TWM578411U - System for assisting a financial card holder in setting password for the first time - Google Patents

Abstract

Disclosed is a system for assisting a financial card holder in setting password for the first time. Said system comprises a first sever configured with a password setting module including a storage submodule; a second sever electrically connected to the first sever and configured with a financial card management module; an App communicatively connected to the first sever and installed on a mobile device possessed by the financial card holder, the App being authenticated by the password setting module; and a authentication device communicatively connected to the second sever and having a display component, an input component and a financial card reading and writing component.

Description

System for helping cardholders to set a financial card password for the first time

This creation is about a system for helping cardholders to first set a financial card password, especially for a system that does not require a paper currency card cryptogram.

After the current financial card password function is generated by the financial card system related function, the specific security personnel can manually specify the machine equipment and transaction function in the specified environment, and complete the financial card password letter printing operation; Special personnel shall be packaged, transported and mailed to the designated branches; in the end, the designated branches of each branch shall be inspected and put into storage, storage and storage; when the customer applies for the new financial card to the branch, the designated person shall be examined by the supervisor after the appointment. The cryptogram of the financial card is obtained from the vault and delivered to the cardholder for signing together with the newly applied financial card.

Therefore, for financial operators, there is still a need for a system or method to replace the current cumbersome procedures for printing cryptographic functions by manual operation, saving related manual work, environmental facilities, printing machines, paper, postal, storage and storage. Cost of operation, such as security control and risk auditing. In addition, if the use of the paper financial card password letter can be eliminated, the effect of energy saving and carbon reduction can be achieved, which contributes to the environmental protection of the earth.

In view of this, the present invention provides a system and method for helping a cardholder to first set a financial card password, which can complete the first setting of the financial card password without the need for a paper financial card password, and can balance the security of the password setting. .

In one aspect, the present disclosure discloses a system for assisting a cardholder to first set a financial card password, comprising: a first server having a password setting module including a storage sub-module; a second server And the first server is electrically connected, and is provided with a financial card management module; a software product (App) is connected to the first server, and the app is installed on the card holder. a mobile device, wherein the app is authenticated by the password setting module; and an authentication device communicatively coupled to the second server, the authentication device having a display component, an input component, and a financial card reading and writing component; The password setting module is configured to receive a first authentication data, which is composed of the identification information of the mobile device and the personal information of the card holder, and stores the first authentication data in the storage. a sub-module; and receiving a second authentication data, which is an optional digest, and storing the second authentication data in the storage sub-module; the authentication device is read by the financial card reading and writing component The financial card provides a first user interface through the display component to display an option for first setting a financial card password. After the option is selected, the authentication device sends the first time setting the financial card password to the financial card management module. Requesting; the financial card management module transmits the request for setting the financial card password for the first time to the password setting module; the password setting module: combining the first authentication data according to a combination method to generate a first key, The combination method randomly selects a plurality of combination methods and has a first number; stores the first number in the storage submodule; and encrypts an original code content based on the first key to generate a a two-dimensional barcode, wherein the original code content includes the optional abstract; the two-dimensional barcode is transmitted to the authentication device; the authentication device displays the two-dimensional barcode on the first user interface by the display component; Automatically trigger an event after startup, request to input personal information and financial card account number, and transfer the entered personal information and account number to the password setting module; After the setting module confirms the validity of the application: combining the first authentication data by using a corresponding combination method according to the first number stored in the storage sub-module to generate a second key; from the plurality of encryption methods Randomly selecting an encryption method, the encryption method having a second number; and transmitting the first number to the App, and based on the second key encrypted data, the confirmation data includes an encrypted information, wherein the The encrypted information includes the second number and a sampling location at the beginning; the App obtains the identification information of the mobile device from the mobile device and the personal information of the cardholder, and according to the combination method corresponding to the first number, the combination Determining the information and the personal information to generate a third key; after the mobile device scans and reads the two-dimensional barcode displayed on the display component of the authentication device, the App uses the third key to interpret the information The two-dimensional barcode obtains the content of the original code, and encrypts the optional abstract according to the encryption method corresponding to the second number and the starting sampling position to obtain an encrypted value. And encrypting the encrypted value based on the third key and transmitting the encrypted value to the password setting module; after confirming the correctness of the encrypted value, the password setting module sends the obtained authentication code to the financial card management module. Requesting and obtaining an authentication code; and generating an authentication code image and transmitting the image to the App; the App displaying the authentication code image for the card holder to first set the password of the financial card by the authentication device And the authentication device displays the field in the first user interface by the display component, and the cardholder inputs the authentication code and the new password of the financial card by the input component to complete the first password setting.

In some embodiments of the present invention, the password setting module provides a second user interface for the card issuer operator of the financial card to input the first authentication data and the second authentication data.

In some embodiments of the present creation, the App requires a activation password.

In some embodiments of the present invention, the first user interface of the authentication device requires input of an authentication code and a new password, and at least a portion of the personal information, and sends the financial card management module to the financial card management module based on the input data. A request to set a new password. In a specific embodiment, after the financial card management module confirms that the received authentication code and personal data are correct, the cryptographic new password is obtained and transmitted to the authentication device for reading and writing components by the financial card. The garbled new password is written to the financial card.

On the other hand, the present invention provides a method for helping a cardholder to first set a financial card password, comprising: providing a first server, providing a password setting module, including a storage submodule; and a second servo The device is electrically connected to the first server, and is provided with a financial card management module; a software product (App) is connected to the first server, and the application system is installed on the card holder. a mobile device, wherein the app is authenticated by the password setting module; and an authentication device communicatively coupled to the second server, the authentication device having a display component, an input component, and a financial card reading and writing component; The password setting module is configured to receive a first authentication data, which is composed of the identification information of the mobile device and the personal information of the card holder, and stores the first authentication data in the storage device. And receiving a second authentication data, which is a self-selected abstract, and storing the second authentication data in the storage sub-module; the authentication device reads the gold by the financial card reading and writing component Melting the card, and providing a first user interface by the display component, displaying an option for first setting a financial card password, after the option is selected, the authentication device sends a request for setting the financial card password to the financial card management module for the first time. The financial card management module transmits the request for setting the financial card password for the first time to the password setting module; the password setting module: combining the first authentication data according to a combination method to generate a first key, wherein The combination method randomly selects a plurality of combination methods and has a first number; stores the first number in the storage submodule; and encrypts an original code content based on the first key to generate one or two a barcode, wherein the content of the original code includes the optional abstract; the two-dimensional barcode is transmitted to the authentication device; the authentication device displays the two-dimensional barcode on the first user interface by the display component; Automatically trigger an event, requesting the input of personal information and financial card account number, and transmitting the entered personal information and account number to the password setting module; After confirming the legality of the application, the module combines the first authentication data by using a corresponding combination method according to the first number stored in the storage submodule to generate a second key; randomly from the plurality of encryption methods Selecting an encryption method, the encryption method having a second number; and transmitting the first number to the App, and based on the second key encrypted data, the confirmation data includes an encrypted information, wherein the encryption The information includes the second number and a sampling location at the beginning; the App obtains the identification information of the mobile device from the mobile device and the personal information of the cardholder, and combines the combination according to the combination method corresponding to the first number Identifying the information and the personal information to generate a third key; after the mobile device scans and reads the two-dimensional barcode displayed on the display component of the authentication device, the App uses the third key to interpret the second The dimension barcode obtains the content of the original code, and encrypts the optional abstract according to the encryption method corresponding to the second number and the starting sampling location to obtain an encrypted value; And encrypting the encrypted value according to the third key, and transmitting the encrypted value to the password setting module; after confirming the correctness of the encrypted value, the password setting module sends a request for obtaining the authentication code to the financial card management module. And obtaining an authentication code; and generating an authentication code image and transmitting the image to the App; the App displaying the authentication code image for use by the card holder by first setting the password of the financial card by the authentication device And the authentication device displays the field in the first user interface by the display component, for the cardholder to input the authentication code and the new password of the financial card by the input component to complete the first password setting.

In some embodiments of the present invention, the password setting module provides a second user interface for the card issuer operator of the financial card to input the first authentication data and the second authentication data.

In some embodiments of the present creation, the App requires a activation password.

In some embodiments of the present invention, the first user interface of the authentication device requires input of an authentication code and a new password, and at least a portion of the personal information, and sends the financial card management module to the financial card management module based on the input data. A request to set a new password. In a specific embodiment, after the financial card management module confirms that the received authentication code and personal data are correct, the cryptographic new password is obtained and transmitted to the authentication device for reading and writing components by the financial card. The garbled new password is written to the financial card.

Other objects and advantages of the present invention are described in the following description or may be understood by the embodiments of the present invention. It is to be understood that the foregoing description of the present invention and the following description of the present invention are intended to be illustrative and illustrative only.

It is to be noted that all technical and scientific terms used herein have the meaning as commonly understood by one of ordinary skill in the art to which this invention belongs, unless otherwise indicated. In addition, the word "a" used in the specification, unless otherwise specified, means the quantity of at least one (one or more).

In one aspect, the present disclosure provides a system for assisting a cardholder in setting a financial card password for the first time. The system comprises: a first server, a second server, a software product (App) and an authentication device.

The first server is provided with a password setting module, which includes a storage sub-module.

The second server is electrically connected to the first server and is provided with a financial card management module.

According to a preferred embodiment of the present invention, the first and second servers are provided to the card issuer of the financial card.

The software product (App) is communicatively connected to the first server, and is installed on a mobile device held by the card holder, and the app is authenticated by the password setting module. According to the present creation, the mobile device includes but is not limited to a tablet computer or a smart phone, and is preferably a smart phone. Preferably, the mobile device does not include a notebook computer. Preferably, the communication connection is via an internet communication connection. According to the present creation, the software product is preferably a mobile application. According to the present invention, the mobile device can include a storage unit storing the code of the software product, and a processing unit for executing the code of the software product.

The authentication device is communicatively coupled to the second server and has a display component, an input component, and a financial card read/write component. In some embodiments of the present invention, the authentication device is an automated teller machine or an automatic depositing and dispensing machine. According to the present invention, the authentication device is preferably in communication with the second server via a dedicated network.

In a pre-registration process, the password setting module receives a first authentication data and a second authentication data, and stores the first and second authentication data in the storage sub-module. The first authentication data is composed of the identification information of the mobile device and the personal information of the card holder, and the second authentication data is an optional digest. In the pre-registration process, the password setting module can provide a second user interface for the operator of the card issuing the financial card to input the first authentication data and the second authentication data. The aforementioned identification information includes an IMEI, a UDID, a keychain, a MAC address, or a combination thereof. The self-selected digest may be provided by the card holder or selected by the operator from the database of the storage sub-module or randomly selected by the password setting module from the database of the storage sub-module.

The authentication device reads the financial card by the financial card reading and writing component, and provides a first user interface by the display component to display an option for first setting a financial card password. After the option is selected, the authentication device The financial card management module sends a request to set a financial card password for the first time.

The financial card management module transmits the request for setting the financial card password for the first time to the password setting module. Then, the password setting module performs the following steps: (1) combining the first authentication data according to a combination method to generate a first key, wherein the combining method randomly selects a plurality of combining methods and has a a first number; (2) storing the first number in the storage sub-module; (3) encrypting an original code content based on the first key to generate a two-dimensional barcode, wherein the original code content includes The optional digest; and (4) transmitting the two-dimensional barcode to the authentication device. According to the present invention, the combined method includes, but is not limited to, combining a single field of the first authentication material, or a complete data of multiple fields, or a part of multiple fields of the first authentication data. The data is combined or the same field data of the first authentication material is combined multiple times.

Then, the authentication device displays the two-dimensional barcode on the first user interface by using the display component. According to a preferred embodiment of the present invention, the two-dimensional barcode is a QR code.

After the launch, the app will automatically trigger an event, requesting the entry of personal information and financial card account, and transmitting the entered personal information and account number to the password setting module. According to a preferred embodiment of the present invention, the App requires a boot password to verify that the boot password is correct before launching the App. The activation password includes, but is not limited to, a graphic password, a push-tone password, fingerprint recognition, or face recognition.

After confirming the legality of the application, the password setting module performs the following steps: (1) combining the first authentication data by using a corresponding combination method according to the first number stored in the storage sub-module to generate a second Keys; (2) randomly selecting an encryption method from a plurality of encryption methods, the encryption method having a second number; and, (3) transmitting the first number to the App, and encrypting the second key based on the second key The confirmation data includes an encrypted information, wherein the encrypted information includes the second number and a sampling position at the beginning. The start sampling location is used to indicate that the encryption method samples from the text of the optional digest to perform encryption.

Then, the App obtains the identification information of the mobile device and the personal information of the card holder from the mobile device, and combines the identification information and the personal information according to the combination method corresponding to the first number to generate a third Key. The cardholder's personal information can be logged in and stored by the cardholder on the mobile device.

After the mobile device scans and reads the two-dimensional barcode displayed on the display component of the authentication device, the App uses the third key to interpret the two-dimensional barcode to obtain the original code content, and according to the second number The corresponding encryption method and the starting sampling location encrypt the optional digest to obtain an encrypted value; then, the App encrypts the encrypted value based on the third key and transmits the encrypted value to the password setting module.

After confirming the correctness of the encrypted value, the password setting module sends a request for obtaining an authentication code to the financial card management module, and obtains an authentication code; and generates an authentication code image and transmits the image to the App. . The authentication code is preferably a random number of 6 to 8 codes, but is not limited thereto. In a specific embodiment of the present invention, the authentication code is encrypted by using a visual cryptography theory method to generate the authentication code image, so that the clear code value needs to be manually visually read by the eye.

Then, the App displays the authentication code image for use by the card holder when the authentication device first sets the password of the financial card.

Finally, the authentication device displays the field in the first user interface by the display component, and the cardholder inputs the authentication code and the new password of the financial card by the input component to complete the first password setting.

In some embodiments of the present invention, the first user interface of the authentication device requires input of an authentication code and a new password, and at least a portion of the personal information, and sends the financial card management module to the financial card management module based on the input data. A request to set a new password. In a specific embodiment, after the financial card management module confirms that the received authentication code and personal data are correct, the cryptographic new password is obtained and transmitted to the authentication device for reading and writing components by the financial card. The garbled new password is written to the financial card.

On the other hand, the present invention provides a method for helping a cardholder to first set a financial card password, comprising: providing a first server, providing a password setting module, including a storage submodule; and a second servo The device is electrically connected to the first server, and is provided with a financial card management module; a software product (App) is connected to the first server, and the application system is installed on the card holder. a mobile device, wherein the app is authenticated by the password setting module; and an authentication device communicatively coupled to the second server, the authentication device having a display component, an input component, and a financial card reading and writing component; The password setting module is configured to receive a first authentication data, which is composed of the identification information of the mobile device and the personal information of the card holder, and stores the first authentication data in the storage device. And receiving a second authentication data, which is a self-selected abstract, and storing the second authentication data in the storage sub-module; the authentication device reads the gold by the financial card reading and writing component Melting the card, and providing a first user interface by the display component, displaying an option for first setting a financial card password, after the option is selected, the authentication device sends a request for setting the financial card password to the financial card management module for the first time. The financial card management module transmits the request for setting the financial card password for the first time to the password setting module; the password setting module: combining the first authentication data according to a combination method to generate a first key, wherein The combination method randomly selects a plurality of combination methods and has a first number; stores the first number in the storage submodule; and encrypts an original code content based on the first key to generate one or two a barcode, wherein the content of the original code includes the optional abstract; the two-dimensional barcode is transmitted to the authentication device; the authentication device displays the two-dimensional barcode on the first user interface by the display component; Automatically trigger an event, requesting the input of personal information and financial card account number, and transmitting the entered personal information and account number to the password setting module; After confirming the legality of the application, the module combines the first authentication data by using a corresponding combination method according to the first number stored in the storage submodule to generate a second key; randomly from the plurality of encryption methods Selecting an encryption method, the encryption method having a second number; and transmitting the first number to the App, and based on the second key encrypted data, the confirmation data includes an encrypted information, wherein the encryption The information includes the second number and a sampling location at the beginning; the App obtains the identification information of the mobile device from the mobile device and the personal information of the cardholder, and combines the combination according to the combination method corresponding to the first number Identifying the information and the personal information to generate a third key; after the mobile device scans and reads the two-dimensional barcode displayed on the display component of the authentication device, the App uses the third key to interpret the second The dimension barcode obtains the content of the original code, and encrypts the optional abstract according to the encryption method corresponding to the second number and the starting sampling location to obtain an encrypted value; And encrypting the encrypted value according to the third key, and transmitting the encrypted value to the password setting module; after confirming the correctness of the encrypted value, the password setting module sends a request for obtaining the authentication code to the financial card management module. And obtaining an authentication code; and generating an authentication code image and transmitting the image to the App; the App displaying the authentication code image for use by the card holder by first setting the password of the financial card by the authentication device And the authentication device displays the field in the first user interface by the display component, for the cardholder to input the authentication code and the new password of the financial card by the input component to complete the first password setting.

In the pre-registration process, the password setting module can provide a second user interface for the operator of the card issuing the financial card to input the first authentication data and the second authentication data. The aforementioned identification information includes an IMEI, a UDID, a keychain, a MAC address, or a combination thereof. The self-selected digest may be provided by the card holder or selected by the operator from the database of the storage sub-module or randomly selected by the password setting module from the database of the storage sub-module.

In some embodiments of the present creation, the App requires a activation password. The activation password includes, but is not limited to, a graphic password, a push-tone password, fingerprint recognition, or face recognition.

In some embodiments of the present invention, the first user interface of the authentication device requires input of an authentication code and a new password, and at least a portion of the personal information, and sends the financial card management module to the financial card management module based on the input data. A request to set a new password. In a specific embodiment, after the financial card management module confirms that the received authentication code and personal data are correct, the cryptographic new password is obtained and transmitted to the authentication device for reading and writing components by the financial card. The garbled new password is written to the financial card.

Now with FIG. 1 and FIG. 2 illustrates a first cardholder to help the creation of systems and methods for setting passwords debit card specific preferred embodiments.

First, see Figure 1, shown to help cardholders example of one particular implementation of the first set based authoring system debit card passwords. In the specific embodiment, the system 1 for assisting the cardholder to set the financial card password for the first time includes a first server 10 , a second server 20 , a software product (App) 30, and an authentication device 40 . The software product 30 can be an action software product, such as an app issued by a financial industry.

The first server 10 is provided with a password setting module 12 , which includes a storage sub-module 122 . The second server 20 is electrically connected to the first server 10 and is provided with a financial card management module 22 . The first and second servers 10 and 20 can be located on the card issuer of the financial card.

The App 30 is communicatively coupled to the first server 10 and installed in a mobile device 70 held by the card holder, and the App 30 is authenticated by the password setting module 12 . The mobile device 70 can be a tablet computer or a smart phone, preferably a smart phone.

The authentication device 40 is communicatively coupled to the second server 20 via a dedicated network and has a display component 42 , an input component 44, and a financial card read/write component 46 . In some examples, the authentication device 40 is an automated teller machine or an automated teller machine.

In a pre-registration process, the password setting module 12 receives a first authentication data and a second authentication data, and stores the first and second authentication data in the storage sub-module 122 . The first authentication data is composed of the identification information of the mobile device 70 and the personal information of the card holder, and the second authentication data is an optional digest. The number of bits in the abstract is preferably between 512 and 1024 bits.

The authentication device 40 reads the financial card by the financial card reading and writing component 46 , and provides a first user interface by the display component 42 to display an option for setting the financial card password for the first time. After the option is selected, the option is selected. The authentication device 40 transmits a request for the first time setting of the financial card password to the financial card management module 22 . The financial card management module 22 transmits a request for setting the financial card password for the first time to the password setting module 12 . Then, the password setting module 12 performs the following steps: (1) combining the first authentication data according to a combination method to generate a first key, wherein the combining method randomly selects a plurality of combining methods, and has a first number; (2) storing the first number in the storage sub-module 122 ; (3) encrypting an original code content based on the first key to generate a two-dimensional barcode, wherein the original code The content includes the optional digest; and (4) transmitting the two-dimensional barcode to the authentication device 40 .

Then, the authentication device 40 displays the two-dimensional barcode by the display component 42 on the first user interface, which is preferably a QR code.

In addition, the App 30 automatically triggers an event after activation, requires input of personal information and a financial card account number, and transmits the entered personal information and account number to the password setting module 22 . After confirming the legality of the App 30 , the password setting module 22 performs the following steps: (1) combining the first authentication data by using a corresponding combination method according to the first number stored in the storage submodule 122 , Generating a second key; (2) randomly selecting an encryption method from the plurality of encryption methods, the encryption method having a second number; and, (3) transmitting the first number to the App 30 , and based on the The second key encrypted confirmation data, the confirmation data includes an encrypted information, wherein the encrypted information includes the second number, and a sampling location at the beginning, which is used to indicate the location of the encryption method from the selected abstract. Start sampling for encryption.

Then, the App 30 obtains the identification information of the mobile device 70 and the personal information of the card holder from the mobile device, and combines the identification information and the personal information according to the combination method corresponding to the first number to generate a The third key. At this time, the card holder can use the mobile device 70 to scan and read the two-dimensional barcode displayed on the display component 42 of the authentication device 40 , after which the App 30 interprets the two by using the third key. The dimension barcode obtains the content of the original code, and encrypts the optional digest according to the encryption method corresponding to the second number and the starting sampling location to obtain an encrypted value. Then, the App 30 encrypts the encrypted value based on the third key and transmits the encrypted value to the password setting module 12 .

After confirming the correctness of the encrypted value, the password setting module 12 transmits a request for obtaining the authentication code to the financial card management module 22 , obtains an authentication code, and generates an authentication code image for transmission to the App 30 . Next, the App 30 displays the authentication code image for use by the card holder when the authentication device 40 first sets the password of the financial card.

Finally, the authentication device 40 displays the field in the first user interface by the display component 42 for the cardholder to input the authentication code and the new password of the financial card by the input component 44 to complete the first password. set up.

On the other hand, this creation provides a way to help cardholders set the financial card password for the first time. Refer to the flowchart of Figure 2, which is oriented to help create the cardholder for the first time setting method debit card passwords of a specific implementation. As shown in the figure, the method includes the following steps: ( S110 ) providing a first server, providing a password setting module, comprising a storage submodule; a second server, electrically connected to the first server Connected and provided with a financial card management module; a software product (App) is connected to the first server, the app is installed on a mobile device held by the card holder, and the App is The password setting module is authenticated; and an authentication device is communicably connected to the second server, the authentication device has a display component, an input component, and a financial card reading and writing component; ( S120 ) the password setting module is in advance In the registration process, receiving a first authentication data, which is composed of the identification information of the mobile device and the personal information of the card holder, and storing the first authentication data in the storage sub-module; and receiving one a second authentication material, which is an optional digest, and stores the second authentication data in the storage sub-module; ( S210 ) the authentication device reads the financial card by the financial card reading and writing component, and by using the display The component provides a first user interface, and displays an option for first setting a financial card password. After the option is selected, the financial card management module confirms the status of the financial card, and then sends the first set financial card to the financial card management module. a request for a password; ( S220 ) the financial card management module transmits a request for first setting a financial card password to the password setting module; ( S230 ) the password setting module: combining the first authentication data according to a combination method, To generate a first key, wherein the combining method randomly selects a plurality of combining methods and has a first number; storing the first number in the storage submodule; and based on the first key pair The original code content is encrypted to generate a two-dimensional barcode, wherein the original code content includes the optional abstract; the two-dimensional barcode is transmitted to the authentication device; ( S240 ) the authentication device is used by the display component in the first use who interface displays the two-dimensional bar; (S310) the App automatically trigger an event after the start, asked to enter personal information and financial card account number and enter the personal And transmitting account information to the password setting module; after (S320) the password setting module to confirm the legitimacy of the App: The first number stored in the storage submodule in combination in a corresponding method of combining the first authentication Data to generate a second key; randomly selecting an encryption method from the plurality of encryption methods, the encryption method having a second number; and transmitting the first number to the App and encrypting based on the second key After the confirmation data, the confirmation data includes an encrypted information, wherein the encrypted information includes the second number, and a sampling location at the beginning; ( S330 ) the App obtains the identification information of the mobile device from the mobile device and the card The personal information of the person, and combining the identification information and the personal information according to the combination method corresponding to the first number to generate a third key; ( S340 ) scanning and reading the display on the authentication device via the mobile device After the two-dimensional barcode on the display component, the App uses the third key to interpret the two-dimensional barcode to obtain the original code content, and according to the second number corresponding to the addition The method and the sampling start position, the encrypted digest managed to obtain an encrypted value; and, after the third key is encrypted to the encrypted value based on the transmitted password setting module; (S410) the password setting module After confirming the correctness of the encrypted value, sending a request for obtaining an authentication code to the financial card management module, and obtaining an authentication code; and generating an authentication code image and transmitting the image to the App; ( S510 ) the App Displaying the authentication code image for use by the card holder when the authentication device first sets the password of the financial card; and ( S610 ) the authentication device displays the field in the first user interface by the display component, The cardholder inputs the authentication code and the new password of the financial card by the input component to complete the first password setting.

The method of assisting the cardholder to set the financial card password for the first time may or may not be completed in conjunction with the aforementioned system 1 for helping the cardholder to first set the financial card password.

The specific embodiments of the present work are described in more detail by the following examples, but the present invention is not limited to the specific configurations, conditions, and methods provided therein.

Instance 1 : Front work

The financial provider provides a management server (first server) with a password setting module for the operator to apply for a new financial card (financial card holder, in the example "user" ), register and log in the agreed authentication data, and the registration data is stored in the database of the password setting module. Its related trading functions and registration contents are as follows:

1. Bind the user mobile device device authentication data (first authentication data): a. Log in to IMEI/UDID/Keychain/MAC/ID number/birthday/mobile phone number/etc. Here, the user who handles the new financial card can go to the branch counter of the financial industry or pre-registered on the official website to find the IMEI/UDID/Keychain/MAC and other information from the mobile phone. The application form will be filled in with the application form. Data login system. The aforementioned authentication information can be bound to the user's ID number. b. Use of the first authentication data: (1) When binding the first authentication data, the password setting module automatically assigns the initial value of the combination method to the current random random number, and stores the combined method in the database (3 Bytes). (2) This combination method is used to randomly combine IMEI/UDID/Keychain/MAC/ID number/Birthday/Mobile phone number/etc. (3) The "combination method" (3 Bytes) stored in the database is essentially a number. The database does not store the original content of the combined data. The "combination method" value stored in the database here is only an initial value. The password setting module should re-automatic random random number before each request is required to produce a two-dimensional barcode (QR code in this example). The "combination method" value is output, and the column value of the database is updated with the new "combination method" value. (4) The original content of the combined data, which is subsequently referred to as "Current_key" (here the first key), shall be at least 128 Bytes in length. This "Current_key" is the key to subsequent encryption of sensitive data with Advanced Encryption Standard (AES). In order to know that Current_key needs to know its "combination method" and its corresponding code, when the first authentication data of the original registration login is leaked, the user's Current_key content is not directly exposed.

2. Bind user identification data (second authentication data): The clerk logs in the optional digest 1 (512 Bytes ≦ Digest ≦ 1024 Bytes) for the user who applies for the new financial card. The second authentication material can also be bound to the user's ID number. The self-selected abstracts may be provided by the user, or selected by the staff member, or by the system randomly from the database for the user. a. The content of the system output QR code: the system stores the user's "combination method" according to the database, and outputs the "Current_key" by the user's original bound mobile device authentication data, and then uses the corresponding encryption and decryption code to "Current_key" AES (Web Page ID + Optional Digest + SHA-256 ("Current_key")) encrypts the content of the QR code garbled. For the content of the QR code, only the correct transaction device is used to scan and read the QR code, and the correct "combination method" is used to output the correct "Current_key", so that the QR code can be interpreted by corresponding encryption and decryption code. Original code content. (1) QR code original code content after interpretation = web page identification code + optional digest + SHA-256 (Current_key). (2) QR code content before interpretation = "Current_key" AES (Web Page ID + Optional Digest + SHA-256 (Current_key)). (3) The content of the QR code original code needs to be filtered by the corresponding encryption and decryption code of the "combination method". After the content of "Current_key" is output, it can be interpreted according to the content. b. The timing of the system output QR code: the financial card cardholder operates the specific transaction at the automatic depositing and dispensing machine, and the upstream message is activated by the financial card management module to the password setting module. The downlink message of the QR code image is returned to the financial card management module; the password setting module must also store the information such as the uplink message content in the database: (1) The uplink message content includes: financial card account number, transaction date, transaction Time, ATM number, ATM transaction number, etc. (2) The ID card number and the web page identifier are used as the key, and the content of the uplink message is stored in the database (storage submodule) of the password setting module. The webpage identification code is a common identification number of the same request transaction by a multi-party system such as a password setting module, an "initial password application" (software product (App)), a financial card management module, and the webpage identification code value is initialized by the initial password function system ( The password setting module is generated. The webpage identification code value life cycle is generated when the financial card system (financial card management module) initiates a "QR code image" request to the initial password function system, obtains an authentication code value image in the initial password application, and the cardholder operates The automatic deposit and withdrawal machine (authentication device) specific function completes the financial card new password setting. (3) The purpose of storing the contents of the uplink message in the database: (i) After the initial password application for the subsequent transaction device reads the "QR code image", when the initial password system is activated to obtain the authentication code request transaction, The initial password system uses it as a check for the transaction; (ii) when the database does not have the financial card account information, the transaction request is rejected, and the financial card holder is required to automatically apply for the new financial card operation. The machine displays the "QR code image" on the automatic depositing and dispensing machine interface, and then executes the App; and (iii) when the database has the financial card account information, but has expired (for example, 10 minutes or more), The application request for the app can be rejected.

After the user has completed the registration of the above-mentioned job, the user can operate the transaction device and download/install the "initial password application" (software (App)) from the network environment (Internet), and after the installation is completed, the pre-installation is started. Job completion:

1. The app must be forced to provide graphical password, touch-tone password, fingerprint identification, or face recognition options for the user to set the startup password of the app.

2. Each time the user executes the app, the app must ask the user to enter the user ID number, birthday, and financial card account number, and immediately send the uplink message to the password setting module to complete the initial identification of the user identity. a. The content of the uplink message must include the ID number, birthday, financial card account number, and the version number and date of the app. b. After the password setting module of the server end authenticates the user identity and the mobile device device is correct, the app's version number, date, and the application for the financial card account and other uplink message information must be stored for future identification in the transaction operation phase. Use for legality. c. The “Financial Card Account Number” must be a new financial card account that has not yet changed the initial password of the financial card.

3. After the initial password application obtains the initial password function, the downlink message reply is correct, that is, the preparation screen for reading the QR code is directly displayed on the transaction device (user's personal device) interface, waiting for the user to manually operate the transaction device, The "QR code image" displayed on the automatic depositing and dispensing machine is scanned and the QR code content is scanned.

Instance 2 : Trading assignments

1. The user inserts the automatic depositing and dispensing machine (authentication device) with the new application entity financial card and operates the specific transaction, and the automatic depositing and dispensing machine then launches the uplink message and transmits it to the initial password via the financial card system host (second server). The host system (first server), the initial password system (password setting module), in addition to storing the contents of the uplink message in the database (storage sub-module), and outputting and replying to the "QR code image" The downlink message data is returned to the automatic depositing and withdrawing machine by the financial card system (financial card management module), such as "QR code image"; the automatic depositing and dispensing machine displays the "QR code" in the automatic deposit and withdrawal Machine interface. a. Preferably, the user is prohibited from operating a plurality of newly applied financial card transactions at a plurality of automatic depositing and dispensing machines at the same time. b. The initial password system uses the ID number and the webpage identifier as the key to store the content of the uplink message in the database. (1) The financial card account number must be a new financial card account that has not yet changed the initial password of the financial card. (2) The webpage identification code is a common identification number of the same request transaction by the multi-party system such as the initial password function system, the initial password application (App), the financial card system, and the webpage identification code value is generated by the initial password function system. The webpage identification code value life cycle is generated when the financial card system initiates a "QR code image" request to the initial password function system, obtains an authentication code value image after the initial password application (App), and completes the financial card new password setting. End. c. The initial password system stores the contents of the uplink message in the database for the purpose of: (1) The initial password APP for the subsequent user to activate the transaction device, after the identity information is registered, the initial password system confirms whether the user has The newly applied entity financial card is inserted into the automatic depositing and dispensing machine, and the operation of the specific transaction is completed, and the "QR code image" is obtained. (2) When the initial password application for the subsequent transaction device scans and reads the "QR code image" and initiates the transaction request for the initial password system to obtain the authentication code, the initial password system will check it as a transaction check. use. (a) When the database does not have the financial card account information, it rejects the trading demand of the app, and requires the financial card cardholder to first operate the automatic depositing and dispensing machine with the new financial card, and display the QR code in the automatic depositing and dispensing machine interface. After the image, execute the app again. (b) When the database has the financial card account information, but has expired (for example, more than 10 minutes), the above description indicates the transaction demand of the App. d. The initial password function system must first automatically generate the "combination method" value and update the column value of the database in the current random number. Then, execute the corresponding code with the "combination method" value (bind the original login) The mobile device authentication data is combined. The original content of the combined data is "Current_key" (first key). The aforementioned "combination method" value is generated by random random number in the transaction, and the random chaotic value is better than the first three records. e. The initial password function system uses the "Current_key" and the identification data (selected abstracts) bound by the user to generate QR code content, "QR code image", and downlink message (including " QR code image"). (1) QR code original code content = Web page identification code + optional digest + SHA-256 (Current_key). (2) QR code garbled content = "QR code image" content = "Current_key" AES (web page identifier + SHA-256 (Current_key)), where SHA-256 is a hash function. (3) In order to interpret the content of the QR code, the content of the "Current_key" must be generated by the corresponding code of the "combination method". After that, the content of the QR code can be interpreted by "Current_key". f. The downlink message data such as "QR code image" will be returned to the automatic depositing and withdrawing machine after the financial card system; the automatic depositing and dispensing machine will display the "QR code image" on the automatic depositing and dispensing machine interface for subsequent use. The manual handheld transaction device (mobile device) scans and reads the QR code content. g. The financial card system shall check the content of the uplink message. If the condition is not met, the transaction request shall be rejected: (1) Confirm that the financial card is a valid card and the initial password has not been changed. (2) Confirm that the financial card holder has bound the mobile device device authentication data and user identification data.

2. After the user logs in the "Startup Password" on the trading device interface, the App starts as shown in Example 1. The App asks the user to enter the identity authentication information: a. The App displays a message on the personal device interface, asking for the user ID number, birthday, And financial card account number. b. The key content of the uplink message includes: ID number, birthday, financial card account number, and the version number and date of installing the app. c. The uplink message is interpreted by the firewall (Web AP F/W) and transmitted to the password setting module host. d. The password setting module reviews the legality of the user-installed App according to the uplink message, and confirms whether the user has previously inserted the automatic depositing machine into the automatic depositing machine to operate the specific transaction. (1) Using the ID number and web page identification code as the key query database, when the database does not have the account information, the application demand of the app is rejected, and the financial card holder is required to automatically save the new application for the financial card operation. The cash machine displays the "QR Code image" on the automatic depositing and dispensing machine interface, and then executes the App. (2) When the database has the account information but has expired (for example, more than 10 minutes), the above description indicates the transaction demand of the App. (3) When the identity of the user (ID number, birthday) is not met, the password setting module must simultaneously notify the cardholder via SMS, email, etc. When the cumulative number of errors exceeds 4 times, the system should reject the transaction, and ask the user to contact the customer service staff to review the user's identity and reset the cumulative number of errors. e. After the password setting module verifies that the uplink message is correct, it outputs the downlink message reply App: (1) The system stores the user's "combination method" according to the database, and the user's original binding mobile device authentication data is output. "Current_key" (second key). (2) Downstream message key content = Web page identification code + combination method + "Current_key" AES (encryption method + SHA-256 ("Current_key" (second key))) + App legality identification result, where SHA- 256 is a hash function. (a) The "Encryption Method" column has a total of 10 Bytes. The first 3 Bytes are placed with the "Current_key" "Combination Method", the 4th to 6th Bytes are placed for the next encryption method item, and the last 4 Bytes are placed for the next encryption. The sampling position at the beginning of "Self-Selected Digest". (b) The above "encryption method" value and the "start sampling position" value are all randomly generated in the transaction, and the random chaotic value is better than the first three records. f. Store the foregoing uplink message and the downlink message content in the database of the password setting module for subsequent transaction identification to identify the identity of the user.

3. After receiving the downlink message of the password setting module: a. When the “App legality identification result” value of the downlink message content is successful, according to the “combination method” value of the downlink message (the encryption method of the downlink message) The first three Bytes values in the column), the device data (including IMEI/UDID/Keychain/MAC information) obtained from the user's mobile device, and the user's personal information (ID number/birthday, etc.) The user logs in and stores the mobile device in order to produce "Current_key" (ie, the third key is built in the app), that is, the app has a plurality of combined methods, which can be determined according to the received number. The combination method), first decrypts the "encryption method" column of the downlink message, obtains the current "encryption method" clear code value; second, identifies the consistency of the SHA-256 ("Current_key") column value of the downlink message (identification of the present The password linked to the app sets the legality of the module host). b. The App displays an environment in which the QR code can be scanned and read on the transaction device interface, and instructs the card holder to hold the transaction device to scan the contents of the "QR code image" of the automatic depositing and dispensing machine. c. The App scans the "QR code image" and interprets its original content: (1) Interpret the original content of the "QR code image" using the above "Current_key" (third key). (a) QR code original code content = web page identifier + optional digest + SHA-256 ("Current_key"). (b) QR code garbled content = "QR code image" content = "Current_key" AES (web page ID + SHA-256 (Current_key)) (2) Interpreted and then produced by the trading device The Current_key verifies the consistency of the SHA-256 ("Current_key") value of the QR code content (identifying the validity of the current "QR code image"). d. Generate the uplink message again, and send the user authentication code value to the initial password function system: (1) The key content of the uplink message = Web page identification code + Mobile value + Verify value + Part of the data of the uplink and downlink messages in the above steps . (a) Mobile value = SHA-256 (Current_key) generated from the local device of the transaction device (b) Verify value = Encrypted with "Current_key" AES{ (encrypted method for "interpreted QR code content") + SHA-256 ("interpreted QR code content"}. The "interpreted QR code content" here refers to the original content of the "self-selected abstracts" after interpretation. App obtained according to the aforementioned downlink message The "encryption method" value starts sampling with the "start sampling position" value of the specified "choice digest", and executes the corresponding encryption code with the specified "encryption method" number value, and outputs an x value after being encrypted. The length should be at least 128 Bytes. After that, the value of the x value and the associated hash function are protected by the "Current_key" AES encryption. (2) The App encrypts the current message by SSL and transmits it to the initial The cryptographic system host.

4. After receiving the uplink message of the App (requesting the authentication code): a. According to the transaction information of the user, check the content of the uplink message of the App to identify the device content of the mobile device (IMEI) /UDID/Keychain/MAC), the legality of the user's personal information (ID number/birthday), and the correctness of the installed app, so as to identify the user. b. When the identity of the user is not met, the password setting module must simultaneously notify the cardholder via SMS, email, etc. When the cumulative number of errors exceeds 4 times, the system should reject the transaction, and ask the user to contact the customer service staff to review the user's identity and reset the cumulative number of errors. c. After the identity of the user is verified, the password setting module outputs the uplink message content, and sends a request to the financial card system host (the second server) to obtain the current authentication code value. (1) The content of the uplink message includes: web page identification code, financial card account number, transaction date, transaction time, ATM machine number, ATM transaction serial number, authentication code value (here, blank value) and other data. (2) After verifying that the uplink message is correct, the financial card system (financial card management module) randomly generates the "authentication code value" and replies to the password setting module. (a) "Authentication Code" is used as a financial card system for subsequent cardholders to insert a new application entity financial card into an automatic depositing machine (authentication device) and operate a specific transaction and complete the new password setting operation of the financial card. Cardholder identity identification. (b) The "authentication code" of the financial card management module for each dynamic random output, valid for 10 minutes, and the authentication code value is 6~8 code random numbers. (c) The financial card management module stores the content of the transaction request for subsequent cardholders to use the new application entity financial card to insert the automatic deposit and withdrawal machine and operate the specific transaction, complete the financial card new password setting operation, as the financial card system For the identification of cardholders. d. After receiving the authentication code value, the password setting module first adopts the "visual cryptography theory method" to produce the "authentication code value image" for the initial password value of the financial card, and then outputs the downlink message (including the encrypted message). The authentication code value image) is encrypted and then replied to the App. (1) Encrypted the "Certificate Code Value Image" using the "Visual Cryptography Theory Method": (a) Step 1: Randomly obtain the basemap or background color (b) Step 2: Produce several interference lines in the background ( Line color, thickness, length, position are randomly generated) (c) Step 3: Production number (random number color, font, glyph, shifting in different directions (PIXEL) multiple times the same number) (d) Step 4 : Produce several interference lines in the foreground (line color, thickness, length, position are randomly generated) (e) Step 5: Generate JPEG image file (f) After this method is used to properly encrypt and encrypt the password value, The clear value of the image needs to be manually visually read by the eye. (2) The key content of the downlink message: webpage identification code, authentication code value image, App legality identification result and other data. (3) The password setting module updates the information of the transaction processing status and the identity identification result of the user of the database. (4) In addition to the image of the authentication code value, the content of the downlink message should include notifying the cardholder to operate the automatic cash register specific function within the time limit (for example, 10 minutes) to complete the new password setting of the financial card. (5) The password setting module must simultaneously notify the cardholder via SMS or email: the authentication code value is delivered. Please wait for the cardholder to operate the automatic depositing machine specific function within the time limit to complete the financial card new password setting and other information. .

5. After receiving the downlink message (including the authentication code value image) of the password setting module: a. Display the authentication code value image on the personal device interface. b. Display the notification cardholder to operate the ATM function in the limited time as soon as possible to complete the financial card new password setting and other information in the personal device interface. c. The App stores the key selection data of this transaction in the encrypted file on the device side of the personal device. The file adopts the first-in, first-out method and stores up to ten transaction record tracks.

6. After obtaining the authentication code, the user (cardholder) must insert the new application physical financial card into the automatic depositing and dispensing machine (authentication device) and operate the specific transaction within the time limit to complete the setting of the new financial card password. a. Specific transaction function of the authentication device: (1) The specific transaction function refers to the current branch counter "Financial Card Reset Password" transaction function (non-financial card password change transaction) for the cardholder to insert the new application entity financial card The automatic depositing and dispensing machine, inputting the current authentication code value in the automatic depositing and dispensing machine interface, and the new financial card password value set by itself, complete the setting operation of the new financial card password. (2) Specific transaction function data processing flow: (a) The specific transaction function connects the software in the physical financial card chip, and asks it to randomly generate a random number. (b) Produce an uplink message and initiate a request for the new password value of the financial card to the financial card management module. The key information of the uplink message: the financial card account number, the authentication code, the new password of the financial card, and the chaotic value of the financial chip chip software output. (c) After the financial card management module verifies that the uplink message is correct, the connected call entity garbled device (Hardware DES) outputs the garbled financial card new password value. (d) The financial card management module outputs a downlink message (including the "new password value of the garbled financial card") to the automatic deposit and withdrawal machine specific transaction function. (e) The specific transaction function connects to the software in the physical financial card chip, please unlock the card and write the "garbled new financial card password value" to the chip. b. Each time the financial card management module randomly generates an "authentication code" with a specific valid time limit, the cardholder must complete the new financial card password within a limited time. c. When the financial card has completed the new password setting operation, the automatic depositing machine should refuse the cardholder to repeatedly perform the specific transaction function.

7. When the user (cardholder) forgets the authentication code value, the user must re-execute the complete procedure of the transaction operation (steps 1. to 6. above) to obtain a new authentication code value.

8. When the user (cardholder) fails to complete the new financial card password setting from the automatic cash dispenser within the time limit, the current authentication code will expire and the user must re-execute the transaction (step 1. above). The complete procedure of ~6.) to obtain a new authentication code value.

In summary, the author separates the two physical devices of the transaction device (mobile device device) and the authentication device (automatic depositing and dispensing device), and the card holder manually operates the mobile device to align the display in the automatic storage. The "QR code image" of the cash dispenser interface is scanned and read, which causes the two physical devices to process the same transaction request, and completes the identity check and identification process within a limited time, so that the card holder can hold the financial card in time. The deposit and withdrawal machine operation completes the setting operation of the new password of the financial card. These multi-factor transaction security modes not only meet the requirements of the competent authority for the use of "two or more technologies" for transaction security design, but also ensure that the electronic transaction is completed manually, completely preventing the Trojan from remotely controlling. The risk of trading.

This creative department adopts a two-stage identification mode (including the user's personal information, the binding transaction device authentication data and the user identification data, and whether the transaction is manual operation), which is different from the usual "password". The unique authentication mode, for the security threshold of user identification, can receive comprehensive and substantial enhancement effects.

The operation behavior of the transaction framework of this creation requires the user to insert the physical financial card into the automatic depositing and withdrawing machine to obtain the "QR code image", and the user needs to hold the bound physical mobile device to scan and read the "QR code image". . Even if the transaction device is implanted with a remote remote trojan, the hacker is still unable to remotely manipulate the manual operation to obtain the authentication code value.

For the user, the burden and risk of keeping, losing, and stolen the paper password letter can be ruled out. For gangsters and hackers, it is necessary to obtain the user's physical financial card, the bound physical mobile device, the App's "start password" and the user's personal capital before they have the opportunity to obtain the authentication code value. Complete the setting of the new password for the financial card. As long as you can obtain a paper password letter and a physical financial card, you can commit crimes, and the threshold for prevention has been significantly improved.

For financial institutions, in addition to ensuring the improvement of the information security threshold, this creation can replace the cumbersome procedures of the current manual operation of printing password letters for financial institutions, saving related manual work, environmental facilities, printing machines, paper, and postal services. The cost of operation, such as storage and storage, security control and risk auditing, can achieve the effect of energy saving and carbon reduction.

1 ‧‧‧System for helping cardholders to set the financial card password for the first time

10 ‧‧‧First server

12 ‧‧‧ password setting module

122 ‧‧‧Storage submodule

20 ‧‧‧Second server

22 ‧‧‧Financial Card Management Module

30 ‧‧‧Software products

40 ‧‧‧Certified device

42 ‧‧‧Display components

44 ‧‧‧Input components

46 ‧‧‧Financial card reading and writing components

70 ‧‧‧ mobile devices

S110~S610 ‧‧‧Step process

Figure 1 is a block schematic diagram of one embodiment of a system of the present embodiment DETAILED creation.

FIG 2 shows a flowchart of a method of the system of one embodiment according to the present embodiment DETAILED creation.

Claims (5)

A system for assisting a cardholder to set a financial card password for the first time, comprising: a first server, comprising a password setting module, comprising a storage submodule; a second server, and the first server Electrically connected, and provided with a financial card management module; a software product (App), communicatively connected with the first server, the App system is installed on a mobile device held by the card holder, and the App system The password setting module is authenticated; and an authentication device is communicatively coupled to the second server, the authentication device having a display component, an input component, and a financial card reading and writing component; wherein: the password setting module is In the pre-registration process, receiving a first authentication data, which is composed of the identification information of the mobile device and the personal information of the card holder, and storing the first authentication data in the storage sub-module; and receiving a second authentication material, which is an optional digest, and stores the second authentication data in the storage sub-module; the authentication device reads the financial card by the financial card reading and writing component, and the display is performed by the financial card reading and writing component The display component provides a first user interface, and displays an option for first setting a financial card password. After the option is selected, the authentication device sends a request for first setting a financial card password to the financial card management module; the financial card management module Transmitting the request for setting the financial card password for the first time to the password setting module; the password setting module: combining the first authentication data according to a combination method to generate a first key, wherein the combination method is randomly selected Self-complexing the combination method and having a first number; storing the first number in the storage sub-module; encrypting an original code content based on the first key to generate a two-dimensional barcode, wherein the original The code content includes the self-selected abstract; the two-dimensional barcode is transmitted to the authentication device; the authentication device displays the two-dimensional barcode on the first user interface by the display component; the application automatically triggers an event after startup, requesting Enter the account number of the personal information and financial card, and transfer the entered personal information and account number to the password setting module; the password setting module confirms the application After the legality: combining the first authentication data by using a corresponding combination method according to the first number stored in the storage submodule to generate a second key; randomly selecting an encryption method from the plurality of encryption methods, The encryption method has a second number; and, transmitting the first number to the App, and based on the second key encrypted data, the confirmation data includes an encrypted information, wherein the encrypted information includes the second number And the sampling location at the beginning; the App obtains the identification information of the mobile device and the personal information of the card holder from the mobile device, and combines the identification information and the personal information according to the combination method corresponding to the first number, To generate a third key; after the mobile device scans and reads the two-dimensional barcode displayed on the display component of the authentication device, the App uses the third key to interpret the two-dimensional barcode to obtain the original code. Content, and encrypting the self-selected digest according to the encryption method corresponding to the second number and the starting sampling location to obtain an encrypted value; and, based on the third gold Encrypting the encrypted value and transmitting the encrypted value to the password setting module; after confirming the correctness of the encrypted value, the password setting module sends a request for obtaining the authentication code to the financial card management module, and obtains an authentication code; And generating an authentication code image and transmitting the image to the App; the App displaying the authentication code image for use by the card holder by first setting the password of the financial card by the authentication device; and the authenticating device The display component displays a field in the first user interface, and the cardholder inputs the authentication code and the new password of the financial card by the input component to complete the first password setting. The system for requesting the cardholder to set the financial card password for the first time, wherein the password setting module provides a second user interface for the card issuer operator of the financial card to input the first authentication data and the Second certification information. The system of claim 1 for helping a cardholder to first set a financial card password, wherein the app requires a startup password. The system of claim 1 for assisting a cardholder in setting a financial card password for the first time, wherein the first user interface of the authentication device requires input of an authentication code and a new password, and at least a portion of the personal information, and based on the input The data sends a request to the financial card management module to set a new password. The system for requesting the cardholder to set the financial card password for the first time, wherein the financial card management module confirms that the received authentication code and personal data are correct, obtains a garbled new password, and transmits the new password to the system. An authentication device for writing the garbled new password to the financial card by the financial card reading and writing component.