TWM512772U - Transaction device and transaction security system with authentication using personal device - Google Patents

Transaction device and transaction security system with authentication using personal device Download PDF

Info

Publication number
TWM512772U
TWM512772U TW104207771U TW104207771U TWM512772U TW M512772 U TWM512772 U TW M512772U TW 104207771 U TW104207771 U TW 104207771U TW 104207771 U TW104207771 U TW 104207771U TW M512772 U TWM512772 U TW M512772U
Authority
TW
Taiwan
Prior art keywords
transaction
verification
code
unit
personalized
Prior art date
Application number
TW104207771U
Other languages
Chinese (zh)
Inventor
Ke-Xi Xiang
Original Assignee
Idgate Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Idgate Corp filed Critical Idgate Corp
Priority to TW104207771U priority Critical patent/TWM512772U/en
Publication of TWM512772U publication Critical patent/TWM512772U/en

Links

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Disclosure is related to a transaction device and a transaction security system with authentication using a personal device. The transaction security system includes an authentication server and a transaction device. The authentication server has an authentication processor for processing the authentication code transmitted from a personal device. The personal device is authenticated through the authentication code. A result is therefore generated. The authentication result is then transmitted to the transaction device via a communication unit. The transaction device has a processor, a display unit, a transaction code generator for generating the transaction code due to the amount of transaction, and a network unit for linking the authentication server.

Description

採用個人化裝置驗證之交易裝置與交易安全系統Transaction device and transaction security system using personalized device verification

本創作為一種交易裝置與交易安全系統,特別是一種採用個人化裝置執行身份驗證的交易裝置,以及相關交易安全系統。The creation is a transaction device and transaction security system, in particular a transaction device that performs authentication using a personalized device, and a related transaction security system.

四處林立的自動櫃員機或是提款機,一般簡稱ATM(automatic teller machine),讓使用者可以方便地提領現金,但提領現金的同時也就形成歹徒覬覦的時機,比如,一旦有歹徒在此時機搶奪提款卡,並同時要脅取得提款密碼,進而取得現金。如此暴露出現行提領現金僅以提款卡搭配幾碼的密碼的安全保密方式過於簡單,安全性顯然不足。ATMs or cash machines, often referred to as ATM (automatic teller machine), allow users to easily withdraw cash, but when they withdraw cash, they also create opportunities for gangsters, for example, if there are gangsters At this time, the ATM card is robbed, and at the same time, the withdrawal password is acquired, and cash is obtained. It is too simple and safe to use the security and confidentiality of the cash withdrawal card with a few yards of passwords.

為了加強在交易時的安全性,包括一般購物交易、自動櫃員提款等,本創作提出一種採用個人化裝置驗證之交易裝置以及相關系統,其目的之一就是在交易裝置前執行交易之前,先透過使用者隨身的裝置執行一個驗證程序,透過第三方驗證單位證明身份後才再透過交易裝置完成交易,可以提昇交易安全,即便其中有任何一種裝置遺失、被盜用,但是仍可確保財產不損失。In order to enhance the security during the transaction, including general shopping transactions, automatic teller withdrawals, etc., this creation proposes a transaction device using personalized device verification and related systems, one of the purposes of which is to execute the transaction before the transaction device. Execute a verification procedure through the user's portable device, and then verify the identity through a third-party verification unit before completing the transaction through the transaction device, which can improve transaction security, even if any of the devices are lost or stolen, but the property is not lost. .

根據採用個人化裝置驗證之交易裝置的實施例,交易裝置包括一系統端處理單元,交易裝置內之數據處理;包括有一系統端顯示單元,用以產生顯示於交易裝置上的一交易互動訊息,以及一提供輸入交易金額的介面;包括一交易碼產生單元,用以輸出一根據交易金額運算得出的交易碼;裝置包括有網路單元,用以連接驗證伺服器,並藉以自驗證伺服器取得一驗證結果。According to an embodiment of the transaction device using the personalized device verification, the transaction device includes a system-side processing unit, data processing in the transaction device, and a system-side display unit for generating a transaction interaction message displayed on the transaction device. And an interface for inputting the transaction amount; comprising a transaction code generating unit for outputting a transaction code calculated according to the transaction amount; the device comprises a network unit for connecting to the verification server, and the self-authentication server is used Get a verification result.

交易裝置比如提供使用者提領現金的自動櫃員機,或是購物交易時提供驗證身份的裝置,而交易碼比如一無線訊號之編碼,透過近場通訊單元傳遞;交易碼比如一維或二維條碼,讓使用者操作個人化裝置掃描取得交易碼;交易碼或可為一字串,讓使用者抄入個人化裝置中。The transaction device, for example, provides an automatic teller machine for the user to withdraw cash, or a device for verifying identity during a shopping transaction, and the transaction code such as a wireless signal code is transmitted through the near field communication unit; the transaction code is, for example, a one-dimensional or two-dimensional barcode. The user is allowed to operate the personalized device to scan and obtain the transaction code; the transaction code may be a string for the user to copy into the personalization device.

在採用個人化裝置驗證之交易安全系統的實施例中,系統包括有一驗證伺服器,與前述交易裝置。驗證伺服器具有一驗證處理器,透過網路接收個人化裝置產生的驗證碼,並根據此驗證碼所載資訊驗證個人化裝置,產生一驗證結果,再以通訊單元傳送驗證結果至交易裝置。經驗證成功後,即可繼續完成交易。In an embodiment of a transaction security system employing personalized device verification, the system includes a verification server, and the aforementioned transaction device. The verification server has a verification processor, receives the verification code generated by the personalization device through the network, and verifies the personalized device according to the information contained in the verification code, generates a verification result, and transmits the verification result to the transaction device by the communication unit. Once verified, you can continue to complete the transaction.

為了能更進一步瞭解本創作為達成既定目的所採取之技術及功效,請參閱以下有關本創作之詳細說明、圖式,相信本創作之目的、特徵與特點,當可由此得以深入且具體之瞭解,然而所附圖式僅提供參考與說明用,並非用來對本創作加以限制者。In order to further understand the technology and efficacy of this creation in order to achieve the intended purpose, please refer to the following detailed description and schema of this creation. I believe that the purpose, characteristics and characteristics of this creation can be deeply and specifically understood. However, the drawings are provided for reference and explanation only, and are not intended to limit the creation.

10‧‧‧自動櫃員機10‧‧‧Automatic Teller Machine

101‧‧‧二維條碼101‧‧‧2D barcode

103‧‧‧代碼103‧‧‧ Code

105‧‧‧吐鈔出口105‧‧‧Withdrawal export

12‧‧‧個人化裝置12‧‧‧ Personalized device

121‧‧‧二維條碼121‧‧‧2D barcode

123‧‧‧一維條碼123‧‧‧1D barcode

14‧‧‧收銀裝置14‧‧‧ cash register

141‧‧‧交易金額141‧‧‧ transaction amount

143‧‧‧一維條碼143‧‧‧1D barcode

20‧‧‧交易裝置20‧‧‧ trading device

201‧‧‧交易金額201‧‧‧ transaction amount

203‧‧‧交易條碼203‧‧‧ transaction bar code

205‧‧‧交易號碼205‧‧‧Transaction number

207‧‧‧授權碼207‧‧‧Authorization code

209‧‧‧驗證訊息209‧‧‧Verification message

步驟S301~S311‧‧‧交易流程Step S301~S311‧‧‧ transaction process

41‧‧‧個人化裝置41‧‧‧personalized device

42‧‧‧交易裝置42‧‧‧ trading device

43‧‧‧交易服務主機43‧‧‧Transaction Service Host

44‧‧‧驗證伺服器44‧‧‧Verification server

401‧‧‧填寫金額401‧‧‧ Fill in the amount

402‧‧‧讀取交易碼402‧‧‧Read transaction code

403‧‧‧傳送交易資訊403‧‧‧Transfer transaction information

404‧‧‧傳送驗證碼404‧‧‧Transfer verification code

405‧‧‧回覆驗證結果405‧‧‧Reply verification results

406‧‧‧確認交易406‧‧‧Confirm transaction

407‧‧‧交易成功407‧‧‧Transaction success

501‧‧‧填寫金額501‧‧‧ Fill in the amount

502‧‧‧傳送交易資訊502‧‧‧Transfer transaction information

503‧‧‧產生交易碼503‧‧‧ Generate transaction code

504‧‧‧讀取交易碼504‧‧‧Read transaction code

505‧‧‧傳送驗證碼505‧‧‧Transfer verification code

506‧‧‧回覆驗證結果506‧‧‧Reply verification results

507‧‧‧確認交易507‧‧‧Confirm transaction

508‧‧‧交易成功508‧‧‧Transaction success

601‧‧‧填寫金額601‧‧‧ Fill in the amount

602‧‧‧傳送交易資訊602‧‧‧Transfer transaction information

603‧‧‧產生交易碼603‧‧‧ Generate transaction code

604‧‧‧讀取交易碼604‧‧‧Read transaction code

605‧‧‧傳送驗證碼605‧‧‧Transfer verification code

606‧‧‧產生授權碼606‧‧‧ Generate authorization code

607‧‧‧填寫授權碼607‧‧‧ Fill in the authorization code

608‧‧‧傳送授權碼608‧‧‧Transfer authorization code

609‧‧‧傳送授權碼609‧‧‧Transfer authorization code

610‧‧‧回覆驗證結果610‧‧‧Reply verification results

611‧‧‧確認交易611‧‧‧Confirm transaction

612‧‧‧交易成功612‧‧‧Transaction success

71‧‧‧驗證伺服器71‧‧‧Verification server

711‧‧‧驗證處理器711‧‧‧ verification processor

712‧‧‧授權碼產生單元712‧‧‧Authorization code generation unit

713‧‧‧通訊單元713‧‧‧Communication unit

72‧‧‧交易裝置72‧‧‧ trading device

721‧‧‧系統端顯示單元721‧‧‧System-side display unit

722‧‧‧系統端處理單元722‧‧‧System-side processing unit

723‧‧‧交易碼產生單元723‧‧‧transaction code generating unit

724‧‧‧網路單元724‧‧‧Network Unit

725‧‧‧授權碼處理單元725‧‧‧Authorization code processing unit

73‧‧‧個人化裝置73‧‧‧personalized device

731‧‧‧裝置端顯示模組731‧‧‧Device display module

732‧‧‧交易碼讀取模組732‧‧‧transaction code reading module

733‧‧‧驗證碼產生模組733‧‧‧Verification Code Generation Module

734‧‧‧授權碼取得模組734‧‧‧Authorization code acquisition module

圖1A顯示本創作採用個人化裝置驗證之交易安全系統的相關裝置實施例之一示意圖;圖1B顯示本創作採用個人化裝置驗證之交易安全系統的相關裝置實施例之二示意圖;圖2A至圖2D顯示本創作採用個人化裝置驗證之交易安全系統運作時實施例圖; 圖3顯示本創作採用個人化裝置驗證之交易安全系統之實施流程之一;圖4顯示本創作採用個人化裝置驗證之交易安全系統之實施流程之二;圖5顯示本創作採用個人化裝置驗證之交易安全系統之實施流程之三;圖6顯示本創作採用個人化裝置驗證之交易安全系統之實施流程圖之四;圖7顯示本創作採用個人化裝置驗證之交易裝置與相關系統的功能方塊實施例圖。1A is a schematic diagram showing an embodiment of a related apparatus for a transaction security system using personalized device verification; FIG. 1B is a schematic diagram showing a second embodiment of a related apparatus for a transaction security system using personalized device verification; FIG. 2A to FIG. 2D shows an example of the operation of the transaction security system in which the creation of the personalized device is verified; Figure 3 shows one of the implementation processes of the transaction security system using the personalized device verification. Figure 4 shows the implementation process of the transaction security system using the personalized device verification. Figure 5 shows that the creation uses personalized device verification. The implementation process of the transaction security system is three; Figure 6 shows the implementation flow chart of the transaction security system using the personalized device verification in this creation; Figure 7 shows the function block of the transaction device and related system verified by the personalized device. Example map.

有鑑於習知技術在信用卡購物、網路交易,以及可以提領現金的自動櫃員機(ATM,automatic teller machine)的交易程序僅以帳號、密碼,或是配合提款卡方式進行驗證,而並未提供有效且安全性高的措施,本創作揭露書提出一種採用個人化裝置驗證之交易裝置,以及交易安全系統,其中交易裝置可以在交易前先與使用者隨身的個人化裝置執行身份驗證,配合第三方驗證手段,提供高安全性的交易安全措施,可免得在交易程序中部分驗證資訊被擷取或是盜用時的財產損失。In view of the prior art, the credit card shopping, online transactions, and ATM (automatic teller machine) transaction procedures can only be verified by account number, password, or with a cash card. Providing effective and highly secure measures, the present disclosure proposes a transaction device that uses personalized device verification, and a transaction security system, in which the transaction device can perform identity verification with the user's personalised device before the transaction. Third-party verification means, providing high-security transaction security measures, can avoid partial loss of property damage in the transaction process when the information is captured or stolen.

實施例示意圖可參閱圖1A以及圖1B所呈現的使用情境圖,其中示意表示本創作探用個人化裝置驗證之交易安全系統的相關運用。For a schematic diagram of the embodiment, reference may be made to the usage context diagram presented in FIG. 1A and FIG. 1B, wherein the related application of the transaction security system verified by the personalization device is schematically illustrated.

如圖1A所示,圖中呈現有一自動櫃員機10,當使用者欲透過此自動櫃員機10執行交易時,比如提款、存款、轉帳等交易程序,當透過其中介面輸入一金額時,自動櫃員機10將呈現出根據此金額或是當下交易資訊運算產生的交易碼,比如根據交易金額、交易裝置之代碼(自動櫃員機10之識別代碼)與一交談識別 碼(session code)運算所產生的交易碼,此例係以二維條碼101方式呈現,但並非限於二維條碼的形式,另可以一維條碼、無線訊號傳輸(如NFC)、英數字碼等方式表示此交易碼。As shown in FIG. 1A, there is shown an automatic teller machine 10. When a user wants to execute a transaction through the automatic teller machine 10, such as a withdrawal, deposit, transfer, etc., when an amount is input through the interface, the automatic teller machine 10 A transaction code generated based on this amount or current transaction information operation, such as a transaction amount, a transaction device code (identification code of the automated teller machine 10), and a chat identification will be presented. The transaction code generated by the session code operation is presented in the form of a two-dimensional barcode 101, but is not limited to the form of a two-dimensional barcode, and may be one-dimensional barcode, wireless signal transmission (such as NFC), English digital code, etc. The way represents this transaction code.

此例以二維條碼101表示交易碼,並仍可輔以一字串代碼103表示,以免使用者裝置無法讀取二維條碼101。經使用者操作個人化裝置12,執行相關驗證程式,開啟照相機模組,拍攝二維條碼101,產生在裝置12上顯示器顯示的二維條碼121(或僅拍攝時顯示,卻不用顯示掃描結果),透過軟體可識別其中所載的資訊。之後的程序包括根據二維條碼121中的交易資訊產生驗證碼、傳遞至驗證伺服器,經驗證成功後可自吐鈔出口105提款。其中細節將於以下揭露內容描述。In this example, the transaction code is represented by a two-dimensional barcode 101, and can still be represented by a string code 103, so that the user device cannot read the two-dimensional barcode 101. After the user operates the personalization device 12, the relevant verification program is executed, the camera module is turned on, the two-dimensional barcode 101 is captured, and the two-dimensional barcode 121 displayed on the display of the device 12 is generated (or displayed only when shooting, but the scanning result is not displayed). The software can identify the information contained in it. The subsequent procedure includes generating a verification code based on the transaction information in the two-dimensional barcode 121 and transmitting it to the verification server, and after the verification is successful, the withdrawal may be made from the money discharge outlet 105. Details will be described below.

另一實施態樣如圖1B所示,本創作採用個人化裝置驗證之交易安全系統可以應用於一般購物付款時的交易程序中,此例顯示消費者或是收銀員在一交易裝置(如POS的收銀裝置14)上輸入一交易金額141,裝置14上顯示交易金額141並產生一根據此交易金額141與相關交易資訊所產生的一維條碼143,再由消費者確認此筆交易金額141後,操作圖中個人化裝置12中程式掃描收銀裝置14上顯示的一維條碼143,形成在個人化裝置12呈現的一維條碼123(或可不用顯示)。之後的程序包括根據此一維條碼123所載交易資訊產生驗證碼、傳送驗證碼、由驗證伺服器進行驗證,驗證成功後,該筆交易才會成立。Another embodiment is shown in FIG. 1B. The transaction security system verified by the personalization device can be applied to the transaction process during general shopping payment. This example shows the consumer or the cashier in a transaction device (such as POS). The cash register device 14) inputs a transaction amount 141, and the device 14 displays the transaction amount 141 and generates a one-dimensional barcode 143 generated according to the transaction amount 141 and the related transaction information, and then the consumer confirms the transaction amount 141. The one-dimensional bar code 143 displayed on the program of the personalization device 12 in the personalization device 12 is formed in the one-dimensional bar code 123 presented by the personalization device 12 (or may not be displayed). Subsequent procedures include generating a verification code based on the transaction information contained in the one-dimensional barcode 123, transmitting the verification code, and verifying by the verification server. After the verification is successful, the transaction is established.

圖2A至圖2D接著顯示本創作採用個人化裝置驗證之交易安全系統運作時實施例圖。2A-2D then show an embodiment diagram of the operation of the transaction security system verified by the personalization device.

圖2A顯示一交易裝置20的顯示器上產生一輸入金額的介面,由使用者輸入交易金額201後,如圖2B所示,交易裝置20中的作業程式根據此交易金額201,以及當下交易資訊,比如納入交易時間、裝置代碼,或/以及表示此階段交易的一種交談識別碼(session code)等資訊進行運算,得出一交易碼,此例以圖示的 交易條碼203以及交易號碼205表示此交易碼,提供使用者操作個人化裝置讀取。經個人化裝置讀取的交易資訊繼續運算形成驗證碼,作為本次交易安全驗證的依據,經驗證伺服器驗證成功後才完成交易。2A shows an interface for generating an input amount on the display of a transaction device 20. After the user inputs the transaction amount 201, as shown in FIG. 2B, the operation program in the transaction device 20 is based on the transaction amount 201 and the current transaction information. For example, the transaction time, the device code, or / and a session code indicating the transaction at this stage are calculated to obtain a transaction code. Transaction barcode 203 and transaction number 205 represent this transaction code, providing the user to operate the personalized device to read. The transaction information read by the personalization device continues to calculate to form a verification code, which serves as the basis for the security verification of the transaction, and the transaction is completed after the verification of the verification server is successful.

在另一實施例中,當驗證伺服器接收到個人化裝置傳送的驗證碼後,再繼續產生一授權碼,可以一字串表示,如一種一次式密碼,傳送給個人化裝置後,由使用者讀取再輸入到交易裝置20所產生的介面上,如圖2C中填入授權碼207的欄位。交易裝置20接受到這組授權碼207後,將傳送到驗證伺服器確認本次交易的安全性,若其中任一環節無法驗證成功,都會使得本次交易失敗;此例在圖2D中呈現出完成交易等的驗證訊息209。In another embodiment, after the verification server receives the verification code transmitted by the personalization device, it continues to generate an authorization code, which can be expressed in a string, such as a one-time password, transmitted to the personalization device, and used by The reader reads and re-enters the interface generated by the transaction device 20, as in Figure 2C, the field of the authorization code 207 is filled. After receiving the authorization code 207, the transaction device 20 will transmit to the verification server to confirm the security of the transaction. If any of the links cannot be verified successfully, the transaction will fail; this example is shown in Figure 2D. A verification message 209 for completing the transaction or the like is completed.

值得一提的是,為了要執行本揭露書所揭示的採用個人化裝置驗證之交易機制,使用者需要使用一具有運算處理、通訊、顯示與照相機功能的個人化裝置,細節來看,個人化裝置應為具備讀取一維條碼、二維條碼或無線訊號能力的行動裝置。裝置在運作前執行一初始化程序,包括於此個人化裝置安裝一執行交易驗證的程式,並對一驗證伺服器進行註冊。It is worth mentioning that in order to implement the transaction mechanism using personalized device verification disclosed in the disclosure, the user needs to use a personalized device with arithmetic processing, communication, display and camera functions, detailing, personalization The device should be a mobile device capable of reading 1D barcode, 2D barcode or wireless signal. The device performs an initialization process prior to operation, including installing a program for performing transaction verification on the personalization device, and registering a verification server.

前述由個人化裝置產生驗證碼所使用的種值(seed)為在驗證伺服器註冊時由驗證伺服器(或其他經授權的主機)內演算產生的個人化的種值。根據一實施方式,註冊時,驗證伺服器將要求使用者傳送個人化資訊,比如使用者所使用的行動通訊裝置的硬體資訊,如硬體相關代碼(如電話號碼、國際移動設備識別碼(International Mobile,Equipment Identity,IMEI)等)、網路硬體資訊等,更可為行動通訊裝置所支援的近場通訊(NFC)電路的通訊資料;個人化資訊也不排除使用者所提供的一般資訊,比如使用者個人資料、或是設定的一組認證碼(pin code),這些個人化資訊之一或是組合都可成為產生一種值(seed)的資料來源。The seed used by the personalization device to generate the verification code is the personalized value generated by the verification server (or other authorized host) during the verification server registration. According to an embodiment, upon registration, the authentication server will ask the user to transmit personalized information, such as hardware information of the mobile communication device used by the user, such as a hardware related code (such as a phone number, an international mobile device identification code ( International Mobile, Equipment Identity, IMEI, etc.), network hardware information, etc., can also be the communication data of the near field communication (NFC) circuit supported by the mobile communication device; the personalized information does not exclude the general information provided by the user. Information, such as user profiles, or a set of pin codes, can be a source of information that produces a seed.

利用個人化資訊產生的種值因此具有唯一性,不同裝置或使 用者都會取得不同的種值,且具有不可移植性,也就是換個裝置就無法使用。種值可以為一字串,經驗證伺服器(或是其他主機)產生後,分別儲存在個人化裝置以及驗證伺服器中。The value generated by the use of personalized information is therefore unique, different devices or Users will get different kinds of values, and they are not portable, that is, they cannot be used after changing devices. The values can be a string that is generated by the authentication server (or other host) and stored in the personalization device and the authentication server.

前述於個人化裝置產生的驗證碼即可以儲存於個人化裝置的種值根據當下交易資訊運算得到,可以一字串組成,其中載有可以識別出驗證碼來源(即該個人化裝置)的資訊,讓驗證伺服器可以取得對應的種值,而對應的驗證伺服器將透過伺服器端的種值對該驗證碼執行一對稱運算,因此可以根據運算結果驗證是否驗證碼來自經授權的個人化裝置。The verification code generated by the personalization device can be stored in the personalized device according to the current transaction information, and can be composed of a string, which contains information that can identify the source of the verification code (ie, the personalized device). The verification server can obtain the corresponding seed value, and the corresponding verification server will perform a symmetric operation on the verification code through the value of the server end, so that it can be verified according to the operation result whether the verification code is from an authorized personalization device. .

根據實施例所載的範例,若個人化裝置支援近場通訊(near-field communication,NFC),種值的儲存方式可以由此近場通訊電路的通訊資訊所保護。當個人化裝置接收到交易碼時,即可以裝置內之近場通訊電路之通訊資訊開啟種值,以運算產生驗證碼。比如,使用者手持一近場通訊的近場認證載具,經近距離連線行動通訊裝置後,所產生的近場通訊資訊將用以取得授權而開啟其中所預載的種值。According to the example set forth in the embodiment, if the personalization device supports near-field communication (NFC), the storage method of the seed value can be protected by the communication information of the near field communication circuit. When the personalization device receives the transaction code, the communication information of the near field communication circuit in the device can be turned on to generate a verification code. For example, if the user holds a near field authentication vehicle for near field communication, the near field communication information generated by the proximity communication device will be used to obtain authorization and open the preloaded value.

值得一提的是,本創作所採用的交易機制是基於個人化裝置內程式所產生的驗證碼或是其他資訊而產生的安全措施,所應用的個人化裝置應載有系統提供的應用程式,如智慧型手機、平板電腦內所載的應用程式(APP),此應用程式用於取得種值、取得系統資訊而產生驗證碼、接收訊息、掃描交易裝置產生的交易碼、接收授權碼(在一實施例)、傳送相關資訊等的功能,並可透過訊息系統取得系統端所推播的訊息、解密種值,以及提供輸入內容的介面等。It is worth mentioning that the trading mechanism used in this creation is based on the security code generated by the verification code or other information generated by the program in the personal device. The personalized device should be loaded with the application provided by the system. For example, an application (APP) contained in a smart phone or tablet, the application is used to obtain the value, obtain the system information, generate the verification code, receive the message, scan the transaction code generated by the transaction device, and receive the authorization code. An embodiment), transmitting related information and the like, and obtaining a message pushed by the system side, decrypting the seed value, and providing an interface for inputting the content through the message system.

圖3顯示本創作採用個人化裝置驗證之交易安全系統運作時的實施例流程。此例描述交易的流程,包括一開始如步驟S301,於一交易裝置(自動櫃員機、收銀機、網路購物介面等)填入交易金額;接著,如步驟S303,由交易裝置內的程式根據交易金額 以及當下的交易資訊運算產生一交易碼,並顯示在顯示器上。Figure 3 shows an example flow of the transaction security system in which the author uses a personalized device verification. This example describes the flow of the transaction, including initially filling in the transaction amount at a transaction device (automated teller machine, cash register, online shopping interface, etc.) as in step S301; then, in step S303, the transaction is executed by the program in the transaction device. Amount And the current transaction information operation generates a transaction code and displays it on the display.

使用者此時(或之前)啟動個人化裝置內程式,讀取(或由使用者根據交易碼填入)交易碼,如步驟S305,並根據個人化裝置上顯示的交易資訊(如金額、交易相關內容)確認內容。經確認後,如步驟S307,由個人化裝置內程式以前述註冊產生的種值運算產生驗證碼,其中可以一儲存於個人化裝置的種值根據當下交易資訊運算得到此驗證碼。The user activates the program in the personalization device at this time (or before), reads (or fills in the transaction code according to the transaction code by the user), in step S305, and according to the transaction information (such as the amount, transaction) displayed on the personalized device. Related content) Confirm the content. After confirming, in step S307, the verification code is generated by the program in the personalization device by the seed value generated by the registration, wherein the verification code can be obtained according to the current transaction information.

再如步驟S309,將驗證碼傳送到驗證伺服器,由驗證伺服器根據對應的系統端種值運算而驗證資訊是否來自註冊授權的個人化裝置,也就是對個人化裝置的使用者身份進行驗證,再如步驟S311,於驗證結果將傳送相關訊息到交易裝置上,若為驗證成功,即完成交易;否則,將產生交易失敗的訊息。In step S309, the verification code is transmitted to the verification server, and the verification server verifies whether the information is from the authorized authorized personalization device according to the corresponding system end value calculation, that is, verifying the identity of the user of the personalized device. Then, in step S311, the verification result will transmit the relevant message to the transaction device, and if the verification is successful, the transaction is completed; otherwise, the transaction failure message will be generated.

圖4顯示本創作系統的交易流程,流程為運行在個人化裝置41、交易裝置42、交易服務主機43與驗證伺服器44之間的安全驗證流程,其中個人化裝置41如使用者手持的電腦系統,其中執行的程式配合交易裝置42與交易服務主機43形成本創作的交易安全系統,驗證伺服器44則可為第三方提供驗證服務的主機,但不排除可為設於交易服務主機43內的硬體或軟體模組。4 shows the transaction flow of the authoring system. The flow is a security verification process running between the personalization device 41, the transaction device 42, the transaction service host 43 and the verification server 44, wherein the personalization device 41 is a computer held by the user. The system, wherein the executed program cooperates with the transaction device 42 and the transaction service host 43 to form the transaction security system of the present creation, and the verification server 44 can provide the host for the verification service to the third party, but does not exclude that it can be located in the transaction service host 43. Hardware or software module.

流程開始時,由使用者(或另一服務人員、收銀員)在交易裝置42上填寫金額(401),由交易裝置42根據交易金額以及/或當下交易相關資訊運算得到交易碼,由個人化裝置41讀取交易碼(402),如讀取一維條碼、二維條碼或是無線訊號;若以字串顯示的交易碼為例,可由使用者將交易碼抄寫輸入至個人化裝置41。同時,交易裝置42也將交易碼或相關交易資訊(交易金額、交易裝置代碼、時間、交談識別碼等)傳送到交易服務主機43(403)。其中交易服務主機43可能同時服務設於各處的多部交易裝置42,因此需要取得該次交易的相關資訊後才能識別交易的來源。At the beginning of the process, the user (or another service person, cashier) fills in the amount (401) on the transaction device 42, and the transaction device 42 calculates the transaction code based on the transaction amount and/or the current transaction related information, and is personalized. The device 41 reads the transaction code (402), such as reading a one-dimensional barcode, a two-dimensional barcode, or a wireless signal; if the transaction code displayed in the string is taken as an example, the transaction code can be transcribed and input to the personalization device 41 by the user. At the same time, the transaction device 42 also transmits the transaction code or related transaction information (transaction amount, transaction device code, time, chat identification code, etc.) to the transaction service host 43 (403). The transaction service host 43 may simultaneously serve a plurality of transaction devices 42 located at various locations, so that it is necessary to obtain relevant information of the transaction before the source of the transaction can be identified.

當個人化裝置41讀取了交易碼,確認交易相關資訊後,運用其中程式取出其中種值,並以種值對特定個人化資訊(如使用者資訊、交易金額、交易裝置之代碼與一交談識別碼)運算形成驗證碼,將驗證碼傳送到驗證伺服器44(404),其中攜帶著個人化裝置41的識別資訊,讓驗證伺服器44可以識別出驗證碼的來源。接著,驗證伺服器44接收個人化裝置所傳送的驗證碼,從驗證碼中得知個人化裝置端的識別資訊,如種值、裝置硬體資訊等,因此可對應得到伺服器端種值,以此伺服器端種值對該驗證碼執行一對稱運算,根據運算結果驗證個人化裝置41。之後,將驗證結果傳送到交易服務主機43(405)。其中,若驗證成功,交易服務主機43將確認交易(406)的訊息傳送到交易裝置42,個人化裝置41之使用者於驗證成功後完成交易(407);反之,當驗證失敗,表示交易不成功,並於交易裝置將顯示驗證失敗的訊息。When the personalization device 41 reads the transaction code, confirms the transaction related information, uses the program to take out the value, and uses the value to talk to the specific personalized information (such as user information, transaction amount, transaction device code). The identification code generates a verification code, and the verification code is transmitted to the verification server 44 (404), which carries the identification information of the personalization device 41, so that the verification server 44 can recognize the source of the verification code. Then, the verification server 44 receives the verification code transmitted by the personalization device, and obtains the identification information of the personalized device end, such as the seed value and the device hardware information, from the verification code, so that the server end value can be correspondingly obtained. The server end value performs a symmetric operation on the verification code, and the personalization device 41 is verified based on the operation result. Thereafter, the verification result is transmitted to the transaction service host 43 (405). If the verification is successful, the transaction service host 43 transmits the message confirming the transaction (406) to the transaction device 42, and the user of the personalization device 41 completes the transaction after the verification is successful (407); otherwise, when the verification fails, the transaction is not Successful, and the transaction device will display a message that the verification failed.

不同於圖4顯示的流程中係由交易裝置42運算產生交易碼,圖5顯示的實施例流程圖表示係由交易服務主機43進行運算產生交易碼的工作。Unlike the flow shown in FIG. 4, the transaction code is generated by the transaction device 42. The flowchart of the embodiment shown in FIG. 5 indicates that the transaction service host 43 performs the operation to generate the transaction code.

同樣先於交易裝置42上填寫交易金額(501),由交易裝置42將此交易資訊傳送到交易服務主機43(502),由交易服務主機43根據交易資訊產生交易碼,先傳回到對應的交易裝置42(503),顯示出來,由個人化裝置41讀取(504)。交易碼的方式比如一維或二維條碼,或是透過無線訊號傳遞,由個人化裝置41的相關通訊模組讀取,再由其中程式解譯出來,形成提供給使用者確認交易內容的資訊。Similarly, the transaction amount (501) is filled in before the transaction device 42, and the transaction information is transmitted by the transaction device 42 to the transaction service host 43 (502), and the transaction service host 43 generates the transaction code based on the transaction information, and first transmits the transaction code to the corresponding Transaction device 42 (503), displayed, is read (504) by personalization device 41. The transaction code is processed by a one-dimensional or two-dimensional barcode, or transmitted by a wireless signal, and is read by the relevant communication module of the personalization device 41, and then decoded by the program to form a message for providing the user with confirmation of the transaction content. .

經使用者確認交易內容後,個人化裝置41取出種值,並對相關個人化資訊運算產生驗證碼,傳送到驗證伺服器44(505),由驗證伺服器44取得驗證碼中所攜帶的個人化裝置41端的識別資訊,可以取得對應的系統端種值,根據對應的種值執行對稱運算,以驗證資訊來源,之後回覆驗證結果(506)至交易服務主機43, 交易服務主機43根據其中攜帶的資訊(如裝置相關資訊、該次交易相關資訊等)判斷對應的交易裝置42,通知交易裝置42確認該次交易(507),顯示給使用者看,表示交易成功的訊息(508)。反之,若驗證失敗,則顯示交易失敗的訊息。After the user confirms the transaction content, the personalization device 41 takes out the seed value, generates a verification code for the related personalized information operation, and transmits the verification code to the verification server 44 (505), and the verification server 44 obtains the individual carried in the verification code. The identification information of the device 41 can obtain the corresponding system end value, perform a symmetric operation according to the corresponding seed value to verify the information source, and then reply the verification result (506) to the transaction service host 43, The transaction service host 43 determines the corresponding transaction device 42 according to the information carried therein (such as device related information, the transaction related information, etc.), notifies the transaction device 42 to confirm the transaction (507), and displays it to the user to indicate that the transaction is successful. Message (508). Conversely, if the verification fails, a message indicating that the transaction failed is displayed.

圖6接著顯示本創作交易安全系統運作的再一實施例流程圖,此流程同樣運作於個人化裝置41、交易裝置42、交易服務主機43以及驗證伺服器44之間。6 is a flow chart showing still another embodiment of the operation of the authoring transaction security system, which also operates between the personalization device 41, the transaction device 42, the transaction service host 43, and the authentication server 44.

開始一交易程序,需要填寫金額(601)至某交易裝置42上,此例中,交易裝置42將此交易資訊,包括裝置相關識別資訊,傳送到交易服務主機43(602),由交易服務主機43產生交易碼,並傳回到交易裝置42(603),交易碼比如以QR碼等二維條碼表示,由交易主機42顯示在顯示器上,由個人化裝置41讀取(604),並透過顯示交易內容讓使用者確認。To start a transaction procedure, an amount (601) needs to be filled into a transaction device 42. In this example, the transaction device 42 transmits the transaction information, including device-related identification information, to the transaction service host 43 (602), by the transaction service host. 43 generates a transaction code and returns it to the transaction device 42 (603). The transaction code is represented, for example, by a two-dimensional bar code such as a QR code, displayed on the display by the transaction host 42, read by the personalization device 41 (604), and transmitted through Display the transaction content for the user to confirm.

其中,若以自動櫃員機為例,不排除由ATM(即交易裝置)或是ATM主機(即交易服務主機)根據ATM裝置代碼、交易金額與代表此階段工作的交談識別碼(session ID)算得到交易碼,交易碼可以二維條碼、一維條碼或無線訊號等方式表示,而個人化裝置應以對應的程式指令讀取這些訊息。Wherein, if the ATM is taken as an example, it is not excluded that the ATM (ie, the transaction device) or the ATM host (ie, the transaction service host) is calculated according to the ATM device code, the transaction amount, and the session ID (work ID) working on behalf of this stage. Transaction code, transaction code can be represented by 2D barcode, 1D barcode or wireless signal, and the personalization device should read these messages with the corresponding program instructions.

經讀取交易碼並確認交易金額,個人化裝置41將利用其中程式產生驗證碼,驗證碼的產生為利用其中裝置端種值,也就是交易前於驗證伺服器註冊產生的加密種值,對交易裝置42的識別代碼、交易金額與交談識別碼,連同種值進行編碼,產生驗證碼,再將驗證碼傳送到驗證伺服器44(605),由驗證伺服器44執行安全驗證。After reading the transaction code and confirming the transaction amount, the personalization device 41 will use the program to generate the verification code, and the verification code is generated by using the device end value, that is, the encryption type value generated by the verification server registration before the transaction, The identification code of the transaction device 42, the transaction amount and the conversation identification code are encoded along with the seed value, a verification code is generated, and the verification code is transmitted to the verification server 44 (605), and the verification server 44 performs security verification.

經驗證成功後,此實施例表示,由驗證伺服器44產生一根據當下資訊產生的授權碼,此授權碼如同一次式密碼(OTP),比如可根據一時間資訊產生,為動態產生,產生的方式同樣可根據交易裝置機器識別碼、交易金額、交談識別碼,以及/或時間資訊等 資訊運算產生,授權碼將可以一字串透過網路傳送到個人化裝置41(606),經顯示給使用者看,由使用者再行填寫授權碼至交易裝置42上的輸入介面上(607)。授權碼的表示除了顯示在個人化裝置41上的字串外,不排除可以條碼形式或無線訊號呈現,由交易裝置42安裝讀取器讀取。After the verification succeeds, this embodiment indicates that the authentication server 44 generates an authorization code generated according to the current information, and the authorization code is generated as a one-time password (OTP), for example, generated according to a time information, and generated dynamically. The method can also be based on the transaction device machine identification code, transaction amount, chat identification code, and/or time information, etc. The information operation is generated, and the authorization code can be transmitted to the personalization device 41 (606) through the network, and displayed to the user. The user then fills in the authorization code to the input interface on the transaction device 42 (607). ). The representation of the authorization code, except for the string displayed on the personalization device 41, does not exclude the presentation in the form of a bar code or a wireless signal, which is read by the transaction device 42 installation reader.

經交易裝置42取得授權碼後,經交易服務主機43(608)傳送到驗證伺服器44(609),讓驗證伺服器44可以比對之前所產生的授權碼,而據此執行二次驗證,再回覆驗證結果(610),驗證成功後,經交易服務主機43傳送確認交易(611)資訊給交易主機42,以達成交易(612)。After obtaining the authorization code by the transaction device 42, it is transmitted to the verification server 44 (609) via the transaction service host 43 (608), so that the verification server 44 can compare the previously generated authorization code and perform secondary verification accordingly. The verification result (610) is replied again, and after the verification is successful, the confirmation transaction (611) information is transmitted to the transaction host 42 via the transaction service host 43 to complete the transaction (612).

圖7顯示本創作採用個人化裝置驗證之交易裝置與相關系統的功能方塊實施例圖。FIG. 7 is a diagram showing an embodiment of a functional block of a transaction device and related system that is authenticated by a personalization device.

此圖例顯示完成本創作交易程序至少需要一驗證伺服器71,驗證伺服器71也不排除可為載於特定主機,或是成為交易裝置72內的軟體功能;交易安全系統的交易裝置72可以涵蓋如前述圖4至6所載實施例由終端的交易裝置與一交易服務主機結合產生的功能。交易裝置72如前述實施例中的交易裝置與交易服務主機所組成;交易安全系統於個人化裝置73端上安裝有處理交易程序中驗證功能的軟體程式。This illustration shows that at least one verification server 71 is required to complete the authoring transaction program. The verification server 71 does not exclude software functions that can be carried on a particular host or become a transaction device 72; the transaction security device can be covered by the transaction device 72. The embodiment as described in the foregoing Figures 4 to 6 is a function produced by a transaction device of the terminal in combination with a transaction service host. The transaction device 72 is composed of the transaction device and the transaction service host in the foregoing embodiment; the transaction security system is installed on the personalization device 73 with a software program for processing the verification function in the transaction program.

在此採用個人化裝置驗證之交易安全系統中,包括載於個人化裝置73之記憶體的程式,程式主要執行本創作在個人化裝置73端的交易程序,相關的軟體模組如圖顯示裝置端顯示模組731,此如一裝置端顯示指令,經執行此程式後,透過裝置顯示器顯示出所讀取的交易碼以及交易金額,使用者可以根據顯示的交易內容確認內容是否正確,以及是否繼續當次交易。此裝置端顯示指令亦可提示使用者執行交易時的各項步驟,包括在特定實施例中所接收到的授權碼,如圖6所描述的流程。Here, the transaction security system using the personalized device verification includes a program loaded in the memory of the personalization device 73. The program mainly executes the transaction program of the creation on the personalization device 73 side, and the related software module is as shown in the display device. The display module 731 displays a command as shown in a device. After executing the program, the displayed transaction code and the transaction amount are displayed on the display of the device. The user can confirm whether the content is correct according to the displayed transaction content, and whether the content continues. transaction. The device side display command may also prompt the user to perform various steps in the transaction, including the authorization code received in a particular embodiment, such as the process described in FIG.

程式中的軟體模組比如有交易碼讀取模組732,如一交易碼讀 取指令,當交易裝置根據交易資訊產生交易碼後,個人化裝置所執行的程式可以讀取交易裝置顯示的交易碼,並可根據交易碼的形式轉換讀取的功能,比如交易碼若以一維或二維條碼表示,交易碼讀取指令將可啟動照相機模組掃描條碼;交易碼若以無線訊號呈現,交易碼讀取指令將啟動裝置中的無線通訊模組(如NFC),用以讀取無線訊號;若交易碼為顯示在交易裝置端的字串,交易碼讀取指令則產生一個輸入欄位,提供使用者輸入字串。The software module in the program is, for example, a transaction code reading module 732, such as a transaction code reading. The instruction fetching, when the transaction device generates the transaction code according to the transaction information, the program executed by the personalization device can read the transaction code displayed by the transaction device, and can convert the read function according to the transaction code form, for example, the transaction code is The dimension or 2D barcode indicates that the transaction code reading command will activate the camera module to scan the barcode; if the transaction code is presented by the wireless signal, the transaction code reading command will activate the wireless communication module (such as NFC) in the device for The wireless signal is read; if the transaction code is a string displayed on the transaction device side, the transaction code read command generates an input field to provide a user input string.

程式包括驗證碼產生模組733,相關指令如一驗證碼產生指令,用以產生驗證碼,並傳送到驗證伺服器。在此指令中,包括取出儲存於個人化裝置內的種值,能夠根據交易金額、交易裝置之代碼與交談識別碼等當下交易資訊運算產生驗證碼。The program includes a verification code generation module 733, and the related instruction, such as a verification code generation instruction, is used to generate a verification code and transmitted to the verification server. In this instruction, including extracting the seed value stored in the personalization device, the verification code can be generated according to the current transaction information such as the transaction amount, the transaction device code and the conversation identification code.

在一實施例中,個人化裝置73的程式中設有一授權碼取得模組734,此如一授權碼取得指令,用以可自驗證伺服器取得一繼續完成交易的授權碼,如圖6所描述的實施例,當驗證伺服器驗證個人化裝置後,伺服器再產生一如一次式密碼的授權碼,再傳送至個人化裝置73,並顯示於個人化裝置73上,其目的是能夠在完成交易前,再次確認使用者是否在交易裝置72前,使用者將可依照授權碼顯示的字串抄寫輸入到交易裝置72上,最後由驗證伺服器71於接收授權碼後進行驗證,才能依此完成交易。In an embodiment, the program of the personalization device 73 is provided with an authorization code acquisition module 734, such as an authorization code acquisition command, for obtaining an authorization code for continuing the transaction from the verification server, as described in FIG. In an embodiment, after the verification server verifies the personalization device, the server generates an authorization code such as a one-time password, transmits it to the personalization device 73, and displays it on the personalization device 73, the purpose of which is to be completed. Before the transaction, it is confirmed again whether the user is in front of the transaction device 72, and the user can input the string that can be displayed according to the authorization code to the transaction device 72, and finally the verification server 71 performs verification after receiving the authorization code. Seal the deal.

驗證伺服器71較佳為一第三方提供的驗證機制,確保終端個人化裝置73與交易裝置72進行交易時的安全性。其中以硬體或軟體手段實現的功能單位,如一驗證處理器711,用以經網路接收個人化裝置73產生的驗證碼(驗證碼產生模組733),並根據驗證碼所載資訊驗證個人化裝置73,產生一驗證結果,此驗證結果將透過通訊單元713傳遞,特別是傳遞至交易裝置72,讓交易裝置72的相關系統知悉驗證成功,並繼續完成交易。The verification server 71 is preferably a verification mechanism provided by a third party to ensure the security of the terminal personalization device 73 when conducting transactions with the transaction device 72. The functional unit implemented by hardware or software means, such as a verification processor 711, for receiving the verification code (the verification code generation module 733) generated by the personalization device 73 via the network, and verifying the individual according to the information contained in the verification code. The device 73 generates a verification result, which will be transmitted through the communication unit 713, in particular to the transaction device 72, so that the relevant system of the transaction device 72 knows that the verification is successful and continues to complete the transaction.

驗證伺服器71在一實施例中,如前述圖6所示的流程,更包括一授權碼產生單元712,係能於完成前述驗證後,特別是驗證成 功之後,產生一傳送至個人化裝置73的授權碼,對比個人化裝置73中的授權碼取得模組734,由使用者回填授權碼,經交易裝置72回傳到驗證伺服器71,期間經過交易裝置72中的授權碼處理單元725。In an embodiment, the verification server 71, as in the foregoing process shown in FIG. 6, further includes an authorization code generating unit 712, which can be verified, in particular, after the verification is completed. After the work, an authorization code transmitted to the personalization device 73 is generated, and the authorization code acquisition module 734 in the personalization device 73 is backfilled by the user, and is transmitted back to the verification server 71 via the transaction device 72. Authorization code processing unit 725 in transaction device 72.

在交易裝置72上,設有一系統端處理單元722,用以執行採用個人化裝置驗證之交易裝置72之數據處理,並電性連接其中各電路元件。比如設有系統端顯示單元721,系統端顯示單元721為處理顯示內容,包括產生顯示於交易裝置72上的一交易互動訊息,顯示各種交易資訊;另更可產生一提供輸入交易金額的介面,由使用者根據需求填入交易金額,比如在設於店家收銀機上的裝置,或為自動櫃員機等。On the transaction device 72, a system-side processing unit 722 is provided for performing data processing of the transaction device 72 authenticated by the personalized device and electrically connecting the circuit elements therein. For example, a system-side display unit 721 is provided. The system-side display unit 721 is configured to process display content, including generating a transaction interactive message displayed on the transaction device 72, displaying various transaction information, and generating an interface for providing an input transaction amount. The user fills in the transaction amount according to the demand, such as a device installed at the store cash register, or an automatic teller machine.

交易裝置72設有交易碼產生單元723,能夠根據使用者經由上述提供輸入交易金額的介面輸入的交易金額運算得到,或可配合其他即時的資訊,如交易裝置之代碼(交易裝置72之識別代碼)與表示該次交易的交談識別碼等。根據實施例,交易碼產生單元723可以為一近場通訊單元(NFC unit),因此所產生的交易碼為一無線訊號之編碼;交易碼產生單元723可以為一條碼產生單元,包括一維或二維條碼的產生,因此交易碼係以一維條碼或是二維條碼表示,以前述系統端顯示單元721顯示出來,由使用者操作個人化裝置73掃描讀取;交易碼產生單元723可為一字串產生單元,因此交易碼可以一字串表示,經顯示出來後,由使用者抄寫至個人化裝置73上,再產生驗證碼。The transaction device 72 is provided with a transaction code generation unit 723, which can be calculated according to the transaction amount input by the user via the interface for providing the input transaction amount, or can be combined with other real-time information, such as the code of the transaction device (the identification code of the transaction device 72) ) and a conversation identifier indicating the transaction, and the like. According to an embodiment, the transaction code generating unit 723 may be a near field communication unit (NFC unit), and thus the generated transaction code is a code of a wireless signal; the transaction code generating unit 723 may be a code generating unit, including one-dimensional or The two-dimensional barcode is generated. Therefore, the transaction code is represented by a one-dimensional barcode or a two-dimensional barcode, and is displayed by the system-side display unit 721, and is scanned and read by the user operating the personalization device 73. The transaction code generation unit 723 can be A string generating unit, so the transaction code can be represented in a string, and after being displayed, the user transcribes to the personalization device 73, and then generates a verification code.

交易裝置72設有網路單元724,可以專線或加密網路連線到驗證伺服器71,並能自驗證伺服器71取得驗證結果。The transaction device 72 is provided with a network unit 724, which can be connected to the verification server 71 by a dedicated line or an encrypted network, and can obtain the verification result from the verification server 71.

當整個系統欲處理如前述由驗證伺服器71於驗證成功後再產生的授權碼,交易裝置72可設有授權碼處理單元725,接收由使用者輸入或傳輸至交易裝置72上的授權碼,再轉送至驗證伺服器71作最後驗證。When the entire system is to process an authorization code generated by the verification server 71 after successful verification, the transaction device 72 may be provided with an authorization code processing unit 725 to receive an authorization code input by the user or transmitted to the transaction device 72. It is then forwarded to the verification server 71 for final verification.

是以,以上揭露書所描述的採用個人化裝置驗證之交易裝置,以及相關交易安全系統,其主要應用在交易程序中身份驗證的程序,包括可以應用在自動櫃員機提款、存款、轉帳等動作的驗證程序,也可應用在一般購物交易時的驗證程序中,使得交易程序具有高安全性,其中除了個人化裝置之外並無需要密碼、信用卡或提款卡等物品,可避免被盜用。其中特別是在交易過程中,由交易裝置產生交易碼,由個人化裝置讀取,再以程式產生的驗證碼由第三方驗證單位執行身份驗證。藉著本創作的運行,可以提供高安全性的交易程序。Therefore, the transaction device using the personalized device verification described in the above disclosure, and the related transaction security system, which are mainly applied to the authentication process in the transaction program, include actions that can be applied to ATM withdrawal, deposit, transfer, etc. The verification procedure can also be applied to the verification procedure in the general shopping transaction, so that the transaction procedure has high security, and no password, credit card or ATM card is needed except the personalization device, so as to avoid being stolen. In particular, during the transaction process, the transaction code is generated by the transaction device, read by the personalization device, and the verification code generated by the program is used by the third-party verification unit to perform identity verification. Through the operation of this creation, a highly secure trading program can be provided.

惟以上所述僅為本創作之較佳可行實施例,非因此即侷限本創作之專利範圍,故舉凡運用本創作說明書及圖示內容所為之等效結構變化,均同理包含於本創作之範圍內,合予陳明。However, the above description is only a preferred and feasible embodiment of the present invention, and thus does not limit the scope of the patent of the present invention. Therefore, the equivalent structural changes that are made by using the present specification and the illustrated contents are equally included in the present creation. Within the scope, it is combined with Chen Ming.

10‧‧‧自動櫃員機10‧‧‧Automatic Teller Machine

101‧‧‧二維條碼101‧‧‧2D barcode

103‧‧‧代碼103‧‧‧ Code

105‧‧‧吐鈔出口105‧‧‧Withdrawal export

12‧‧‧個人化裝置12‧‧‧ Personalized device

121‧‧‧二維條碼121‧‧‧2D barcode

Claims (10)

一種採用個人化裝置驗證之交易裝置,包括:一系統端處理單元,用以執行該採用個人化裝置驗證之交易裝置之數據處理;一系統端顯示單元,電性連接該系統端處理單元,用以產生顯示於該交易裝置上的一交易互動訊息,以及一提供輸入交易金額的介面;一交易碼產生單元,電性連接該系統端處理單元,用以輸出一交易碼,該交易碼係至少根據該交易金額運算得出;以及一網路單元,用以連接一驗證伺服器,並藉以自該驗證伺服器取得一驗證結果。A transaction device using personalization device verification, comprising: a system-side processing unit for performing data processing of the transaction device using the personalized device verification; a system-side display unit electrically connected to the system-side processing unit, To generate a transaction interactive message displayed on the transaction device, and an interface for providing an input transaction amount; a transaction code generating unit electrically connected to the system-side processing unit for outputting a transaction code, the transaction code is at least Calculated according to the transaction amount; and a network unit for connecting to a verification server, and thereby obtaining a verification result from the verification server. 如請求項1所述的採用個人化裝置驗證之交易裝置,其中該交易碼產生單元為一近場通訊單元,該交易碼為一無線訊號之編碼。The transaction device using the personalized device verification as claimed in claim 1, wherein the transaction code generating unit is a near field communication unit, and the transaction code is a code of a wireless signal. 如請求項1所述的採用個人化裝置驗證之交易裝置,其中該交易碼產生單元為一條碼產生單元,該交易碼係以一維條碼或是二維條碼表示,以該系統端顯示單元顯示。The transaction device of claim 1, wherein the transaction code generating unit is a code generating unit, and the transaction code is represented by a one-dimensional barcode or a two-dimensional barcode, and is displayed by the system-side display unit. . 如請求項1所述的採用個人化裝置驗證之交易裝置,其中該交易碼產生單元為一字串產生單元,該交易碼以一字串表示,以該系統端顯示單元顯示。The transaction device of claim 1, wherein the transaction code generating unit is a string generating unit, and the transaction code is represented by a string and displayed by the system-side display unit. 如請求項1至4其中之一所述的採用個人化裝置驗證之交易裝置,其中該交易裝置為一自動櫃員機。A transaction device authenticated by a personalization device as claimed in any one of claims 1 to 4, wherein the transaction device is an automated teller machine. 一種採用個人化裝置驗證之交易安全系統,包括:一驗證伺服器,包括:一驗證處理器,透過網路接收一個人化裝置產生的一驗證碼,並根據該驗證碼所載資訊驗證該個人化裝置,產生一驗證結果; 一通訊單元,係用以傳送該驗證結果;一交易裝置,透過一網路連結該驗證伺服器,包括:一系統端處理單元,用以執行該採用個人化裝置驗證之交易裝置之數據處理;一系統端顯示單元,電性連接該系統端處理單元,用以產生顯示於該交易裝置上的一交易互動訊息,以及一提供輸入交易金額的介面;一交易碼產生單元,電性連接該系統端處理單元,用以輸出一交易碼,該交易碼係至少根據該交易金額運算得出;以及一網路單元,用以自該驗證伺服器取得該驗證結果。A transaction security system using personalized device verification, comprising: a verification server, comprising: a verification processor, receiving a verification code generated by a humanized device through a network, and verifying the personalization according to the information contained in the verification code a device that produces a verification result; a communication unit for transmitting the verification result; a transaction device connecting the verification server via a network, comprising: a system-side processing unit for performing data processing of the transaction device verified by the personalized device; a system-side display unit electrically connected to the system-side processing unit for generating a transaction interactive message displayed on the transaction device, and an interface for providing an input transaction amount; a transaction code generating unit electrically connecting the system And the end processing unit is configured to output a transaction code, the transaction code is calculated according to the transaction amount at least; and a network unit is configured to obtain the verification result from the verification server. 如請求項6所述的採用個人化裝置驗證之交易安全系統,其中該交易碼係以一維條碼、二維條碼、一字串或一無線訊號表示。The transaction security system using the personalized device verification as claimed in claim 6, wherein the transaction code is represented by a one-dimensional barcode, a two-dimensional barcode, a string or a wireless signal. 如請求項6所述的採用個人化裝置驗證之交易安全系統,其中該交易裝置之該交易碼產生單元為一近場通訊單元、一條碼產生單元或一字串產生單元。The transaction security system using the personalized device verification as claimed in claim 6, wherein the transaction code generating unit of the transaction device is a near field communication unit, a code generating unit or a string generating unit. 如請求項6所述的採用個人化裝置驗證之交易安全系統,其中該驗證伺服器更包括一授權碼產生單元,係於完成驗證後產生一傳送至該個人化裝置的授權碼;該交易裝置更包括一授權碼處理單元,經接收該授權碼後,傳送至該驗證伺服器。The transaction security system using the personalized device verification as claimed in claim 6, wherein the verification server further includes an authorization code generating unit that generates an authorization code transmitted to the personalization device after the verification is completed; the transaction device The method further includes an authorization code processing unit, and after receiving the authorization code, transmitting to the verification server. 如請求項6至9其中之一所述的採用個人化裝置驗證之交易安全系統,其中該交易裝置為一自動櫃員機。A transaction security system using personalised device verification as claimed in any one of claims 6 to 9, wherein the transaction device is an automated teller machine.
TW104207771U 2015-05-20 2015-05-20 Transaction device and transaction security system with authentication using personal device TWM512772U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW104207771U TWM512772U (en) 2015-05-20 2015-05-20 Transaction device and transaction security system with authentication using personal device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW104207771U TWM512772U (en) 2015-05-20 2015-05-20 Transaction device and transaction security system with authentication using personal device

Publications (1)

Publication Number Publication Date
TWM512772U true TWM512772U (en) 2015-11-21

Family

ID=55219937

Family Applications (1)

Application Number Title Priority Date Filing Date
TW104207771U TWM512772U (en) 2015-05-20 2015-05-20 Transaction device and transaction security system with authentication using personal device

Country Status (1)

Country Link
TW (1) TWM512772U (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI671715B (en) * 2018-07-24 2019-09-11 財金資訊股份有限公司 Mobile withdrawal system and method, computer readable recording medium and computer program product
TWI758574B (en) * 2017-03-29 2022-03-21 楊建綱 Multidimensional barcode mobile payment method and payment server system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI758574B (en) * 2017-03-29 2022-03-21 楊建綱 Multidimensional barcode mobile payment method and payment server system
TWI671715B (en) * 2018-07-24 2019-09-11 財金資訊股份有限公司 Mobile withdrawal system and method, computer readable recording medium and computer program product

Similar Documents

Publication Publication Date Title
EP3767877A1 (en) Token and cryptogram using transaction specific information
JP6704009B2 (en) Mobile payment method using barcodes, device, and server for using the method
CN111742314B (en) Biometric sensor on portable device
GB2512944A (en) Systems and methods for outputting information on a display of a mobile device
CN107784499B (en) Secure payment system and method of near field communication mobile terminal
CN112889046A (en) System and method for password authentication of contactless cards
US20160092876A1 (en) On-device shared cardholder verification
US20170076285A1 (en) Payment Method and Apparatus and Payment Factor Processing Method and Apparatus
CN113168631A (en) System and method for password authentication of contactless cards
US20230281594A1 (en) Authentication for third party digital wallet provisioning
US11386427B2 (en) System for secure authentication of a user's identity in an electronic system for banking transactions
EP2854087A1 (en) Method for processing a payment
CN104835038A (en) Networking payment device and networking payment method
KR101865879B1 (en) System and method for providing financial transaction using pre-approval
US9589265B2 (en) Mobile payment method
TWI395449B (en) Electronic wallet verification system and its method
TWM512772U (en) Transaction device and transaction security system with authentication using personal device
EP4142216B1 (en) Digital identity authentication system and method
KR102348823B1 (en) System and Method for Identification Based on Finanace Card Possessed by User
KR102122555B1 (en) System and Method for Identification Based on Finanace Card Possessed by User
CN113169873A (en) System and method for password authentication of contactless cards
KR101103189B1 (en) System and Method for Issueing Public Certificate of Attestation using USIM Information and Recording Medium
KR101727458B1 (en) Account transfer system and method through real near field communication card and withdrawal account in mobile banking system
TWI545512B (en) Transaction method and transaction security system with authentication using personal device, and computer-readable medium
KR101626942B1 (en) Otp generating system linked with pin using nfc and the method thereof

Legal Events

Date Code Title Description
MM4K Annulment or lapse of a utility model due to non-payment of fees