TWM458040U - Network security and identity verification device - Google Patents
Network security and identity verification device Download PDFInfo
- Publication number
- TWM458040U TWM458040U TW101222117U TW101222117U TWM458040U TW M458040 U TWM458040 U TW M458040U TW 101222117 U TW101222117 U TW 101222117U TW 101222117 U TW101222117 U TW 101222117U TW M458040 U TWM458040 U TW M458040U
- Authority
- TW
- Taiwan
- Prior art keywords
- otp
- network security
- time password
- smart phone
- app
- Prior art date
Links
Landscapes
- Telephonic Communication Services (AREA)
Description
本創作係有關一種網路安全及身分驗證裝置,尤指一種利用智慧型手機安裝應用程式(APP)及OTP認證系統,以作為傳送及接收一次性密碼OTP,當合作網站需要身分認證及密碼安全時,可達到安全機制之網路安全及身分驗證裝置。This creation is about a network security and identity verification device, especially a smart phone installation application (APP) and OTP authentication system for transmitting and receiving one-time password OTP. When the partner website requires identity authentication and password security. At this time, the network security and identity verification device of the security mechanism can be achieved.
按;一般的網際網路的網站經營者,對於客戶的身分往往無法確實的認證,造成許多無謂的困擾,且又存在有密碼被竊的風險。因此,市場上有用一次性密碼OTP來解決前述之問題。其原理就是利用其用之即失效的特性,降低密碼被竊的風險,也可作為確認使用者身份認證的依據。According to the general Internet website operators, the identity of the customer is often unable to be authenticated, causing many unnecessary troubles, and there is a risk of password theft. Therefore, the one-time password OTP is used in the market to solve the aforementioned problems. The principle is to use the characteristics of the failure, which reduces the risk of password theft, and can also be used as the basis for confirming the user identity authentication.
而目前市場上,有關一次性密碼OTP的使用方式,有結合實體裝置的動態密碼產生器(Token),有使用電話語音系統取得的密碼的方式,也有利用手機簡訊傳送一次性密碼的方式。然而在現今智慧型手機逐漸普及的潮流下,並沒有以智慧型手機做更經濟、方便及有效的解決方案。申請人有鑑於此,乃秉持從事該項業務多年之經驗,經不斷研究、實驗,遂萌生設計一種網路安全及身分驗證裝置,祈使網路認證更經濟、方便且更為有效。In the current market, the use of the one-time password OTP has a dynamic password generator (Token) combined with a physical device, a password obtained by using a telephone voice system, and a method of transmitting a one-time password by using a mobile phone short message. However, under the current trend of the popularity of smart phones, there is no more economical, convenient and effective solution for smart phones. In view of this, the applicant has been engaged in the business for many years. After continuous research and experimentation, Yan Mengsheng designed a network security and identity verification device to make network certification more economical, convenient and more effective.
本創作之主要目的,即在提供一種網路安全及身分驗證裝置,係利用智慧型手機安裝應用程式(APP)及OTP認證系統,以作為傳送及接收一次性密碼OTP,當合作網站需要身分認證及密碼安全時,可達到安全之機制。The main purpose of this creation is to provide a network security and identity verification device that uses a smart phone to install an application (APP) and an OTP authentication system as a one-time password for transmitting and receiving OTP. When the password is secure, a secure mechanism can be achieved.
前述之網路安全及身分驗證裝置,係至少包含智慧型手機及OTP認證系統。其中,智慧型手機係安裝有應用程式(APP),使其可構成上網之功能,該OTP認證系統係至少設有一資料庫,以供產生或接收一次性密碼(OTP)。俾當合作網站需要身分認證及密碼安全時,除了輸入網站上所提供的認證網頁內容,輸入相關資料以供驗證以外,再利用智慧型手機之手機應用程式接收及傳送一次性密碼(OTP),經由OTP驗證系統的比對,於確認無誤後,便可完成認證程序,藉由此驗證裝置從而達到安全的機制。The aforementioned network security and identity verification device includes at least a smart phone and an OTP authentication system. Among them, the smart phone is equipped with an application (APP), which can constitute a function of surfing the Internet. The OTP authentication system has at least one database for generating or receiving a one-time password (OTP). When the partner website needs identity authentication and password security, in addition to inputting the content of the authentication webpage provided on the website, input the relevant information for verification, and then receive and transmit the one-time password (OTP) by using the mobile phone application of the smart phone. Through the comparison of the OTP verification system, after the confirmation is correct, the authentication procedure can be completed, thereby verifying the device to achieve a secure mechanism.
請同時參閱第一圖及第一A圖,係為本創作之架構圖及立體圖。如圖所示,本創作之架構係至少包含能夠經由通訊網路A上網的智慧型手機1及OTP認證系統2,其中之智慧型手機1係安裝有應用程式(APP)11,該OTP認證系統2係可作為產生或接收一次性密碼(OTP)。OTP驗證系統2係包含資料庫21,以供儲存一次性密碼(OTP),作為比對資料之用。Please refer to the first figure and the first A picture at the same time, which is the architectural diagram and perspective view of the creation. As shown in the figure, the architecture of the present invention includes at least a smart phone 1 and an OTP authentication system 2 capable of accessing the Internet via the communication network A, wherein the smart phone 1 is equipped with an application (APP) 11, and the OTP authentication system 2 It can be used to generate or receive a one-time password (OTP). The OTP verification system 2 includes a database 21 for storing a one-time password (OTP) for comparison data.
本創作之一次性密碼(OTP)傳送方式,係區分為主動傳送方式及被動接收方式。The one-time password (OTP) transmission method of this creation is divided into an active transmission method and a passive reception method.
請參閱第二圖,係為本創作之主動傳送OTP方式流程圖。敬請配合第一圖及第一A圖,如圖所示,其包含以下之步驟:Please refer to the second figure, which is the flow chart of the active transmission OTP method for this creation. Please cooperate with the first picture and the first picture A, as shown in the figure, which includes the following steps:
1.客戶於合作網站經營者之網站,依其網站畫面主動輸入其智慧型手機1號碼(此為應用程式[APP]之註冊帳號或會員編號[卡號],此會員號碼先儲存於網站),同時啟動智慧型手機1應用程式(APP)11。1. On the website of the partner website operator, the customer actively enters the number of his smartphone 1 according to the website screen (this is the registered account number of the application [APP] or the member number [card number], this member number is first stored on the website) and starts at the same time. Smart Phone 1 Application (APP) 11.
2、合作網站將手機號碼通知OTP驗證系統2。2. The cooperation website will notify the OTP verification system 2 of the mobile phone number.
3、OTP驗證系統2便產生一組一次性密碼(OTP),回傳給合作網站,並顯示於其網頁上。3. The OTP verification system 2 generates a set of one-time passwords (OTP), which are transmitted back to the cooperation website and displayed on the web page.
4、客戶依照網站上顯示的一次性密碼(OTP),使用智慧型手機1應用程式(APP)11傳送OTP。4. The customer transmits the OTP using the smart phone 1 application (APP) 11 according to the one-time password (OTP) displayed on the website.
5、OTP驗證系統2於接收應用程式(APP)11傳來的OTP開始比對工作,並將驗證結果回傳給合作網站。5. The OTP verification system 2 starts the comparison work on the OTP received by the application (APP) 11, and returns the verification result to the cooperation website.
6、合作網站若收到OTP驗證系統2驗證正確通知,則客戶便可繼續使用網站所提供的各項服務,若收到驗證失敗通知,則顯示錯誤訊息,並得重新再一次輸入的動作。6. If the cooperation website receives the OTP verification system 2 to verify the correct notification, the customer can continue to use the services provided by the website. If the verification failure notification is received, an error message will be displayed and the action will be re-entered.
藉由前述之步驟,當合作網站需要身分認證及密碼安全時,經由OTP驗證系統2比對確認無誤,便可完成認證的程序,從而達到安全的機制。Through the foregoing steps, when the cooperation website needs identity authentication and password security, the authentication process can be completed through the OTP verification system 2, and the authentication process can be completed, thereby achieving a secure mechanism.
請參閱第三圖,係為本創作之被動傳送OTP方式流程圖。敬請配合第一圖及第一A圖,如圖所示,其包含以下之步驟:Please refer to the third figure, which is the flow chart of the passive transmission OTP method for this creation. Please cooperate with the first picture and the first picture A, as shown in the figure, which includes the following steps:
1、客戶依其網站畫面主動輸入其智慧型手機1號碼(此為應用程式[APP]11之註冊帳號或會員編號[卡號],此會員號碼與首先儲存於網站)同時啟動智慧型手機1應用程式(APP)11。1. The customer actively enters his smart phone 1 number according to his website screen (this is the registered account or member number [card number] of the application [APP]11, this member number is first stored on the website) and the smart phone 1 application is started at the same time. Program (APP) 11.
2、合作網站將手機號碼通知OTP驗證系統2。2. The cooperation website will notify the OTP verification system 2 of the mobile phone number.
3、OTP驗證系統2便產生一組一次性密碼(OTP),傳送到消費者的智慧型手機1上的應用程式(APP)11。3. The OTP verification system 2 generates a set of one-time passwords (OTPs) that are transmitted to the application (APP) 11 on the consumer's smart phone 1.
4、客戶再於合作網站輸入一次性密碼(OTP)。4. The customer then enters the one-time password (OTP) on the cooperation website.
5、合作網站再次傳送一次性密碼(OTP)給OTP驗證系統2。5. The cooperation website transmits the one-time password (OTP) to the OTP verification system 2 again.
6、OTP驗證系統2接收到合作網站一次性密碼(OTP)開始比對工作,並將驗證結果回傳給合作網站。6. The OTP verification system 2 receives the one-time password (OTP) of the cooperation website to start the comparison work, and returns the verification result to the cooperation website.
7、合作網站若收到OTP驗證系統2驗證正確通知,則客戶便可繼續使用網站所提供的各項服務,若收到驗證失敗通知,則顯示錯誤訊息,並得重新再一次輸入的動作。7. If the cooperation website receives the OTP verification system 2 to verify the correct notification, the customer can continue to use the services provided by the website. If the verification failure notification is received, an error message will be displayed and the action will be re-entered.
藉由前述之步驟,當合作網站需要身分認證及密碼安全時,經由OTP驗證系統2比對確認無誤,便可完成認證的程序,從而達到安全的機制。Through the foregoing steps, when the cooperation website needs identity authentication and password security, the authentication process can be completed through the OTP verification system 2, and the authentication process can be completed, thereby achieving a secure mechanism.
本創作係針對智慧型手機提出一次性密碼(OTP)的使用方式,與傳統的手機簡訊接受OTP最大的差異如下:
前述實施例,僅為說明本創作之較佳實施方式,而非限制本創作之範圍,凡經由些微修飾、變更,仍不失本創作之要義所在,亦不脫本創作之精神範疇。The foregoing embodiments are merely illustrative of the preferred embodiments of the present invention, and are not intended to limit the scope of the present invention, and the details of the present invention are not deviated from the spirit of the present invention.
綜上所述,本創作利用智慧型手機之手機應用程式傳送或接收一次性密碼(OTP),經由OTP驗證系統,構成網路安全及身分驗證裝置。俾當合作網站需要身分認證及密碼安全時,經過比對確認無誤,便可完成認證程序,從而達到安全的機制。為一實用之設計,誠屬一俱新穎性之創作,爰依法提出專利之申請,祈 鈞局予以審查,早日賜准專利,至感德便。In summary, the creation uses a mobile phone application of a smart phone to transmit or receive a one-time password (OTP), and constitutes a network security and identity verification device via an OTP verification system. When the partner website needs identity authentication and password security, the authentication process can be completed after the comparison is confirmed, thus achieving a secure mechanism. For a practical design, it is a novelty creation. If you apply for a patent in accordance with the law, you will be punished by the Bureau of Public Information, and you will be granted a patent as soon as possible.
1‧‧‧智慧型手機1‧‧‧Smart mobile phone
11‧‧‧應用程式(APP)11‧‧‧Application (APP)
2‧‧‧OTP認證系統2‧‧‧OTP Certification System
21‧‧‧資料庫21‧‧‧Database
A‧‧‧通訊網路A‧‧‧Communication Network
第一圖係本創作之架構圖。The first picture is the architectural diagram of this creation.
第一A圖係本創作之立體圖。The first A picture is a perspective view of the creation.
第二圖係本創作之主動傳送OTP方式流程圖。The second picture is a flow chart of the active transmission OTP method of the present creation.
第三圖係本創作之被動傳送OTP方式流程圖。The third picture is the flow chart of the passive transmission OTP method of this creation.
1‧‧‧智慧型手機1‧‧‧Smart mobile phone
11‧‧‧應用程式(APP)11‧‧‧Application (APP)
2‧‧‧OTP認證系統2‧‧‧OTP Certification System
21‧‧‧資料庫21‧‧‧Database
Claims (3)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW101222117U TWM458040U (en) | 2012-11-15 | 2012-11-15 | Network security and identity verification device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW101222117U TWM458040U (en) | 2012-11-15 | 2012-11-15 | Network security and identity verification device |
Publications (1)
Publication Number | Publication Date |
---|---|
TWM458040U true TWM458040U (en) | 2013-07-21 |
Family
ID=49228523
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW101222117U TWM458040U (en) | 2012-11-15 | 2012-11-15 | Network security and identity verification device |
Country Status (1)
Country | Link |
---|---|
TW (1) | TWM458040U (en) |
-
2012
- 2012-11-15 TW TW101222117U patent/TWM458040U/en not_active IP Right Cessation
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5654642B1 (en) | Authentication system and program | |
US8893251B2 (en) | System and method for embedded authentication | |
CN101997824B (en) | Identity identifying method based on mobile terminal and device thereof and system | |
US8887232B2 (en) | Central biometric verification service | |
TWI632798B (en) | Server, mobile terminal, and network real-name authentication system and method | |
WO2014201636A1 (en) | Identity login method and device | |
WO2017054617A1 (en) | Wifi network authentication method, device and system | |
WO2014183526A1 (en) | Identity recognition method, device and system | |
JP2012530311A (en) | How to log into a mobile radio network | |
US20150286811A1 (en) | Method for authenticating a user | |
RU2011153714A (en) | SYSTEM AND METHOD OF ENSURING AUTHENTICATION FOR TRANSACTIONS WITHOUT THE CARD USING A MOBILE DEVICE | |
JP2009282561A (en) | User authentication system, user authentication method and program | |
JP2015201844A5 (en) | ||
JP2015099470A (en) | System, method, and server for authentication, and program | |
JPWO2020004486A5 (en) | ||
JP2009118110A (en) | Method and system for provisioning meta data of authentication system, its program and recording medium | |
KR20150003297A (en) | Method and system using a cyber id to provide secure transactions | |
US20220116390A1 (en) | Secure two-way authentication using encoded mobile image | |
JP2017535893A (en) | Payment verification method, apparatus and system | |
KR20150050280A (en) | Authentication method using fingerprint information and certification number, user terminal and financial institution server | |
KR101294805B1 (en) | 2-channel authentication method and system based on authentication application | |
KR20150025392A (en) | System for securiting mobile and method therefor | |
CN103138935A (en) | Identity authentication system based on telecom operators | |
CN104252676A (en) | System and method for using real-time communication and digital certificate to authenticate Internet bank account identity | |
KR20180039037A (en) | Cross authentication method and system between online service server and client |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
MM4K | Annulment or lapse of a utility model due to non-payment of fees |