TWM573868U - Online banking system using bar code technology for identity verification - Google Patents

Online banking system using bar code technology for identity verification Download PDF

Info

Publication number
TWM573868U
TWM573868U TW107213194U TW107213194U TWM573868U TW M573868 U TWM573868 U TW M573868U TW 107213194 U TW107213194 U TW 107213194U TW 107213194 U TW107213194 U TW 107213194U TW M573868 U TWM573868 U TW M573868U
Authority
TW
Taiwan
Prior art keywords
online banking
serial number
server
electronic device
login
Prior art date
Application number
TW107213194U
Other languages
Chinese (zh)
Inventor
許顗民
馬嘉淩
曾致崴
Original Assignee
中國信託商業銀行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中國信託商業銀行股份有限公司 filed Critical 中國信託商業銀行股份有限公司
Priority to TW107213194U priority Critical patent/TWM573868U/en
Publication of TWM573868U publication Critical patent/TWM573868U/en

Links

Abstract

一種網路銀行系統,包含一銀行主機及一網路銀行伺服器。該網路銀行伺服器產生一登入序號,且根據該登入序號產生一條碼影像,並傳送一包含該條碼影像的條碼通知給該第一電子裝置,該條碼通知使該第一電子裝置透過該瀏覽器顯示該條碼影像,且使得當該第二電子裝置透過該預定應用程式掃描該條碼影像而獲得該登入序號之後,該第二電子裝置透過該預定應用程式傳送一包含一使用者識別資料及一第一提交序號的資料驗證請求給該網路銀行伺服器。該網路銀行伺服器判斷該第一提交序號與該登入序號是否相符,若是,傳送一用戶資料請求給該銀行主機。An online banking system includes a bank host and an online banking server. The network banking server generates a login serial number, and generates a code image according to the login serial number, and transmits a barcode notification including the barcode image to the first electronic device, and the barcode notification causes the first electronic device to pass the browsing Displaying the barcode image, and after the second electronic device scans the barcode image through the predetermined application to obtain the login serial number, the second electronic device transmits a user identification data and a The first submission serial number data verification request is sent to the online banking server. The online banking server determines whether the first submission serial number matches the login serial number, and if so, transmits a user data request to the banking host.

Description

使用條碼技術驗證身分的網路銀行系統Verify the identity of the online banking system using bar code technology

本新型是有關於一種銀行系統,特別是指一種網路銀行系統。The present invention relates to a banking system, and more particularly to an online banking system.

以往,銀行的客戶欲向銀行辦理金融服務時,大多需要臨櫃辦理。隨著網路通訊的發達,愈來愈多銀行發展出網路銀行系統,愈來愈多的金融服務項目不用臨櫃辦理,客戶只需透過連上網路的電腦或智慧型手機登入所述網路銀行系統就能辦理,從而提高便利性。與其他網路系統不同的是,網路銀行系統由於涉及金錢的流動,需要較高的安全性。如何在登入系統的程序上提高安全性,是本新型進一步要探討的主題。In the past, when bank customers wanted to apply for financial services to banks, most of them needed to be handled by the counter. With the development of Internet communication, more and more banks have developed online banking systems. More and more financial services projects are not required to be handled by customers. Customers only need to log in to the network through computers connected to the Internet or smart phones. The road banking system can handle it, thus improving convenience. Unlike other network systems, online banking systems require a high level of security because of the flow of money involved. How to improve security in the program of logging in to the system is a topic to be further explored by this novel.

因此,本新型之目的,即在提供一種網路銀行系統。Therefore, the purpose of the present invention is to provide an online banking system.

於是,本新型網路銀行系統,適於與一第一電子裝置及一第二電子裝置通訊,該第一電子裝置安裝有一瀏覽器,該第二電子裝置安裝有一預定應用程式,該網路銀行系統包含一銀行主機及一網路銀行伺服器。該網路銀行伺服器電連接於該銀行主機。Therefore, the new network banking system is adapted to communicate with a first electronic device and a second electronic device, the first electronic device is equipped with a browser, and the second electronic device is installed with a predetermined application, the online banking The system includes a bank host and an online banking server. The online banking server is electrically connected to the bank host.

當該網路銀行伺服器接收到來自該第一電子裝置且透過該瀏覽器傳送的一條碼登入請求,該網路銀行伺服器產生一登入序號,且根據該登入序號產生一條碼影像,並傳送一包含該條碼影像的條碼通知給該第一電子裝置,該條碼通知使該第一電子裝置透過該瀏覽器顯示該條碼影像,且使得當該第二電子裝置透過該預定應用程式掃描該條碼影像而獲得該登入序號之後,該第二電子裝置透過該預定應用程式傳送一包含一使用者識別資料及一第一提交序號的資料驗證請求給該網路銀行伺服器。When the online banking server receives a code entry request from the first electronic device and transmitted through the browser, the online banking server generates a login serial number, and generates a code image according to the login serial number, and transmits Transmitting, to the first electronic device, a bar code including the bar code image, the bar code notification causing the first electronic device to display the bar code image through the browser, and causing the second electronic device to scan the bar code image through the predetermined application program After obtaining the login serial number, the second electronic device transmits a data verification request including a user identification data and a first submission serial number to the online banking server through the predetermined application.

當該網路銀行伺服器接收到來自該第二電子裝置且透過該預定應用程式傳送且包含該使用者識別資料及該第一提交序號的該資料驗證請求,該網路銀行伺服器判斷該第一提交序號與該登入序號是否相符。When the online banking server receives the data verification request transmitted from the second electronic device and transmitted through the predetermined application and including the user identification data and the first submission serial number, the online banking server determines the first Whether the submitted serial number matches the login serial number.

當該網路銀行伺服器判斷該第一提交序號與該登入序號相符,該網路銀行伺服器傳送一對應於該使用者識別資料的用戶資料請求給該銀行主機。When the online banking server determines that the first submission serial number matches the login serial number, the online banking server transmits a user profile request corresponding to the user identification data to the banking host.

當該銀行主機接收到該用戶資料請求,該銀行主機將對應於該使用者識別資料的一用戶資料傳送給該網路銀行伺服器。When the bank host receives the user profile request, the bank host transmits a user profile corresponding to the user identification data to the online banking server.

當該網路銀行伺服器接收到該用戶資料,該網路銀行伺服器根據該用戶資料產生一登入後網頁,並將該登入後網頁傳送給該第一電子裝置。When the online banking server receives the user profile, the online banking server generates a login webpage according to the user profile, and transmits the login webpage to the first electronic device.

在一些實施態樣中,所述的網路銀行系統還包含一電連接於該網路銀行伺服器的登入資料庫伺服器,及一電連接於該網路銀行伺服器與該銀行主機的銀行安控伺服器。In some implementations, the online banking system further includes a login database server electrically connected to the online banking server, and a bank electrically connected to the online banking server and the bank host. Security server.

當該網路銀行伺服器接收到來自該第一電子裝置且透過該瀏覽器傳送的該條碼登入請求,該網路銀行伺服器還產生一對應於該登入序號的第一公鑰,及一對應於該登入序號的第一私鑰,且將該第一公鑰及該登入序號儲存至該登入資料庫伺服器。When the online banking server receives the barcode login request from the first electronic device and transmitted through the browser, the online banking server further generates a first public key corresponding to the login serial number, and a corresponding The first private key of the login serial number, and storing the first public key and the login serial number to the login database server.

當該網路銀行伺服器與該第一電子裝置的該瀏覽器之間的一對談結束,該網路銀行伺服器刪除該第一私鑰。When the online banking server and the browser of the first electronic device end, the online banking server deletes the first private key.

該條碼影像是該網路銀行伺服器根據該登入序號及該第一公鑰產生,且該第二電子裝置透過該預定應用程式傳送的該資料驗證請求還包含一提交公鑰。The barcode image is generated by the online banking server according to the login serial number and the first public key, and the data verification request transmitted by the second electronic device through the predetermined application program further includes a submit public key.

當該網路銀行伺服器接收到來自該第二電子裝置且透過該預定應用程式傳送的該資料驗證請求,該網路銀行伺服器判斷該第一提交序號與該登入序號是否相符,且判斷該提交公鑰與該第一公鑰是否相符。When the network banking server receives the data verification request transmitted from the second electronic device and transmitted through the predetermined application, the online banking server determines whether the first submission serial number matches the login serial number, and determines the Whether the submitted public key matches the first public key.

於該網路銀行伺服器判斷該第一提交序號與該登入序號相符,且該提交公鑰與該第一公鑰相符之後,該銀行安控伺服器傳送一個一次性密碼給該網路銀行伺服器。After the online banking server determines that the first submission serial number matches the login serial number, and the submitted public key matches the first public key, the bank security control server transmits a one-time password to the online banking server. Device.

當該網路銀行伺服器接收到來自該銀行安控伺服器的該一次性密碼,該網路銀行伺服器使用該第一公鑰對該一次性密碼加密,並將加密後的該一次性密碼儲存至該登入資料庫伺服器,且使該一次性密碼對應於該登入序號。When the online banking server receives the one-time password from the bank security server, the online banking server encrypts the one-time password using the first public key, and encrypts the one-time password The login database server is stored, and the one-time password is corresponding to the login serial number.

該網路銀行伺服器於傳送對應於該使用者識別資料的該用戶資料請求給該銀行主機之前,還先存取該登入資料庫伺服器中該驗證序號對應之該登入序號對應之該一次性密碼,並使用該驗證序號對應之該登入序號對應之該第一私鑰對該一次性密碼解密,該網路銀行伺服器傳送給該銀行主機的該用戶資料請求包含解密後的該一次性密碼。Before the online banking server sends the user profile corresponding to the user identification data to the bank host, the online banking server first accesses the one-time corresponding to the login serial number corresponding to the verification serial number in the login database server. a password, and decrypting the one-time password by using the first private key corresponding to the login serial number corresponding to the verification serial number, and the user data request transmitted by the online banking server to the bank host includes the decrypted one-time password .

當該銀行主機接收到該用戶資料請求,該銀行主機於將對應於該使用者識別資料的該用戶資料傳送給該網路銀行伺服器之前,還先傳送一包含該用戶資料請求的該一次性密碼的密碼驗證請求給該銀行安控伺服器。When the bank host receives the user profile request, the bank host first transmits the one-time request containing the user profile information before transmitting the user profile corresponding to the user identification data to the online banking server. The password verification request for the password is given to the bank security server.

當該銀行安控伺服器接收到來自該銀行主機的該密碼驗證請求,該銀行安控伺服器判斷該密碼驗證請求的該一次性密碼與該銀行安控伺服器儲存的該一次性密碼是否相符。When the bank security server receives the password verification request from the bank host, the bank security server determines whether the one-time password of the password verification request matches the one-time password stored by the bank security server. .

當該銀行安控伺服器判斷該密碼驗證請求的該一次性密碼與該銀行安控伺服器儲存的該一次性密碼相符,該銀行安控伺服器傳送一確認通知給該銀行主機。When the bank security server determines that the one-time password of the password verification request matches the one-time password stored by the bank security server, the bank security server transmits a confirmation notification to the bank host.

該銀行主機於接收到該確認通知之後才將對應於該使用者識別資料的該用戶資料傳送給該網路銀行伺服器。The bank host transmits the user profile corresponding to the user identification data to the online banking server after receiving the confirmation notification.

在一些實施態樣中,該銀行安控伺服器儲存有多個第二公鑰,及多個分別對應於該等第二公鑰的預存綁定序號。In some implementations, the bank security server stores a plurality of second public keys, and a plurality of pre-stored binding sequence numbers respectively corresponding to the second public keys.

該第二電子裝置透過該預定應用程式傳送的該資料驗證請求還包含一相關於該第一提交序號與該提交公鑰的電子簽章及一相關於該電子簽章的提交綁定序號。The data verification request transmitted by the second electronic device through the predetermined application program further includes an electronic signature associated with the first submission serial number and the submitted public key and a submission binding serial number associated with the electronic signature.

當該網路銀行伺服器判斷該第一提交序號與該登入序號相符,且該提交公鑰與該第一公鑰相符之後,該網路銀行伺服器將一包含該電子簽章及該提交綁定序號的簽章驗證請求傳送給該銀行安控伺服器。After the online banking server determines that the first submission serial number matches the login serial number, and the submitted public key matches the first public key, the online banking server will include the electronic signature and the submission The signed verification request of the serial number is transmitted to the bank security server.

當該銀行安控伺服器接收到來自該網路銀行伺服器的該簽章驗證請求,該銀行安控伺服器判斷該提交綁定序號是否與該等預存綁定序號其中一者相符。When the bank security server receives the signature verification request from the online banking server, the bank security server determines whether the submitted binding sequence number matches one of the pre-stored binding sequence numbers.

當該銀行安控伺服器判斷該提交綁定序號與該等預存綁定序號其中一者相符,該銀行安控伺服器根據與該提交綁定序號相符的該預存綁定序號所對應的該第二公鑰驗證該電子簽章是否有效。When the bank security server determines that the submitted binding sequence number matches one of the pre-stored binding sequence numbers, the bank security control server corresponds to the pre-stored binding sequence number corresponding to the submitted binding sequence number. The second public key verifies whether the electronic signature is valid.

當該銀行安控伺服器根據與該提交綁定序號相符的該預存綁定序號所對應的該第二公鑰驗證該電子簽章有效,該銀行安控伺服器才將該一次性密碼傳送給該網路銀行伺服器。When the bank security server verifies that the electronic signature is valid according to the second public key corresponding to the pre-stored binding sequence number corresponding to the submitted binding sequence number, the bank security server transmits the one-time password to The online banking server.

在一些實施態樣中,當該網路銀行伺服器接收到來自該第一電子裝置且透過該瀏覽器傳送的該條碼登入請求,該網路銀行伺服器還產生一對應於該登入序號的網頁識別碼,且將該網頁識別碼儲存至該登入資料庫伺服器,且將一包含該網頁識別碼的第一識別碼通知傳送給該第一電子裝置,該第一識別碼通知使該第一電子裝置透過該瀏覽器顯示該網頁識別碼。In some implementations, when the online banking server receives the barcode login request from the first electronic device and transmitted through the browser, the online banking server further generates a webpage corresponding to the login serial number. Identifying the code, and storing the webpage identification code to the login database server, and transmitting a first identification code notification including the webpage identification code to the first electronic device, the first identification code notifying the first The electronic device displays the webpage identification code through the browser.

當該第二電子裝置透過該預定應用程式掃描該條碼影像而獲得該登入序號之後,該第二電子裝置還透過該預定應用程式傳送一包含該登入序號的識別碼請求給該網路銀行伺服器。After the second electronic device obtains the login serial number by scanning the barcode image through the predetermined application, the second electronic device further transmits an identifier containing the login serial number to the online banking server through the predetermined application. .

當該網路銀行伺服器接收到該自該第二電子裝置且包含該登入序號的該識別碼請求,該網路銀行伺服器將一包含該網頁識別碼的第二識別碼通知傳送給該第二電子裝置,該第二識別碼通知使該第二電子裝置透過該預定應用程式顯示該網頁識別碼。When the network banking server receives the identification code request from the second electronic device and including the login serial number, the online banking server transmits a second identification code notification including the webpage identification code to the first The second electronic device, the second identification code notification causes the second electronic device to display the webpage identification code through the predetermined application.

本新型之功效在於:藉由該網路銀行伺服器傳送包含該條碼影像的該條碼通知給該第一電子裝置,使該第一電子裝置透過該瀏覽器顯示該條碼影像,以供使用者使用該第二電子裝置掃描該條碼影像而獲得該登入序號,並透過該預定應用程式傳送該資料驗證請求給該網路銀行伺服器,從而提高登入系統的安全性;再者,藉由使用該第一公鑰及該第一私鑰對該一次性密碼加密及解密,能進一步提高登入系統的安全性,再者,藉由該銀行安控伺服器驗證該電子簽章為有效時才將該一次性密碼傳送給該網路銀行伺服器,從而能更進一步提升登入系統的安全性。The effect of the present invention is that the first electronic device transmits the barcode image to the first electronic device through the browser, and the first electronic device displays the barcode image through the browser for the user to use. The second electronic device scans the barcode image to obtain the login serial number, and transmits the data verification request to the online banking server through the predetermined application program, thereby improving the security of the login system; and further, by using the first The public key and the first private key encrypt and decrypt the one-time password, which can further improve the security of the login system. Furthermore, the bank security control server verifies that the electronic signature is valid only once. The password is transmitted to the online banking server, which further enhances the security of the login system.

參閱圖1,本新型網路銀行系統的實施例,適於與一第一電子裝置5(例如智慧型手機、平板電腦、桌上型電腦或膝上型電腦)及一第二電子裝置6(例如智慧型手機或平板電腦)通訊,該第一電子裝置5安裝有一瀏覽器,該第二電子裝置6安裝有一預定應用程式,但在另一實施態樣中,該第一電子裝置5及該第二電子裝置6也可以是同時安裝有該瀏覽器及該預定應用程式的電子裝置(例如智慧型手機或平板電腦)。該網路銀行系統包含一銀行主機1、一登入資料庫伺服器2、一銀行安控伺服器3,及一網路銀行伺服器4。該網路銀行伺服器4電連接於該銀行主機1、該登入資料庫伺服器2及該銀行安控伺服器3。該銀行主機1電連接於該銀行安控伺服器3。Referring to FIG. 1, an embodiment of the new network banking system is adapted to be associated with a first electronic device 5 (such as a smart phone, a tablet computer, a desktop computer or a laptop computer) and a second electronic device 6 ( For example, a smart phone or a tablet computer, the first electronic device 5 is equipped with a browser, and the second electronic device 6 is installed with a predetermined application, but in another embodiment, the first electronic device 5 and the The second electronic device 6 may also be an electronic device (such as a smart phone or a tablet) in which the browser and the predetermined application are installed at the same time. The online banking system includes a bank host 1, a login database server 2, a bank security server 3, and an online banking server 4. The online banking server 4 is electrically connected to the bank host 1, the login database server 2, and the bank security server 3. The bank host 1 is electrically connected to the bank security server 3.

參閱圖1及圖2,以下說明該網路銀行系統執行一條碼登入程序的步驟。首先,如步驟S01所示,當該網路銀行伺服器4接收到來自該第一電子裝置5且透過該瀏覽器傳送的一條碼登入請求,該網路銀行伺服器4產生一登入序號、一對應於該登入序號的第一公鑰、一對應於該登入序號的第一私鑰,及一對應於該登入序號的網頁識別碼。Referring to Figures 1 and 2, the steps of the online banking system executing a code entry procedure are described below. First, as shown in step S01, when the online banking server 4 receives a code entry request from the first electronic device 5 and transmitted through the browser, the online banking server 4 generates a login serial number, a a first public key corresponding to the login serial number, a first private key corresponding to the login serial number, and a webpage identification code corresponding to the login serial number.

接著,如步驟S02所示,該網路銀行伺服器4將該第一公鑰、該登入序號及該網頁識別碼儲存至該登入資料庫伺服器2。值得一提的是,該第一私鑰僅被暫存於該網路銀行伺服器4,當該網路銀行伺服器4與該第一電子裝置5的該瀏覽器之間的一對談結束(例如該瀏覽器被使用者關閉),該網路銀行伺服器4刪除該第一私鑰,藉此提高安全性。Then, as shown in step S02, the online banking server 4 stores the first public key, the login serial number and the webpage identification code to the login database server 2. It is worth mentioning that the first private key is only temporarily stored in the online banking server 4, and the chat between the online banking server 4 and the browser of the first electronic device 5 ends. (For example, the browser is closed by the user), the online banking server 4 deletes the first private key, thereby improving security.

接著,如步驟S03所示,該網路銀行伺服器4根據該登入序號及該第一公鑰產生一條碼影像。在本實施例中,該條碼影像為一QR Code影像,但不以此為限。Then, as shown in step S03, the online banking server 4 generates a code image according to the login serial number and the first public key. In this embodiment, the barcode image is a QR Code image, but is not limited thereto.

接著,如步驟S04所示,該網路銀行伺服器4將一包含該條碼影像的條碼通知,及一包含該網頁識別碼的第一識別碼通知,傳送給該第一電子裝置5。該識別碼通知使該第一電子裝置5透過該瀏覽器顯示該網頁識別碼。該條碼通知使該第一電子裝置5透過該瀏覽器顯示該條碼影像,且使得當該第二電子裝置6透過該預定應用程式掃描該條碼影像而獲得該登入序號及該第一公鑰之後,該第二電子裝置6透過該預定應用程式傳送一包含一使用者識別資料(例如身分證字號)、一第一提交序號、一提交公鑰、一相關於該第一提交序號與該提交公鑰的電子簽章及一相關於該電子簽章的提交綁定序號的資料驗證請求給該網路銀行伺服器4。在本實施例中,當該第二電子裝置6透過該預定應用程式掃描該條碼影像而獲得該登入序號及該第一公鑰之後,該第二電子裝置6是先透過該預定應用程式執行一應用程式登入程序(例如需要使用者輸入該使用者識別資料,及預先設定好的登入密碼,或是指紋辨識,或是臉部辨識),再透過該預定應用程式傳送該資料驗證請求給該網路銀行伺服器4。Then, as shown in step S04, the online banking server 4 transmits a barcode notification including the barcode image and a first identification code including the webpage identification code to the first electronic device 5. The identification code notification causes the first electronic device 5 to display the webpage identification code through the browser. The barcode notification causes the first electronic device 5 to display the barcode image through the browser, and after the second electronic device 6 scans the barcode image through the predetermined application to obtain the login serial number and the first public key, The second electronic device 6 transmits, via the predetermined application, a user identification data (such as an identity card number), a first submission serial number, a submission public key, a related first serial number, and the submitted public key. The electronic signature and a data verification request relating to the submission binding serial number of the electronic signature are sent to the online banking server 4. In this embodiment, after the second electronic device 6 scans the barcode image by the predetermined application to obtain the login serial number and the first public key, the second electronic device 6 executes the predetermined application program first. Application login procedure (for example, the user needs to input the user identification data, a preset login password, or fingerprint identification, or face recognition), and then transmit the data verification request to the network through the predetermined application Road Bank Server 4.

此外,當該第二電子裝置6透過該預定應用程式掃描該條碼影像而獲得該登入序號及該第一公鑰之後,該第二電子裝置6透過該預定應用程式傳送一包含該登入序號的識別碼請求給該網路銀行伺服器4。After the second electronic device 6 scans the barcode image by the predetermined application to obtain the login serial number and the first public key, the second electronic device 6 transmits an identifier including the login serial number through the predetermined application program. The code is requested to the online banking server 4.

接著,如步驟S05所示,當該網路銀行伺服器4接收到該自該第二電子裝置6且包含該登入序號的該識別碼請求,該網路銀行伺服器4將一包含該網頁識別碼的第二識別碼通知傳送給該第二電子裝置6,該第二識別碼通知使該第二電子裝置6透過該預定應用程式顯示該網頁識別碼,藉此,操作該第一電子裝置5及該第二電子裝置6的使用者可比對該第一電子裝置5顯示的該網頁識別碼與該第二電子裝置6顯示的該網頁識別碼是否相同,以確認該第一電子裝置5及該第二電子裝置6正在執行相同的條碼登入程序。Then, as shown in step S05, when the online banking server 4 receives the identification code request from the second electronic device 6 and including the login serial number, the online banking server 4 will include the webpage identification. The second identification code notification of the code is transmitted to the second electronic device 6, and the second identification code notification causes the second electronic device 6 to display the webpage identification code through the predetermined application, thereby operating the first electronic device 5. And the user of the second electronic device 6 can confirm whether the first electronic device 5 and the webpage identification code displayed by the first electronic device 5 are the same as the webpage identification code displayed by the second electronic device 6. The second electronic device 6 is executing the same barcode entry procedure.

接著,如步驟S06所示,當該網路銀行伺服器4接收到來自該第二電子裝置6且透過該預定應用程式傳送的該資料驗證請求,該網路銀行伺服器4判斷該第一提交序號與該登入序號是否相符,且判斷該提交公鑰與該第一公鑰是否相符,若否,則執行步驟S07,輸出一錯誤通知給該第二電子裝置6,若是,則執行步驟S08。Then, as shown in step S06, when the online banking server 4 receives the data verification request transmitted from the second electronic device 6 and transmitted through the predetermined application, the online banking server 4 determines the first submission. Whether the serial number matches the login serial number, and determining whether the submitted public key matches the first public key. If not, executing step S07, outputting an error notification to the second electronic device 6, and if yes, executing step S08.

步驟S08是當該網路銀行伺服器4判斷該第一提交序號與該登入序號相符,且該提交公鑰與該第一公鑰相符之後,該網路銀行伺服器4將一包含該電子簽章及該提交綁定序號的簽章驗證請求傳送給該銀行安控伺服器3。Step S08: After the online banking server 4 determines that the first submission serial number matches the login serial number, and the submitted public key matches the first public key, the online banking server 4 will include the electronic signature. The chapter and the signature verification request of the submission binding sequence number are transmitted to the bank security server 3.

接著,如步驟S09所示,該銀行安控伺服器3儲存有多個第二公鑰,及多個分別對應於該等第二公鑰的預存綁定序號,而當該銀行安控伺服器3接收到來自該網路銀行伺服器4的該簽章驗證請求,該銀行安控伺服器3判斷該提交綁定序號是否與該等預存綁定序號其中一者相符,若否,則執行步驟S10,輸出一錯誤通知給該第二電子裝置6,若是,則執行步驟S11。Then, as shown in step S09, the bank security server 3 stores a plurality of second public keys, and a plurality of pre-stored binding serial numbers respectively corresponding to the second public keys, and when the bank security control server 3, receiving the signature verification request from the online banking server 4, the bank security server 3 determines whether the submitted binding serial number matches one of the pre-stored binding serial numbers, and if not, performs the step S10, outputting an error notification to the second electronic device 6, and if yes, executing step S11.

步驟S11是當該銀行安控伺服器3判斷該提交綁定序號與該等預存綁定序號其中一者相符,該銀行安控伺服器3根據與該提交綁定序號相符的該預存綁定序號所對應的該第二公鑰驗證該電子簽章是否有效,若否,則執行步驟S12,輸出一錯誤通知給該第二電子裝置6,若是,則執行步驟S13。Step S11 is when the bank security server 3 determines that the submitted binding sequence number is consistent with one of the pre-stored binding sequence numbers, and the bank security control server 3 is based on the pre-stored binding sequence number corresponding to the submitted binding sequence number. The corresponding second public key verifies whether the electronic signature is valid. If not, step S12 is executed to output an error notification to the second electronic device 6. If yes, step S13 is performed.

步驟S13是當該銀行安控伺服器3根據與該提交綁定序號相符的該預存綁定序號所對應的該第二公鑰驗證該電子簽章有效,該銀行安控伺服器3將一個一次性密碼傳送給該網路銀行伺服器4。換句話說,藉由確認該第二電子裝置6為預先綁定的電子裝置才將該一次性密碼傳送給該網路銀行伺服器4,能提高登入系統的安全性,補充說明的是,若該第二電子裝置6已先預先綁定,該第二電子裝置6獲得一用於產生該電子簽章的第二私鑰及對應的該預存綁定序號,而該銀行安控伺服器3則儲存該第二公鑰及對應的該預存綁定序號。Step S13 is that when the bank security control server 3 verifies that the electronic signature is valid according to the second public key corresponding to the pre-stored binding sequence number corresponding to the submitted binding sequence number, the bank security server 3 will once The sexual password is transmitted to the online banking server 4. In other words, by confirming that the second electronic device 6 is a pre-bound electronic device, the one-time password is transmitted to the online banking server 4, which can improve the security of the login system. The second electronic device 6 is pre-bound, the second electronic device 6 obtains a second private key for generating the electronic signature and the corresponding pre-stored binding serial number, and the bank security server 3 The second public key and the corresponding pre-stored binding sequence number are stored.

接著,如步驟S14所示,當該網路銀行伺服器4接收到來自該銀行安控伺服器3的該一次性密碼,該網路銀行伺服器4使用該第一公鑰對該一次性密碼加密,並將加密後的該一次性密碼儲存至該登入資料庫伺服器2,且使該一次性密碼對應於該登入序號。Then, as shown in step S14, when the online banking server 4 receives the one-time password from the bank security server 3, the online banking server 4 uses the first public key to the one-time password. Encrypting, and storing the encrypted one-time password to the login database server 2, and making the one-time password correspond to the login serial number.

接著,如步驟S15所示,該網路銀行伺服器4存取該登入資料庫伺服器2中該驗證序號對應之該登入序號對應之該一次性密碼,並使用該驗證序號對應之該登入序號對應之該第一私鑰對該一次性密碼解密。補充說明的是,在本實施例中,該第一電子裝置5於透過該瀏覽器顯示該網頁識別碼及該條碼影像(參閱步驟S04)之後,每隔一預定時間傳送一相關於該登入序號及該一次性密碼的密碼存取請求給該網路銀行伺服器4,該密碼存取請求使該網路銀行伺服器4確認該一次性密碼是否已經被存入該登入資料庫伺服器2,因此,於步驟S14執行完之後(加密後的該一次性密碼儲存至該登入資料庫伺服器2之後),步驟S15就會接著被執行。Then, as shown in step S15, the online banking server 4 accesses the one-time password corresponding to the login serial number corresponding to the verification serial number in the login database server 2, and uses the login serial number corresponding to the verification serial number. The first private key is decrypted corresponding to the first private key. It is to be noted that, in this embodiment, after displaying the webpage identification code and the barcode image through the browser (refer to step S04), the first electronic device 5 transmits a relevant registration number every predetermined time. And the password access request of the one-time password to the online banking server 4, the password access request causes the online banking server 4 to confirm whether the one-time password has been stored in the login database server 2, Therefore, after the execution of step S14 (after the encrypted one-time password is stored to the login database server 2), step S15 is then executed.

接著,如步驟S16所示,該網路銀行伺服器4傳送一對應於該使用者識別資料的用戶資料請求給該銀行主機1,該用戶資料請求包含解密後的該一次性密碼。Next, as shown in step S16, the online banking server 4 transmits a user profile request corresponding to the user identification data to the bank host 1, and the user profile request includes the decrypted one-time password.

接著,如步驟S17所示,當該銀行主機1接收到該用戶資料請求,該銀行主機1傳送一包含該用戶資料請求的該一次性密碼的密碼驗證請求給該銀行安控伺服器3。Next, as shown in step S17, when the bank host 1 receives the user profile request, the bank host 1 transmits a password verification request containing the one-time password of the user profile request to the bank security server 3.

接著,如步驟S18所示,當該銀行安控伺服器3接收到來自該銀行主機1的該密碼驗證請求,該銀行安控伺服器3判斷該密碼驗證請求的該一次性密碼與該銀行安控伺服器3儲存的該一次性密碼是否相符,若否,則執行步驟S19,輸出一錯誤通知給該第一電子裝置5,若是,則執行步驟S20。Then, as shown in step S18, when the bank security server 3 receives the password verification request from the bank host 1, the bank security server 3 determines the one-time password of the password verification request and the bank security. Whether the one-time password stored by the control server 3 matches, if not, executing step S19, outputting an error notification to the first electronic device 5, and if yes, executing step S20.

步驟S20是當該銀行安控伺服器3判斷該密碼驗證請求的該一次性密碼與該銀行安控伺服器3儲存的該一次性密碼相符,該銀行安控伺服器3傳送一確認通知給該銀行主機1。Step S20: when the bank security server 3 determines that the one-time password of the password verification request matches the one-time password stored by the bank security server 3, the bank security server 3 transmits a confirmation notification to the Bank host 1.

接著,如步驟S21所示,當該銀行主機1接收到該確認通知,該銀行主機1將對應於該使用者識別資料的一用戶資料傳送給該網路銀行伺服器4。Next, as shown in step S21, when the bank host 1 receives the confirmation notification, the bank host 1 transmits a user profile corresponding to the user identification data to the online banking server 4.

最後,如步驟S22所示,當該網路銀行伺服器4接收到該用戶資料,該網路銀行伺服器4根據該用戶資料產生一登入後網頁,並將該登入後網頁傳送給該第一電子裝置5,供該第一電子裝置5透過該瀏覽器顯示該登入後網頁。Finally, as shown in step S22, when the online banking server 4 receives the user profile, the online banking server 4 generates a login webpage based on the user profile, and transmits the login webpage to the first page. The electronic device 5 is configured to display, by the first electronic device 5, the login webpage through the browser.

綜上所述,本新型網路銀行系統藉由該網路銀行伺服器4傳送包含該條碼影像的該條碼通知給該第一電子裝置5,使該第一電子裝置5透過該瀏覽器顯示該條碼影像,以供使用者使用該第二電子裝置6掃描該條碼影像而獲得該登入序號,並透過該預定應用程式傳送該資料驗證請求給該網路銀行伺服器4,從而提高登入系統的安全性;再者,藉由使用該第一公鑰及該第一私鑰對該一次性密碼加密及解密,能進一步提高登入系統的安全性,再者,藉由該銀行安控伺服器3驗證該電子簽章為有效時才將該一次性密碼傳送給該網路銀行伺服器4,從而能更進一步提升登入系統的安全性,因此確實能達成本新型之目的。In summary, the new online banking system transmits the barcode containing the barcode image to the first electronic device 5 by the network banking server 4, so that the first electronic device 5 displays the same through the browser. a barcode image for the user to use the second electronic device 6 to scan the barcode image to obtain the login serial number, and transmit the data verification request to the online banking server 4 through the predetermined application program, thereby improving the security of the login system. Further, by encrypting and decrypting the one-time password by using the first public key and the first private key, the security of the login system can be further improved, and further, the bank security server 3 verifies When the electronic signature is valid, the one-time password is transmitted to the online banking server 4, thereby further improving the security of the login system, and thus the purpose of the novel can be achieved.

惟以上所述者,僅為本新型之實施例而已,當不能以此限定本新型實施之範圍,凡是依本新型申請專利範圍及專利說明書內容所作之簡單的等效變化與修飾,皆仍屬本新型專利涵蓋之範圍內。However, the above is only the embodiment of the present invention, and when it is not possible to limit the scope of the present invention, all the simple equivalent changes and modifications according to the scope of the patent application and the contents of the patent specification are still This new patent covers the scope.

1‧‧‧銀行主機1‧‧‧Bank host

2‧‧‧登入資料庫伺服器 2‧‧‧Login database server

3‧‧‧銀行安控伺服器 3‧‧‧Bank Security Server

4‧‧‧網路銀行伺服器 4‧‧‧Internet Banking Server

5‧‧‧第一電子裝置 5‧‧‧First electronic device

6‧‧‧第二電子裝置 6‧‧‧Second electronic device

S01~S22‧‧‧步驟 S01~S22‧‧‧Steps

本新型之其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中: 圖1是本新型網路銀行系統的一個實施例的一硬體連接關係示意圖;及 圖2(圖2A及圖2B)是該實施例的一流程圖。Other features and effects of the present invention will be apparent from the following description of the drawings, wherein: FIG. 1 is a schematic diagram of a hardware connection relationship of an embodiment of the novel network banking system; and FIG. 2 2A and 2B) are a flow chart of this embodiment.

Claims (4)

一種網路銀行系統,適於與一第一電子裝置及一第二電子裝置通訊,該第一電子裝置安裝有一瀏覽器,該第二電子裝置安裝有一預定應用程式,該網路銀行系統包含: 一銀行主機;及 一網路銀行伺服器,電連接於該銀行主機; 當該網路銀行伺服器接收到來自該第一電子裝置且透過該瀏覽器傳送的一條碼登入請求,該網路銀行伺服器產生一登入序號,且根據該登入序號產生一條碼影像,並傳送一包含該條碼影像的條碼通知給該第一電子裝置,該條碼通知使該第一電子裝置透過該瀏覽器顯示該條碼影像,且使得當該第二電子裝置透過該預定應用程式掃描該條碼影像而獲得該登入序號之後,該第二電子裝置透過該預定應用程式傳送一包含一使用者識別資料及一第一提交序號的資料驗證請求給該網路銀行伺服器; 當該網路銀行伺服器接收到來自該第二電子裝置且透過該預定應用程式傳送且包含該使用者識別資料及該第一提交序號的該資料驗證請求,該網路銀行伺服器判斷該第一提交序號與該登入序號是否相符; 當該網路銀行伺服器判斷該第一提交序號與該登入序號相符,該網路銀行伺服器傳送一對應於該使用者識別資料的用戶資料請求給該銀行主機; 當該銀行主機接收到該用戶資料請求,該銀行主機將對應於該使用者識別資料的一用戶資料傳送給該網路銀行伺服器; 當該網路銀行伺服器接收到該用戶資料,該網路銀行伺服器根據該用戶資料產生一登入後網頁,並將該登入後網頁傳送給該第一電子裝置。An online banking system is adapted to communicate with a first electronic device and a second electronic device. The first electronic device is installed with a browser. The second electronic device is installed with a predetermined application. The online banking system includes: a bank host; and an online banking server electrically connected to the bank host; when the online banking server receives a code entry request from the first electronic device and transmitted through the browser, the online banking The server generates a login serial number, and generates a code image according to the login serial number, and transmits a barcode notification containing the barcode image to the first electronic device, the barcode notification causing the first electronic device to display the barcode through the browser And the second electronic device transmits a user identification data and a first submission serial number through the predetermined application program after the second electronic device scans the barcode image to obtain the login serial number through the predetermined application program. Data verification request to the online banking server; when the online banking server receives the second electrical And the network banking server determines whether the first submission serial number matches the login serial number; and when the network device transmits the data identification request transmitted by the predetermined application and includes the user identification data and the first submission serial number; The bank server determines that the first submission serial number matches the login serial number, and the online banking server transmits a user profile request corresponding to the user identification data to the bank host; when the bank host receives the user profile request The bank host transmits a user profile corresponding to the user identification data to the online banking server; when the online banking server receives the user profile, the online banking server generates a user profile according to the user profile After logging in to the webpage, the webpage after login is transmitted to the first electronic device. 如請求項1所述的網路銀行系統,還包含一電連接於該網路銀行伺服器的登入資料庫伺服器,及一電連接於該網路銀行伺服器與該銀行主機的銀行安控伺服器; 當該網路銀行伺服器接收到來自該第一電子裝置且透過該瀏覽器傳送的該條碼登入請求,該網路銀行伺服器還產生一對應於該登入序號的第一公鑰,及一對應於該登入序號的第一私鑰,且將該第一公鑰及該登入序號儲存至該登入資料庫伺服器; 當該網路銀行伺服器與該第一電子裝置的該瀏覽器之間的一對談結束,該網路銀行伺服器刪除該第一私鑰; 該條碼影像是該網路銀行伺服器根據該登入序號及該第一公鑰產生,且該第二電子裝置透過該預定應用程式傳送的該資料驗證請求還包含一提交公鑰; 當該網路銀行伺服器接收到來自該第二電子裝置且透過該預定應用程式傳送的該資料驗證請求,該網路銀行伺服器判斷該第一提交序號與該登入序號是否相符,且判斷該提交公鑰與該第一公鑰是否相符; 於該網路銀行伺服器判斷該第一提交序號與該登入序號相符,且該提交公鑰與該第一公鑰相符之後,該銀行安控伺服器傳送一個一次性密碼給該網路銀行伺服器; 當該網路銀行伺服器接收到來自該銀行安控伺服器的該一次性密碼,該網路銀行伺服器使用該第一公鑰對該一次性密碼加密,並將加密後的該一次性密碼儲存至該登入資料庫伺服器,且使該一次性密碼對應於該登入序號; 該網路銀行伺服器於傳送對應於該使用者識別資料的該用戶資料請求給該銀行主機之前,還先存取該登入資料庫伺服器中該驗證序號對應之該登入序號對應之該一次性密碼,並使用該驗證序號對應之該登入序號對應之該第一私鑰對該一次性密碼解密,該網路銀行伺服器傳送給該銀行主機的該用戶資料請求包含解密後的該一次性密碼; 當該銀行主機接收到該用戶資料請求,該銀行主機於將對應於該使用者識別資料的該用戶資料傳送給該網路銀行伺服器之前,還先傳送一包含該用戶資料請求的該一次性密碼的密碼驗證請求給該銀行安控伺服器; 當該銀行安控伺服器接收到來自該銀行主機的該密碼驗證請求,該銀行安控伺服器判斷該密碼驗證請求的該一次性密碼與該銀行安控伺服器儲存的該一次性密碼是否相符; 當該銀行安控伺服器判斷該密碼驗證請求的該一次性密碼與該銀行安控伺服器儲存的該一次性密碼相符,該銀行安控伺服器傳送一確認通知給該銀行主機; 該銀行主機於接收到該確認通知之後才將對應於該使用者識別資料的該用戶資料傳送給該網路銀行伺服器。The online banking system of claim 1, further comprising a login database server electrically connected to the online banking server, and a bank security control electrically connected to the online banking server and the bank host a server; when the network banking server receives the barcode login request from the first electronic device and transmitted through the browser, the online banking server further generates a first public key corresponding to the login serial number, And a first private key corresponding to the login serial number, and storing the first public key and the login serial number to the login database server; when the online banking server and the browser of the first electronic device After the one-to-one negotiation ends, the online banking server deletes the first private key; the barcode image is generated by the online banking server according to the login serial number and the first public key, and the second electronic device transmits The data verification request transmitted by the predetermined application program further includes a submitting public key; when the online banking server receives the data verification request transmitted from the second electronic device and transmitted through the predetermined application, The online banking server determines whether the first submission serial number matches the login serial number, and determines whether the submitted public key matches the first public key; and the online banking server determines the first submission serial number and the login serial number After the submission, and the submitting public key matches the first public key, the bank security server transmits a one-time password to the online banking server; when the online banking server receives the security control from the bank The one-time password of the device, the online banking server encrypts the one-time password by using the first public key, and stores the encrypted one-time password to the login database server, and makes the one-time password Corresponding to the login serial number; the online banking server accessing the login data corresponding to the verification serial number in the login database server before transmitting the user data request corresponding to the user identification data to the banking host The one-time password corresponding to the serial number, and decrypting the one-time password by using the first private key corresponding to the login serial number corresponding to the verification serial number, the online banking server The user profile request transmitted to the bank host includes the decrypted one-time password; when the bank host receives the user profile request, the bank host transmits the user profile corresponding to the user identification data to the network Before the bank server, the password verification request containing the one-time password of the user data request is first transmitted to the bank security server; when the bank security server receives the password verification request from the bank host The bank security server determines whether the one-time password of the password verification request matches the one-time password stored by the bank security server; when the bank security server determines the one-time password of the password verification request Corresponding to the one-time password stored by the bank security server, the bank security server sends a confirmation notification to the bank host; the bank host will not correspond to the user identification data after receiving the confirmation notification. The user profile is transmitted to the online banking server. 如請求項2所述的網路銀行系統,其中,該銀行安控伺服器儲存有多個第二公鑰,及多個分別對應於該等第二公鑰的預存綁定序號; 該第二電子裝置透過該預定應用程式傳送的該資料驗證請求還包含一相關於該第一提交序號與該提交公鑰的電子簽章及一相關於該電子簽章的提交綁定序號; 當該網路銀行伺服器判斷該第一提交序號與該登入序號相符,且該提交公鑰與該第一公鑰相符之後,該網路銀行伺服器將一包含該電子簽章及該提交綁定序號的簽章驗證請求傳送給該銀行安控伺服器; 當該銀行安控伺服器接收到來自該網路銀行伺服器的該簽章驗證請求,該銀行安控伺服器判斷該提交綁定序號是否與該等預存綁定序號其中一者相符; 當該銀行安控伺服器判斷該提交綁定序號與該等預存綁定序號其中一者相符,該銀行安控伺服器根據與該提交綁定序號相符的該預存綁定序號所對應的該第二公鑰驗證該電子簽章是否有效; 當該銀行安控伺服器根據與該提交綁定序號相符的該預存綁定序號所對應的該第二公鑰驗證該電子簽章有效,該銀行安控伺服器才將該一次性密碼傳送給該網路銀行伺服器。The online banking system of claim 2, wherein the bank security server stores a plurality of second public keys, and a plurality of pre-stored binding serial numbers respectively corresponding to the second public keys; The data verification request transmitted by the electronic device through the predetermined application program further includes an electronic signature associated with the first submission serial number and the submitted public key and a submission binding serial number associated with the electronic signature; After the bank server determines that the first submission serial number matches the login serial number, and the submit public key matches the first public key, the online banking server will include the electronic signature and the signature of the submitted binding serial number. The verification request is transmitted to the bank security server; when the bank security server receives the signature verification request from the online banking server, the bank security server determines whether the submission binding sequence number is One of the pre-stored binding sequence numbers is consistent; when the bank security server determines that the submitted binding sequence number matches one of the pre-stored binding sequence numbers, the bank security server is bound according to the submission sequence Corresponding to the second public key corresponding to the pre-stored binding sequence number, whether the electronic signature is valid; when the bank security server is in accordance with the pre-stored binding sequence number corresponding to the submitted binding sequence number, the second The public key verifies that the electronic signature is valid, and the bank security server transmits the one-time password to the online banking server. 如請求項3所述的網路銀行系統,其中,當該網路銀行伺服器接收到來自該第一電子裝置且透過該瀏覽器傳送的該條碼登入請求,該網路銀行伺服器還產生一對應於該登入序號的網頁識別碼,且將該網頁識別碼儲存至該登入資料庫伺服器,且將一包含該網頁識別碼的第一識別碼通知傳送給該第一電子裝置,該第一識別碼通知使該第一電子裝置透過該瀏覽器顯示該網頁識別碼; 當該第二電子裝置透過該預定應用程式掃描該條碼影像而獲得該登入序號之後,該第二電子裝置還透過該預定應用程式傳送一包含該登入序號的識別碼請求給該網路銀行伺服器; 當該網路銀行伺服器接收到該自該第二電子裝置且包含該登入序號的該識別碼請求,該網路銀行伺服器將一包含該網頁識別碼的第二識別碼通知傳送給該第二電子裝置,該第二識別碼通知使該第二電子裝置透過該預定應用程式顯示該網頁識別碼。The online banking system of claim 3, wherein when the online banking server receives the barcode login request from the first electronic device and transmitted through the browser, the online banking server further generates a Corresponding to the webpage identification code of the login serial number, and storing the webpage identification code to the login database server, and transmitting a first identification code notification including the webpage identification code to the first electronic device, the first The identification code notification causes the first electronic device to display the webpage identification code through the browser; after the second electronic device scans the barcode image through the predetermined application to obtain the login serial number, the second electronic device further transmits the predetermined The application transmits an identifier requesting the login serial number to the online banking server; and when the online banking server receives the identification code request from the second electronic device and including the login serial number, the network The bank server transmits a second identification code notification including the webpage identification code to the second electronic device, and the second identification code notifies the second electronic device App display the page through the predetermined identification code.
TW107213194U 2018-09-28 2018-09-28 Online banking system using bar code technology for identity verification TWM573868U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW107213194U TWM573868U (en) 2018-09-28 2018-09-28 Online banking system using bar code technology for identity verification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW107213194U TWM573868U (en) 2018-09-28 2018-09-28 Online banking system using bar code technology for identity verification

Publications (1)

Publication Number Publication Date
TWM573868U true TWM573868U (en) 2019-02-01

Family

ID=66214753

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107213194U TWM573868U (en) 2018-09-28 2018-09-28 Online banking system using bar code technology for identity verification

Country Status (1)

Country Link
TW (1) TWM573868U (en)

Similar Documents

Publication Publication Date Title
AU2018333068B2 (en) Systems and methods for managing digital identities associated with mobile devices
US20210264010A1 (en) Method and system for user authentication with improved security
US20230291571A1 (en) Dynamic management and implementation of consent and permissioning protocols using container-based applications
US10586229B2 (en) Anytime validation tokens
US8640203B2 (en) Methods and systems for the authentication of a user
US10045210B2 (en) Method, server and system for authentication of a person
US10484372B1 (en) Automatic replacement of passwords with secure claims
US20220360446A1 (en) Dynamic implementation and management of hash-based consent and permissioning protocols
US20110185181A1 (en) Network authentication method and device for implementing the same
US9667626B2 (en) Network authentication method and device for implementing the same
TR201810238T4 (en) The appropriate authentication method and apparatus for the user using a mobile authentication application.
WO2019239591A1 (en) Authentication system, authentication method, application provision device, authentication device, and authentication program
KR20110081103A (en) Secure transaction systems and methods
US20200196143A1 (en) Public key-based service authentication method and system
JP5193787B2 (en) Information processing method, relay server, and network system
KR101858653B1 (en) Method for certifying a user by using mobile id through blockchain database and merkle tree structure related thereto, and terminal and server using the same
CN111092719B (en) Label data refreshing method and system, payment method and system
JP2010117995A (en) System, device and method for issuing application
KR102160892B1 (en) Public key infrastructure based service authentication method and system
TWM573868U (en) Online banking system using bar code technology for identity verification
KR102123405B1 (en) System and method for providing security membership and login hosting service
KR20150055563A (en) Method for running virtual machine, method for providing online financial service using virtualization and apparatus for performing the method
TWM576301U (en) Online banking system using push technology to verify identity
KR102547682B1 (en) Server for supporting user identification using physically unclonable function based onetime password and operating method thereof
CN113645239B (en) Application login method and device, user terminal and storage medium