TWI754811B - System for using device identification to identify via telecommunication server and method thereof - Google Patents

System for using device identification to identify via telecommunication server and method thereof Download PDF

Info

Publication number
TWI754811B
TWI754811B TW108113619A TW108113619A TWI754811B TW I754811 B TWI754811 B TW I754811B TW 108113619 A TW108113619 A TW 108113619A TW 108113619 A TW108113619 A TW 108113619A TW I754811 B TWI754811 B TW I754811B
Authority
TW
Taiwan
Prior art keywords
data
server
mobile device
user
device identification
Prior art date
Application number
TW108113619A
Other languages
Chinese (zh)
Other versions
TW202040385A (en
Inventor
連子清
林志能
Original Assignee
臺灣網路認證股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 臺灣網路認證股份有限公司 filed Critical 臺灣網路認證股份有限公司
Priority to TW108113619A priority Critical patent/TWI754811B/en
Publication of TW202040385A publication Critical patent/TW202040385A/en
Application granted granted Critical
Publication of TWI754811B publication Critical patent/TWI754811B/en

Links

Images

Landscapes

  • Telephonic Communication Services (AREA)

Abstract

A system for using a device identification to identify via a telecommunication server and a method thereof are provided. By using mobile communication network to transferring a device identification from a mobile to a telecommunication server, receiving a token from the telecommunication server by the mobile, transferring the token and a user data from the mobile to the telecommunication server through a service server, generating a result based on the token and the user data by the telecommunication server, and transferring the result from the telecommunication server to the service server, the system and the method can achieve the effect of using only mobile to complete identify .

Description

以裝置識別資料透過電信伺服器識別身份之系統及方法System and method for identifying identity through telecommunication server using device identification data

一種身份識別系統及其方法,特別係指一種以裝置識別資料透過電信伺服器識別身份之系統及方法。An identification system and method thereof, particularly a system and method for identifying an identity through a telecommunication server with device identification data.

近年來,由於通訊及網路相關產業的高度發展,人們對各種服務電子化與行動化的需求日益升高,這樣的需求也反映在金融業與政府公部門上,舉例來說,券商、銀行、保險公司、投顧公司、政府單位除了提供網路服務之外,也開始提供行動應用程式(APP),使用者可以使用手機或平板等各種的行動裝置執行行動應用程式,行動應用程式通過網際網路連線到對應的服務主機(或稱為應用主機)後,使用者可以操作行動裝置進行證券交易、轉帳、投保、申請文件等行動服務。如此,使用者可以不需要離開所在位置,即可進行所需的行動服務。In recent years, due to the high development of communication and network-related industries, people's demand for various services to be electronic and mobile has been increasing. Such demand is also reflected in the financial industry and the government sector. For example, securities companies, banks , insurance companies, investment consulting companies, and government agencies have begun to provide mobile applications (APPs) in addition to providing network services. Users can use various mobile devices such as mobile phones or tablets to execute mobile applications. After the network is connected to the corresponding service host (or called the application host), the user can operate the mobile device to perform mobile services such as securities trading, transfer, insurance, and application documents. In this way, the user can perform the desired mobile service without leaving the location.

使用者在使用網路服務或行動服務時,通常需要先進行身份辨識。目前,透過網路進行身份辨識的方式,大多需要使用硬體載具來辨識使用者的身份,例如,使用特定的USB隨身碟或智慧卡(晶片卡)儲存使用者的憑證資料,藉以在使用者進行行動服務時,透過連接儲存憑證資料的USB隨身碟或智慧卡來進行身份辨識。When users use network services or mobile services, they usually need to identify themselves first. At present, most of the methods of identification through the network need to use a hardware carrier to identify the user's identity. When users perform mobile services, they can identify themselves by connecting a USB flash drive or smart card that stores the certificate data.

然而,使用硬體載具來辨識使用者身份的方式,大多只能在電腦上進行,主要原因是硬體載具需要透過USB等連接插槽與電腦連接,或透過如讀卡機等外接裝置讀取,但目前的行動裝置大多沒有設置可以與硬體載具連接的連接插槽,或使用者需另備外接裝置讀取硬體載具,因此,大部分的行動裝置並無法連接硬體載具,如此,導致使用者無法使用行動裝置進行身份辨識,以至於無法使用行動服務,造成使用者的不便。However, most of the ways to use a hardware carrier to identify a user's identity can only be done on a computer. The main reason is that the hardware carrier needs to be connected to the computer through a connection slot such as a USB, or through an external device such as a card reader. However, most of the current mobile devices do not have a connection slot that can be connected to the hardware carrier, or the user needs to prepare an external device to read the hardware carrier. Therefore, most mobile devices cannot be connected to the hardware. The vehicle, in this way, causes the user to be unable to use the mobile device for identification, so that the mobile service cannot be used, causing inconvenience to the user.

綜上所述,可知先前技術中長期以來一直存在行動裝置不易連接硬體載具以辨識使用者身份的問題,因此有必要提出改進的技術手段,來解決此一問題。To sum up, it can be seen that there has been a long-standing problem in the prior art that the mobile device is not easy to connect to the hardware carrier to identify the user's identity. Therefore, it is necessary to propose an improved technical means to solve this problem.

有鑒於先前技術存在行動裝置不易連接硬體載具以辨識使用者身份的問題,本發明遂揭露一種以裝置識別資料透過電信伺服器識別身份之系統及方法,其中:In view of the problem in the prior art that the mobile device is difficult to connect to the hardware carrier to identify the user's identity, the present invention discloses a system and method for identifying an identity through a telecommunication server using device identification data, wherein:

本發明所揭露之以裝置識別資料透過電信伺服器識別身份之系統,至少包含:服務伺服器;電信伺服器,與服務伺服器連接;行動裝置,用以執行身份識別元件,身份識別元件更包含:資料取得模組,用以獲取使用者資料及裝置識別資料;通訊模組,用以透過行動通訊網路傳送裝置識別資料至電信伺服器,並接收電信伺服器所傳送之許可信物,及用以透過行動通訊網路經由服務伺服器傳送許可信物與使用者資料至電信伺服器,使電信伺服器依據許可信物及使用者資料產生身份辨識結果,並傳送身份辨識結果至服務伺服器。The system for identifying an identity through a telecommunication server using device identification data disclosed in the present invention at least includes: a service server; a telecommunication server connected to the service server; a mobile device for executing an identification element, the identification element further comprising: : The data acquisition module is used to obtain user data and device identification data; the communication module is used to transmit the device identification data to the telecommunications server through the mobile communication network, and to receive the permission token sent by the telecommunications server, and used to Send the license token and user data to the telecommunications server through the service server through the mobile communication network, so that the telecommunications server generates an identification result according to the license token and the user information, and transmits the identification result to the service server.

本發明所揭露之以裝置識別資料透過電信伺服器識別身份之方法,其步驟至少包括:行動裝置取得裝置識別資料及使用者資料;行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器;電信伺服器傳送許可信物至行動裝置;行動裝置透過行動通訊網路經由服務伺服器傳送許可信物與使用者資料至電信伺服器;電信伺服器依據許可信物及使用者資料產生身份辨識結果,並傳送身份辨識結果至服務伺服器。The method for identifying an identity through a telecommunication server using device identification data disclosed in the present invention includes at least the steps of: obtaining the device identification data and user data by the mobile device; sending the device identification data to the telecommunication server through the mobile device through the mobile communication network; The server sends the license token to the mobile device; the mobile device transmits the license token and user data to the telecommunications server through the service server through the mobile communication network; the telecommunications server generates the identification result according to the license token and the user information, and transmits the identification results to the service server.

本發明所揭露之系統與方法如上,與先前技術之間的差異在於本發明透過行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器並接收電信伺服器所傳回的許可信物後,經由服務伺服器傳送許可信物以及使用者資料至電信伺服器,電信伺服器依據許可信物及使用者資料產生身份辨識結果並傳送身份辨識結果給服務伺服器,藉以解決先前技術所存在的問題,並可以達成單獨使用行動裝置完成身份辨識的技術功效。The system and method disclosed in the present invention are as above, and the difference between the present invention and the prior art lies in that the present invention transmits device identification data to the telecommunication server through the mobile device through the mobile communication network and receives the permission token returned by the telecommunication server, and then uses the service The server sends the license token and user data to the telecommunications server, and the telecommunications server generates an identification result based on the license token and user data and sends the identification result to the service server, so as to solve the problems existing in the prior art and achieve The technical effect of using the mobile device alone to complete the identification.

以下將配合圖式及實施例來詳細說明本發明之特徵與實施方式,內容足以使任何熟習相關技藝者能夠輕易地充分理解本發明解決技術問題所應用的技術手段並據以實施,藉此實現本發明可達成的功效。The features and implementations of the present invention will be described in detail below in conjunction with the drawings and examples, and the content is sufficient to enable any person skilled in the relevant art to easily and fully understand the technical means applied to solve the technical problems of the present invention and implement them accordingly, thereby achieving The effect that the present invention can achieve.

本發明可以在行動裝置與服務伺服器連接後,透過電信伺服器進行身份識別,並由電信伺服器將身份辨識結果傳送至行動裝置所連接的服務伺服器。In the present invention, after the mobile device is connected with the service server, the telecommunication server can carry out the identification, and the telecommunication server transmits the identification result to the service server connected with the mobile device.

以下先以「第1A圖」與「第1B圖」本發明所提之以裝置識別資料透過電信伺服器識別身份之系統架構圖來說明本發明的系統運作。如「第1A圖」所示,本發明之系統含有應用主機111、身份識別主機112、身份驗證伺服器113、行動裝置120、以及電信伺服器130。其中,應用主機111、身份識別主機112、身份驗證伺服器113、行動裝置120、電信伺服器130都是計算設備。Below, the system operation of the present invention is described with reference to "Fig. 1A" and "Fig. 1B" of the present invention, which is a system architecture diagram for identifying an identity through a telecommunication server by means of device identification data. As shown in FIG. 1A , the system of the present invention includes an application host 111 , an identification host 112 , an authentication server 113 , a mobile device 120 , and a telecommunication server 130 . The application host 111 , the identification host 112 , the authentication server 113 , the mobile device 120 , and the telecommunication server 130 are all computing devices.

本發明所提之計算設備包含但不限於一個或多個處理器、一個或多個記憶體模組、以及連接不同元件(包括記憶體模組和處理器)的匯流排等元件。透過所包含之多個元件,計算設備可以載入並執行作業系統,使作業系統在計算設備上運行。The computing device mentioned in the present invention includes, but is not limited to, one or more processors, one or more memory modules, and elements such as bus bars connecting different elements (including memory modules and processors). Through the included components, a computing device can load and execute an operating system, causing the operating system to run on the computing device.

本發明所提之計算設備的匯流排可以包含一種或多個類型,例如包含資料匯流排(data bus)、位址匯流排(address bus)、控制匯流排(control bus)、擴充功能匯流排(expansion bus)、及/或局域匯流排(local bus)等類型的匯流排。計算設備的匯流排包括但不限於並列的工業標準架構(ISA)匯流排、周邊元件互連(PCI)匯流排、視頻電子標準協會(VESA)局域匯流排、以及串列的通用序列匯流排(USB)、快速周邊元件互連(PCI-E)匯流排等。The bus of the computing device mentioned in the present invention may include one or more types, such as a data bus, an address bus, a control bus, an extended function bus ( expansion bus), and/or local bus type bus. Buses for computing devices include, but are not limited to, Side-by-Side Industry Standard Architecture (ISA) buses, Peripheral Component Interconnect (PCI) buses, Video Electronics Standards Association (VESA) Local Buses, and Serial Generic Serial Buses (USB), Peripheral Component Interconnect Express (PCI-E) bus, etc.

本發明所提之計算設備的處理器與匯流排耦接。處理器包含暫存器(Register)組或暫存器空間,暫存器組或暫存器空間可以完全的被設置在處理晶片上,或全部或部分被設置在處理晶片外並經由專用電氣連接及/或經由匯流排耦接至處理器。處理器可為處理單元、微處理器或任何合適的處理元件。若計算設備為多處理器設備,也就是計算設備包含多個處理器,則計算設備所包含的處理器都相同或類似,且透過匯流排耦接與通訊。處理器可以解釋一連串的多個指令使得計算設備執行特定的運算或操作,例如,數學運算、資料比對等,藉以運行作業系統或執行作業系統中的各種程式、模組、及/或元件。The processor of the computing device of the present invention is coupled to the bus. The processor contains a register bank or register space, which may be located entirely on the processing die, or wholly or partially located off the processing die and via dedicated electrical connections and/or coupled to the processor via a bus. A processor may be a processing unit, microprocessor or any suitable processing element. If the computing device is a multi-processor device, that is, the computing device includes multiple processors, the processors included in the computing device are all the same or similar, and are coupled and communicated through a bus. The processor can interpret a series of multiple instructions to cause the computing device to perform specific operations or operations, such as mathematical operations, data comparisons, etc., to run the operating system or execute various programs, modules, and/or components in the operating system.

計算設備的處理器可以與晶片組耦接或透過匯流排與晶片組電性連接。晶片組是由一個或多個積體電路(IC)組成,包含記憶體控制器以及周邊輸出入(I/O)控制器,也就是說,記憶體控制器以及周邊輸出入控制器可以包含在一個積體電路內,也可以使用兩個或更多的積體電路實現。晶片組通常提供了輸出入和記憶體管理功能、以及提供多個通用及/或專用暫存器、計時器等,其中,上述之通用及/或專用暫存器與計時器可以讓耦接或電性連接至晶片組的一個或多個處理器存取或使用。The processor of the computing device may be coupled to the chip set or electrically connected to the chip set through a bus bar. Chipsets are composed of one or more integrated circuits (ICs), including memory controllers and peripheral I/O controllers, that is, memory controllers and peripheral I/O controllers can be included in Within one integrated circuit, it can also be implemented using two or more integrated circuits. Chip sets usually provide I/O and memory management functions, and provide a plurality of general-purpose and/or special-purpose registers, timers, etc., wherein the above-mentioned general-purpose and/or special-purpose registers and timers can be coupled or One or more processors electrically connected to the chipset are accessed or used.

計算設備的處理器也可以透過記憶體控制器存取安裝於計算設備上的記憶體模組和大容量儲存區中的資料。上述之記憶體模組包含任何類型的揮發性記憶體(volatile memory)及/或非揮發性(non-volatile memory, NVRAM)記憶體,例如靜態隨機存取記憶體(SRAM)、動態隨機存取記憶體(DRAM)、快閃記憶體(Flash)、唯讀記憶體(ROM)等。上述之大容量儲存區可以包含任何類型的儲存裝置或儲存媒體,例如,硬碟機、光碟片、隨身碟(快閃記憶體)、記憶卡(memory card)、固態硬碟(Solid State Disk, SSD)、或任何其他儲存裝置等。也就是說,記憶體控制器可以存取靜態隨機存取記憶體、動態隨機存取記憶體、快閃記憶體、硬碟機、固態硬碟中的資料。The processor of the computing device can also access data in the memory modules and mass storage areas installed on the computing device through the memory controller. The above memory modules include any type of volatile memory (volatile memory) and/or non-volatile memory (NVRAM), such as static random access memory (SRAM), dynamic random access memory Memory (DRAM), Flash Memory (Flash), Read-Only Memory (ROM), etc. The above-mentioned large-capacity storage area can include any type of storage device or storage medium, such as a hard disk drive, an optical disc, a pen drive (flash memory), a memory card (memory card), a solid state hard disk (Solid State Disk, SSD), or any other storage device, etc. That is, the memory controller can access data in static random access memory, dynamic random access memory, flash memory, hard disk drive, and solid state hard disk.

計算設備的處理器也可以透過周邊輸出入控制器經由周邊輸出入匯流排與周邊輸出裝置、周邊輸入裝置、通訊介面、以及GPS接收器等周邊裝置或介面通訊連接。周邊輸入裝置可以是任何類型的輸入裝置,例如鍵盤、滑鼠、軌跡球、觸控板、搖桿等,周邊輸出裝置可以是任何類型的輸出裝置,例如顯示器、印表機等,周邊輸入裝置與周邊輸出裝置也可以是同一裝置,例如觸控螢幕等。通訊介面可以包含無線通訊介面及/或有線通訊介面,無線通訊介面可以包含支援Wi-Fi、Zigbee等無線區域網路、藍牙、紅外線、近場通訊(NFC)、3G/4G/5G等行動通訊網路或其他無線資料傳輸協定的介面,有線通訊介面可為乙太網路設備、非同步傳輸模式(ATM)設備、DSL數據機、纜線(Cable)數據機等。處理器可以週期性地輪詢(polling)各種周邊裝置與介面,使得計算設備能夠進行資料的輸入與輸出,也能夠與具有上述描述之元件的另一個計算設備進行通訊。The processor of the computing device may also communicate with peripheral devices or interfaces such as peripheral output devices, peripheral input devices, communication interfaces, and GPS receivers through peripheral I/O controllers via peripheral I/O buses. The peripheral input device can be any type of input device, such as keyboard, mouse, trackball, touchpad, joystick, etc. The peripheral output device can be any type of output device, such as a monitor, printer, etc., the peripheral input device The peripheral output device can also be the same device, such as a touch screen. The communication interface may include a wireless communication interface and/or a wired communication interface, and the wireless communication interface may include a wireless local area network such as Wi-Fi, Zigbee, Bluetooth, infrared, near field communication (NFC), 3G/4G/5G and other mobile communication networks The interface of the wireless data transmission protocol or other wireless data transmission protocol, the wired communication interface can be an Ethernet network device, an asynchronous transfer mode (ATM) device, a DSL modem, a cable modem, etc. The processor may periodically poll various peripheral devices and interfaces, enabling the computing device to input and output data and to communicate with another computing device having the elements described above.

行動裝置120可以透過有線或無線網路與應用主機111連接,並可以透過行動通訊網路與電信伺服器130連接。行動裝置120可以接收應用主機111及/或電信伺服器130所傳送的資料或訊號,並可以傳送資料或訊號給應用主機111及/或電信伺服器130。The mobile device 120 can be connected to the application host 111 through a wired or wireless network, and can be connected to the telecommunication server 130 through a mobile communication network. The mobile device 120 can receive data or signals transmitted by the application host 111 and/or the telecommunication server 130 , and can transmit the data or signals to the application host 111 and/or the telecommunication server 130 .

行動裝置120負責使用應用主機111所提供的應用服務,並負責在應用服務需要進行身份識別時,透過電信伺服器130完成身份識別。其中,本發明所提之應用服務通常為需要確認行動裝置120之使用者身份的服務,例如:網路下單、網路銀行、線上投保、報稅繳費等,但本發明並不以此為限。The mobile device 120 is responsible for using the application service provided by the application host 111 , and is responsible for completing the identification through the telecommunication server 130 when the application service requires identification. Among them, the application service mentioned in the present invention is usually a service that needs to confirm the user identity of the mobile device 120, such as: online ordering, online banking, online insurance, tax declaration and payment, etc., but the present invention is not limited to this. .

行動裝置120更可以如「第2圖」所示,包含資料取得模組220、通訊模組280,以及可附加的資料輸入模組240、驗證模組250、網路判斷模組260。在部分的實施例中,行動裝置120可以執行身份識別元件200以產生本發明所提之各模組。其中,身份識別元件200可以是單一的應用程式,也可以包含在應用程式中,成為組成應用程式的多個元件之一。As shown in FIG. 2 , the mobile device 120 may further include a data acquisition module 220 , a communication module 280 , and an additional data input module 240 , a verification module 250 , and a network judgment module 260 . In some embodiments, the mobile device 120 can execute the identification element 200 to generate the modules mentioned in the present invention. Wherein, the identification element 200 may be a single application program, or may be included in the application program and become one of multiple elements composing the application program.

資料取得模組220負責取得裝置識別資料。更詳細的,資料取得模組220可以偵測行動裝置120的裝置識別資料。資料取得模組220所偵測的裝置識別資料通常為安裝於行動裝置120上之用戶身份模組(Subscriber Identity Module,簡稱SIM,在本發明中將以「SIM卡」表示)或內嵌式用戶身份模組(Embedded-SIM,在本發明中將以「eSIM卡」表示)中所記錄的資料,例如卡號或門號等,但本發明並不以此為限,資料取得模組220也可以偵測行動裝置120的序號或是安裝於行動裝置120中之處理晶片等特定硬體的序號等資料作為裝置識別資料。The data obtaining module 220 is responsible for obtaining device identification data. More specifically, the data acquisition module 220 can detect the device identification data of the mobile device 120 . The device identification data detected by the data acquisition module 220 is usually a Subscriber Identity Module (SIM for short, referred to as “SIM card” in the present invention) installed on the mobile device 120 or an embedded subscriber The data recorded in the identity module (Embedded-SIM, referred to as “eSIM card” in the present invention), such as card number or door number, etc., but the present invention is not limited to this, the data acquisition module 220 can also Data such as the serial number of the mobile device 120 or the serial number of a specific hardware such as a processing chip installed in the mobile device 120 are detected as the device identification data.

資料取得模組220也負責取得使用者資料。更詳細的,資料取得模組220可以由行動裝置120的記憶單元中讀出使用者已輸入的使用者資料。資料取得模組220所獲取的使用者資料包含行動裝置120所使用的門號以及使用者的身份識別資料,在部分的實施例中,使用者資料還可以包含使用者的生日,但本發明所提之使用者資料並不以上述為限,例如,使用者資料也可以包含性別、地址等。其中,本發明所提之身份識別資料通常為唯一值,也就是不同的使用者有不同的資料,包含但不限於使用者的身份證號、護照號碼等。The data obtaining module 220 is also responsible for obtaining user data. More specifically, the data acquisition module 220 can read out the user data input by the user from the memory unit of the mobile device 120 . The user data obtained by the data obtaining module 220 includes the door number used by the mobile device 120 and the user's identification data. In some embodiments, the user data may also include the user's birthday. The user information mentioned is not limited to the above, for example, the user information may also include gender, address, etc. Wherein, the identification data mentioned in the present invention is usually a unique value, that is, different users have different data, including but not limited to the user's ID number, passport number, and the like.

在部分的實施例中,若行動裝置120上安裝兩張SIM卡,或安裝一張SIM卡與一張eSIM卡,則資料取得模組220可以偵測到兩個裝置識別資料,如此,當資料取得模組220可以提示使用者確認使用者資料中的門號與當前設定行動裝置120連接行動通訊網路所使用之SIM卡對應的門號一致,並在使用者確認後取得使用者資料,否則等待使用者修改使用者資料中的門號。例如,當行動裝置120上安裝一張SIM卡與一張eSIM卡,且行動裝置120使用SIM卡連接行動通訊網路時,資料取得模組220可以透過行動裝置120的輸出單元提示使用者確認使用者資料中的門號是否與SIM卡對應的門號一致。In some embodiments, if two SIM cards are installed on the mobile device 120, or one SIM card and one eSIM card are installed, the data acquisition module 220 can detect two device identification data. The obtaining module 220 can prompt the user to confirm that the door number in the user information is consistent with the door number corresponding to the SIM card used by the mobile device 120 to connect to the mobile communication network, and obtain the user information after the user confirms, otherwise wait The user modifies the door number in the user profile. For example, when a SIM card and an eSIM card are installed on the mobile device 120, and the mobile device 120 uses the SIM card to connect to the mobile communication network, the data acquisition module 220 can prompt the user to confirm the user through the output unit of the mobile device 120 Check whether the door number in the data is consistent with the door number corresponding to the SIM card.

資料輸入模組240可以透過行動裝置120的輸入單元提供使用者輸入使用者資料。更詳細的說,資料輸入模組240可以提供輸入使用者資料的使用者介面,並可以將使用者所輸入的使用者資料儲存到行動裝置120的記憶單元中。The data input module 240 can provide the user to input user data through the input unit of the mobile device 120 . More specifically, the data input module 240 can provide a user interface for inputting user data, and can store the user data input by the user in the memory unit of the mobile device 120 .

在部分的實施例中,若資料取得模組220偵測到兩個裝置識別資料,則當資料輸入模組240在提供使用者輸入使用者資料時,可以提示使用者在使用者資料中輸入與當前設定行動裝置120連接行動通訊網路所使用之SIM卡對應的門號。例如,當行動裝置120上安裝一張SIM卡與一張eSIM卡,且行動裝置120使用SIM卡連接行動通訊網路時,資料輸入模組240可以透過行動裝置120的輸出單元提示使用者在使用者資料中輸入與SIM卡對應的門號。In some embodiments, if the data acquisition module 220 detects two device identification data, when the data input module 240 provides the user to input the user data, the data input module 240 may prompt the user to input and enter the user data in the user data. The door number corresponding to the SIM card used by the mobile device 120 to connect to the mobile communication network is currently set. For example, when a SIM card and an eSIM card are installed on the mobile device 120, and the mobile device 120 uses the SIM card to connect to the mobile communication network, the data input module 240 can prompt the user through the output unit of the mobile device 120 to Enter the door number corresponding to the SIM card in the data.

驗證模組250可以透過裝置解鎖資料驗證使用者身份。其中,本發明所提之裝置解鎖資料可以是指紋、聲紋、人臉等生物資料,也可以是使用者設定的密碼或手勢,但本發明並不以上述為限。The verification module 250 can verify the user's identity through the device unlocking data. The device unlocking data mentioned in the present invention may be biometric data such as fingerprints, voiceprints, and faces, or may be passwords or gestures set by the user, but the present invention is not limited to the above.

更詳細的說,驗證模組250可以依據執行於行動裝置120中之作業系統的類型與版本選擇透過裝置解鎖資料驗證使用者身份的方式,例如:驗證模組250可以選擇要求使用者透過行動裝置120的輸入單元輸入裝置解鎖資料,並呼叫執行於行動裝置120中之作業系統確認被輸入的裝置解鎖資料是否正確以驗證使用者身份;也可以選擇呼叫執行於行動裝置120中之作業系統所提供的螢幕解鎖應用程式介面以提供使用者輸入裝置解鎖資料,並透過螢幕解鎖應用程式介面判斷被輸入的裝置解鎖資料是否正確以驗證使用者身份;或可以選擇關閉螢幕等待使用者開啟螢幕並輸入裝置解鎖資料完成螢幕解鎖以確認使用者身份等,但驗證模組250的選擇驗證使用者身份的方式並不以上述為限。More specifically, the verification module 250 can select the method of verifying the user's identity through the device unlocking data according to the type and version of the operating system running on the mobile device 120. For example, the verification module 250 can choose to require the user to use the mobile device to verify the user's identity. The input unit of 120 inputs the device unlocking data, and calls the operating system executed in the mobile device 120 to confirm whether the inputted device unlocking data is correct to verify the user identity; it can also choose to call the operating system executed in the mobile device 120 to provide The screen unlocking application interface provides the user to input the device unlocking information, and through the screen unlocking application interface to determine whether the entered device unlocking information is correct to verify the user's identity; or you can choose to close the screen and wait for the user to turn on the screen and enter the device The unlocking data completes the screen unlocking to confirm the user's identity, etc., but the method selected by the verification module 250 to verify the user's identity is not limited to the above.

網路判斷模組260可以判斷行動裝置120當前是否選擇使用行動通訊網路,並可以在判斷行動裝置120當前未選擇使用行動通訊網路時,例如當前使用如WiFi等無線區域網路時,透過行動裝置120的輸出單元提示使用者將行動裝置120改為使用行動通訊網路。The network determination module 260 can determine whether the mobile device 120 currently chooses to use the mobile communication network, and can determine whether the mobile device 120 currently chooses to use the mobile communication network, for example, when using a wireless local area network such as WiFi, through the mobile device. The output unit of 120 prompts the user to change the mobile device 120 to use the mobile communication network.

在部分的實施例中,網路判斷模組260也可以在判斷行動裝置120當前未使用行動通訊網路時,透過行動裝置120的輸出單元提示使用者行動裝置120將改為使用行動通訊網路,並將行動裝置120切換為使用行動通訊網路。In some embodiments, the network determination module 260 can also prompt the user that the mobile device 120 will use the mobile communication network through the output unit of the mobile device 120 when it is determined that the mobile device 120 is not currently using the mobile communication network, and Switch the mobile device 120 to use the mobile communication network.

通訊模組280負責驅動行動裝置120上所安裝的SIM卡,藉以透過行動通訊網路與電信伺服器130連接。一般而言,通訊模組280在驅動SIM卡後,SIM卡可以依據所記錄之伺服器識別資料,透過通訊模組280與相對應的電信伺服器130建立連線,使得行動裝置120可以連線到與SIM卡對應的電信伺服器130。The communication module 280 is responsible for driving the SIM card installed on the mobile device 120 so as to connect with the telecommunication server 130 through the mobile communication network. Generally speaking, after the communication module 280 drives the SIM card, the SIM card can establish a connection with the corresponding telecommunication server 130 through the communication module 280 according to the recorded server identification data, so that the mobile device 120 can be connected to the telecommunications server 130 corresponding to the SIM card.

通訊模組280也負責將資料取得模組220所取得之裝置識別資料傳送到電信伺服器130,及接收電信伺服器130所傳送的許可信物(token)。其中,許可信物為電信伺服器130所產生的資料,將於說明電信伺服器130時進一步說明。The communication module 280 is also responsible for transmitting the device identification data obtained by the data obtaining module 220 to the telecommunications server 130 and receiving the permission token sent by the telecommunications server 130 . The license token is the data generated by the telecommunications server 130 , which will be further described when the telecommunications server 130 is described.

通訊模組280也負責經由應用主機111將電信伺服器130傳回的許可信物以及資料取得模組220所取得的使用者資料傳送至電信伺服器130,也可以經由應用主機111接收電信伺服器130所傳送的身份辨識結果。一般而言,通訊模組280是透過行動通訊網路與應用主機111交換資料,但在部分的實施例中,通訊模組280也可以透過無線區域網路與應用主機111交換資料,如此,通訊模組280可以透過應用主機111將許可信物以及使用者資料傳送給電信伺服器130並接收電信伺服器130所傳送的身份辨識結果。The communication module 280 is also responsible for transmitting the license token returned by the telecommunications server 130 and the user data obtained by the data obtaining module 220 to the telecommunications server 130 through the application host 111 , and can also receive the telecommunications server 130 through the application host 111 The transmitted identification result. Generally speaking, the communication module 280 exchanges data with the application host 111 through a mobile communication network, but in some embodiments, the communication module 280 can also exchange data with the application host 111 through a wireless local area network. In this way, the communication module The group 280 can transmit the license token and user data to the telecommunication server 130 through the application host 111 and receive the identification result transmitted by the telecommunication server 130 .

應用主機111可以透過有線或無線網路與身份識別主機112連接,也可以提供行動裝置120透過有線或無線網路連接。其中,應用主機111可以接收所連接之行動裝置120及/或身份識別主機112所傳送的資料或訊號,並可以傳送資料或訊號給所連接之行動裝置120及/或身份識別主機112。The application host 111 can be connected to the identification host 112 through a wired or wireless network, and can also provide the mobile device 120 with a wired or wireless network connection. The application host 111 can receive data or signals sent by the connected mobile device 120 and/or the identification host 112 , and can transmit the data or signals to the connected mobile device 120 and/or the identification host 112 .

應用主機111負責提供應用服務給行動裝置120,並可以在行動裝置請求特定的作業時,要求行動裝置120進行身份識別,例如,在行動裝置120請求註冊時等。The application host 111 is responsible for providing application services to the mobile device 120, and may request the mobile device 120 to perform identification when the mobile device 120 requests a specific operation, for example, when the mobile device 120 requests registration.

應用主機111也負責接收行動裝置120所傳送的許可信物以及使用者資料,並將所接收到的許可信物以及使用者資料傳送給身份識別主機112。The application host 111 is also responsible for receiving the license token and user data sent by the mobile device 120 , and transmitting the received license token and user data to the identification host 112 .

應用主機111也負責接收身份識別主機112所傳送的身份辨識結果,並依據所接收到的身份辨識結果選擇是否執行行動裝置120所請求的作業,也就是說,應用主機111可以在身份辨識結果表示身份辨識成功時,執行行動裝置120所請求的作業,並可以在身份辨識結果表示身份辨識失敗時,拒絕執行行動裝置120所請求的作業。The application host 111 is also responsible for receiving the identification result sent by the identification host 112, and selects whether to execute the operation requested by the mobile device 120 according to the received identification result. That is, the application host 111 can indicate in the identification result. When the identification is successful, the operation requested by the mobile device 120 is executed, and when the identification result indicates that the identification fails, the operation requested by the mobile device 120 can be refused to be executed.

身份識別主機112可以透過有線或無線網路分別與應用主機111以及身份驗證伺服器113連接,也可以接收應用主機111及/或身份驗證伺服器113所傳送的資料或訊號,並可以傳送資料或訊號給應用主機111及/或身份驗證伺服器113。The identification host 112 can be connected to the application host 111 and the authentication server 113 respectively through wired or wireless networks, and can also receive data or signals sent by the application host 111 and/or the authentication server 113, and can transmit data or The signal is sent to the application host 111 and/or the authentication server 113 .

身份識別主機112負責接收應用主機111所傳送的許可信物以及使用者資料,並將所接收到的許可信物以及使用者資料傳送給身份驗證伺服器113。身份識別主機112也負責接收身份驗證伺服器113所傳送的身份辨識結果,並將所接收到的身份辨識結果傳送給應用主機111。The identity recognition host 112 is responsible for receiving the license token and user data sent by the application host 111 , and sending the received license token and user data to the identity verification server 113 . The identity recognition host 112 is also responsible for receiving the identity recognition result sent by the identity verification server 113 , and transmitting the received identity recognition result to the application host 111 .

身份驗證伺服器113可以透過有線或無線網路分別與身份識別主機112以及電信伺服器130連接,也可以接收身份識別主機112及/或電信伺服器130所傳送的資料或訊號,並可以傳送資料或訊號給身份識別主機112及/或電信伺服器130。The identity verification server 113 can be connected to the identity identification host 112 and the telecommunication server 130 respectively through a wired or wireless network, and can also receive data or signals transmitted by the identity identification host 112 and/or the telecommunication server 130, and can transmit data or signal to the identification host 112 and/or the telecommunication server 130 .

身份驗證伺服器113負責接收身份識別主機112所傳送的許可信物以及使用者資料,並將所接收到的許可信物以及使用者資料傳送給電信伺服器130。身份驗證伺服器113也負責接收電信伺服器130所傳送的身份辨識結果,並將所接收到的身份辨識結果傳送給身份識別主機112。The identity verification server 113 is responsible for receiving the license token and user data sent by the identity identification host 112 , and transmitting the received license token and user data to the telecommunications server 130 . The identity verification server 113 is also responsible for receiving the identity recognition result sent by the telecommunication server 130 , and transmitting the received identity recognition result to the identity recognition host 112 .

在部分的實施例中,應用主機111、身份識別主機112、身份驗證伺服器113可以包含在服務伺服器110中,如「第1B圖」所示。其中,服務伺服器110可以包含應用主機111、身份識別主機112、以及身份驗證伺服器113等實體的計算裝置,例如刀鋒伺服器等;服務伺服器110也可以是整合應用主機111對行動裝置120之所有功能以及身份驗證伺服器113對電信伺服器130之所有功能的伺服器。也就是說,服務伺服器110可以透過有線或無線網路與電信伺服器130連接,也可以提供行動裝置120透過有線或無線網路連接。其中,服務伺服器110可以接收所連接之行動裝置120及/或電信伺服器130所傳送的資料或訊號,並可以傳送資料或訊號給所連接之行動裝置120及/或電信伺服器130。如此,服務伺服器110可以提供行動裝置120應用服務,並可以將行動裝置120所傳送的許可信物與使用者資料傳送至電信伺服器130。In some embodiments, the application host 111 , the identification host 112 , and the authentication server 113 may be included in the service server 110 , as shown in FIG. 1B . The service server 110 may include a computing device such as an application host 111 , an identification host 112 , an authentication server 113 and other entities, such as a blade server; the service server 110 may also be an integrated application host 111 to the mobile device 120 All functions of the authentication server 113 to all functions of the telecommunications server 130. That is, the service server 110 can be connected to the telecommunication server 130 through a wired or wireless network, and can also provide the mobile device 120 with a wired or wireless network connection. The service server 110 can receive data or signals transmitted by the connected mobile device 120 and/or the telecommunications server 130 , and can transmit the data or signals to the connected mobile device 120 and/or the telecommunications server 130 . In this way, the service server 110 can provide the mobile device 120 application service, and can transmit the license token and user data transmitted by the mobile device 120 to the telecommunications server 130 .

另外,在部分的實施例中,也可以選擇整合應用主機111與身份識別主機112,使得行動裝置120將許可信物與使用者資料透過整合後的計算裝置與身份驗證伺服器傳送給電信伺服器130,或可以選擇整合身份識別主機112與身份驗證伺服器113,使得行動裝置120將許可信物與使用者資料透過應用主機111與整合後的計算裝置傳送給電信伺服器130,本發明不多加贅述。In addition, in some embodiments, the application host 111 and the identity identification host 112 can also be selected to be integrated, so that the mobile device 120 transmits the license token and user data to the telecommunications server 130 through the integrated computing device and the identity verification server. , or can choose to integrate the identity recognition host 112 and the identity verification server 113, so that the mobile device 120 transmits the credentials and user data to the telecommunications server 130 through the application host 111 and the integrated computing device, which is not repeated in the present invention.

電信伺服器130可以透過行動通訊網路提供行動裝置120連接,也可以透過有線或無線網路與身份驗證伺服器113連接。電信伺服器130可以接收行動裝置120及/或身份驗證伺服器113所傳送的資料或訊號,並可以傳送資料或訊號給行動裝置120及/或身份驗證伺服器113。The telecommunication server 130 can provide the connection of the mobile device 120 through a mobile communication network, and can also be connected to the authentication server 113 through a wired or wireless network. The telecommunication server 130 can receive data or signals transmitted by the mobile device 120 and/or the authentication server 113 , and can transmit the data or signals to the mobile device 120 and/or the authentication server 113 .

電信伺服器130負責接收行動裝置120所傳送的裝置識別資料。在部分的實施例中,電信伺服器130可以判斷裝置識別資料是否為電信伺服器130所屬之電信單位或電信機關所發出,例如,電信單位或電信機關為電信公司時,電信伺服器130可以判斷所接收到的裝置識別資料是否被所屬電信公司預先建立之資料記錄所涵蓋(如資料記錄中記載裝置識別資料或資料記錄所記載之一段範圍包含裝置識別資料等),但本發明並不以此為限。電信伺服器130也可以在判斷裝置識別資料不為所屬之電信單位或電信機關所發出時,拒絕提供行動通訊的服務給行動裝置120。The telecommunication server 130 is responsible for receiving the device identification data transmitted by the mobile device 120 . In some embodiments, the telecommunication server 130 can determine whether the device identification data is issued by a telecommunication unit or a telecommunication institution to which the telecommunication server 130 belongs. For example, when the telecommunication unit or telecommunication institution is a telecommunication company, the telecommunication server 130 can determine whether Whether the received device identification data is covered by the data record pre-established by the telecommunications company (for example, the device identification data is recorded in the data record or a range recorded in the data record includes the device identification data, etc.), but the present invention does not use this limited. The telecommunication server 130 may also refuse to provide the mobile communication service to the mobile device 120 when it is determined that the device identification data is not issued by the telecommunication unit or telecommunication agency to which it belongs.

電信伺服器130也負責產生與所接收到之裝置識別資料對應的許可信物。一般而言,電信伺服器130所產生的許可信物為對特定資料進行特定編碼方式所產生的資料,通常是由一定數量的字母、數字、符號任意排列而成,且具有時間性。例如,許可信物可以是電信伺服器130對特定資料進行雜湊運算所產生的資料,其中,上述之特定資料包含但不限於裝置識別資料、與裝置識別資料對應之門號、與裝置識別資料對應之使用者的生日、電信伺服器130的伺服器識別資料及/或時間戳等項目,本發明並沒有特別的限制。當特定資料包含兩種或多種項目時,各種項目之間可以預定的順序或位置排列。The telecommunications server 130 is also responsible for generating a license token corresponding to the received device identification data. Generally speaking, the license token generated by the telecommunication server 130 is data generated by performing a specific encoding method on specific data, and is usually formed by a certain number of letters, numbers, and symbols arranged arbitrarily, and is temporal. For example, the license token may be the data generated by the telecommunications server 130 performing hash operation on specific data, wherein the above-mentioned specific data includes but not limited to the device identification data, the gate number corresponding to the device identification data, and the device identification data corresponding to the data. Items such as the user's birthday, the server identification data of the telecommunication server 130 and/or the time stamp are not particularly limited in the present invention. When a specific material contains two or more kinds of items, the various items may be arranged in a predetermined order or position.

電信伺服器130也負責接收身份驗證伺服器113所傳送的許可信物以及使用者資料,並負責依據所接收到的許可信物及使用者資料產生身份辨識結果,並傳送身份辨識結果至服務伺服器110或身份驗證伺服器113。The telecommunications server 130 is also responsible for receiving the license token and user data sent by the identity verification server 113 , and is responsible for generating an identity recognition result based on the received license token and user data, and sending the identity recognition result to the service server 110 or authentication server 113.

電信伺服器130可以依據所接收到的許可信物是否為電信伺服器130所產生、所接收到之使用者資料中的門號是否包含於電信伺服器130預先建立的資料記錄中、使用者資料中的門號是否與許可信物對應、及使用者資料中的門號是否與使用者資料中的身份識別資料對應進行判斷並可以在判斷後產生相對應的身份辨識結果。例如,電信伺服器130可以使用與產生許可信物相同的項目、排列順序/位置以及編碼方式,對所接收到之使用者資料中的門號(及使用者的生日)以及電信伺服器130的伺服器識別資料等資料進行編碼,並比對編碼後的資料以及許可信物,當兩者相同時,表示許可信物為電信伺服器130所產生且使用者資料中的門號與許可信物對應,反之,則表示許可信物不是電信伺服器130產生及/或使用者資料中的門號不與許可信物對應,但電信伺服器130判斷許可信物是否為電信伺服器130所產生及使用者資料中的門號是否與許可信物對應的方式並不以上述為限。其中,電信伺服器130在上述任一項目判斷為否時,可以產生表示辨識失敗的身份辨識結果;而當電信伺服器130在上述所有項目都判斷為是時,可以產生表示辨識成功的身份辨識結果。也就是說,當身份辨識結果表示身份辨識成功時,也就表示電信伺服器130判斷行動裝置120之使用者與電信伺服器130所記錄之資料相符,可以確認行動裝置120之使用者的身份;而當身份辨識結果表示身份辨識失敗時,表示電信伺服器130無法確認行動裝置之使用者的身份。The telecommunications server 130 can determine whether the received license token is generated by the telecommunications server 130, and whether the door number in the received user data is included in the data record pre-established by the telecommunications server 130, or in the user data. Whether the door number corresponding to the license token and whether the door number in the user data corresponds to the identification data in the user data is judged, and a corresponding identification result can be generated after the judgment. For example, the telecommunication server 130 can use the same items, arrangement order/position and coding method as that used to generate the license token, and the telecommunication server 130 can use the same items, arrangement order/position and coding method to process the gate number (and the user's birthday) in the received user data and the telecommunication server 130 The device identification data and other data are encoded, and the encoded data and the license token are compared. When the two are the same, it means that the license token is generated by the telecommunications server 130 and the door number in the user data corresponds to the license token. Otherwise, It means that the license token is not generated by the telecom server 130 and/or the door number in the user data does not correspond to the license token, but the telecom server 130 determines whether the license token is generated by the telecom server 130 and the door number in the user data Whether it corresponds to the license token is not limited to the above. Wherein, when the telecommunication server 130 determines that any of the above items is negative, it can generate an identification result indicating that the identification fails; and when the telecommunication server 130 determines that all the above items are yes, it can generate an identification result indicating that the identification is successful. result. That is to say, when the identification result indicates that the identification is successful, it also means that the telecommunication server 130 determines that the user of the mobile device 120 is consistent with the data recorded by the telecommunication server 130, and the identity of the user of the mobile device 120 can be confirmed; When the identification result indicates that the identification fails, it indicates that the telecommunications server 130 cannot confirm the identity of the user of the mobile device.

接著以一個實施例來解說本發明的運作系統與方法,並請參照「第3A圖」本發明所提之以裝置識別資料透過電信伺服器識別身份之方法流程圖。在本實施例中,假設行動裝置120為手機,且服務伺服器110由應用主機111、身份識別主機112、以及身份驗證伺服器113等計算設備組成,但本發明並不以此為限。Next, an embodiment is used to explain the operation system and method of the present invention, and please refer to "FIG. 3A" for the flow chart of the method of identifying the identity through the telecommunication server with the device identification data mentioned in the present invention. In this embodiment, it is assumed that the mobile device 120 is a mobile phone, and the service server 110 is composed of computing devices such as an application host 111 , an identification host 112 , and an authentication server 113 , but the invention is not limited to this.

當使用者操作行動裝置120開啟包含身份識別元件200之應用程式後,使用者可以操作行動裝置120執行應用程式中的各種功能。在本實施例中,假設應用程式為政府機關所提供的服務程式,使用者在使用應用程式中的特定功能前,需要先進行使用者註冊的作業。After the user operates the mobile device 120 to open the application program including the identification element 200 , the user can operate the mobile device 120 to execute various functions in the application program. In the present embodiment, it is assumed that the application program is a service program provided by a government agency, and a user needs to perform a user registration operation before using a specific function in the application program.

在使用者選擇執行應用程式中的註冊功能後,應用程式可以顯示個人資料的授權條款並詢問使用者是否同意,使用者在同意授權條款後,應用程式可以顯示輸入使用者資料的使用者介面。在本實施例中,假設使用者資料包含使用者在行動裝置120上所使用的門號、身份證號、生日、以及其他註冊時所需要的個人資料,例如,性別、電子郵件地址、戶籍地址、通信地址等。After the user chooses to perform the registration function in the application, the application can display the authorization terms of personal data and ask the user whether to agree. After the user agrees to the authorization terms, the application can display the user interface for inputting user information. In this embodiment, it is assumed that the user information includes the user's door number, ID number, birthday, and other personal information required for registration, such as gender, email address, and household registration address, which is used by the user on the mobile device 120 . , mailing address, etc.

在使用者完成使用者資料的輸入後,應用程式可以呼叫身份識別元件200,使得身份識別元件200開始執行,如此,身份識別元件200的資料取得模組220可以取得裝置識別資料以及使用者資料(步驟330)。在本實施例中,假設裝置識別資料為行動裝置120所安裝之SIM卡的卡號,則資料取得模組220可以讀取SIM卡的卡號,並可以取得使用者在使用者介面所輸入的使用者資料。After the user completes the input of the user data, the application program can call the identification element 200 to start the identification element 200 to execute. In this way, the data acquisition module 220 of the identification element 200 can obtain the device identification data and the user data ( step 330). In this embodiment, assuming that the device identification data is the card number of the SIM card installed in the mobile device 120, the data obtaining module 220 can read the card number of the SIM card, and can obtain the user input by the user on the user interface. material.

在身份識別元件200的資料取得模組220取得裝置識別資料以及使用者資料(步驟330)後,身份識別元件200的通訊模組280可以透過行動通訊網路傳送資料取得模組220所取得之裝置識別資料到電信伺服器130(步驟360)。After the data obtaining module 220 of the identification element 200 obtains the device identification data and user data (step 330 ), the communication module 280 of the identification element 200 can transmit the device identification obtained by the data obtaining module 220 through the mobile communication network data to the telecommunications server 130 (step 360).

在本實施例中,假設身份識別元件200包含驗證模組250,則在身份識別元件200的通訊模組280透過行動通訊網路傳送裝置識別資料到電信伺服器130(步驟360)前,驗證模組250可以先呼叫行動裝置120的作業系統所提供的應用程式介面(API),使得行動裝置120的作業系統要求行動裝置120的使用者輸入裝置解鎖資料並驗證使用者輸入的裝置解鎖資料(步驟340),藉以驗證使用者身份。通訊模組280可以在驗證模組250判斷裝置解鎖資料通過行動裝置120之作業系統的驗證後才傳送裝置識別資料至電信伺服器130(步驟360)。需要說明的是,身份識別元件200的資料取得模組220與驗證模組250並沒有執行先後次序的關係,但一般而言,驗證模組250通常可以在身份識別元件200的資料取得模組220取得裝置識別資料以及使用者資料(步驟330)後,才呼叫行動裝置120的作業系統,使得行動裝置120的作業系統判斷使用者輸入的裝置解鎖資料是否通過驗證(步驟340)。In this embodiment, assuming that the identification element 200 includes the verification module 250 , before the communication module 280 of the identification element 200 transmits the device identification data to the telecommunication server 130 through the mobile communication network (step 360 ), the verification module 250 may first call an application programming interface (API) provided by the operating system of the mobile device 120, so that the operating system of the mobile device 120 requires the user of the mobile device 120 to input the device unlocking data and verify the device unlocking data input by the user (step 340 ). ) to authenticate the user. The communication module 280 may transmit the device identification data to the telecommunications server 130 after the verification module 250 determines that the device unlocking data is verified by the operating system of the mobile device 120 (step 360 ). It should be noted that the data acquisition module 220 of the identification element 200 and the verification module 250 are not in the order of execution, but generally speaking, the verification module 250 can usually be used in the data acquisition module 220 of the identification element 200 After obtaining the device identification data and user data (step 330 ), the operating system of the mobile device 120 is called, so that the operating system of the mobile device 120 determines whether the device unlocking data input by the user is verified (step 340 ).

在身份識別元件200的通訊模組280透過行動通訊網路傳送裝置識別資料到電信伺服器130(步驟360)後,電信伺服器130可以傳送許可信物至行動裝置120(步驟370)。在本實施例中,假設電信伺服器130在接收到行動裝置120所傳送的裝置識別資料後,可以判斷所接收到的裝置識別資料是否由電信伺服器130所屬的電信公司所發出,也就是判斷所接收到的裝置識別資料是否包含於電信伺服器130所屬的電信公司預先建立之資料記錄中,若是,則可以產生許可信物並將所產生的許可信物傳回行動裝置120;而若電信伺服器130判斷所接收到的裝置識別資料未包含於預先建立之資料記錄中,則可以不產生許可信物或拒絕傳回許可信物。After the communication module 280 of the identification element 200 transmits the device identification data to the telecommunication server 130 through the mobile communication network (step 360 ), the telecommunication server 130 may transmit the permission token to the mobile device 120 (step 370 ). In this embodiment, it is assumed that after receiving the device identification data transmitted by the mobile device 120, the telecommunication server 130 can determine whether the received device identification data is issued by the telecommunication company to which the telecommunication server 130 belongs, that is Whether the received device identification data is included in the data record pre-established by the telecommunications company to which the telecommunications server 130 belongs, and if so, a license token can be generated and the generated license token can be sent back to the mobile device 120; 130 judging that the received device identification data is not included in the pre-established data record, the permission token may not be generated or the permission token may be refused to be returned.

在身份識別元件200的通訊模組280透過行動通訊網路接收到電信伺服器130所傳送的許可信物後,通訊模組280可以經由服務伺服器110將接收自電信伺服器130的許可信物以及資料取得模組220所取得的使用者資料傳送到電信伺服器130(步驟380)。在本實施例中,也就是通訊模組280將許可信物以及使用者資料傳送給應用主機111,並由身份識別主機112透過身份驗證伺服器113將應用主機111所接收到的許可信物以及使用者資料轉送給電信伺服器130。After the communication module 280 of the identification element 200 receives the license token sent by the telecommunications server 130 through the mobile communication network, the communication module 280 can obtain the license token and data received from the telecommunications server 130 through the service server 110 The user data obtained by the module 220 is sent to the telecommunications server 130 (step 380). In this embodiment, that is, the communication module 280 transmits the license token and user data to the application host 111 , and the identity recognition host 112 transmits the license token and user data received by the application host 111 through the authentication server 113 . The data is forwarded to the telecommunications server 130 .

在電信伺服器130接收到行動裝置120所傳送的許可信物以及使用者資料後,電信伺服器130可以依據所接收到的許可信物以及使用者資料產生身份辨識結果。在本實施例中,假設電信伺服器130可以先判斷所接收到的許可信物是否為電信伺服器130所產生,若否,則電信伺服器130可以產生表示辨識失敗的身份辨識結果;若是,電信伺服器130可以接著判斷所接收到之使用者資料中的門號是否包含於預先建立之資料記錄中,若否,則電信伺服器130可以產生表示辨識失敗的身份辨識結果;若是,電信伺服器130可以繼續判斷使用者資料中的門號是否與許可信物對應,若否,則電信伺服器130可以產生表示辨識失敗的身份辨識結果;若是,電信伺服器130再判斷門號與使用者資料中的身份識別資料是否對應,若否,則電信伺服器130可以產生表示辨識失敗的身份辨識結果;若是,電信伺服器130可以產生表示辨識成功的身份辨識結果。After the telecommunication server 130 receives the permission token and the user data sent by the mobile device 120 , the telecommunication server 130 can generate an identification result according to the received permission token and the user data. In this embodiment, it is assumed that the telecommunications server 130 can first determine whether the received license token is generated by the telecommunications server 130. If not, the telecommunications server 130 can generate an identification result indicating that the identification fails; The server 130 can then determine whether the door number in the received user data is included in the pre-established data record; if not, the telecommunications server 130 can generate an identification result indicating that the identification fails; if so, the telecommunications server 130 can continue to determine whether the door number in the user data corresponds to the license token, if not, the telecommunication server 130 can generate an identification result indicating that the identification fails; Whether the identification information corresponding to the telecommunication server 130 can generate an identification result indicating that the identification fails; if so, the telecommunication server 130 can generate an identification result indicating that the identification is successful.

在電信伺服器130依據所接收到的許可信物以及使用者資料產生身份辨識結果後,可以將所產生的身份辨識結果傳送給服務伺服器110(步驟390)。在本實施例中,電信伺服器130可以將身份辨識結果傳送給身份驗證伺服器113,並由身份識別主機112將身份驗證伺服器113所接收到的身份辨識結果轉送給應用主機111,使得應用主機111可以依據身份辨識結果選擇是否完成行動裝置120所請求的註冊作業。當身份辨識結果表示辨識失敗時,應用主機111可以判斷使用者資料中的門號並非由與使用者資料中之身份證號對應的使用者所使用,因此可以認定使用者的資料有誤,拒絕行動裝置120的註冊作業;而當身份辨識結果表示辨識成功時,應用主機111可以判斷使用者資料中的門號確實由與使用者資料中之身份證號對應的使用者所使用,因此,可以認定使用者身份為真,如此,應用主機111可以完成行動裝置120的註冊作業,也就是將使用者資料寫入會員資料庫中。如此,透過本發明,服務伺服器110便可以透過電信伺服器130取得行動裝置120的身份辨識結果,藉以透過使用者資料的正確性確認使用者的身份。After the telecommunications server 130 generates an identification result according to the received license token and user data, the generated identification result may be transmitted to the service server 110 (step 390 ). In this embodiment, the telecommunication server 130 may transmit the identification result to the authentication server 113, and the identification host 112 will forward the identification result received by the authentication server 113 to the application host 111, so that the application The host 111 can select whether to complete the registration operation requested by the mobile device 120 according to the identification result. When the identification result indicates that the identification fails, the application host 111 can determine that the door number in the user data is not used by the user corresponding to the ID number in the user data, so it can determine that the user's data is incorrect and reject The registration operation of the mobile device 120; and when the identification result indicates that the identification is successful, the application host 111 can determine that the door number in the user information is indeed used by the user corresponding to the ID number in the user information. It is determined that the user identity is true. In this way, the application host 111 can complete the registration operation of the mobile device 120, that is, write the user information into the member database. Thus, through the present invention, the service server 110 can obtain the identification result of the mobile device 120 through the telecommunication server 130, so as to confirm the user's identity through the correctness of the user data.

上述實施例中,若身份識別元件200還包含網路判斷模組260,則如「第3B圖」之流程所示,在身份識別元件200的資料取得模組220可以取得裝置識別資料以及使用者資料(步驟330)前,網路判斷模組260可以先判斷行動裝置120是否使用行動通訊網路(步驟321),若網路判斷模組260判斷行動裝置120當前使用行動通訊網路,則資料取得模組220可以取得裝置識別資料以及使用者資料(步驟330);而若網路判斷模組260判斷行動裝置120當前並非使用行動通訊網路,例如判斷當前使用WiFi等無線區域網路,則網路判斷模組260可以提示使用者將行動裝置120設定為使用行動通訊網路(步驟325),或可以直接關閉行動裝置120的無線區域網路功能,藉以將行動裝置120設定為使用行動通 訊網路。In the above-mentioned embodiment, if the identification element 200 further includes the network determination module 260, as shown in the flow of "FIG. 3B", the data acquisition module 220 of the identification element 200 can obtain the device identification data and the user. Before the data (step 330 ), the network determination module 260 can first determine whether the mobile device 120 uses the mobile communication network (step 321 ). If the network determination module 260 determines that the mobile device 120 is currently using the mobile communication network, the data acquisition module The group 220 can obtain the device identification data and user data (step 330 ); and if the network determination module 260 determines that the mobile device 120 is not currently using a mobile communication network, for example, determines that a wireless local area network such as WiFi is currently used, the network determines The module 260 may prompt the user to configure the mobile device 120 to use the mobile communication network (step 325 ), or may directly disable the wireless LAN function of the mobile device 120 to configure the mobile device 120 to use the mobile communication network.

另外,上述實施例中,若身份識別元件200還包含資料輸入模組240,則包含身份識別元件200的應用程式可以在使用者選擇執行註冊功能後,由資料輸入模組240提供使用者輸入使用者資料,使得身份識別元件200的資料取得模組220可以取得裝置識別資料以及使用者資料(步驟330)。其中,在資料取得模組220可以取得裝置識別資料以及使用者資料(步驟330)時,資料取得模組220可以如「第3C圖」之流程所示,先判斷是否偵測到兩個或兩個以上的裝置識別資料(步驟311),若否,則資料取得模組220可以直接取得裝置識別資料以及使用者資料(步驟330);而若資料取得模組220偵測到多個裝置識別資料,則資料取得模組220可以提示使用者在使用者資料中輸入與行動裝置120用來使用之行動通訊網路之SIM卡對應的門號(步驟315),並在使用者確認後取得裝置識別資料以及使用者資料(步驟330)。In addition, in the above-mentioned embodiment, if the identification element 200 further includes the data input module 240, the application program including the identification element 200 can be provided by the data input module 240 after the user chooses to perform the registration function to provide user input for use. user data, so that the data obtaining module 220 of the identification element 200 can obtain the device identification data and user data (step 330). Wherein, when the data obtaining module 220 can obtain the device identification data and the user data (step 330 ), the data obtaining module 220 can first determine whether two or two or two are detected as shown in the flow of “Figure 3C”. more than one device identification data (step 311), if not, the data obtaining module 220 can directly obtain the device identification data and user data (step 330); and if the data obtaining module 220 detects multiple device identification data , the data obtaining module 220 can prompt the user to input the door number corresponding to the SIM card of the mobile communication network used by the mobile device 120 in the user data (step 315 ), and obtain the device identification data after the user confirms and user data (step 330).

綜上所述,可知本發明與先前技術之間的差異在於具有行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器並接收電信伺服器所傳回的許可信物後,經由服務伺服器傳送許可信物以及使用者資料至電信伺服器,電信伺服器依據許可信物及使用者資料產生身份辨識結果並傳送身份辨識結果給服務伺服器之技術手段,藉由此一技術手段可以解決先前技術所存在行動裝置不易連接硬體載具以辨識使用者身份的問題,進而達成單獨使用行動裝置完成身份辨識的技術功效。From the above, it can be seen that the difference between the present invention and the prior art is that the mobile device transmits the device identification data to the telecommunication server through the mobile communication network and receives the license token returned by the telecommunication server, and then transmits the license through the service server. The token and user data are sent to the telecommunications server, and the telecommunications server generates an identification result according to the license token and user data and transmits the identification result to the service server. The technical means can solve the existing actions of the prior art by this technical means The problem is that the device is not easy to connect to the hardware carrier to identify the user's identity, so as to achieve the technical effect of using the mobile device alone to complete the identity identification.

再者,本發明之以裝置識別資料透過電信伺服器識別身份之方法,可實現於硬體、軟體或硬體與軟體之組合中,亦可在電腦系統中以集中方式實現或以不同元件散佈於若干互連之電腦系統的分散方式實現。Furthermore, the method for identifying an identity through a telecommunication server using device identification data of the present invention can be implemented in hardware, software, or a combination of hardware and software, and can also be implemented in a centralized manner in a computer system or distributed with different components. Implemented in a decentralized manner across several interconnected computer systems.

雖然本發明所揭露之實施方式如上,惟所述之內容並非用以直接限定本發明之專利保護範圍。任何本發明所屬技術領域中具有通常知識者,在不脫離本發明所揭露之精神和範圍的前提下,對本發明之實施的形式上及細節上作些許之更動潤飾,均屬於本發明之專利保護範圍。本發明之專利保護範圍,仍須以所附之申請專利範圍所界定者為準。Although the embodiments disclosed in the present invention are as above, the above-mentioned contents are not intended to directly limit the scope of the patent protection of the present invention. Any person with ordinary knowledge in the technical field to which the present invention pertains, without departing from the spirit and scope disclosed by the present invention, makes slight modifications to the form and details of the implementation of the present invention, all belong to the patent protection of the present invention Scope. The scope of patent protection of the present invention shall still be defined by the appended patent application scope.

110:服務伺服器111:應用主機112:身份識別主機113:身份驗證伺服器120:行動裝置130:電信伺服器200:身份識別元件220:資料取得模組240:資料輸入模組250:驗證模組260:網路判斷模組280:通訊模組步驟311:行動裝置判斷是否取得多個裝置識別資料步驟315:行動裝置提示輸入與行動通訊網路對應之裝置識別資料對應之門號步驟321:行動裝置判斷是否使用行動通訊網路步驟325:行動裝置提示改用行動通訊網路步驟330:行動裝置取得裝置識別資料及使用者資料步驟340:行動裝置判斷裝置解鎖資料是否通過驗證步驟360:行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器步驟370:電信伺服器傳送許可信物至行動裝置步驟380:行動裝置經由服務伺服器傳送許可信物與使用者資料至電信伺服器步驟390:電信伺服器依據許可信物及使用者資料產生身份辨識結果,並傳送身份辨識結果至服務伺服器110: Service server 111: Application host 112: Identification host 113: Authentication server 120: Mobile device 130: Telecom server 200: Identification element 220: Data acquisition module 240: Data input module 250: Verification module Group 260: Network Judgment Module 280: Communication Module Step 311: The mobile device judges whether to obtain multiple device identification data Step 315: The mobile device prompts to input the door number corresponding to the device identification data corresponding to the mobile communication network Step 321: Action The device determines whether to use the mobile communication network. Step 325: The mobile device prompts to switch to the mobile communication network. Step 330: The mobile device obtains the device identification data and user data. Step 340: The mobile device determines whether the device unlocking data has passed the verification. The communication network sends the device identification data to the telecommunications server. Step 370: The telecommunications server sends the permission token to the mobile device. Step 380: The mobile device sends the permission token and user data to the telecommunications server through the service server. Step 390: The telecommunications server complies with the permission. The token and user data generate the identification result, and send the identification result to the service server

第1A圖為本發明所提之以裝置識別資料透過電信伺服器識別身份之系統架構圖。 第1B圖為本發明所提之另一種以裝置識別資料透過電信伺服器識別身份之系統架構圖。 第2圖為本發明所提之行動裝置之元件示意圖。 第3A圖為本發明所提之以裝置識別資料透過電信伺服器識別身份之方法流程圖。 第3B圖為本發明所提之提示切換網路之方法流程圖。 第3C圖為本發明所提之提示輸入用以使用行動通訊網路之門號之方法流程圖。FIG. 1A is a schematic diagram of a system for identifying an identity through a telecommunication server with device identification data according to the present invention. FIG. 1B is another system architecture diagram of identifying an identity through a telecommunication server using device identification data according to the present invention. FIG. 2 is a schematic diagram of the components of the mobile device according to the present invention. FIG. 3A is a flow chart of a method for identifying an identity through a telecommunication server using device identification data according to the present invention. FIG. 3B is a flow chart of the method for prompting network switching proposed by the present invention. FIG. 3C is a flow chart of the method for prompting input of a door number for using a mobile communication network according to the present invention.

步驟330:行動裝置取得裝置識別資料及使用者資料 Step 330: The mobile device obtains device identification data and user data

步驟340:行動裝置判斷裝置解鎖資料是否通過驗證 Step 340: The mobile device determines whether the device unlocking data has passed the verification

步驟360:行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器 Step 360: The mobile device transmits the device identification data to the telecommunication server through the mobile communication network

步驟370:電信伺服器傳送許可信物至行動裝置 Step 370: The telecommunications server sends the license token to the mobile device

步驟380:行動裝置經由服務伺服器傳送許可信物與使用者資料至電信伺服器 Step 380: The mobile device sends the license token and user data to the telecommunications server via the service server

步驟390:電信伺服器依據許可信物及使用者資料產生身份辨識結果,並傳送身份辨識結果至服務伺服器 Step 390: The telecommunication server generates an identification result according to the license token and user data, and transmits the identification result to the service server

Claims (10)

一種以裝置識別資料透過電信伺服器識別身份之方法,該方法至少包含下列步驟:一行動裝置取得一使用者資料,並由該行動裝置上取得一裝置識別資料,該使用者資料包含一門號及一身分識別資料;該行動裝置透過行動通訊網路傳送該裝置識別資料至一電信伺服器;該電信伺服器判斷該裝置識別資料為該電信伺服器所屬之電信單位或電信機關所發出時,傳送與該裝置識別資料對應之一許可信物至該行動裝置;該行動裝置透過行動通訊網路經由一服務伺服器傳送該許可信物與該使用者資料至該電信伺服器;及該電信伺服器對該許可信物及該使用者資料進行判斷以產生一身份辨識結果,並傳送該身份辨識結果至該服務伺服器,其中,上述判斷包含判斷該許可信物是否為該電信伺服器產生、該門號與該許可信物是否對應、該門號與該身分識別資料是否對應。 A method for identifying an identity through a telecommunication server with device identification data, the method at least comprises the following steps: a mobile device obtains a user data, and obtains a device identification data from the mobile device, the user data includes a door number and Identity data; the mobile device transmits the device identification data to a telecommunication server through the mobile communication network; when the telecommunication server determines that the device identification data is issued by the telecommunication unit or telecommunication agency to which the telecommunication server belongs, the mobile device transmits and transmits the device identification data to a telecommunication server. The device identification data corresponds to a license token to the mobile device; the mobile device transmits the license token and the user data to the telecommunications server through a service server through a mobile communication network; and the telecommunications server sends the license token and the user data to make a judgment to generate an identification result, and send the identification result to the service server, wherein the above judgment includes judging whether the license token is generated by the telecommunications server, the door number and the license token Whether it corresponds, whether the door number corresponds to the identity information. 如申請專利範圍第1項所述之以裝置識別資料透過電信伺服器識別身份之方法,其中該方法於該行動裝置透過行動通訊網路傳送該裝置識別資料至該電信伺服器之步驟前,更包含該行動裝置判斷該行動裝置當前未使用行動通訊網路時,提示改用行動通訊網路之步驟。 The method for identifying an identity through a telecommunication server using device identification data as described in item 1 of the scope of the patent application, wherein before the step of the mobile device transmitting the device identification data to the telecommunication server through a mobile communication network, the method further comprises: When the mobile device determines that the mobile device is not currently using the mobile communication network, it prompts the step of using the mobile communication network instead. 如申請專利範圍第1項所述之以裝置識別資料透過電信伺服器識別身份之方法,其中該方法於該行動裝置透過行動通訊網路傳送該裝置識別資 料至該電信伺服器之步驟前,更包含該行動裝置提供輸入一裝置解鎖資料並驗證該裝置解鎖資料之步驟。 The method for identifying an identity through a telecommunication server using device identification information as described in item 1 of the scope of the patent application, wherein the method transmits the device identification information through the mobile communication network in the mobile device Before the step of predicting the telecommunication server, the mobile device further includes a step of inputting a device unlocking data provided by the mobile device and verifying the device unlocking data. 如申請專利範圍第1項所述之以裝置識別資料透過電信伺服器識別身份之方法,其中該方法於該行動裝置取得該裝置識別資料及該使用者資料之步驟,更包含該行動裝置判斷該行動裝置取得該裝置識別資料外之其他裝置識別資料時,提示於該使用者資料中輸入與該裝置識別資料對應之門號之步驟。 As described in item 1 of the scope of the patent application, the method for identifying an identity through a telecommunication server using device identification data, wherein the method obtains the device identification data and the user data from the mobile device, and further includes the mobile device determining the When the mobile device obtains other device identification data other than the device identification data, it prompts the user to enter the door number corresponding to the device identification data in the user data. 如申請專利範圍第1項所述之以裝置識別資料透過電信伺服器識別身份之方法,其中該行動裝置取得該使用者資料之步驟為該行動裝置讀取使用者所輸入之該使用者資料。 The method for identifying an identity through a telecommunication server using device identification data as described in item 1 of the scope of the patent application, wherein the step of obtaining the user data by the mobile device is that the mobile device reads the user data input by the user. 一種以裝置識別資料透過電信伺服器識別身份之系統,該系統至少包含:一服務伺服器;一電信伺服器,與該服務伺服器連接;及一行動裝置,用以執行一身份識別元件,該身份識別元件包含:一資料取得模組,用以獲取一使用者資料及由該行動裝置上取得一裝置識別資料,其中,該使用者資料包含一門號及一身分識別資料;及一通訊模組,用以透過行動通訊網路傳送該裝置識別資料至該電信伺服器,並接收該電信伺服器在判斷該裝置識別資料為該電信伺服器所屬之電信單位或電信機關所發出時所傳送之與該裝置識別資料對應之一許可信物,及用以透過行動通訊網路經由該服務伺服器傳送該許可信物與該使用者資料至該電信伺服器,使該電信伺服器對該許可 信物及該使用者資料進行判斷以產生一身份辨識結果,並傳送該身份辨識結果至該服務伺服器,其中,上述判斷包含判斷該許可信物是否為該電信伺服器產生、該門號與該許可信物是否對應、該門號與該身分識別資料是否對應。 A system for identifying an identity through a telecommunication server with device identification data, the system at least comprises: a service server; a telecommunication server connected to the service server; and a mobile device for executing an identity identification element, the The identification element includes: a data acquisition module for acquiring a user data and obtaining a device identification data from the mobile device, wherein the user data includes a door number and an identification data; and a communication module , used to transmit the device identification data to the telecommunications server through the mobile communication network, and receive the information sent by the telecommunications server when it determines that the device identification data is issued by the telecommunications unit or telecommunications agency to which the telecommunications server belongs. A license token corresponding to the device identification data, and used to transmit the license token and the user data to the telecommunications server through the service server through the mobile communication network, so that the telecommunications server can obtain the license The token and the user data are judged to generate an identity recognition result, and the identity recognition result is sent to the service server, wherein the above judgment includes judging whether the license token is generated by the telecommunications server, the door number and the license Whether the token corresponds, and whether the door number corresponds to the identity information. 如申請專利範圍第6項所述之以裝置識別資料透過電信伺服器識別身份之系統,其中該身份識別元件更包含一網路判斷模組,用以判斷該行動裝置當前是否使用行動通訊網路。 As described in item 6 of the scope of the patent application, the system for identifying an identity through a telecommunication server using device identification data, wherein the identification element further includes a network judging module for judging whether the mobile device currently uses a mobile communication network. 如申請專利範圍第6項所述之以裝置識別資料透過電信伺服器識別身份之系統,其中該身份識別元件更包含一驗證模組,用以提供輸入一裝置解鎖資料並驗證該裝置解鎖資料。 The system for identifying an identity through a telecommunication server using device identification data as described in item 6 of the scope of the patent application, wherein the identification element further comprises a verification module for inputting a device unlocking data and verifying the device unlocking data. 如申請專利範圍第6項所述之以裝置識別資料透過電信伺服器識別身份之系統,其中該資料取得模組更用以於取得該裝置識別資料外之其他裝置識別資料時,提示於該使用者資料中輸入與該裝置識別資料對應之門號。 According to the system for identifying identity through a telecommunication server using device identification data as described in item 6 of the scope of the patent application, the data acquisition module is further used to prompt the user when obtaining other device identification data other than the device identification data. Enter the door number corresponding to the device identification data in the user data. 如申請專利範圍第6項所述之以裝置識別資料透過電信伺服器識別身份之系統,其中該資料取得模組是讀取使用者所輸入之該使用者資料以取得該使用者資料。 As described in item 6 of the scope of the patent application, the system for identifying identity through a telecommunication server using device identification data, wherein the data obtaining module reads the user data input by the user to obtain the user data.
TW108113619A 2019-04-18 2019-04-18 System for using device identification to identify via telecommunication server and method thereof TWI754811B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW108113619A TWI754811B (en) 2019-04-18 2019-04-18 System for using device identification to identify via telecommunication server and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108113619A TWI754811B (en) 2019-04-18 2019-04-18 System for using device identification to identify via telecommunication server and method thereof

Publications (2)

Publication Number Publication Date
TW202040385A TW202040385A (en) 2020-11-01
TWI754811B true TWI754811B (en) 2022-02-11

Family

ID=74201157

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108113619A TWI754811B (en) 2019-04-18 2019-04-18 System for using device identification to identify via telecommunication server and method thereof

Country Status (1)

Country Link
TW (1) TWI754811B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI799764B (en) * 2020-12-11 2023-04-21 中華電信股份有限公司 Identity recognition device, system and method by using nfc
EP4040319B1 (en) * 2021-02-09 2022-12-14 Axis AB Devices and methods for safe storage of media containing personal data and erasure of stored personal data
TWI801841B (en) * 2021-04-14 2023-05-11 臺灣網路認證股份有限公司 System for using queried telecom server to verify identity and method thereof
TWI831646B (en) * 2023-03-15 2024-02-01 臺灣網路認證股份有限公司 Certificate issuance and document signing system and method thereof

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201839650A (en) * 2017-04-28 2018-11-01 大陸商Oppo廣東移動通信有限公司 Unlocking control method AND mobile terminal
TWI640189B (en) * 2017-12-25 2018-11-01 中華電信股份有限公司 System for verifying a user's identity of telecommunication certification and method thereof
TW201901513A (en) * 2017-05-19 2019-01-01 網聯股份有限公司 Identification system and method
TW201915649A (en) * 2017-10-05 2019-04-16 香港商印芯科技股份有限公司 Electronic device and fingerprint sensing method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201839650A (en) * 2017-04-28 2018-11-01 大陸商Oppo廣東移動通信有限公司 Unlocking control method AND mobile terminal
TW201901513A (en) * 2017-05-19 2019-01-01 網聯股份有限公司 Identification system and method
TW201915649A (en) * 2017-10-05 2019-04-16 香港商印芯科技股份有限公司 Electronic device and fingerprint sensing method
TWI640189B (en) * 2017-12-25 2018-11-01 中華電信股份有限公司 System for verifying a user's identity of telecommunication certification and method thereof

Also Published As

Publication number Publication date
TW202040385A (en) 2020-11-01

Similar Documents

Publication Publication Date Title
US20230334476A1 (en) Using a contactless card to securely share personal data stored in a blockchain
TWI754811B (en) System for using device identification to identify via telecommunication server and method thereof
US10664587B1 (en) Setting an authorization level at enrollment
CA3121963A1 (en) Secure authentication based on identity data stored in a contactless card
TWM580206U (en) System for identifying identity through telecommunication server by identification data device
US11941621B2 (en) Secure authentication based on passport data stored in a contactless card
TWM592629U (en) System to obtain appended data and execute corresponding operation when identity is confirmed
CN105871840A (en) Certificate management method and system
TWI754812B (en) System for using a device identification to log in via telecommunication server and method thereof
TWI720738B (en) System for combining architectures of fido and pki to identity user and method thereof
TWM586494U (en) ID recognition system using network identification data through telecommunication server
TWM586390U (en) A system for performing identity verification according to the service instruction to execute the corresponding service
TWI780341B (en) System for using network identification to identify via telecommunication server and method thereof
TWI704796B (en) System for using network identification to sign in service server via telecommunication server and method thereof
TWM603573U (en) System generating authorization content during identity verification before transaction
TWI777105B (en) System for obtaining additional data when identifying to execute operation and method thereof
TWM588313U (en) System for confirming user identity through financial account information
TWM580207U (en) System for logging in through telecommunication server by identification data device
TWI691859B (en) System for identifying according to instruction to execute service and method thereof
TWI790495B (en) System for driving smart card by third-party device for identity verification and method thereof
TWI729535B (en) System for using financial account to confirm identity and method thereof
TWI757925B (en) System for making two applications run simultaneously by calling input program and method thereof
TWI745015B (en) System and method for providing authorized content generated during identity authentication for verifying transaction data before transaction
TWM586495U (en) System using network identification data for login through telecommunication server
TWM608117U (en) System of identity verification by third-party device driven chip card