customer data does not match the personal information , The first terminal host sends the rejection message to the second interface. 一種提供安全性金融服務的對話式行動銀行系統,包含:一行動裝置,包含一第一介面、一第二介面及一記憶體,其中該第一介面於被觸發後產生一執行訊號;該第二介面與該第一介面電性連接,當該第二介面被該第一介面觸發後,該第二介面產生至少包含一裝置資訊的一驗證訊號,以及接收一確認訊號並觸發該第一介面產生該執行訊號;該記憶體與該第二介面電性連接,且該記憶體係儲存該裝置資訊,並於該第二介面被該第一介面觸發後,提供該裝置資訊給該第二介面;一第一終端主機,與該第二介面通訊連接以接收該驗證訊號,且該第一終端主機包含儲存有多筆客戶資料的一第一資料庫;當該第一終端主機判斷該第一資料庫儲存有對應該驗證訊號的該客戶資料,以該第一終端主機傳送該確認訊號到該第二介面;當該第一終端主機判斷該第一資料庫不包含該客戶資料,該第一終端主機傳送一拒絕訊息到該第二介面;以及一第二終端主機,與該第一終端主機連接以接收一警示訊號,並且和該第一介面通訊連接以接收該執行訊號;其中在該第二終端主機接收該執行訊號後,該第一終端主機判斷是否在一預設時段內發送該確認訊號;當該第一終端主機在該預設時段內發送該確認訊號,該第二終端主機執行對應該執行訊號的金融事務;當該第一終端主機在該預設時段內沒有發送該確認訊號,以該第一終端主機傳送該警示訊號到該第二終端主機;其中該驗證訊號更包含一個人資訊,以供該第一終端主機判斷該客戶資料是否符合該個人資訊;當該客戶資料符合該個人資訊,該第一終端主機傳送該確認訊號到該第二介面;當該客戶資料不符合該個人資訊,該第一終端主機傳送該拒絕訊息到該第二介面。A conversational mobile banking system for providing secure financial services, including: a mobile device including a first interface, a second interface, and a memory, wherein the first interface generates an execution signal after being triggered; the first The two interfaces are electrically connected to the first interface. When the second interface is triggered by the first interface, the second interface generates a verification signal including at least a device information, and receives a confirmation signal to trigger the first interface Generating the execution signal; the memory is electrically connected to the second interface, and the memory system stores the device information, and provides the device information to the second interface after the second interface is triggered by the first interface; A first terminal host is in communication connection with the second interface to receive the verification signal, and the first terminal host includes a first database storing multiple pieces of customer data; when the first terminal host judges the first data The database stores the customer data corresponding to the verification signal, and the first terminal host sends the confirmation signal to the second interface; when the first terminal host determines that the first database does not contain the customer data, the first terminal The host sends a rejection message to the second interface; and a second terminal host connects to the first terminal host to receive a warning signal, and communicates with the first interface to receive the execution signal; where the second After the terminal host receives the execution signal, the first terminal host determines whether to send the confirmation signal within a preset time period; when the first terminal host sends the confirmation signal within the preset time period, the second terminal host performs The financial transaction of the signal should be performed; when the first terminal host does not send the confirmation signal within the preset period of time, the first terminal host sends the warning signal to the second terminal host; wherein the verification signal further includes a person's information , For the first terminal host to determine whether the customer data matches the personal information; when the customer data matches the personal information, the first terminal host sends the confirmation signal to the second interface; when the customer data does not match the individual Information, the first terminal host sends the rejection message to the second interface.
TW109100218A 2019-02-22 2019-02-22 Conversational online bank system and executing method for supplying safety financial service TWI691863B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109100218A TWI691863B (en) 2019-02-22 2019-02-22 Conversational online bank system and executing method for supplying safety financial service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109100218A TWI691863B (en) 2019-02-22 2019-02-22 Conversational online bank system and executing method for supplying safety financial service

Publications (2)

Publication Number Publication Date
TWI691863B true TWI691863B (en) 2020-04-21
TW202032405A TW202032405A (en) 2020-09-01

Family

ID=71134366

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109100218A TWI691863B (en) 2019-02-22 2019-02-22 Conversational online bank system and executing method for supplying safety financial service

Country Status (1)

Country Link
TW (1) TWI691863B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWM526724U (en) * 2015-12-07 2016-08-01 施旻廷 An authentication method and the system platform
TWM539667U (en) * 2016-12-29 2017-04-11 Taiwan Business Bank System of online credentials application for network transaction via carrier
TWM563592U (en) * 2018-04-20 2018-07-11 臺灣土地銀行股份有限公司 User identity inquiry system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWM526724U (en) * 2015-12-07 2016-08-01 施旻廷 An authentication method and the system platform
TWM539667U (en) * 2016-12-29 2017-04-11 Taiwan Business Bank System of online credentials application for network transaction via carrier
TWM563592U (en) * 2018-04-20 2018-07-11 臺灣土地銀行股份有限公司 User identity inquiry system

Also Published As

Publication number Publication date
TW202032405A (en) 2020-09-01

Similar Documents

Publication Publication Date Title
US11392939B2 (en) Methods and systems for provisioning mobile devices with payment credentials
US9864987B2 (en) Account provisioning authentication
US20190182230A1 (en) Automated access data provisioning
EP3507938B1 (en) Biometric identification and verification among iot devices and applications
US9760886B2 (en) Device provisioning using partial personalization scripts
RU2563163C2 (en) Remote variable authentication processing
US7606560B2 (en) Authentication services using mobile device
US20120284195A1 (en) Method and system for secure user registration
US20100094732A1 (en) Systems and Methods to Verify Payment Transactions
JP2016521899A (en) Two-factor authentication
US10446158B1 (en) Method and system for voice input at an ATM without audibly revealing a selected transaction
EP4114062A1 (en) Activation of an application session based on authentication of a user device and a characteristic of the user device
KR20170059359A (en) Verification mehod and appratus based on security tunnel
CN109155031B (en) Method and system for distributing payment credentials for voice authentication
US10440003B2 (en) Automatic on demand re-authentication of software agents
TWI691863B (en) Conversational online bank system and executing method for supplying safety financial service
TWI691921B (en) Online bank system and executing method for supplying financial service with identity verification function via network
TWI685769B (en) Executing method for supplying financial service via network
TWI707282B (en) Online bank system and executing method for supplying financial service with verification function via network
TWM579350U (en) Dialogue type mobile banking system for providing financial services through network
TWM584933U (en) Multiple-entries transfer trading system
TWI640938B (en) Online fund transfer methods and systems
TWI832344B (en) Review trading system
Polyakov et al. Security of user authentication in payment systems in the agricultural value chain
US20180068314A1 (en) Systems and methods for providing notification services using a digital wallet platform