TWI754812B - System for using a device identification to log in via telecommunication server and method thereof - Google Patents

System for using a device identification to log in via telecommunication server and method thereof Download PDF

Info

Publication number
TWI754812B
TWI754812B TW108113620A TW108113620A TWI754812B TW I754812 B TWI754812 B TW I754812B TW 108113620 A TW108113620 A TW 108113620A TW 108113620 A TW108113620 A TW 108113620A TW I754812 B TWI754812 B TW I754812B
Authority
TW
Taiwan
Prior art keywords
server
data
mobile device
identification data
device identification
Prior art date
Application number
TW108113620A
Other languages
Chinese (zh)
Other versions
TW202040392A (en
Inventor
連子清
林志能
Original Assignee
臺灣網路認證股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 臺灣網路認證股份有限公司 filed Critical 臺灣網路認證股份有限公司
Priority to TW108113620A priority Critical patent/TWI754812B/en
Publication of TW202040392A publication Critical patent/TW202040392A/en
Application granted granted Critical
Publication of TWI754812B publication Critical patent/TWI754812B/en

Links

Images

Landscapes

  • Telephonic Communication Services (AREA)

Abstract

A system for using a device identification to log in via a telecommunication server and a method thereof are provided. By using mobile communication network to transferring a device identification from a mobile to a telecommunication server, receiving a token from the telecommunication server by the mobile, transferring the token and a phone number from the mobile to the telecommunication server through a service server, generating a result based on the token and the phone number by the telecommunication server, and transferring the result from the telecommunication server to the service server, the system and the method can achieve the effect of using only mobile to log in service server.

Description

以裝置識別資料透過電信伺服器進行登入之系統及方法System and method for logging in through a telecommunication server with device identification data

一種身份識別系統及其方法,特別係指一種以裝置識別資料透過電信伺服器進行登入之系統及方法。An identification system and method thereof, particularly a system and method for logging in through a telecommunication server with device identification data.

近年來,由於通訊及網路相關產業的高度發展,人們對各種服務電子化與行動化的需求日益升高,這樣的需求也反映在金融業與政府公部門上,舉例來說,券商、銀行、保險公司、投顧公司、政府單位除了提供網路服務之外,也開始提供行動應用程式(APP),使用者可以使用手機或平板等各種的行動裝置執行行動應用程式,行動應用程式通過網際網路連線到對應的服務主機(或稱為應用主機)後,使用者可以操作行動裝置進行證券交易、轉帳、投保、申請文件等行動服務。如此,使用者可以不需要離開所在位置,即可進行所需的行動服務。In recent years, due to the high development of communication and network-related industries, people's demand for various services to be electronic and mobile has been increasing. Such demand is also reflected in the financial industry and the government sector. For example, securities companies, banks , insurance companies, investment consulting companies, and government agencies have begun to provide mobile applications (APPs) in addition to providing network services. Users can use various mobile devices such as mobile phones or tablets to execute mobile applications. After the network is connected to the corresponding service host (or called the application host), the user can operate the mobile device to perform mobile services such as securities trading, transfer, insurance, and application documents. In this way, the user can perform the desired mobile service without leaving the location.

使用者在使用網路服務或行動服務時,通常需要先登入提供網路服務或行動服務的服務主機。目前,透過網路登入服務主機的方式,除了單純的使用帳號密碼之外,某些服務主機為了避免帳號密碼被盜用,可能要求使用者使用儲存於硬體載具中的憑證登入,也就是說,使用者需要在USB隨身碟或智慧卡(晶片卡)中儲存使用者的憑證資料,並在進行行動服務時,透過連接儲存憑證資料的USB隨身碟或智慧卡來進行身份辨識。When users use network services or mobile services, they usually need to log in to a service host that provides network services or mobile services. At present, in addition to simply using the account and password, some service hosts may require users to log in using the credentials stored in the hardware carrier in order to avoid account and password theft. , the user needs to store the user's certificate data in a USB flash drive or a smart card (chip card), and perform identification by connecting the USB flash drive or smart card storing the certificate data when performing mobile services.

然而,使用硬體載具所儲存之憑證進行登入的方式,大多只能在電腦上進行,主要原因是硬體載具需要透過USB等連接插槽與電腦連接,或透過如讀卡機等外接裝置讀取,但目前的行動裝置大多沒有設置可以與硬體載具連接的連接插槽,因此,大部分的行動裝置並無法連接硬體載具,如此,導致使用者無法使用行動裝置登入服務主機,以至於無法使用行動服務,造成使用者的不便。However, most of the ways to log in using the credentials stored in the hardware carrier can only be done on the computer, mainly because the hardware carrier needs to be connected to the computer through a connection slot such as a USB, or through an external connection such as a card reader. However, most of the current mobile devices do not have a connection slot that can be connected to the hardware carrier. Therefore, most mobile devices cannot be connected to the hardware carrier. As a result, users cannot use the mobile device to log in to the service. host, so that the mobile service cannot be used, causing inconvenience to the user.

綜上所述,可知先前技術中長期以來一直存在行動裝置不易連接硬體載具,導致無法使用硬體載具所儲存之憑證完成登入作業的問題,因此有必要提出改進的技術手段,來解決此一問題。To sum up, it can be seen that in the prior art, the mobile device is not easy to connect to the hardware carrier for a long time, resulting in the inability to use the credentials stored in the hardware carrier to complete the login operation. Therefore, it is necessary to propose improved technical means to solve the problem. this question.

有鑒於先前技術存在行動裝置不易使用硬體載具所儲存之憑證進行登入作業的問題,本發明遂揭露一種以裝置識別資料透過電信伺服器進行登入之系統及方法,其中:In view of the problem in the prior art that the mobile device is not easy to use the certificate stored in the hardware carrier to perform the login operation, the present invention discloses a system and method for logging in through a telecommunication server using device identification data, wherein:

本發明所揭露之以裝置識別資料透過電信伺服器進行登入之系統,至少包含:服務伺服器;電信伺服器,與服務伺服器連接;行動裝置,用以執行身份識別元件,身份識別元件更包含:資料取得模組,用以獲取門號資料及裝置識別資料;通訊模組,用以透過行動通訊網路傳送裝置識別資料至電信伺服器,並接收電信伺服器所傳送之許可信物,及用以透過行動通訊網路經由服務伺服器傳送許可信物與門號資料至電信伺服器,使電信伺服器依據許可信物及門號資料產生登入結果,並傳送登入結果至服務伺服器。The system for logging in through a telecommunication server using device identification data disclosed in the present invention at least includes: a service server; a telecommunication server connected to the service server; a mobile device for executing an identification element, the identification element further comprising: : The data acquisition module is used to obtain the door number data and device identification data; the communication module is used to transmit the device identification data to the telecommunications server through the mobile communication network, and to receive the permission token sent by the telecommunications server, and to The license token and door number data are sent to the telecommunications server through the service server through the mobile communication network, so that the telecommunications server generates a login result according to the license token and the door number data, and sends the login result to the service server.

本發明所揭露之以裝置識別資料透過電信伺服器進行登入之方法,其步驟至少包括:行動裝置取得裝置識別資料及門號資料;行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器;電信伺服器傳送許可信物至行動裝置;行動裝置透過行動通訊網路經由服務伺服器傳送許可信物與門號資料至電信伺服器;電信伺服器依據許可信物及門號資料產生登入結果,並傳送登入結果至服務伺服器。The method for logging in through a telecommunication server with device identification data disclosed in the present invention at least includes the steps of: obtaining the device identification data and the door number data by the mobile device; transmitting the device identification data to the telecommunication server through the mobile device through the mobile communication network; The server sends the license token to the mobile device; the mobile device transmits the license token and door number data to the telecom server through the mobile communication network through the service server; the telecom server generates the login result according to the license token and the door number data, and sends the login result to service server.

本發明所揭露之系統與方法如上,與先前技術之間的差異在於本發明透過行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器並接收電信伺服器所傳回的許可信物後,經由服務伺服器傳送許可信物以及門號資料至電信伺服器,電信伺服器依據許可信物及門號資料產生登入結果並傳送登入結果給服務伺服器,藉以解決先前技術所存在的問題,並可以達成單獨使用行動裝置完成登入作業的技術功效。The system and method disclosed in the present invention are as above, and the difference between the present invention and the prior art lies in that the present invention transmits device identification data to the telecommunication server through the mobile device through the mobile communication network and receives the permission token returned by the telecommunication server, and then uses the service The server sends the license token and door number data to the telecom server, and the telecom server generates the login result according to the license token and the door number data and transmits the login result to the service server, so as to solve the problems existing in the prior art and achieve independent use The technical effect of the mobile device completing the login operation.

以下將配合圖式及實施例來詳細說明本發明之特徵與實施方式,內容足以使任何熟習相關技藝者能夠輕易地充分理解本發明解決技術問題所應用的技術手段並據以實施,藉此實現本發明可達成的功效。The features and implementations of the present invention will be described in detail below in conjunction with the drawings and examples, and the content is sufficient to enable any person skilled in the relevant art to easily and fully understand the technical means applied to solve the technical problems of the present invention and implement them accordingly, thereby achieving The effect that the present invention can achieve.

本發明可以在行動裝置與服務伺服器連接後,透過電信伺服器進行使用者登入作業,並由電信伺服器將登入結果傳送至行動裝置所連接的服務伺服器。In the present invention, after the mobile device is connected with the service server, the user login operation is performed through the telecommunication server, and the telecommunication server transmits the login result to the service server connected with the mobile device.

以下先以「第1A圖」與「第1B圖」本發明所提之以裝置識別資料透過電信伺服器進行登入之系統架構圖來說明本發明的系統運作。如「第1A圖」所示,本發明之系統含有應用主機111、身份識別主機112、身份驗證伺服器113、行動裝置120、以及電信伺服器130。其中,應用主機111、身份識別主機112、身份驗證伺服器113、行動裝置120、電信伺服器130都是計算設備。The system operation of the present invention will be described below with reference to "Fig. 1A" and "Fig. 1B". As shown in FIG. 1A , the system of the present invention includes an application host 111 , an identification host 112 , an authentication server 113 , a mobile device 120 , and a telecommunication server 130 . The application host 111 , the identification host 112 , the authentication server 113 , the mobile device 120 , and the telecommunication server 130 are all computing devices.

本發明所提之計算設備包含但不限於一個或多個處理器、一個或多個記憶體模組、以及連接不同元件(包括記憶體模組和處理器)的匯流排等元件。透過所包含之多個元件,計算設備可以載入並執行作業系統,使作業系統在計算設備上運行。The computing device mentioned in the present invention includes, but is not limited to, one or more processors, one or more memory modules, and elements such as bus bars connecting different elements (including memory modules and processors). Through the included components, a computing device can load and execute an operating system, causing the operating system to run on the computing device.

本發明所提之計算設備的匯流排可以包含一種或多個類型,例如包含資料匯流排(data bus)、位址匯流排(address bus)、控制匯流排(control bus)、擴充功能匯流排(expansion bus)、及/或局域匯流排(local bus)等類型的匯流排。計算設備的匯流排包括但不限於並列的工業標準架構(ISA)匯流排、周邊元件互連(PCI)匯流排、視頻電子標準協會(VESA)局域匯流排、以及串列的通用序列匯流排(USB)、快速周邊元件互連(PCI-E)匯流排等。The bus of the computing device mentioned in the present invention may include one or more types, such as a data bus, an address bus, a control bus, an extended function bus ( expansion bus), and/or local bus type bus. Buses for computing devices include, but are not limited to, Side-by-Side Industry Standard Architecture (ISA) buses, Peripheral Component Interconnect (PCI) buses, Video Electronics Standards Association (VESA) Local Buses, and Serial Generic Serial Buses (USB), Peripheral Component Interconnect Express (PCI-E) bus, etc.

本發明所提之計算設備的處理器與匯流排耦接。處理器包含暫存器(Register)組或暫存器空間,暫存器組或暫存器空間可以完全的被設置在處理晶片上,或全部或部分被設置在處理晶片外並經由專用電氣連接及/或經由匯流排耦接至處理器。處理器可為處理單元、微處理器或任何合適的處理元件。若計算設備為多處理器設備,也就是計算設備包含多個處理器,則計算設備所包含的處理器都相同或類似,且透過匯流排耦接與通訊。處理器可以解釋一連串的多個指令使得計算設備執行特定的運算或操作,例如,數學運算、資料比對等,藉以運行作業系統或執行作業系統中的各種程式、模組、及/或元件。The processor of the computing device of the present invention is coupled to the bus. The processor contains a register bank or register space, which may be located entirely on the processing die, or wholly or partially located off the processing die and via dedicated electrical connections and/or coupled to the processor via a bus. A processor may be a processing unit, microprocessor or any suitable processing element. If the computing device is a multi-processor device, that is, the computing device includes multiple processors, the processors included in the computing device are all the same or similar, and are coupled and communicated through a bus. The processor can interpret a series of multiple instructions to cause the computing device to perform specific operations or operations, such as mathematical operations, data comparisons, etc., to run the operating system or execute various programs, modules, and/or components in the operating system.

計算設備的處理器可以與晶片組耦接或透過匯流排與晶片組電性連接。晶片組是由一個或多個積體電路(IC)組成,包含記憶體控制器以及周邊輸出入(I/O)控制器,也就是說,記憶體控制器以及周邊輸出入控制器可以包含在一個積體電路內,也可以使用兩個或更多的積體電路實現。晶片組通常提供了輸出入和記憶體管理功能、以及提供多個通用及/或專用暫存器、計時器等,其中,上述之通用及/或專用暫存器與計時器可以讓耦接或電性連接至晶片組的一個或多個處理器存取或使用。The processor of the computing device may be coupled to the chip set or electrically connected to the chip set through a bus bar. Chipsets are composed of one or more integrated circuits (ICs), including memory controllers and peripheral I/O controllers, that is, memory controllers and peripheral I/O controllers can be included in Within one integrated circuit, it can also be implemented using two or more integrated circuits. Chip sets usually provide I/O and memory management functions, and provide a plurality of general-purpose and/or special-purpose registers, timers, etc., wherein the above-mentioned general-purpose and/or special-purpose registers and timers can be coupled or One or more processors electrically connected to the chipset are accessed or used.

計算設備的處理器也可以透過記憶體控制器存取安裝於計算設備上的記憶體模組和大容量儲存區中的資料。上述之記憶體模組包含任何類型的揮發性記憶體(volatile memory)及/或非揮發性(non-volatile memory, NVRAM)記憶體,例如靜態隨機存取記憶體(SRAM)、動態隨機存取記憶體(DRAM)、快閃記憶體(Flash)、唯讀記憶體(ROM)等。上述之大容量儲存區可以包含任何類型的儲存裝置或儲存媒體,例如,硬碟機、光碟片、隨身碟(快閃記憶體)、記憶卡(memory card)、固態硬碟(Solid State Disk, SSD)、或任何其他儲存裝置等。也就是說,記憶體控制器可以存取靜態隨機存取記憶體、動態隨機存取記憶體、快閃記憶體、硬碟機、固態硬碟中的資料。The processor of the computing device can also access data in the memory modules and mass storage areas installed on the computing device through the memory controller. The above memory modules include any type of volatile memory (volatile memory) and/or non-volatile memory (NVRAM), such as static random access memory (SRAM), dynamic random access memory Memory (DRAM), Flash Memory (Flash), Read-Only Memory (ROM), etc. The above-mentioned large-capacity storage area can include any type of storage device or storage medium, such as a hard disk drive, an optical disc, a pen drive (flash memory), a memory card (memory card), a solid state hard disk (Solid State Disk, SSD), or any other storage device, etc. That is, the memory controller can access data in static random access memory, dynamic random access memory, flash memory, hard disk drive, and solid state hard disk.

計算設備的處理器也可以透過周邊輸出入控制器經由周邊輸出入匯流排與周邊輸出裝置、周邊輸入裝置、通訊介面、以及GPS接收器等周邊裝置或介面通訊連接。周邊輸入裝置可以是任何類型的輸入裝置,例如鍵盤、滑鼠、軌跡球、觸控板、搖桿等,周邊輸出裝置可以是任何類型的輸出裝置,例如顯示器、印表機等,周邊輸入裝置與周邊輸出裝置也可以是同一裝置,例如觸控螢幕等。通訊介面可以包含無線通訊介面及/或有線通訊介面,無線通訊介面可以包含支援Wi-Fi、Zigbee等無線區域網路、藍牙、紅外線、近場通訊(NFC)、3G/4G/5G等行動通訊網路或其他無線資料傳輸協定的介面,有線通訊介面可為乙太網路設備、非同步傳輸模式(ATM)設備、DSL數據機、纜線(Cable)數據機等。處理器可以週期性地輪詢(polling)各種周邊裝置與介面,使得計算設備能夠進行資料的輸入與輸出,也能夠與具有上述描述之元件的另一個計算設備進行通訊。The processor of the computing device may also communicate with peripheral devices or interfaces such as peripheral output devices, peripheral input devices, communication interfaces, and GPS receivers through peripheral I/O controllers via peripheral I/O buses. The peripheral input device can be any type of input device, such as keyboard, mouse, trackball, touchpad, joystick, etc. The peripheral output device can be any type of output device, such as a monitor, printer, etc., the peripheral input device The peripheral output device can also be the same device, such as a touch screen. The communication interface may include a wireless communication interface and/or a wired communication interface, and the wireless communication interface may include a wireless local area network such as Wi-Fi, Zigbee, Bluetooth, infrared, near field communication (NFC), 3G/4G/5G and other mobile communication networks The interface of the wireless data transmission protocol or other wireless data transmission protocol, the wired communication interface can be an Ethernet network device, an asynchronous transfer mode (ATM) device, a DSL modem, a cable modem, etc. The processor may periodically poll various peripheral devices and interfaces, enabling the computing device to input and output data and to communicate with another computing device having the elements described above.

行動裝置120可以透過有線或無線網路與應用主機111連接,並可以透過行動通訊網路與電信伺服器130連接。行動裝置120可以接收應用主機111及/或電信伺服器130所傳送的資料或訊號,並可以傳送資料或訊號給應用主機111及/或電信伺服器130。The mobile device 120 can be connected to the application host 111 through a wired or wireless network, and can be connected to the telecommunication server 130 through a mobile communication network. The mobile device 120 can receive data or signals transmitted by the application host 111 and/or the telecommunication server 130 , and can transmit the data or signals to the application host 111 and/or the telecommunication server 130 .

行動裝置120負責使用應用主機111所提供的應用服務,並負責在應用服務要求使用者登入時,透過電信伺服器130確認行動裝置120已預先完成註冊,並完成登入作業。其中,本發明所提之應用服務通常為需要行動裝置120之使用者先註冊並登入的服務,例如:網路下單、網路銀行、線上投保、報稅繳費等,但本發明並不以此為限。The mobile device 120 is responsible for using the application service provided by the application host 111 , and is responsible for confirming that the mobile device 120 has completed the registration in advance through the telecommunication server 130 when the application service requires the user to log in, and completes the login operation. Among them, the application service mentioned in the present invention is usually a service that requires the user of the mobile device 120 to register and log in first, such as: online ordering, online banking, online insurance, tax declaration and payment, etc., but the present invention does not use this limited.

行動裝置120更可以如「第2圖」所示,包含資料取得模組220、通訊模組280,以及可附加的資料輸入模組240、驗證模組250、網路判斷模組260。在部分的實施例中,行動裝置120可以執行身份識別元件200以產生本發明所提之各模組。其中,身份識別元件200可以是單一的應用程式,也可以包含在應用程式中,成為組成應用程式的多個元件之一。As shown in FIG. 2 , the mobile device 120 may further include a data acquisition module 220 , a communication module 280 , and an additional data input module 240 , a verification module 250 , and a network judgment module 260 . In some embodiments, the mobile device 120 can execute the identification element 200 to generate the modules mentioned in the present invention. Wherein, the identification element 200 may be a single application program, or may be included in the application program and become one of multiple elements composing the application program.

資料取得模組220負責取得裝置識別資料。更詳細的,資料取得模組220可以偵測行動裝置120的裝置識別資料。資料取得模組220所偵測的裝置識別資料通常為安裝於行動裝置120上之用戶身份模組(Subscriber Identity Module,簡稱SIM,在本發明中將以「SIM卡」表示)或內嵌式用戶身份模組(Embedded-SIM,在本發明中將以「eSIM卡」表示)中所記錄的資料,例如卡號等,但本發明並不以此為限,資料取得模組220也可以偵測行動裝置120的序號或是安裝於行動裝置120中之處理晶片等特定硬體的序號等資料作為裝置識別資料。The data obtaining module 220 is responsible for obtaining device identification data. More specifically, the data acquisition module 220 can detect the device identification data of the mobile device 120 . The device identification data detected by the data acquisition module 220 is usually a Subscriber Identity Module (SIM for short, referred to as “SIM card” in the present invention) installed on the mobile device 120 or an embedded subscriber The data recorded in the identity module (Embedded-SIM, referred to as "eSIM card" in the present invention), such as the card number, etc., but the present invention is not limited to this, the data acquisition module 220 can also detect actions The serial number of the device 120 or the serial number of a specific hardware such as a processing chip installed in the mobile device 120 is used as the device identification data.

資料取得模組220也負責取得門號資料。例如,資料取得模組220可以由行動裝置120的記憶單元中讀出門號資料,也可以透過通訊模組280接收服務主機111或服務伺服器110所傳送的門號資料。The data obtaining module 220 is also responsible for obtaining the door number data. For example, the data acquisition module 220 can read the door number data from the memory unit of the mobile device 120 , and can also receive the door number data sent by the service host 111 or the service server 110 through the communication module 280 .

在部分的實施例中,若行動裝置120上安裝兩張SIM卡,或安裝一張SIM卡與一張eSIM卡,則資料取得模組220可以偵測到兩個裝置識別資料,如此,資料取得模組220可以提示使用者確認門號資料與當前設定行動裝置120連接行動通訊網路所使用之SIM卡對應的門號一致,並在使用者確認後取得門號資料,否則等待使用者修改門號資料。例如,當行動裝置120上安裝一張SIM卡與一張eSIM卡,且行動裝置120使用SIM卡連接行動通訊網路時,資料取得模組220可以透過行動裝置120的輸出單元提示使用者確認門號資料是否與SIM卡對應的門號一致。In some embodiments, if two SIM cards are installed on the mobile device 120, or one SIM card and one eSIM card are installed, the data acquisition module 220 can detect two device identification data. The module 220 can prompt the user to confirm that the door number information is consistent with the door number corresponding to the SIM card used by the mobile device 120 to connect to the mobile communication network, and obtain the door number information after the user confirms, otherwise wait for the user to modify the door number material. For example, when a SIM card and an eSIM card are installed on the mobile device 120, and the mobile device 120 uses the SIM card to connect to the mobile communication network, the data acquisition module 220 can prompt the user to confirm the door number through the output unit of the mobile device 120 Whether the data is consistent with the door number corresponding to the SIM card.

資料輸入模組240可以透過行動裝置120的輸入單元提供使用者輸入門號資料。更詳細的說,資料輸入模組240可以提供輸入門號資料的使用者介面,並可以將使用者所輸入的門號資料儲存到行動裝置120的記憶單元中。The data input module 240 can provide the user with inputting door number data through the input unit of the mobile device 120 . More specifically, the data input module 240 can provide a user interface for inputting the door number data, and can store the door number data input by the user in the memory unit of the mobile device 120 .

在部分的實施例中,若資料取得模組220偵測到兩個裝置識別資料,則當資料輸入模組240在提供使用者輸入門號資料時,可以提示使用者輸入與當前設定行動裝置120連接行動通訊網路所使用之SIM卡對應的門號。例如,當行動裝置120上安裝一張SIM卡與一張eSIM卡,且行動裝置120使用SIM卡連接行動通訊網路時,資料輸入模組240可以透過行動裝置120的輸出單元提示使用者輸入與SIM卡對應的門號。In some embodiments, if the data acquisition module 220 detects two device identification data, the data input module 240 can prompt the user to input and currently set the mobile device 120 when the data input module 240 provides the user to input the door number data. The door number corresponding to the SIM card used to connect to the mobile communication network. For example, when a SIM card and an eSIM card are installed on the mobile device 120, and the mobile device 120 uses the SIM card to connect to the mobile communication network, the data input module 240 can prompt the user to input and SIM card through the output unit of the mobile device 120. The door number corresponding to the card.

驗證模組250可以透過裝置解鎖資料驗證使用者身份。其中,本發明所提之裝置解鎖資料可以是指紋、聲紋、人臉等生物資料,也可以是使用者設定的密碼或手勢,但本發明並不以上述為限。The verification module 250 can verify the user's identity through the device unlocking data. The device unlocking data mentioned in the present invention may be biometric data such as fingerprints, voiceprints, and faces, or may be passwords or gestures set by the user, but the present invention is not limited to the above.

更詳細的說,驗證模組250可以依據執行於行動裝置120中之作業系統的類型與版本選擇透過裝置解鎖資料驗證使用者身份的方式,例如:驗證模組250可以選擇要求使用者透過行動裝置120的輸入單元輸入裝置解鎖資料,並呼叫執行於行動裝置120中之作業系統確認被輸入的裝置解鎖資料是否正確以驗證使用者身份;也可以選擇呼叫執行於行動裝置120中之作業系統所提供的螢幕解鎖應用程式介面以提供使用者輸入裝置解鎖資料,並透過螢幕解鎖應用程式介面判斷被輸入的裝置解鎖資料是否正確以驗證使用者身份;或可以選擇關閉螢幕等待使用者開啟螢幕並輸入裝置解鎖資料完成螢幕解鎖以確認使用者身份等,但驗證模組250的選擇驗證使用者身份的方式並不以上述為限。More specifically, the verification module 250 can select the method of verifying the user's identity through the device unlocking data according to the type and version of the operating system running on the mobile device 120. For example, the verification module 250 can choose to require the user to use the mobile device to verify the user's identity. The input unit of 120 inputs the device unlocking data, and calls the operating system executed in the mobile device 120 to confirm whether the inputted device unlocking data is correct to verify the user identity; it can also choose to call the operating system executed in the mobile device 120 to provide The screen unlocking application interface provides the user to input the device unlocking data, and through the screen unlocking application interface to determine whether the entered device unlocking data is correct to verify the user's identity; or you can choose to close the screen and wait for the user to turn on the screen and enter the device The unlocking data completes the screen unlocking to confirm the user's identity, etc., but the method selected by the verification module 250 to verify the user's identity is not limited to the above.

網路判斷模組260可以判斷行動裝置120當前是否選擇使用行動通訊網路,並可以在判斷行動裝置120當前未選擇使用行動通訊網路時,例如當前使用WiFi等無線區域網路時,透過行動裝置120的輸出單元提示使用者將行動裝置120改為使用行動通訊網路。The network determination module 260 can determine whether the mobile device 120 currently chooses to use the mobile communication network, and can determine whether the mobile device 120 currently chooses to use the mobile communication network, such as when the mobile device 120 is currently using a wireless local area network such as WiFi, through the mobile device 120 The output unit of the prompts the user to change the mobile device 120 to use the mobile communication network.

在部分的實施例中,網路判斷模組260也可以在判斷行動裝置120當前未使用行動通訊網路時,透過行動裝置120的輸出單元提示使用者行動裝置120將改為使用行動通訊網路,及/或將行動裝置120切換為使用行動通訊網路。In some embodiments, the network determination module 260 may also prompt the user that the mobile device 120 will use the mobile communication network through the output unit of the mobile device 120 when it is determined that the mobile device 120 is not currently using the mobile communication network, and /or switch the mobile device 120 to use the mobile communication network.

通訊模組280負責驅動行動裝置120上所安裝的SIM卡,藉以透過行動通訊網路與電信伺服器130連接。一般而言,通訊模組280在驅動SIM卡後,SIM卡可以依據所記錄之伺服器識別資料,透過通訊模組280與相對應的電信伺服器130建立連線,使得行動裝置120可以連線到與SIM卡對應的電信伺服器130。The communication module 280 is responsible for driving the SIM card installed on the mobile device 120 so as to connect with the telecommunication server 130 through the mobile communication network. Generally speaking, after the communication module 280 drives the SIM card, the SIM card can establish a connection with the corresponding telecommunication server 130 through the communication module 280 according to the recorded server identification data, so that the mobile device 120 can be connected to the telecommunications server 130 corresponding to the SIM card.

通訊模組280也負責將資料取得模組220所取得之裝置識別資料傳送到電信伺服器130,及接收電信伺服器130所傳送的許可信物(token)。其中,許可信物為電信伺服器130所產生的資料,將於說明電信伺服器130時進一步說明。The communication module 280 is also responsible for transmitting the device identification data obtained by the data obtaining module 220 to the telecommunications server 130 and receiving the permission token sent by the telecommunications server 130 . The license token is the data generated by the telecommunications server 130 , which will be further described when the telecommunications server 130 is described.

通訊模組280也負責經由應用主機111與電信伺服器130傳遞資料。一般而言,通訊模組280是使用行動通訊網路與應用主機111連接,藉以透過應用主機111與電信伺服器130傳遞資料,但在部分的實施例中,通訊模組280也可以使用無線區域網路與應用主機111連接。The communication module 280 is also responsible for transmitting data through the application host 111 and the telecommunication server 130 . Generally speaking, the communication module 280 is connected to the application host 111 using a mobile communication network, so as to transmit data through the application host 111 and the telecommunication server 130, but in some embodiments, the communication module 280 can also use a wireless local area network The road is connected to the application host 111 .

更詳細的,通訊模組280可以將電信伺服器130傳回的許可信物以及資料取得模組220所取得的門號資料傳送至應用主機111,藉以透過應用主機111將許可信物以及使用者資料傳送給電信伺服器130。通訊模組280也可以經由應用主機111接收電信伺服器130所傳送的登入結果。More specifically, the communication module 280 can transmit the license token returned by the telecommunication server 130 and the door number data acquired by the data acquisition module 220 to the application host 111 , so as to transmit the license token and user data through the application host 111 . To Telecom Server 130. The communication module 280 can also receive the login result sent by the telecommunication server 130 via the application host 111 .

在部分的實施例中,通訊模組280也可以接收服務主機111所傳送的門號資料,並可以將所接收到的門號資料儲存於行動裝置120的記憶單元中。In some embodiments, the communication module 280 can also receive the door number data sent by the service host 111 , and can store the received door number data in the memory unit of the mobile device 120 .

應用主機111可以透過有線或無線網路與身份識別主機112連接,也可以提供行動裝置120透過有線或無線網路連接。其中,應用主機111可以接收所連接之行動裝置120及/或身份識別主機112所傳送的資料或訊號,並可以傳送資料或訊號給所連接之行動裝置120及/或身份識別主機112。The application host 111 can be connected to the identification host 112 through a wired or wireless network, and can also provide the mobile device 120 with a wired or wireless network connection. The application host 111 can receive data or signals sent by the connected mobile device 120 and/or the identification host 112 , and can transmit the data or signals to the connected mobile device 120 and/or the identification host 112 .

應用主機111負責提供一種或多種應用服務給行動裝置120,並可以在行動裝置請求特定的應用服務時,要求行動裝置120進行使用者登入作業。應用主機111也負責接收行動裝置120所傳送的許可信物以及門號資料,並將所接收到的許可信物以及門號資料傳送給身份識別主機112。The application host 111 is responsible for providing one or more application services to the mobile device 120, and can request the mobile device 120 to perform a user login operation when the mobile device requests a specific application service. The application host 111 is also responsible for receiving the license token and the door number data sent by the mobile device 120 , and transmitting the received license token and the door number data to the identification host 112 .

應用主機111也負責接收身份識別主機112所傳送的登入結果,並依據所接收到的登入結果選擇是否執行行動裝置120所請求的應用服務,也就是說,應用主機111可以在登入結果表示登入失敗時,拒絕執行行動裝置120所請求的應用服務,並可以在登入結果表示登入成功時,執行行動裝置120所請求的應用服務。在部分的實施例中,應用主機111可以在登入結果表示登入成功後,判斷行動裝置是否已登入,若是則直接執行行動裝置120所請求的應用服務,若否,則可以先依據行動裝置120所傳送的門號資料載入行動裝置120之使用者的全部或部分使用者資料,並登入行動裝置120後,再執行行動裝置120所請求的服務。The application host 111 is also responsible for receiving the login result sent by the identification host 112, and selects whether to execute the application service requested by the mobile device 120 according to the received login result. That is, the application host 111 may indicate that the login fails in the login result. , refuse to execute the application service requested by the mobile device 120, and can execute the application service requested by the mobile device 120 when the login result indicates that the login is successful. In some embodiments, the application host 111 may determine whether the mobile device has been logged in after the login result indicates that the login is successful, and if so, directly execute the application service requested by the mobile device 120 , and The transmitted door number data is loaded into all or part of the user data of the user of the mobile device 120 , and after logging into the mobile device 120 , the service requested by the mobile device 120 is executed.

身份識別主機112可以透過有線或無線網路分別與應用主機111以及身份驗證伺服器113連接,也可以接收應用主機111及/或身份驗證伺服器113所傳送的資料或訊號,並可以傳送資料或訊號給應用主機111及/或身份驗證伺服器113。The identification host 112 can be connected to the application host 111 and the authentication server 113 respectively through wired or wireless networks, and can also receive data or signals sent by the application host 111 and/or the authentication server 113, and can transmit data or The signal is sent to the application host 111 and/or the authentication server 113 .

身份識別主機112負責接收應用主機111所傳送的許可信物以及門號資料,並將所接收到的許可信物以及門號資料傳送給身份驗證伺服器113。身份識別主機112也負責接收身份驗證伺服器113所傳送的登入結果,並將所接收到的登入結果傳送給應用主機111。The identity identification host 112 is responsible for receiving the license token and the gate number data sent by the application host 111 , and transmits the received license token and the gate number data to the identity verification server 113 . The identity recognition host 112 is also responsible for receiving the login result sent by the identity verification server 113 , and transmitting the received login result to the application host 111 .

身份驗證伺服器113可以透過有線或無線網路分別與身份識別主機112以及電信伺服器130連接,也可以接收身份識別主機112及/或電信伺服器130所傳送的資料或訊號,並可以傳送資料或訊號給身份識別主機112及/或電信伺服器130。The identity verification server 113 can be connected to the identity identification host 112 and the telecommunication server 130 respectively through a wired or wireless network, and can also receive data or signals transmitted by the identity identification host 112 and/or the telecommunication server 130, and can transmit data or signal to the identification host 112 and/or the telecommunication server 130 .

身份驗證伺服器113負責接收身份識別主機112所傳送的許可信物以及門號資料,並將所接收到的許可信物以及門號資料傳送給電信伺服器130。身份驗證伺服器113也負責接收電信伺服器130所傳送的登入結果,並將所接收到的登入結果傳送給身份識別主機112。The identity verification server 113 is responsible for receiving the license token and door number data sent by the identity identification host 112 , and transmitting the received license token and door number data to the telecommunications server 130 . The identity verification server 113 is also responsible for receiving the login result sent by the telecommunication server 130 and transmitting the received login result to the identity recognition host 112 .

在部分的實施例中,應用主機111、身份識別主機112、身份驗證伺服器113可以包含在服務伺服器110中,如「第1B圖」所示。其中,服務伺服器110可以包含應用主機111、身份識別主機112、以及身份驗證伺服器113等實體的計算裝置,例如刀鋒伺服器等;服務伺服器110也可以是整合應用主機111對行動裝置120之所有功能以及身份驗證伺服器113對電信伺服器130之所有功能的伺服器。也就是說,服務伺服器110可以透過有線或無線網路與電信伺服器130連接,也可以提供行動裝置120透過有線或無線網路連接。其中,服務伺服器110可以接收所連接之行動裝置120及/或電信伺服器130所傳送的資料或訊號,並可以傳送資料或訊號給所連接之行動裝置120及/或電信伺服器130。如此,服務伺服器110可以提供行動裝置120應用服務,並可以將行動裝置120所傳送的許可信物與門號資料傳送至電信伺服器130。In some embodiments, the application host 111 , the identification host 112 , and the authentication server 113 may be included in the service server 110 , as shown in FIG. 1B . The service server 110 may include a computing device such as an application host 111 , an identification host 112 , an authentication server 113 and other entities, such as a blade server; the service server 110 may also be an integrated application host 111 to the mobile device 120 All functions of the authentication server 113 to all functions of the telecommunications server 130. That is, the service server 110 can be connected to the telecommunication server 130 through a wired or wireless network, and can also provide the mobile device 120 with a wired or wireless network connection. The service server 110 can receive data or signals transmitted by the connected mobile device 120 and/or the telecommunications server 130 , and can transmit the data or signals to the connected mobile device 120 and/or the telecommunications server 130 . In this way, the service server 110 can provide the mobile device 120 application service, and can transmit the license token and door number data transmitted by the mobile device 120 to the telecommunications server 130 .

另外,在部分的實施例中,也可以選擇整合應用主機111與身份識別主機112,使得行動裝置120將許可信物與門號資料透過整合後的計算裝置與身份驗證伺服器傳送給電信伺服器130,或可以選擇整合身份識別主機112與身份驗證伺服器113,使得行動裝置120將許可信物與門號資料透過應用主機111與整合後的計算裝置傳送給電信伺服器130,本發明不多加贅述。In addition, in some embodiments, the application host 111 and the identity identification host 112 can also be selected to be integrated, so that the mobile device 120 transmits the license token and door number data to the telecommunications server 130 through the integrated computing device and the identity verification server. , or can choose to integrate the identity recognition host 112 and the identity verification server 113 , so that the mobile device 120 transmits the license token and door number data to the telecommunications server 130 through the application host 111 and the integrated computing device, which is not repeated in the present invention.

電信伺服器130可以透過行動通訊網路提供行動裝置120連接,也可以透過有線或無線網路與身份驗證伺服器113連接。電信伺服器130可以接收行動裝置120及/或身份驗證伺服器113所傳送的資料或訊號,並可以傳送資料或訊號給行動裝置120及/或身份驗證伺服器113。The telecommunication server 130 can provide the connection of the mobile device 120 through a mobile communication network, and can also be connected to the authentication server 113 through a wired or wireless network. The telecommunication server 130 can receive data or signals transmitted by the mobile device 120 and/or the authentication server 113 , and can transmit the data or signals to the mobile device 120 and/or the authentication server 113 .

電信伺服器130負責接收行動裝置120所傳送的裝置識別資料。在部分的實施例中,電信伺服器130可以判斷裝置識別資料是否為電信伺服器130所屬之電信單位或電信機關所發出,例如,電信單位或電信機關為電信公司時,電信伺服器130可以判斷所接收到的裝置識別資料是否被所屬電信公司預先建立之資料記錄所涵蓋(如資料記錄中記載裝置識別資料或資料記錄所記載之一段範圍包含裝置識別資料等),但本發明並不以此為限。電信伺服器130也可以在判斷裝置識別資料不為所屬之電信單位或電信機關所發出時,拒絕提供行動通訊的服務給行動裝置120。The telecommunication server 130 is responsible for receiving the device identification data transmitted by the mobile device 120 . In some embodiments, the telecommunication server 130 can determine whether the device identification data is issued by a telecommunication unit or a telecommunication institution to which the telecommunication server 130 belongs. For example, when the telecommunication unit or telecommunication institution is a telecommunication company, the telecommunication server 130 can determine whether Whether the received device identification data is covered by the data record pre-established by the telecommunications company (for example, the device identification data is recorded in the data record or a range recorded in the data record includes the device identification data, etc.), but the present invention does not use this limited. The telecommunication server 130 may also refuse to provide the mobile communication service to the mobile device 120 when it is determined that the device identification data is not issued by the telecommunication unit or telecommunication agency to which it belongs.

電信伺服器130也負責產生與所接收到之裝置識別資對應的許可信物。一般而言,電信伺服器130所產生的許可信物為對特定資料進行特定編碼方式所產生的資料,通常是由一定數量的字母、數字、符號任意排列而成,且具有時間性。例如,許可信物可以是電信伺服器130對特定資料進行雜湊運算所產生的資料,其中,上述之特定資料包含但不限於門號資料、與門號資料對應之使用者的生日、電信伺服器130的伺服器識別資料及/或時間戳等項目,本發明並沒有特別的限制。當特定資料包含兩種或多種項目時,各種項目之間可以預定的順序或位置排列。The telecommunications server 130 is also responsible for generating the license token corresponding to the received device identification information. Generally speaking, the license token generated by the telecommunication server 130 is data generated by performing a specific encoding method on specific data, and is usually formed by a certain number of letters, numbers, and symbols arranged arbitrarily, and is temporal. For example, the license token may be data generated by the telecommunications server 130 performing hash operation on specific data, wherein the specific data includes but not limited to the door number data, the birthday of the user corresponding to the door number data, the telecommunications server 130 Items such as server identification data and/or time stamps are not particularly limited in the present invention. When a specific material contains two or more kinds of items, the various items may be arranged in a predetermined order or position.

電信伺服器130也負責接收身份驗證伺服器113所傳送的許可信物以及門號資料,並負責依據所接收到的許可信物及門號資料產生登入結果,並傳送登入結果至服務伺服器110或身份驗證伺服器113。The telecommunications server 130 is also responsible for receiving the license token and the door number data sent by the identity verification server 113, and is responsible for generating the login result according to the received license token and door number data, and sending the login result to the service server 110 or the identity Authentication server 113.

電信伺服器130可以依據所接收到的許可信物是否為電信伺服器130所產生、所接收到之門號資料是否包含於電信伺服器130預先建立的資料記錄中、門號資料是否與許可信物對應進行判斷,並可以在判斷後產生相對應的登入結果。例如,電信伺服器130可以使用與產生許可信物相同的項目、排列順序/位置以及編碼方式,對所接收到之使用者資料中的門號(及使用者的生日)以及電信伺服器130的伺服器識別資料等資料進行編碼,並比對編碼後的資料以及許可信物,當兩者相同時,表示許可信物為電信伺服器130所產生且門號資料與許可信物對應,反之,則表示許可信物不是電信伺服器130產生及/或門號資料不與許可信物對應,但電信伺服器130判斷許可信物是否為電信伺服器130所產生及門號資料是否與許可信物對應的方式並不以上述為限。其中,電信伺服器130在上述任一項目判斷為否時,可以產生表示登入失敗的登入結果;而當電信伺服器130在上述所有項目都判斷為是時,可以產生表示登入成功的登入結果。The telecommunications server 130 can determine whether the received license token is generated by the telecommunications server 130, whether the received door number data is included in the data record pre-established by the telecommunications server 130, and whether the door number data corresponds to the license token. Make a judgment, and can generate a corresponding login result after the judgment. For example, the telecommunication server 130 can use the same items, arrangement order/position and coding method as that used to generate the license token, and the telecommunication server 130 can use the same items, arrangement order/position and coding method to process the gate number (and the user's birthday) in the received user data and the telecommunication server 130 Code the device identification data and other data, and compare the encoded data and the license token. When the two are the same, it means that the license token is generated by the telecommunications server 130 and the door number data corresponds to the license token. Otherwise, it means the license token. It is not generated by the telecommunications server 130 and/or the door number data does not correspond to the license token, but the manner in which the telecommunications server 130 determines whether the license token is generated by the telecommunications server 130 and whether the door number data corresponds to the license token is not the same as the above. limit. The telecommunications server 130 may generate a login result indicating that the login fails when any of the above items is judged to be negative; and when the telecommunications server 130 judges all the above-mentioned items to be yes, it may generate a login result indicating that the login is successful.

接著以第一實施例來解說本發明的運作系統與方法,並請參照「第3A圖」本發明所提之以裝置識別資料透過電信伺服器進行登入之方法流程圖。在本實施例中,假設行動裝置120為手機,且服務伺服器110由應用主機111、身份識別主機112、以及身份驗證伺服器113等計算設備組成,但本發明並不以此為限。Next, the first embodiment is used to explain the operation system and method of the present invention, and please refer to "FIG. 3A" for the flowchart of the method of logging in through the telecommunication server with device identification data. In this embodiment, it is assumed that the mobile device 120 is a mobile phone, and the service server 110 is composed of computing devices such as an application host 111 , an identification host 112 , and an authentication server 113 , but the invention is not limited to this.

當使用者操作行動裝置120開啟包含身份識別元件200之應用程式後,使用者可以操作行動裝置120執行應用程式所提供的應用服務。在本實施例中,假設應用程式為銀行或證券公司所提供的服務程式,也就是說,應用程式可以提供一種或多種應用服務,且其中部分的應用服務需要使用者註冊並登入。After the user operates the mobile device 120 to open the application program including the identification element 200 , the user can operate the mobile device 120 to execute the application service provided by the application program. In this embodiment, it is assumed that the application program is a service program provided by a bank or a securities company, that is, the application program can provide one or more application services, and some of the application services require the user to register and log in.

在使用者選擇執行需要使用者登入的應用服務時,例如,網路銀行或線上證券交易平台等應用服務,應用程式可以讀取並顯示預先儲存之使用者資料中的門號資料,或可以提供使用者輸入門號資料並顯示被輸入的門號資料,並提示使用者是否選擇將被顯示的門號資料傳送到電信伺服器130進行使用者登入,在使用者選擇同意後,應用程式可以呼叫身份識別元件200。When a user chooses to execute an application service that requires the user to log in, for example, an application service such as an online bank or an online securities trading platform, the application can read and display the door number information in the pre-stored user data, or can provide The user enters the door number information and displays the entered door number information, and prompts the user whether to choose to transmit the displayed door number information to the telecommunications server 130 for user login. After the user chooses to agree, the application can call Identification element 200 .

在身份識別元件200被喚起後,身份識別元件200的資料取得模組220可以取得裝置識別資料以及門號資料(步驟330)。在本實施例中,假設裝置識別資料為行動裝置120所安裝之SIM卡的卡號,則資料取得模組220可以讀取SIM卡的卡號,並可以取得應用程式預先讀出的門號資料。其中,若資料取得模組220偵測到兩個SIM卡卡號,則可以提示使用者確認應用程式所讀出的門號資料是否為與當前設定行動裝置120用來使用行動通訊網路之SIM卡對應的門號一致。After the identification element 200 is activated, the data obtaining module 220 of the identification element 200 can obtain the device identification data and the door number data (step 330 ). In this embodiment, assuming that the device identification data is the card number of the SIM card installed in the mobile device 120, the data obtaining module 220 can read the card number of the SIM card and obtain the door number data pre-read by the application. Wherein, if the data acquisition module 220 detects two SIM card numbers, it can prompt the user to confirm whether the door number data read out by the application program corresponds to the SIM card currently set for the mobile device 120 to use the mobile communication network The door number is the same.

在身份識別元件200的資料取得模組220取得裝置識別資料以及門號資料(步驟330)後,身份識別元件200的通訊模組280可以透過行動通訊網路傳送資料取得模組220所取得之裝置識別資料到電信伺服器130(步驟360)。After the data obtaining module 220 of the identification element 200 obtains the device identification data and the door number data (step 330 ), the communication module 280 of the identification element 200 can transmit the data through the mobile communication network to obtain the device identification obtained by the module 220 data to the telecommunications server 130 (step 360).

在本實施例中,假設身份識別元件200包含驗證模組250,則在身份識別元件200的通訊模組280透過行動通訊網路傳送裝置識別資料到電信伺服器130(步驟360)前,驗證模組250可以先呼叫行動裝置120之作業系統所提供的應用程式介面(API),使得行動裝置120的作業系統要求行動裝置120的使用者輸入裝置解鎖資料並驗證使用者輸入的裝置解鎖資料(步驟340),藉以驗證使用者身份。通訊模組280可以在驗證模組250判斷裝置解鎖資料通過行動裝置120之作業系統的驗證後才傳送裝置識別資料至電信伺服器130(步驟360)。需要說明的是,身份識別元件200的資料取得模組220與驗證模組250並沒有執行先後次序的關係,但一般而言,驗證模組250通常可以在行動裝置120的資料取得模組220取得裝置識別資料以及門號資料(步驟330)後,才呼叫行動裝置120的作業系統,使得行動裝置120的作業系統判斷使用者輸入的裝置解鎖資料是否通過驗證(步驟340)。In this embodiment, assuming that the identification element 200 includes the verification module 250 , before the communication module 280 of the identification element 200 transmits the device identification data to the telecommunication server 130 through the mobile communication network (step 360 ), the verification module 250 may first call an application programming interface (API) provided by the operating system of the mobile device 120, so that the operating system of the mobile device 120 requires the user of the mobile device 120 to input the device unlocking data and verifies the device unlocking data entered by the user (step 340). ) to authenticate the user. The communication module 280 may transmit the device identification data to the telecommunications server 130 after the verification module 250 determines that the device unlocking data is verified by the operating system of the mobile device 120 (step 360 ). It should be noted that the data acquisition module 220 of the identification element 200 and the verification module 250 are not in the order of execution, but generally speaking, the verification module 250 can usually be acquired from the data acquisition module 220 of the mobile device 120 After the device identification data and the door number data (step 330 ), the operating system of the mobile device 120 is called, so that the operating system of the mobile device 120 determines whether the device unlocking data input by the user passes the verification (step 340 ).

在身份識別元件200的通訊模組280透過行動通訊網路傳送裝置識別資料到電信伺服器130(步驟360)後,電信伺服器130可以傳送許可信物至行動裝置120(步驟370)。在本實施例中,假設電信伺服器130在接收到行動裝置120所傳送的裝置識別資料後,可以判斷所接收到的裝置識別資料是否由電信伺服器130所屬的電信公司所發出,也就是判斷所接收到的裝置識別資料是否包含於電信伺服器130所屬的電信公司預先建立之資料記錄中,若是,則可以產生許可信物並將所產生的許可信物傳回行動裝置120;而若電信伺服器130判斷所接收到的裝置識別資料未包含於預先建立之資料記錄中,則可以不產生許可信物或拒絕傳回許可信物。After the communication module 280 of the identification element 200 transmits the device identification data to the telecommunication server 130 through the mobile communication network (step 360 ), the telecommunication server 130 may transmit the permission token to the mobile device 120 (step 370 ). In this embodiment, it is assumed that after receiving the device identification data transmitted by the mobile device 120, the telecommunication server 130 can determine whether the received device identification data is issued by the telecommunication company to which the telecommunication server 130 belongs, that is Whether the received device identification data is included in the data record pre-established by the telecommunications company to which the telecommunications server 130 belongs, and if so, a license token can be generated and the generated license token can be sent back to the mobile device 120; 130 judging that the received device identification data is not included in the pre-established data record, the permission token may not be generated or the permission token may be refused to be returned.

在身份識別元件200的通訊模組280透過行動通訊網路接收到電信伺服器130所產生的許可信物後,通訊模組280可以經由服務伺服器110將接收自電信伺服器130的許可信物以及資料取得模組220所取得的門號資料傳送到電信伺服器130(步驟380)。在本實施例中,也就是通訊模組280將許可信物以及門號資料傳送給與行動裝置120進行使用者註冊作業的應用主機111,並由身份識別主機112透過身份驗證伺服器113將應用主機111所接收到的許可信物以及門號資料轉送給電信伺服器130。After the communication module 280 of the identification element 200 receives the license token generated by the telecommunications server 130 through the mobile communication network, the communication module 280 can obtain the license token and data received from the telecommunications server 130 through the service server 110 The door number data obtained by the module 220 is sent to the telecommunications server 130 (step 380). In this embodiment, that is, the communication module 280 transmits the license token and the door number data to the application host 111 that performs the user registration operation with the mobile device 120 , and the identity recognition host 112 sends the application host through the identity verification server 113 to the application host 111 . The license token and door number data received by 111 are forwarded to the telecommunication server 130 .

在電信伺服器130接收到行動裝置120所傳送的許可信物以及門號資料後,電信伺服器130可以依據所接收到的許可信物以及門號資料產生登入結果。在本實施例中,假設電信伺服器130可以先判斷所接收到的許可信物是否為電信伺服器130所產生,若否,則電信伺服器130可以產生表示裝置確認失敗或登入失敗的登入結果;若是,電信伺服器130可以接著判斷所接收到之門號資料中的門號是否包含於預先建立之資料記錄中,若否,則電信伺服器130可以產生表示裝置確認失敗或登入失敗的登入結果;若是,電信伺服器130可以繼續判斷門號資料是否與許可信物對應,若否,則電信伺服器130可以產生表示裝置確認失敗或登入失敗的登入結果;若是,電信伺服器130可以產生表示裝置確認成功或登入成功的登入結果。After the telecommunication server 130 receives the permission token and the door number data sent by the mobile device 120 , the telecommunication server 130 can generate a login result according to the received permission token and the door number data. In this embodiment, it is assumed that the telecommunications server 130 can first determine whether the received license token is generated by the telecommunications server 130, and if not, the telecommunications server 130 can generate a login result indicating that the device confirmation fails or the login fails; If so, the telecommunications server 130 can then determine whether the door number in the received door number data is included in the pre-established data record, and if not, the telecommunications server 130 can generate a login result indicating a device verification failure or a login failure If yes, the telecommunication server 130 can continue to determine whether the door number data corresponds to the license token, if not, the telecommunication server 130 can generate a login result indicating that the device has failed to confirm or log in; Confirm the login result of successful or successful login.

在電信伺服器130依據所接收到的許可信物以及門號資料產生登入結果後,可以將所產生的登入結果傳送給服務伺服器110(步驟390),服務伺服器110也可以將所接收到的登入結果傳送給執行於行動裝置120中的應用程式。在本實施例中,電信伺服器130可以將登入結果傳送給身份驗證伺服器113,並由身份識別主機112將身份驗證伺服器113所接收到的登入結果轉送給應用主機111,使得應用主機111可以依據登入結果判斷行動裝置120是否成功登入,並可以在行動裝置120成功登入時,依據行動裝置120所傳送的門號資料讀取行動裝置120之使用者的使用者資料,藉以依據所讀出的使用者資料完成使用者登入作業。如此,透過本發明,服務伺服器110便可以透過電信伺服器130取得行動裝置120的登入結果,並可以將行動裝置120登入服務伺服器110。After the telecommunications server 130 generates a login result according to the received license token and door number data, it can transmit the generated login result to the service server 110 (step 390 ), and the service server 110 can also send the received The login result is sent to the application running in the mobile device 120 . In this embodiment, the telecommunications server 130 can transmit the login result to the authentication server 113 , and the identity recognition host 112 transmits the login result received by the authentication server 113 to the application host 111 , so that the application host 111 Whether the mobile device 120 is successfully logged in can be determined according to the login result, and when the mobile device 120 is successfully logged in, the user data of the user of the mobile device 120 can be read according to the door number data sent by the mobile device 120, so as to read out the user data of the mobile device 120. user data to complete the user login operation. In this way, through the present invention, the service server 110 can obtain the login result of the mobile device 120 through the telecommunication server 130 , and can log the mobile device 120 into the service server 110 .

繼續以第二個實施例來解說本發明的運作系統與方法,同樣請參照「第3A圖」。在本實施例中,假設行動裝置120與服務伺服器110都與第一實施例相同。Continue to use the second embodiment to explain the operation system and method of the present invention, please also refer to "FIG. 3A". In this embodiment, it is assumed that the mobile device 120 and the service server 110 are the same as the first embodiment.

與第一實施例不同的是,在本實施例中,假設行動裝置120已經登入應用主機111,但若行動裝置120之使用者操作應用程式執行特定的服務,例如,在網路銀行中執行轉帳交易或在線上證券交易平台中進行下單等服務,則應用主機111可能再次要求使用者登入以確認使用者,此時,應用主機111可以先讀取使用者資料中的門號資料,並傳送所讀出的門號資料給執行於行動裝置120上的應用程式。Different from the first embodiment, in this embodiment, it is assumed that the mobile device 120 has logged into the application host 111, but if the user of the mobile device 120 operates the application to perform a specific service, for example, to perform a transfer in an online bank For services such as trading or placing an order on the online securities trading platform, the application host 111 may require the user to log in again to confirm the user. At this time, the application host 111 can first read the door number data in the user data, and send The read door number data is given to the application program running on the mobile device 120 .

應用程式在接收到應用主機111所傳送的門號資料後,可以顯示所接收到的門號資料,並可以提示使用者確認是否選擇將被顯示的門號資料傳送到電信伺服器130進行使用者登入,在使用者選擇同意後,應用程式可以呼叫身份識別元件200。After the application program receives the door number data sent by the application host 111, it can display the received door number data, and can prompt the user to confirm whether to choose to transmit the displayed door number data to the telecommunications server 130 for the user. After logging in, after the user chooses to agree, the application can call the identification element 200 .

在身份識別元件200被喚起後,身份識別元件200的資料取得模組220可以取得裝置識別資料以及門號資料(步驟330),身份識別元件200的通訊模組280可以透過行動通訊網路傳送資料取得模組220所取得之裝置識別資料到電信伺服器130(步驟360),電信伺服器130可以傳送許可信物至行動裝置120(步驟370),之後,身份識別元件200的通訊模組280可以經由服務伺服器110將接收自電信伺服器130的許可信物以及資料取得模組220所取得的門號資料傳送到電信伺服器130(步驟380),電信伺服器130可以依據所接收到的許可信物以及門號資料產生登入結果,並可以將所產生的登入結果傳送給服務伺服器110(步驟390)。在本實施例中,由於上述步驟與第一實施例相同,故不再贅述。After the identification element 200 is activated, the data acquisition module 220 of the identification element 200 can obtain the device identification data and the door number data (step 330 ), and the communication module 280 of the identification element 200 can obtain the data by transmitting the data through the mobile communication network The device identification data obtained by the module 220 is sent to the telecommunication server 130 (step 360 ), and the telecommunication server 130 can transmit the license token to the mobile device 120 (step 370 ). The server 110 transmits the license token received from the telecommunications server 130 and the door number data obtained by the data acquisition module 220 to the telecommunications server 130 (step 380 ). The login result is generated based on the number data, and the generated login result can be transmitted to the service server 110 (step 390 ). In this embodiment, since the above steps are the same as those in the first embodiment, they will not be repeated.

在服務伺服器110接收到電信伺服器所產生的登入結果後,可以依據所接收到的登入結果判斷行動裝置120是否成功登入,並可以在登入結果表示行動裝置120成功登入時,執行行動裝置120所請求執行的特定服務。在本實施例中,也就是由服務伺服器110所包含的應用主機111判斷行動裝置120成功登入後,執行行動裝置120所請求的轉帳交易或線上下單等服務,並將執行結果傳回行動裝置120,使得在行動裝置120上執行的應用程式可以顯示執行結果。而當應用主機111判斷所接收到的登入結果表示登入失敗時,可以拒絕執行行動裝置120所請求執行的特定服務,並傳送提示訊息到行動裝置120,使得應用程式提示行動裝置120的使用者登入失敗。After the service server 110 receives the login result generated by the telecommunications server, it can determine whether the mobile device 120 has successfully logged in according to the received login result, and can execute the mobile device 120 when the login result indicates that the mobile device 120 has successfully logged in. The specific service requested to be performed. In this embodiment, after the application host 111 included in the service server 110 determines that the mobile device 120 has successfully logged in, the mobile device 120 executes the transfer transaction or online ordering and other services requested by the mobile device 120, and returns the execution result to the action The device 120 enables the application program executed on the mobile device 120 to display the execution result. When the application host 111 determines that the received login result indicates that the login fails, it can refuse to execute the specific service requested by the mobile device 120 and send a prompt message to the mobile device 120, so that the application program prompts the user of the mobile device 120 to log in fail.

上述兩實施例中,若身份識別元件200還包含網路判斷模組260,則如「第3B圖」之流程所示,在身份識別元件200的資料取得模組220可以取得裝置識別資料以及門號資料(步驟330)前,網路判斷模組260可以先判斷行動裝置120是否使用行動通訊網路(步驟321),若網路判斷模組260判斷行動裝置120當前使用行動通訊網路,則資料取得模組220可以取得裝置識別資料以及門號資料(步驟330);而若網路判斷模組260判斷行動裝置120當前並非選擇使用行動通訊網路,例如判斷當前使用WiFi等無線區域網路,則網路判斷模組260可以提示使用者將行動裝置120設定為使用行動通訊網路(步驟325),或可以直接關閉行動裝置120的無線區域網路功能,藉以將行動裝置120設定為使用行動通訊網路。In the above-mentioned two embodiments, if the identification element 200 further includes the network determination module 260, as shown in the flow of "FIG. 3B", the data acquisition module 220 of the identification element 200 can obtain the device identification data and the door. Before the number data (step 330), the network determination module 260 can first determine whether the mobile device 120 uses the mobile communication network (step 321). If the network determination module 260 determines that the mobile device 120 is currently using the mobile communication network, the data is obtained The module 220 can obtain the device identification data and the door number data (step 330 ); and if the network determination module 260 determines that the mobile device 120 does not currently choose to use a mobile communication network, for example, determines that a wireless local area network such as WiFi is currently used, the network The path determination module 260 can prompt the user to set the mobile device 120 to use the mobile communication network (step 325 ), or can directly disable the wireless LAN function of the mobile device 120 to set the mobile device 120 to use the mobile communication network.

另外,上述兩實施例中,若身份識別元件200包含資料輸入模組240,則包含身份識別元件200的應用程式可以在使用者選擇需要登入的應用服務後,由資料輸入模組240提供使用者輸入門號資料,使得身份識別元件200的資料取得模組220取得裝置識別資料以及門號資料(步驟330)。其中,在資料取得模組220取得裝置識別資料以及門號資料(步驟330)時,資料取得模組220可以如「第3C圖」之流程所示,先判斷是否偵測到兩個或兩個以上的裝置識別資料(步驟311),若否,則資料取得模組220可以直接取得裝置識別資料以及門號資料(步驟330);而若資料取得模組220偵測到多個裝置識別資料,則資料取得模組220可以提示使用者在門號資料中輸入與當前設定行動裝置120用來使用之行動通訊網路之SIM卡對應的門號資料(步驟315),並在使用者確認後取得裝置識別資料以及門號資料(步驟330)。In addition, in the above two embodiments, if the identification element 200 includes the data input module 240, the application program including the identification element 200 can be provided by the data input module 240 to the user after the user selects the application service to be logged in. The door number data is input, so that the data obtaining module 220 of the identification element 200 obtains the device identification data and the door number data (step 330 ). Wherein, when the data obtaining module 220 obtains the device identification data and the door number data (step 330 ), the data obtaining module 220 may first determine whether two or two are detected as shown in the flow of “FIG. 3C” The above device identification data (step 311 ), if not, the data obtaining module 220 can directly obtain the device identification data and the door number data (step 330 ); and if the data obtaining module 220 detects multiple device identification data, Then the data acquisition module 220 can prompt the user to input the door number data corresponding to the SIM card of the mobile communication network currently used for setting the mobile device 120 in the door number data (step 315 ), and obtain the device after the user confirms. Identification data and door number data (step 330).

綜上所述,可知本發明與先前技術之間的差異在於具有行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器並接收電信伺服器所傳回的許可信物後,經由服務伺服器傳送許可信物以及門號資料至電信伺服器,電信伺服器依據許可信物及門號資料產生登入結果並傳送登入結果給服務伺服器之技術手段,藉由此一技術手段可以解決先前技術所存在行動裝置不易使用硬體載具所儲存之憑證進行登入作業的問題,進而達成單獨使用行動裝置完成登入作業以登入服務伺服器的技術功效。From the above, it can be seen that the difference between the present invention and the prior art is that the mobile device transmits the device identification data to the telecommunication server through the mobile communication network and receives the license token returned by the telecommunication server, and then transmits the license through the service server. The token and door number data are sent to the telecommunications server, and the telecommunications server generates the login result according to the permission token and the door number data and transmits the login result to the service server. The technical means can solve the problem of mobile devices existing in the prior art. The problem of using the certificate stored in the hardware carrier to perform the login operation, and then achieve the technical effect of using the mobile device alone to complete the login operation to log in to the service server.

再者,本發明之以裝置識別資料透過電信伺服器進行登入之方法,可實現於硬體、軟體或硬體與軟體之組合中,亦可在電腦系統中以集中方式實現或以不同元件散佈於若干互連之電腦系統的分散方式實現。Furthermore, the method for logging in through a telecommunication server using device identification data of the present invention can be implemented in hardware, software, or a combination of hardware and software, and can also be implemented in a centralized manner in a computer system or distributed with different components. Implemented in a decentralized manner across several interconnected computer systems.

雖然本發明所揭露之實施方式如上,惟所述之內容並非用以直接限定本發明之專利保護範圍。任何本發明所屬技術領域中具有通常知識者,在不脫離本發明所揭露之精神和範圍的前提下,對本發明之實施的形式上及細節上作些許之更動潤飾,均屬於本發明之專利保護範圍。本發明之專利保護範圍,仍須以所附之申請專利範圍所界定者為準。Although the embodiments disclosed in the present invention are as above, the above-mentioned contents are not intended to directly limit the scope of the patent protection of the present invention. Any person with ordinary knowledge in the technical field to which the present invention pertains, without departing from the spirit and scope disclosed by the present invention, makes slight modifications to the form and details of the implementation of the present invention, all belong to the patent protection of the present invention Scope. The scope of patent protection of the present invention shall still be defined by the appended patent application scope.

110:服務伺服器111:應用主機112:身份識別主機113:身份驗證伺服器120:行動裝置130:電信伺服器200:身份識別元件220:資料取得模組240:資料輸入模組250:驗證模組260:網路判斷模組280:通訊模組步驟311:行動裝置判斷是否取得多個裝置識別資料步驟315:行動裝置提示輸入與行動通訊網路對應之裝置識別資料對應之門號資料步驟321:行動裝置判斷是否使用行動通訊網路步驟325:行動裝置提示改用行動通訊網路步驟330:行動裝置取得裝置識別資料及門號資料步驟340:行動裝置判斷裝置解鎖資料是否通過驗證步驟360:行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器步驟370:電信伺服器傳送許可信物至行動裝置步驟380:行動裝置經由服務伺服器傳送許可信物與門號資料至電信伺服器步驟390:電信伺服器依據許可信物及門號資料產生登入結果,並傳送登入結果至服務伺服器110: Service server 111: Application host 112: Identification host 113: Authentication server 120: Mobile device 130: Telecom server 200: Identification element 220: Data acquisition module 240: Data input module 250: Verification module Group 260: Network determination module 280: Communication module Step 311: The mobile device determines whether to obtain multiple device identification data Step 315: The mobile device prompts to input the door number data corresponding to the device identification data corresponding to the mobile communication network Step 321: The mobile device determines whether to use the mobile communication network. Step 325: The mobile device prompts to switch to the mobile communication network. Step 330: The mobile device obtains the device identification data and the door number data. Step 340: The mobile device determines whether the device unlocking data has passed the verification. The mobile communication network sends the device identification data to the telecommunications server Step 370 : The telecommunications server sends the permission token to the mobile device Step 380 : The mobile device sends the permission token and door number data to the telecommunications server through the service server Step 390 : The telecommunications server is based on The permission token and door number data generate the login result, and send the login result to the service server

第1A圖為本發明所提之以裝置識別資料透過電信伺服器進行登入之系統架構圖。 第1B圖為本發明所提之另一種以裝置識別資料透過電信伺服器進行登入之系統架構圖。 第2圖為本發明所提之行動裝置之元件示意圖。 第3A圖為本發明所提之以裝置識別資料透過電信伺服器進行登入之方法流程圖。 第3B圖為本發明所提之提示切換網路之方法流程圖。 第3C圖為本發明所提之提示輸入用以使用行動通訊網路之門號之方法流程圖。FIG. 1A is a system architecture diagram of logging in through a telecommunication server with device identification data according to the present invention. FIG. 1B is another system architecture diagram of logging in through a telecommunication server with device identification data according to the present invention. FIG. 2 is a schematic diagram of the components of the mobile device according to the present invention. FIG. 3A is a flowchart of a method for logging in through a telecommunication server with device identification data according to the present invention. FIG. 3B is a flow chart of the method for prompting network switching proposed by the present invention. FIG. 3C is a flow chart of the method for prompting input of a door number for using a mobile communication network according to the present invention.

步驟330:行動裝置取得裝置識別資料及門號資料 Step 330: The mobile device obtains the device identification data and the door number data

步驟340:行動裝置判斷裝置解鎖資料是否通過驗證 Step 340: The mobile device determines whether the device unlocking data has passed the verification

步驟360:行動裝置透過行動通訊網路傳送裝置識別資料至電信伺服器 Step 360: The mobile device transmits the device identification data to the telecommunication server through the mobile communication network

步驟370:電信伺服器傳送許可信物至行動裝置 Step 370: The telecommunications server sends the license token to the mobile device

步驟380:行動裝置經由服務伺服器傳送許可信物與門號資料至電信伺服器 Step 380: The mobile device sends the license token and door number data to the telecommunications server via the service server

步驟390:電信伺服器依據許可信物及門號資料產生登入結果,並傳送登入結果至服務伺服器 Step 390: The telecommunications server generates a login result according to the license token and door number data, and sends the login result to the service server

Claims (10)

一種以裝置識別資料透過電信伺服器進行登入之方法,該方法至少包含下列步驟:一行動裝置由該行動裝置中取得一裝置識別資料及讀取被該行動裝置儲存之一門號資料;該行動裝置透過行動通訊網路傳送該裝置識別資料至一電信伺服器;該電信伺服器傳送一許可信物至該行動裝置;該行動裝置透過行動通訊網路經由該服務伺服器傳送該許可信物與該門號資料至該電信伺服器;及該電信伺服器依據該許可信物及該門號資料進行判斷以產生一登入結果,並傳送該登入結果至該服務伺服器,其中,上述判斷包含判斷該許可信物是否為該電信伺服器產生及該門號資料是否與該許可信物對應。 A method for logging in through a telecommunication server with device identification data, the method at least comprises the following steps: a mobile device obtains a device identification data from the mobile device and reads a door number data stored by the mobile device; the mobile device Send the device identification data to a telecommunication server through the mobile communication network; the telecommunication server sends a license token to the mobile device; the mobile device transmits the license token and the door number data to the mobile device through the service server through the mobile communication network the telecommunications server; and the telecommunications server determines according to the license token and the door number data to generate a login result, and transmits the login result to the service server, wherein the above judgment includes determining whether the license token is the Generated by the telecommunications server and whether the gate number data corresponds to the license token. 如申請專利範圍第1項所述之以裝置識別資料透過電信伺服器進行登入之方法,其中該方法於該行動裝置透過行動通訊網路傳送該裝置識別資料至該電信伺服器之步驟前,更包含該行動裝置判斷該行動裝置當前未使用行動通訊網路時,提示改用行動通訊網路之步驟。 The method for logging in through a telecommunication server using device identification data as described in item 1 of the scope of the patent application, wherein before the step of the mobile device transmitting the device identification data to the telecommunication server through a mobile communication network, the method further comprises: When the mobile device determines that the mobile device is not currently using the mobile communication network, it prompts the step of using the mobile communication network instead. 如申請專利範圍第1項所述之以裝置識別資料透過電信伺服器進行登入之方法,其中該方法於該行動裝置透過行動通訊網路傳送該裝置識別資料至該電信伺服器之步驟前,更包含該行動裝置透過裝置解鎖資料驗證使用者身份之步驟。 The method for logging in through a telecommunication server using device identification data as described in item 1 of the scope of the patent application, wherein before the step of the mobile device transmitting the device identification data to the telecommunication server through a mobile communication network, the method further comprises: The mobile device uses the device unlock data to verify the user's identity. 如申請專利範圍第1項所述之以裝置識別資料透過電信伺服器進行登入之方法,其中該方法於該行動裝置取得該裝置識別資料及該門號資料之 步驟,更包含該行動裝置判斷該行動裝置取得該裝置識別資料外之其他裝置識別資料時,提示輸入與該裝置識別資料對應之該門號資料之步驟。 The method for logging in through a telecommunication server using device identification data as described in item 1 of the scope of the patent application, wherein the method obtains the device identification data and the door number data from the mobile device The step further includes a step of prompting the mobile device to input the door number data corresponding to the device identification data when the mobile device determines that the mobile device has obtained other device identification data than the device identification data. 如申請專利範圍第1項所述之以裝置識別資料透過電信伺服器進行登入之方法,其中該方法於該電信伺服器傳送該許可信物至該行動裝置之步驟前,更包含該電信伺服器判斷該裝置識別資料為所屬電信單位或機關所發出時產生該許可信物之步驟。 The method for logging in through a telecommunication server using device identification information as described in item 1 of the scope of the patent application, wherein the method further includes the telecommunication server determining before the step of transmitting the license token to the mobile device by the telecommunication server The steps to generate the license token when the device identification data is issued by the telecommunications unit or agency to which it belongs. 一種以裝置識別資料透過電信伺服器進行登入之系統,該系統至少包含:一服務伺服器;一電信伺服器,與該服務伺服器連接;及一行動裝置,用以執行一身份識別元件,該身份識別元件包含:一資料取得模組,用以讀取被該行動裝置儲存之一門號資料,及用以由該行動裝置中取得一裝置識別資料;及一通訊模組,用以透過行動通訊網路傳送該裝置識別資料至該電信伺服器,並接收該電信伺服器所傳送之一許可信物,及用以透過行動通訊網路經由該服務伺服器傳送該許可信物與該門號資料至該電信伺服器,使該電信伺服器依據該許可信物及該門號資料進行判斷以產生一登入結果,並傳送該登入結果至該服務伺服器,其中,上述判斷包含判斷該許可信物是否為該電信伺服器產生及該門號資料是否與該許可信物對應。 A system for logging in through a telecommunication server with device identification data, the system at least comprises: a service server; a telecommunication server connected to the service server; and a mobile device for executing an identification element, the The identification element includes: a data acquisition module for reading the door number data stored by the mobile device and for obtaining a device identification data from the mobile device; and a communication module for passing through the mobile communication network Send the device identification data to the telecommunications server, and receive a license token sent by the telecommunications server, and use the mobile communication network to transmit the license token and the door number data to the telecommunications server through the service server a device to make the telecommunications server make a judgment according to the license token and the door number data to generate a login result, and send the login result to the service server, wherein the above judgment includes judging whether the license token is the telecommunications server Generate and whether the gate number data corresponds to the license token. 如申請專利範圍第6項所述之以裝置識別資料透過電信伺服器進行登入之系統,其中該身份識別元件更包含一網路判斷模組,用以判斷該行動裝置當前是否使用行動通訊網路。 The system for logging in through a telecommunication server using device identification data as described in item 6 of the scope of the application, wherein the identification element further includes a network judging module for judging whether the mobile device currently uses a mobile communication network. 如申請專利範圍第6項所述之以裝置識別資料透過電信伺服器進行登入之系統,其中該身份識別元件更包含一驗證模組,用以透過裝置解鎖資料驗證使用者身份。 The system for logging in through a telecommunication server using device identification data as described in item 6 of the scope of the patent application, wherein the identification element further includes a verification module for verifying the user's identity through the device unlocking data. 如申請專利範圍第6項所述之以裝置識別資料透過電信伺服器進行登入之系統,其中該資料取得模組更用以於取得該裝置識別資料外之其他裝置識別資料時,提示輸入與該裝置識別資料對應之該門號資料。 According to the system for logging in through a telecommunication server using device identification data as described in item 6 of the scope of the patent application, the data acquisition module is further used to prompt for input of the device identification data other than the device identification data when obtaining other device identification data. The door number data corresponding to the device identification data. 如申請專利範圍第6項所述之以裝置識別資料透過電信伺服器進行登入之系統,其中該電信伺服器更用以於判斷該裝置識別資料為所屬電信單位或機關所發出時,產生該許可信物。 The system for logging in through a telecommunication server using device identification data as described in item 6 of the scope of the patent application, wherein the telecommunication server is further used to generate the license when judging that the device identification data is issued by the telecommunication unit or agency to which it belongs keepsake.
TW108113620A 2019-04-18 2019-04-18 System for using a device identification to log in via telecommunication server and method thereof TWI754812B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW108113620A TWI754812B (en) 2019-04-18 2019-04-18 System for using a device identification to log in via telecommunication server and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108113620A TWI754812B (en) 2019-04-18 2019-04-18 System for using a device identification to log in via telecommunication server and method thereof

Publications (2)

Publication Number Publication Date
TW202040392A TW202040392A (en) 2020-11-01
TWI754812B true TWI754812B (en) 2022-02-11

Family

ID=74201160

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108113620A TWI754812B (en) 2019-04-18 2019-04-18 System for using a device identification to log in via telecommunication server and method thereof

Country Status (1)

Country Link
TW (1) TWI754812B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201839650A (en) * 2017-04-28 2018-11-01 大陸商Oppo廣東移動通信有限公司 Unlocking control method AND mobile terminal
TWI640189B (en) * 2017-12-25 2018-11-01 中華電信股份有限公司 System for verifying a user's identity of telecommunication certification and method thereof
TW201901513A (en) * 2017-05-19 2019-01-01 網聯股份有限公司 Identification system and method
TW201915649A (en) * 2017-10-05 2019-04-16 香港商印芯科技股份有限公司 Electronic device and fingerprint sensing method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW201839650A (en) * 2017-04-28 2018-11-01 大陸商Oppo廣東移動通信有限公司 Unlocking control method AND mobile terminal
TW201901513A (en) * 2017-05-19 2019-01-01 網聯股份有限公司 Identification system and method
TW201915649A (en) * 2017-10-05 2019-04-16 香港商印芯科技股份有限公司 Electronic device and fingerprint sensing method
TWI640189B (en) * 2017-12-25 2018-11-01 中華電信股份有限公司 System for verifying a user's identity of telecommunication certification and method thereof

Also Published As

Publication number Publication date
TW202040392A (en) 2020-11-01

Similar Documents

Publication Publication Date Title
TWI754811B (en) System for using device identification to identify via telecommunication server and method thereof
US11930120B2 (en) Call center web-based authentication using a contactless card
CA3121963A1 (en) Secure authentication based on identity data stored in a contactless card
TWI644276B (en) System for opening account and applying mobile banking account online and method thereof
TWM594186U (en) Device and system combining online rapid authentication and public key infrastructure to identify identity
TWM580206U (en) System for identifying identity through telecommunication server by identification data device
US11941621B2 (en) Secure authentication based on passport data stored in a contactless card
AU2020241413A1 (en) Delegated administration of permissions using a contactless card
TWM539668U (en) System for opening account online and applying for mobile banking
TWM592629U (en) System to obtain appended data and execute corresponding operation when identity is confirmed
TWI754812B (en) System for using a device identification to log in via telecommunication server and method thereof
TWI720738B (en) System for combining architectures of fido and pki to identity user and method thereof
TWM586494U (en) ID recognition system using network identification data through telecommunication server
TWI698823B (en) System for verifying user identity when processing digital signature and method thereof
TWM603573U (en) System generating authorization content during identity verification before transaction
TWM588313U (en) System for confirming user identity through financial account information
TWI704796B (en) System for using network identification to sign in service server via telecommunication server and method thereof
TWM586390U (en) A system for performing identity verification according to the service instruction to execute the corresponding service
TWI780341B (en) System for using network identification to identify via telecommunication server and method thereof
TWM580207U (en) System for logging in through telecommunication server by identification data device
TWI777105B (en) System for obtaining additional data when identifying to execute operation and method thereof
TWI729535B (en) System for using financial account to confirm identity and method thereof
TWI790495B (en) System for driving smart card by third-party device for identity verification and method thereof
TWM576681U (en) Computing device validating user identity during signing
TWI745015B (en) System and method for providing authorized content generated during identity authentication for verifying transaction data before transaction