TWM586495U - System using network identification data for login through telecommunication server - Google Patents
System using network identification data for login through telecommunication server Download PDFInfo
- Publication number
- TWM586495U TWM586495U TW108208569U TW108208569U TWM586495U TW M586495 U TWM586495 U TW M586495U TW 108208569 U TW108208569 U TW 108208569U TW 108208569 U TW108208569 U TW 108208569U TW M586495 U TWM586495 U TW M586495U
- Authority
- TW
- Taiwan
- Prior art keywords
- data
- server
- mobile device
- door number
- network
- Prior art date
Links
Landscapes
- Telephonic Communication Services (AREA)
Abstract
一種以網路識別資料透過電信伺服器進行登入之系統,其透過行動裝置所執行之身分識別元件取得網路識別資料及門號資料後,透過行動通訊網路傳送網路識別資料及門號資料至服務伺服器,並由服務伺服器傳送網路識別資料以及門號資料至電信伺服器,使得電信伺服器依據網路識別資料及門號資料產生登入結果並傳送登入結果給服務伺服器之技術手段,可以達成單獨使用行動裝置完成身份辨識的技術功效。A system that uses network identification data to log in through a telecommunication server. After obtaining network identification data and door number data through the identity identification component executed by the mobile device, it transmits the network identification data and door number data to the mobile communication network. The service server, and the service server sends the network identification data and the door number data to the telecommunication server, so that the telecommunication server generates a login result based on the network identification data and the door number data and sends the login result to the service server. , You can achieve the technical effect of using a mobile device to complete the identification.
Description
一種身份識別系統,特別係指一種以網路識別資料透過電信伺服器進行登入之系統。An identification system, especially a system that uses network identification data to log in through a telecommunications server.
近年來,由於通訊及網路相關產業的高度發展,人們對各種服務電子化與行動化的需求日益升高,這樣的需求也反映在金融業與政府公部門上,舉例來說,券商、銀行、保險公司、投顧公司、政府單位除了提供網路服務之外,也開始提供行動應用程式(APP),使用者可以使用手機或平板等各種的行動裝置執行行動應用程式,行動應用程式通過網際網路連線到對應的服務主機(或稱為應用主機)後,使用者可以操作行動裝置進行證券交易、轉帳、投保、申請文件等行動服務。如此,使用者可以不需要離開所在位置,即可進行所需的行動服務。In recent years, due to the rapid development of the communications and Internet-related industries, the demand for electronic and mobile services has been increasing. This demand is also reflected in the financial industry and government departments. For example, brokers, banks In addition to providing online services, insurance companies, investment consulting companies, and government units have also begun to provide mobile applications (APPs). Users can use various mobile devices such as mobile phones or tablets to run mobile applications. After the network is connected to the corresponding service host (or application host), the user can operate the mobile device to perform mobile services such as securities trading, fund transfer, insurance application, and application documents. In this way, the user can perform the required mobile service without leaving the location.
使用者在使用網路服務或行動服務時,通常需要先進行身份辨識。目前,透過網路進行身份辨識的方式,大多需要使用硬體載具來辨識使用者的身份,例如,使用特定的USB隨身碟或智慧卡(晶片卡)儲存使用者的憑證資料,藉以在使用者進行行動服務時,透過連接儲存憑證資料的USB隨身碟或智慧卡來進行身份辨識。When users use online or mobile services, they usually need to be identified first. At present, most of the identification methods through the network require the use of a hardware carrier to identify the user's identity. For example, a specific USB flash drive or a smart card (chip card) is used to store the user's credential data for use. When carrying out mobile services, the identity is identified by connecting a USB flash drive or a smart card that stores credential data.
然而,使用硬體載具來辨識使用者身份的方式,大多只能在電腦上進行,主要原因是硬體載具需要透過USB等連接插槽與電腦連接,或透過如讀卡機等外接裝置讀取,但目前的行動裝置大多沒有設置可以與硬體載具連接的連接插槽,或使用者需另備外接裝置讀取硬體載具,因此,大部分的行動裝置並無法連接硬體載具,如此,導致使用者無法使用行動裝置進行身份辨識,以至於無法使用行動服務,造成使用者的不便。However, most of the methods of using hardware carriers to identify users can only be performed on a computer. The main reason is that the hardware carriers need to be connected to the computer through a connection slot such as a USB or an external device such as a card reader. Read, but most current mobile devices do not have a connection slot that can be connected to the hardware carrier, or the user needs to prepare an external device to read the hardware carrier. Therefore, most mobile devices cannot connect to the hardware. Vehicles, as a result, users cannot use mobile devices for identification, so that they cannot use mobile services, causing inconvenience to users.
綜上所述,可知先前技術中長期以來一直存在行動裝置不易連接硬體載具以辨識使用者身份的問題,因此有必要提出改進的技術手段,來解決此一問題。In summary, it can be known that in the prior art, there has been a problem that mobile devices cannot easily connect to a hardware carrier to identify a user's identity for a long time. Therefore, it is necessary to propose improved technical means to solve this problem.
有鑒於先前技術存在行動裝置不易連接硬體載具以辨識使用者身份的問題,本創作遂揭露一種以網路識別資料透過電信伺服器進行登入之系統,其中:In view of the problem that the mobile device cannot be easily connected to the hardware to identify the user in the prior art, this creation then discloses a system that uses network identification data to log in through a telecommunications server, among which:
本創作所揭露之以網路識別資料透過電信伺服器進行登入之系統,至少包含:服務伺服器、行動裝置、電信伺服器,其中,行動裝置用以執行身份識別元件,身份識別元件包含:獲取門號資料及網路識別資料的資料取得模組,以及透過行動通訊網路與該服務伺服器連接並傳送網路識別資料及門號資料至服務伺服器的通訊模組;電信伺服器,用以接收服務伺服器所傳送之網路識別資料及門號資料,及用以依據網路識別資料及門號資料產生登入結果,並傳送登入結果至服務伺服器。The system disclosed by this creation that uses network identification data to log in through a telecommunications server includes at least: a service server, a mobile device, and a telecommunications server. Among them, the mobile device is used to execute an identity component, and the identity component includes: Data acquisition module for door number data and network identification data, and a communication module for connecting to the service server through a mobile communication network and transmitting network identification data and door number data to the service server; a telecommunications server, for Receive the network identification data and door number data sent by the service server, and use it to generate login results based on the network identification data and door number data, and send the login results to the service server.
本創作所揭露之系統如上,與先前技術之間的差異在於本創作透過行動裝置所執行之身分識別元件取得網路識別資料及門號資料後,透過行動通訊網路傳送網路識別資料及門號資料至服務伺服器,並由服務伺服器傳送網路識別資料以及門號資料至電信伺服器,使得電信伺服器依據網路識別資料及門號資料產生登入結果並傳送登入結果給服務伺服器,藉以解決先前技術所存在的問題,並可以達成單獨使用行動裝置完成身份辨識的技術功效。The system disclosed in this creation is as above. The difference from the previous technology is that after obtaining the network identification data and door number data through the identity identification component executed by the mobile device, this creation transmits the network identification data and door number through the mobile communication network. Data to the service server, and the service server sends network identification data and door number data to the telecommunication server, so that the telecommunication server generates a login result based on the network identification data and door number data and sends the login result to the service server, In this way, the problems existing in the prior art can be solved, and the technical effect of using a mobile device to complete identification can be achieved.
以下將配合圖式及實施例來詳細說明本創作之特徵與實施方式,內容足以使任何熟習相關技藝者能夠輕易地充分理解本創作解決技術問題所應用的技術手段並據以實施,藉此實現本創作可達成的功效。The following will describe the features and implementation of this creation in detail with drawings and examples. The content is sufficient to enable any person skilled in the art to fully understand and implement the technical means applied to solve technical problems in this creation, thereby realizing What this creation can achieve.
本創作可以在行動裝置與服務伺服器透過行動通訊網路連接後,由服務伺服器連線到電信伺服器進行使用者登入作業,並由電信伺服器將登入結果傳回服務伺服器。其中,行動通訊網路例如4G、5G網路等,但本發明並不以此為限。In this creation, after the mobile device and the service server are connected through a mobile communication network, the service server connects to the telecommunication server to perform user login operations, and the telecommunication server returns the login result to the service server. Among them, mobile communication networks such as 4G, 5G networks, etc., but the present invention is not limited thereto.
以下先以「第1A圖」與「第1B圖」本創作所提之以網路識別資料透過電信伺服器進行登入之系統架構圖來說明本創作的系統運作。如「第1A圖」所示,本創作之系統含有應用主機111、身份識別主機112、身份驗證伺服器113、行動裝置120、以及電信伺服器130。其中,應用主機111、身份識別主機112、身份驗證伺服器113、行動裝置120、電信伺服器130都是計算設備。The following first illustrates the system operation of this creation by referring to the system architecture diagram of network creation data and login through telecommunication server mentioned in the "Figure 1A" and "Figure 1B". As shown in "Fig. 1A", the system of the present invention includes an application host 111, an identification host 112, an authentication server 113, a mobile device 120, and a telecommunication server 130. Among them, the application host 111, the identification host 112, the identity verification server 113, the mobile device 120, and the telecommunications server 130 are all computing devices.
本創作所提之計算設備包含但不限於一個或多個處理器、一個或多個記憶體模組、以及連接不同元件(包括記憶體模組和處理器)的匯流排等元件。透過所包含之多個元件,計算設備可以載入並執行作業系統,使作業系統在計算設備上運行,也可以執行軟體或程式。另外,計算設備也包含一個外殼,上述之各個元件設置於外殼內。The computing devices mentioned in this creation include, but are not limited to, one or more processors, one or more memory modules, and buses and other components that connect different components (including memory modules and processors). Through the contained multiple components, the computing device can load and execute the operating system, so that the operating system can run on the computing device, and can also execute software or programs. In addition, the computing device also includes a housing, and each of the above components is disposed in the housing.
本創作所提之計算設備的匯流排可以包含一種或多個類型,例如包含資料匯流排(data bus)、位址匯流排(address bus)、控制匯流排(control bus)、擴充功能匯流排(expansion bus)、及/或局域匯流排(local bus)等類型的匯流排。計算設備的匯流排包括但不限於並列的工業標準架構(ISA)匯流排、周邊元件互連(PCI)匯流排、視頻電子標準協會(VESA)局域匯流排、以及串列的通用序列匯流排(USB)、快速周邊元件互連(PCI-E)匯流排等。The buses of computing devices mentioned in this creation can include one or more types, such as data buses, address buses, control buses, and extended function buses ( expansion bus), and / or local bus. Computing device buses include, but are not limited to, side-by-side Industry Standard Architecture (ISA) buses, peripheral component interconnect (PCI) buses, Video Electronics Standards Association (VESA) local buses, and serial universal buses (USB), PCI-E bus and so on.
本創作所提之計算設備的處理器與匯流排耦接。處理器包含暫存器(Register)組或暫存器空間,暫存器組或暫存器空間可以完全的被設置在處理晶片上,或全部或部分被設置在處理晶片外並經由專用電氣連接及/或經由匯流排耦接至處理器。處理器可為處理單元、微處理器或任何合適的處理元件。若計算設備為多處理器設備,也就是計算設備包含多個處理器,則計算設備所包含的處理器都相同或類似,且透過匯流排耦接與通訊。處理器可以解釋一連串的多個指令以進行特定的運算或操作,例如,數學運算、邏輯運算、資料比對、複製/移動資料等,藉以運行作業系統或執行各種程式、模組、及/或元件。The processor of the computing device mentioned in this creation is coupled to the bus. The processor contains a register group or register space. The register group or register space can be completely set on the processing chip, or all or part of it can be set outside the processing chip and connected through a dedicated electrical connection. And / or coupled to the processor via a bus. The processor may be a processing unit, a microprocessor, or any suitable processing element. If the computing device is a multi-processor device, that is, the computing device includes multiple processors, the processors included in the computing device are all the same or similar, and are coupled and communicated through a bus. The processor can interpret a series of multiple instructions to perform specific operations or operations, such as mathematical operations, logical operations, data comparison, copying / moving data, etc., to run the operating system or execute various programs, modules, and / or element.
計算設備的處理器可以與晶片組耦接或透過匯流排與晶片組電性連接。晶片組是由一個或多個積體電路(IC)組成,包含記憶體控制器以及周邊輸出入(I/O)控制器,也就是說,記憶體控制器以及周邊輸出入控制器可以包含在一個積體電路內,也可以使用兩個或更多的積體電路實現。晶片組通常提供了輸出入和記憶體管理功能、以及提供多個通用及/或專用暫存器、計時器等,其中,上述之通用及/或專用暫存器與計時器可以讓耦接或電性連接至晶片組的一個或多個處理器存取或使用。The processor of the computing device may be coupled to the chipset or electrically connected to the chipset through a bus. The chipset is composed of one or more integrated circuits (ICs), including a memory controller and a peripheral input / output (I / O) controller, that is, a memory controller and a peripheral input / output controller can be included in Within an integrated circuit, two or more integrated circuits can also be used. The chipset usually provides I / O and memory management functions, and provides multiple general and / or special registers, timers, etc., among which the above general and / or special registers and timers can be coupled or One or more processors electrically connected to the chipset are accessed or used.
計算設備的處理器也可以透過記憶體控制器存取安裝於計算設備上的記憶體模組和大容量儲存區中的資料。上述之記憶體模組包含任何類型的揮發性記憶體(volatile memory)及/或非揮發性(non-volatile memory, NVRAM)記憶體,例如靜態隨機存取記憶體(SRAM)、動態隨機存取記憶體(DRAM)、快閃記憶體(Flash)、唯讀記憶體(ROM)等。上述之大容量儲存區可以包含任何類型的儲存裝置或儲存媒體,例如,硬碟機、光碟片、隨身碟(快閃記憶體)、記憶卡(memory card)、固態硬碟(Solid State Disk, SSD)、或任何其他儲存裝置等。也就是說,記憶體控制器可以存取靜態隨機存取記憶體、動態隨機存取記憶體、快閃記憶體、硬碟機、固態硬碟中的資料。The processor of the computing device can also access the data in the memory module and the mass storage area installed on the computing device through the memory controller. The above memory modules include any type of volatile memory and / or non-volatile memory (NVRAM) memory, such as static random access memory (SRAM), dynamic random access Memory (DRAM), flash memory (Flash), read-only memory (ROM), etc. The above-mentioned large-capacity storage area may include any type of storage device or storage medium, such as a hard disk drive, a compact disc, a flash drive (flash memory), a memory card, a solid state disk (Solid State Disk, SSD), or any other storage device. That is, the memory controller can access data in static random access memory, dynamic random access memory, flash memory, hard drives, and solid-state hard drives.
計算設備的處理器也可以透過周邊輸出入控制器經由周邊輸出入匯流排與周邊輸出裝置、周邊輸入裝置、通訊介面、以及GPS接收器等周邊裝置或介面連接並通訊。周邊輸入裝置可以是任何類型的輸入裝置,例如鍵盤、滑鼠、軌跡球、觸控板、搖桿等,周邊輸出裝置可以是任何類型的輸出裝置,例如顯示器、印表機等,周邊輸入裝置與周邊輸出裝置也可以是同一裝置,例如觸控螢幕等。通訊介面可以包含無線通訊介面及/或有線通訊介面,無線通訊介面可以包含支援Wi-Fi、Zigbee等無線區域網路、藍牙、紅外線、近場通訊(NFC)、3G/4G/5G等行動通訊網路或其他無線資料傳輸協定的介面,有線通訊介面可為乙太網路裝置、非同步傳輸模式(ATM)裝置、DSL數據機、纜線(Cable)數據機等。處理器可以週期性地輪詢(polling)各種周邊裝置與介面,使得計算設備能夠透過各種周邊裝置與介面進行資料的輸入與輸出,也能夠與具有上面描述之元件的另一個計算設備進行通訊。The processor of the computing device can also connect and communicate with peripheral devices such as peripheral output devices, peripheral input devices, communication interfaces, and GPS receivers through peripheral input / output controllers via peripheral input / output buses. The peripheral input device can be any type of input device, such as a keyboard, mouse, trackball, touchpad, joystick, etc. The peripheral output device can be any type of output device, such as a monitor, printer, etc. It may be the same device as the peripheral output device, such as a touch screen. The communication interface may include a wireless communication interface and / or a wired communication interface. The wireless communication interface may include a mobile communication network supporting Wi-Fi, Zigbee and other wireless LANs, Bluetooth, infrared, near field communication (NFC), 3G / 4G / 5G, etc. Or other wireless data transmission protocol interfaces. The wired communication interface can be an Ethernet device, an asynchronous transfer mode (ATM) device, a DSL modem, or a cable modem. The processor can poll various peripheral devices and interfaces periodically, so that the computing device can input and output data through various peripheral devices and interfaces, and can also communicate with another computing device with the components described above.
行動裝置120可以透過通訊介面使用有線或無線網路與應用主機111連接。行動裝置120透過通訊介面可以接收應用主機111所傳送的資料或訊號,並可以傳送資料或訊號給應用主機111。The mobile device 120 may be connected to the application host 111 through a communication interface using a wired or wireless network. The mobile device 120 can receive data or signals transmitted by the application host 111 through a communication interface, and can transmit data or signals to the application host 111.
行動裝置120負責使用應用主機111所提供的應用服務,並負責在應用服務要求使用者登入時,透過電信伺服器130確認行動裝置120已預先完成註冊,並完成登入作業。其中,本創作所提之應用服務通常為需要行動裝置120之使用者先註冊並登入的服務,例如:網路下單、網路銀行、線上投保、報稅繳費等,但本創作並不以此為限。The mobile device 120 is responsible for using the application service provided by the application host 111 and is responsible for confirming through the telecommunication server 130 that the mobile device 120 has completed registration in advance and completing the login operation when the application service requires the user to log in. Among them, the application service mentioned in this creation is usually a service that requires users of mobile device 120 to register and log in first, such as: online ordering, online banking, online insurance, tax payment, etc., but this creation is not based on this Limited.
行動裝置120更可以如「第2圖」所示,包含資料取得模組220、通訊模組280,以及可附加的偵測模組230、資料輸入模組240、驗證模組250、網路判斷模組260。在部分的實施例中,行動裝置120可以執行身份識別元件200以產生本創作所提之各模組。其中,身份識別元件200可以是獨立運作的應用程式,並可以被網頁瀏覽程式所呼叫;身份識別元件200也可以是包含在網頁瀏覽程式中的一個模組或元件。The mobile device 120 may further include a data acquisition module 220, a communication module 280, and an additional detection module 230, a data input module 240, a verification module 250, and a network judgment, as shown in FIG. Module 260. In some embodiments, the mobile device 120 may execute the identification component 200 to generate the modules mentioned in this creation. Among them, the identity recognition component 200 may be an independent application program and may be called by a web browser; the identity recognition component 200 may also be a module or component included in the web browser.
資料取得模組220負責取得網路識別資料。一般而言,網路識別資料為行動裝置120當前所使用的網路位址,資料取得模組220可以偵測行動裝置120之行動通訊介面當前所使用的網路位址以取得網路識別資料。但本創作所提之網路識別資料並不以上述為限,凡可以使電信伺服器130分辨行動裝置120的資料都可以作為本創作所提之網路識別資料。The data obtaining module 220 is responsible for obtaining network identification data. Generally speaking, the network identification data is the current network address of the mobile device 120. The data acquisition module 220 can detect the current network address of the mobile communication interface of the mobile device 120 to obtain the network identification data. . However, the network identification data mentioned in this creation is not limited to the above. Any data that can make the telecommunication server 130 distinguish the mobile device 120 can be used as the network identification data mentioned in this creation.
資料取得模組220也負責取得門號資料。資料取得模組220所獲取的門號資料與安裝於行動裝置120中之用戶識別模組(Subscriber Identity Module, SIM)對應,可以包含安裝於行動裝置120中之用戶識別模組所儲存的門號或卡號,也可以包含擁有門號或發出用戶識別模組之電信機構/單位的名稱等。本創作所提之用戶識別模組包含卡片式的用戶識別模組(在本創作中亦以「SIM卡」表示)以及內嵌式的用戶識別模組(Embedded-SIM,在本創作中亦以「eSIM」表示)。The data obtaining module 220 is also responsible for obtaining door number data. The door number data obtained by the data obtaining module 220 corresponds to a Subscriber Identity Module (SIM) installed in the mobile device 120, and may include the door number stored in the user identification module installed in the mobile device 120. Or card number, it can also include the name of the telecommunications agency / unit that owns the door number or issued the subscriber identification module. The user identification module mentioned in this creation includes a card-type user identification module (also referred to as "SIM card" in this creation) and an embedded user identification module (Embedded-SIM, also used in this creation "ESIM").
一般而言,資料取得模組220可以由行動裝置120的記憶單元中讀出使用者已輸入的門號資料,但本創作並不以此為限,例如,資料取得模組220也可以透過偵測模組230取得安裝於行動裝置120中之用戶識別模組所儲存的門號或卡號,也可以透過通訊模組280取得應用主機111所傳送的門號資料。Generally speaking, the data acquisition module 220 can read the door number data entered by the user from the memory unit of the mobile device 120, but this creation is not limited to this. For example, the data acquisition module 220 can also detect The measurement module 230 obtains the door number or card number stored in the user identification module installed in the mobile device 120, and can also obtain the door number data transmitted by the application host 111 through the communication module 280.
偵測模組230可以偵測安裝於行動裝置120中的用戶識別模組,也可以取得用戶識別模組中所儲存的資料,例如門號或卡號等。在部分的實施例中,若偵測模組230偵測到行動裝置120上有兩個或更多用戶識別模組,例如行動裝置120安裝兩張SIM卡、或安裝一張SIM卡且設置一個eSIM,則在資料取得模組220取得門號資料時,資料取得模組220可以先提示使用者確認門號資料與當前設定行動裝置120連接行動通訊網路所使用之用戶識別模組相對應,並在使用者確認後再取得門號資料,否則等待使用者修改門號資料。例如,當行動裝置120上安裝一張SIM卡且包含一個eSIM,當行動裝置120使用SIM卡連接行動通訊網路時,資料取得模組220可以透過行動裝置120的周邊輸出裝置提示使用者確認門號資料是否與SIM卡所記錄的門號一致。The detection module 230 can detect a user identification module installed in the mobile device 120, and can also obtain data stored in the user identification module, such as a door number or card number. In some embodiments, if the detection module 230 detects that there are two or more user identification modules on the mobile device 120, for example, two SIM cards are installed on the mobile device 120, or one SIM card is installed and one eSIM, when the data acquisition module 220 obtains the door number data, the data acquisition module 220 may first prompt the user to confirm that the door number data corresponds to the user identification module currently used by the mobile device 120 to connect to the mobile communication network, and Obtain the door number data after the user confirms, otherwise wait for the user to modify the door number data. For example, when a SIM card is installed on the mobile device 120 and includes an eSIM, when the mobile device 120 uses the SIM card to connect to a mobile communication network, the data acquisition module 220 may prompt the user to confirm the door number through the peripheral output device of the mobile device 120 Whether the data is consistent with the door number recorded on the SIM card.
資料輸入模組240可以透過行動裝置120的周邊輸入裝置提供使用者輸入門號資料。更詳細的說,資料輸入模組240可以提供輸入門號資料的使用者介面,使得使用者所輸入的門號資料被儲存在行動裝置120的記憶單元中。The data input module 240 can provide a user to input door number data through a peripheral input device of the mobile device 120. In more detail, the data input module 240 may provide a user interface for inputting door number data, so that the door number data input by the user is stored in the memory unit of the mobile device 120.
在部分的實施例中,若偵測模組230偵測到行動裝置120上有兩個或兩個以上的用戶識別模組,則當資料輸入模組240在提供使用者輸入門號資料時,可以提示使用者在門號資料中輸入與當前設定行動裝置120連接行動通訊網路所使用之用戶識別模組相對應的門號。例如,當行動裝置120上安裝一張SIM卡且包含一個eSIM,當行動裝置120使用SIM卡連接行動通訊網路時,資料輸入模組240可以透過行動裝置120的周邊輸出裝置提示使用者在門號資料中輸入SIM卡所記錄的門號。In some embodiments, if the detection module 230 detects that there are two or more user identification modules on the mobile device 120, when the data input module 240 provides the user to input the door number data, The user may be prompted to enter the door number corresponding to the user identification module used by the mobile device 120 currently connected to the mobile communication network in the door number data. For example, when a SIM card is installed on the mobile device 120 and contains an eSIM, when the mobile device 120 uses the SIM card to connect to a mobile communication network, the data input module 240 may prompt the user to enter the door number through the peripheral output device of the mobile device 120 Enter the door number recorded in the SIM card in the data.
驗證模組250可以透過裝置解鎖資料驗證使用者身份。其中,本創作所提之裝置解鎖資料可以是指紋、聲紋、人臉等生物資料,也可以是使用者設定的密碼或手勢,但本創作並不以上述為限。The verification module 250 may verify the identity of the user through the device unlocking data. Among them, the device unlocking data mentioned in this creation can be fingerprints, voiceprints, human faces and other biological data, or passwords or gestures set by users, but this creation is not limited to the above.
更詳細的說,驗證模組250可以依據執行於行動裝置120中之作業系統的類型與版本選擇透過裝置解鎖資料驗證使用者身份的方式,例如:驗證模組250可以選擇要求使用者透過行動裝置120的周邊輸入裝置進行裝置解鎖資料的輸入,並呼叫執行於行動裝置120中之作業系統確認被輸入的裝置解鎖資料是否正確以驗證使用者身份;也可以選擇呼叫執行於行動裝置120中之作業系統所提供的螢幕解鎖應用程式介面以提供使用者輸入裝置解鎖資料,並透過螢幕解鎖應用程式介面判斷被輸入的裝置解鎖資料是否正確以驗證使用者身份;或可以選擇關閉螢幕等待使用者開啟螢幕並輸入裝置解鎖資料完成螢幕解鎖以確認使用者身份等,但驗證模組250的選擇驗證使用者身份的方式並不以上述為限。In more detail, the authentication module 250 may choose a method for verifying the identity of the user through the device unlocking data according to the type and version of the operating system running on the mobile device 120. For example, the authentication module 250 may choose to require the user to use the mobile device The peripheral input device of 120 enters the device unlocking data, and calls the operating system running on the mobile device 120 to confirm whether the entered device unlocking data is correct to verify the identity of the user; it can also choose to call the operation performed on the mobile device 120 The screen unlock application interface provided by the system provides users to enter the device unlock data, and the screen unlock application interface is used to determine whether the entered device unlock data is correct to verify the user's identity; or the user can choose to turn off the screen and wait for the user to turn on the screen And enter the device unlocking data to complete the screen unlocking to confirm the identity of the user, etc., but the way in which the verification module 250 chooses to verify the identity of the user is not limited to the above.
網路判斷模組260可以判斷行動裝置120當前是否選擇使用行動通訊網路,並可以在判斷行動裝置120當前未選擇使用行動通訊網路時,例如當前使用如WiFi等無線區域網路時,透過行動裝置120的周邊輸出裝置提示使用者將行動裝置120改為使用行動通訊網路。The network determination module 260 can determine whether the mobile device 120 currently chooses to use a mobile communication network, and can determine when the mobile device 120 is not currently selected to use a mobile communication network, such as when currently using a wireless local area network such as WiFi. The peripheral output device of 120 prompts the user to change the mobile device 120 to use a mobile communication network.
在部分的實施例中,網路判斷模組260也可以在判斷行動裝置120當前未使用行動通訊網路時,透過行動裝置120的周邊輸出裝置提示使用者行動裝置120將被改為使用行動通訊網路,並將行動裝置120切換為使用行動通訊網路。In some embodiments, the network determining module 260 may also prompt the user that the mobile device 120 will be changed to use the mobile communication network when determining that the mobile device 120 is not currently using the mobile communication network. And switch the mobile device 120 to use a mobile communication network.
通訊模組280負責驅動行動裝置120上所安裝的用戶識別模組,藉以透過行動裝置120的通訊介面使用行動通訊網路與應用主機111連接。一般而言,通訊模組280可以驅動用戶識別模組,並透過用戶識別模組獲得行動通訊網路的使用權。The communication module 280 is responsible for driving the user identification module installed on the mobile device 120 so as to connect to the application host 111 through the communication interface of the mobile device 120 using a mobile communication network. Generally speaking, the communication module 280 can drive the user identification module and obtain the use right of the mobile communication network through the user identification module.
通訊模組280也負責透過行動裝置120的通訊介面使用行動通訊網路與應用主機111連接,並負責將資料取得模組220所取得的網路識別資料以及門號資料傳送至應用主機111,也可以接收應用主機111所傳送的登入結果。The communication module 280 is also responsible for connecting to the application host 111 using the mobile communication network through the communication interface of the mobile device 120, and is responsible for transmitting the network identification data and door number data obtained by the data acquisition module 220 to the application host 111. Receive the login result transmitted by the application host 111.
在部分的實施例中,通訊模組280也可以接收應用主機111所傳送的門號資料,並可以將所接收到的門號資料儲存於行動裝置120的記憶體模組或大容量儲存區等記憶單元中。In some embodiments, the communication module 280 may also receive the door number data transmitted by the application host 111, and may store the received door number data in a memory module or a large-capacity storage area of the mobile device 120, etc. Memory unit.
應用主機111可以透過通訊介面使用有線或無線網路與身份識別主機112連接,也可以透過通訊介面提供行動裝置120透過行動通訊網路連接。其中,應用主機111透過通訊介面可以接收所連接之行動裝置120及/或身份識別主機112所傳送的資料或訊號,並可以傳送資料或訊號給所連接之行動裝置120及/或身份識別主機112。The application host 111 may be connected to the identification host 112 using a wired or wireless network through a communication interface, and may also provide the mobile device 120 to be connected through a mobile communication network through a communication interface. The application host 111 can receive data or signals transmitted by the connected mobile device 120 and / or the identification host 112 through the communication interface, and can transmit data or signals to the connected mobile device 120 and / or the identification host 112. .
應用主機111負責提供一種或多種應用服務給行動裝置120,並可以在行動裝置請求特定的應用服務時,確認行動裝置120是否已完成使用者登入,若否,則應用主機111可以要求行動裝置120進行使用者登入作業。The application host 111 is responsible for providing one or more application services to the mobile device 120, and can confirm whether the mobile device 120 has completed user login when the mobile device requests a specific application service. If not, the application host 111 can request the mobile device 120 Perform user login.
應用主機111也負責接收行動裝置120所傳送的網路識別資料以及門號資料,並將所接收到的網路識別資料以及門號資料傳送給身份識別主機112。The application host 111 is also responsible for receiving the network identification data and the door number data transmitted by the mobile device 120, and transmitting the received network identification data and the door number data to the identification host 112.
應用主機111也負責接收身份識別主機112所傳送的登入結果,並依據所接收到的登入結果選擇是否執行行動裝置120所請求的應用服務,也就是說,應用主機111可以在登入結果表示登入失敗時,拒絕執行行動裝置120所請求的應用服務,並可以在登入結果表示登入成功時,執行行動裝置120所請求的應用服務。在部分的實施例中,應用主機111可以在登入結果表示登入成功後,判斷行動裝置120是否已登入,若是則直接執行行動裝置120所請求的應用服務,若否,則可以先依據行動裝置120所傳送的門號資料讀出行動裝置120之使用者的全部或部分使用者資料,並使用所讀出之使用者資料登入行動裝置120後,再執行行動裝置120所請求的服務。The application host 111 is also responsible for receiving the login result transmitted by the identification host 112 and selecting whether to execute the application service requested by the mobile device 120 according to the received login result. That is, the application host 111 can indicate that the login fails on the login result , The application service requested by the mobile device 120 is refused to be executed, and the application service requested by the mobile device 120 may be executed when the login result indicates that the login is successful. In some embodiments, the application host 111 may determine whether the mobile device 120 is logged in after the login result indicates that the login is successful. If it is, then the application service requested by the mobile device 120 is directly executed. The transmitted door number data reads all or part of the user data of the user of the mobile device 120, and uses the read user data to log in to the mobile device 120, and then executes the service requested by the mobile device 120.
身份識別主機112可以透過通訊介面使用有線或無線網路分別與應用主機111以及身份驗證伺服器113連接,身份識別主機112透過通訊介面也可以接收應用主機111及/或身份驗證伺服器113所傳送的資料或訊號,並可以傳送資料或訊號給應用主機111及/或身份驗證伺服器113。The identification host 112 can be connected to the application host 111 and the authentication server 113 through a communication interface using a wired or wireless network. The identification host 112 can also receive the transmission from the application host 111 and / or the authentication server 113 through the communication interface. Data or signals, and can send data or signals to the application host 111 and / or the authentication server 113.
身份識別主機112負責接收應用主機111所傳送的網路識別資料以及門號資料,並將所接收到的網路識別資料以及門號資料傳送給身份驗證伺服器113。身份識別主機112也負責接收身份驗證伺服器113所傳送的登入結果,並將所接收到的登入結果傳送給應用主機111。The identification host 112 is responsible for receiving the network identification data and the door number data transmitted by the application host 111, and transmitting the received network identification data and the door number data to the identity verification server 113. The identification host 112 is also responsible for receiving the login result transmitted by the authentication server 113 and transmitting the received login result to the application host 111.
身份驗證伺服器113可以透過通訊介面使用有線或無線網路分別與身份識別主機112以及電信伺服器130連接,身份驗證伺服器113透過通訊介面也可以接收身份識別主機112及/或電信伺服器130所傳送的資料或訊號,並可以傳送資料或訊號給身份識別主機112及/或電信伺服器130。The authentication server 113 can be connected to the identification host 112 and the telecommunication server 130 through a communication interface using a wired or wireless network. The authentication server 113 can also receive the identification host 112 and / or the telecommunication server 130 through the communication interface. The transmitted data or signals may also be transmitted to the identification host 112 and / or the telecommunication server 130.
身份驗證伺服器113負責接收身份識別主機112所傳送的網路識別資料以及門號資料,並將所接收到的網路識別資料以及門號資料傳送給電信伺服器130。身份驗證伺服器113也負責接收電信伺服器130所傳送的登入結果,並將所接收到的登入結果傳送給身份識別主機112。The identity verification server 113 is responsible for receiving the network identification data and the door number data transmitted by the identification host 112, and transmitting the received network identification data and the door number data to the telecommunication server 130. The identity verification server 113 is also responsible for receiving the login result transmitted by the telecommunication server 130 and transmitting the received login result to the identity identification host 112.
在部分的實施例中,應用主機111、身份識別主機112、身份驗證伺服器113可以包含在服務伺服器110中,如「第1B圖」所示。其中,服務伺服器110可以包含應用主機111、身份識別主機112、以及身份驗證伺服器113等實體的計算裝置,例如刀鋒伺服器等;服務伺服器110也可以是整合應用主機111對行動裝置120之所有功能以及身份驗證伺服器113對電信伺服器130之所有功能的伺服器。也就是說,服務伺服器110可以透過通訊介面使用有線或無線網路與電信伺服器130連接,也可以提供行動裝置120透過行動通訊網路連接。其中,服務伺服器110可以透過通訊介面接收所連接之行動裝置120及/或電信伺服器130所傳送的資料或訊號,並可以傳送資料或訊號給所連接之行動裝置120及/或電信伺服器130。如此,服務伺服器110可以提供行動裝置120應用服務,並可以將行動裝置120所傳送的網路識別資料與門號資料傳送至電信伺服器130。In some embodiments, the application host 111, the identification host 112, and the authentication server 113 may be included in the service server 110, as shown in FIG. 1B. The service server 110 may include computing devices such as the application host 111, the identification host 112, and the authentication server 113, such as a blade server. The service server 110 may also integrate the application host 111 with the mobile device 120. All functions of the authentication server 113 and all functions of the telecommunications server 130. That is, the service server 110 may be connected to the telecommunication server 130 through a communication interface using a wired or wireless network, and may also provide the mobile device 120 to be connected through a mobile communication network. The service server 110 may receive data or signals transmitted by the connected mobile device 120 and / or the telecommunication server 130 through a communication interface, and may transmit data or signals to the connected mobile device 120 and / or the telecommunication server. 130. In this way, the service server 110 can provide application services for the mobile device 120 and can transmit the network identification data and door number data transmitted by the mobile device 120 to the telecommunication server 130.
另外,在部分的實施例中,也可以選擇整合應用主機111與身份識別主機112,使得行動裝置120將網路識別資料與門號資料透過整合後的計算裝置與身份驗證伺服器傳送給電信伺服器130,或可以選擇整合身份識別主機112與身份驗證伺服器113,使得行動裝置120將網路識別資料與門號資料透過應用主機111與整合後的計算裝置傳送給電信伺服器130,本創作不多加贅述。In addition, in some embodiments, you can also choose to integrate the application host 111 and the identification host 112, so that the mobile device 120 transmits the network identification data and door number data to the telecommunications server through the integrated computing device and the identity verification server. Device 130, or may choose to integrate the identification host 112 and the authentication server 113, so that the mobile device 120 transmits the network identification data and the door number data to the telecommunication server 130 through the application host 111 and the integrated computing device. Not much more.
電信伺服器130可以透過通訊介面使用有線或無線網路與身份驗證伺服器113連接,也可以透過通訊介面接收身份驗證伺服器113所傳送的資料或訊號,並可以透過通訊介面傳送資料或訊號給身份驗證伺服器113。The telecommunication server 130 can be connected to the authentication server 113 using a wired or wireless network through a communication interface, and can also receive data or signals transmitted by the authentication server 113 through a communication interface, and can transmit data or signals to the communication interface through the communication interface. Identity authentication server 113.
電信伺服器130也負責接收身份驗證伺服器113所傳送的網路識別資料以及門號資料,並負責依據所接收到的網路識別資料及門號資料產生登入結果,並傳送登入結果至身份驗證伺服器113。The telecommunication server 130 is also responsible for receiving the network identification data and door number data transmitted by the identity verification server 113, and is responsible for generating a login result based on the received network identification data and door number data, and transmitting the login result to the identity verification Server 113.
電信伺服器130可以依據所接收到的網路識別資料是否為電信伺服器130所發出、所接收到之門號資料是否包含於電信伺服器130預先建立的資料記錄中、門號資料是否與網路識別資料對應進行判斷,並可以在判斷後產生相對應的登入結果。例如,電信單位或電信機構為電信公司且網路識別資料為網路位址時,電信伺服器130可以判斷所接收到的網路識別資料是否被所屬電信公司預先建立之資料記錄所涵蓋(如資料記錄中記載網路識別資料或資料記錄所記載之網段包含網路識別資料等),藉以判斷網路識別資料是否為電信伺服器130所屬之電信單位或電信機構所擁有,也就是判斷網路識別資料是否為電信伺服器130所發出,但電信伺服器130判斷網路識別資料是否為電信伺服器130所發出的方式並不以上述為限;相似的,電信伺服器130可以判斷所接收到的門號是否被所屬電信公司預先建立之資料記錄所涵蓋(如資料記錄中記載門號或門號落在資料記錄所記載之門號範圍內等),藉以判斷門號是否為電信伺服器130所屬之電信單位或電信機構所擁有,但電信伺服器130判斷門號是否屬於電信伺服器130所屬的電信單位/機構的方式並不以上述為限;另外,電信伺服器130也可以搜尋是否儲存包含所接收到之門號資料中的門號與網路識別資料的資料,若是,表示門號資料與網路識別資料對應,若否,則表示門號資料未與網路識別資料對應。其中,電信伺服器130在上述任一項目判斷為否時,可以產生表示辨識失敗的登入結果;而當電信伺服器130在上述所有項目都判斷為是時,可以產生表示辨識成功的登入結果。也就是說,當登入結果表示身份辨識成功時,也就表示電信伺服器130判斷行動裝置120之使用者與電信伺服器130所記錄之資料相符,可以確認行動裝置120之使用者的身份;而當登入結果表示身份辨識失敗時,表示電信伺服器130無法確認行動裝置之使用者的身份。The telecommunications server 130 may determine whether the received network identification data is sent by the telecommunications server 130, whether the received door number data is included in a data record pre-established by the telecommunications server 130, and whether the door number data is connected to the Internet. The road identification data is judged correspondingly, and a corresponding login result can be generated after the judgment. For example, when the telecommunications unit or telecommunication company is a telecommunications company and the network identification data is a network address, the telecommunications server 130 may determine whether the received network identification data is covered by a data record established in advance by the telecommunications company (such as The network record is recorded in the data record or the network segment recorded in the data record contains network identification data, etc.), so as to determine whether the network identification data is owned by the telecommunications unit or telecommunication agency to which the telecommunication server 130 belongs, that is, the judgment network Whether the road identification data is sent by the telecommunication server 130, but the way in which the telecommunication server 130 determines whether the network identification data is sent by the telecommunication server 130 is not limited to the above; similarly, the telecommunication server 130 can determine the received Whether the door number is covered by the data record established by the telecommunications company in advance (such as the door number recorded in the data record or the door number falls within the door number range recorded in the data record, etc.), so as to determine whether the door number is a telecommunication server 130 is owned by a telecommunications unit or telecommunications agency, but the telecommunications server 130 determines whether the door number belongs to the telecommunications server 130 The method of the telecommunications unit / organization to which it belongs is not limited to the above; in addition, the telecommunications server 130 may also search whether to store the data including the door number and network identification data in the received door number data, and if so, the door The number data corresponds to the network identification data. If not, it means that the door number data does not correspond to the network identification data. Wherein, the telecommunication server 130 may generate a login result indicating that the identification is failed when any one of the above items is judged to be negative, and may generate a login result indicating that the identification is successful when all the above items are judged as yes. That is, when the login result indicates that the identification is successful, it also means that the telecommunication server 130 determines that the user of the mobile device 120 matches the data recorded by the telecommunication server 130, and can confirm the identity of the user of the mobile device 120; When the login result indicates that the identification fails, it means that the telecommunication server 130 cannot confirm the identity of the user of the mobile device.
接著以第一實施例來解說本創作的運作系統,並請參照「第3A圖」本創作所提之以網路識別資料透過電信伺服器進行登入之流程圖。在本實施例中,假設行動裝置120為手機,且服務伺服器110由應用主機111、身份識別主機112、以及身份驗證伺服器113等計算設備組成,但本創作並不以此為限。Next, the first embodiment is used to explain the operation system of this creation, and please refer to the flow chart of login through the telecommunication server with network identification data mentioned in "Creation 3A". In this embodiment, it is assumed that the mobile device 120 is a mobile phone, and the service server 110 is composed of a computing device such as an application host 111, an identification host 112, and an authentication server 113, but this creation is not limited thereto.
當使用者操作行動裝置120開啟包含身份識別元件200之網頁瀏覽器後,使用者可以操作行動裝置120使用網頁瀏覽器透過行動通訊網路連線到服務伺服器110(步驟301),並向服務伺服器110請求下載網頁。在本實施例中,假設服務伺服器110為銀行或證券公司所架設,藉以提供網路銀行或線上證券交易平台等應用服務。After the user operates the mobile device 120 to open the web browser including the identification element 200, the user can operate the mobile device 120 to use the web browser to connect to the service server 110 through the mobile communication network (step 301), and send the request to the service server. The browser 110 requests to download a web page. In this embodiment, it is assumed that the service server 110 is set up by a bank or a securities company to provide application services such as an online bank or an online securities trading platform.
在行動裝置120中執行的網頁瀏覽器顯示所請求的網頁後,使用者可以點擊網頁瀏覽器所顯示的網頁,藉以由網頁所提供之一種或多種應用服務中選擇執行其中一種。在本實施例中,若使用者所選擇的應用服務需要登入,則網頁瀏覽器可以顯示包含登入介面的網頁,藉以提供使用者輸入門號資料,並顯示使用者所輸入的門號資料;網頁瀏覽器也可以在顯示包含登入介面的網頁後,讀取預先儲存在特定儲存位置或特定儲存空間中的門號資料,並將所讀出的門號資料寫入網頁中。After the web browser executed in the mobile device 120 displays the requested web page, the user can click on the web page displayed by the web browser to select and execute one of one or more application services provided by the web page. In this embodiment, if the application service selected by the user needs to log in, the web browser may display a web page including a login interface, so as to provide the user to enter the door number data and display the door number data entered by the user; the web page The browser may also read the door number data stored in a specific storage location or a specific storage space after displaying the web page including the login interface, and write the read door number data into the web page.
在使用者完成門號資料的輸入後,網頁瀏覽器可以在包含登入介面的網頁中,以對話方塊或是彈出式網頁等方式提示使用者是否選擇將被顯示網頁中的門號資料傳送到服務伺服器110。After the user finishes entering the door number data, the web browser can prompt the user with a dialog box or a pop-up page on the web page containing the login interface to choose whether to choose to send the door number data in the displayed web page to the service Server 110.
在使用者選擇同意將門號資料傳送到服務伺服器110後,網頁瀏覽器可以呼叫身份識別元件200,使得身份識別元件200開始執行。在身份識別元件200執行後,身份識別元件200的資料取得模組220可以取得網路識別資料以及門號資料(步驟330)。在本實施例中,假設網路識別資料為網路位址,資料取得模組220可以偵測行動裝置120所使用的網路位址,並可以取得網頁瀏覽器所顯示之網頁中的門號資料。After the user chooses to agree to transmit the door number data to the service server 110, the web browser can call the identification element 200, so that the identification element 200 starts to execute. After the identification element 200 is executed, the data obtaining module 220 of the identification element 200 can obtain network identification data and door number data (step 330). In this embodiment, assuming that the network identification data is a network address, the data acquisition module 220 can detect the network address used by the mobile device 120 and can obtain the door number in the web page displayed by the web browser. data.
在身份識別元件200的資料取得模組220取得網路識別資料以及門號資料(步驟330)後,身份識別元件200的通訊模組280可以透過行動通訊網路傳送資料取得模組220所取得之網路識別資料及門號資料到服務伺服器110(步驟360)。在本實施例中,通訊模組280也就是將網路識別資料以及門號資料傳送給應用主機111。After the data acquisition module 220 of the identification component 200 obtains the network identification data and the door number data (step 330), the communication module 280 of the identification component 200 can transmit the network obtained by the data acquisition module 220 through the mobile communication network. The road identification data and door number data are sent to the service server 110 (step 360). In this embodiment, the communication module 280 transmits network identification data and gate number data to the application host 111.
另外,在本實施例中,若身份識別元件200包含驗證模組250,則在身份識別元件200的通訊模組280透過行動通訊網路傳送網路識別資料及門號資料到服務伺服器110(步驟360)前,驗證模組250可以先呼叫行動裝置120的作業系統所提供的應用程式介面(API),使得行動裝置120的作業系統要求行動裝置120的使用者輸入裝置解鎖資料並驗證使用者輸入的裝置解鎖資料(步驟340),藉以驗證使用者身份。若驗證模組250判斷裝置解鎖資料沒有通過行動裝置120之作業系統的驗證,則通訊模組280可以不傳送網路識別資料及門號資料,驗證模組250可以再次呼叫行動裝置120之作業系統所提供的應用程式介面;而當驗證模組250判斷裝置解鎖資料通過行動裝置120之作業系統的驗證後,通訊模組280才傳送網路識別資料及門號資料至服務伺服器110(步驟360)。需要說明的是,身份識別元件200的資料取得模組220與驗證模組250並沒有執行先後次序的關係,但一般而言,驗證模組250通常可以在資料取得模組220取得網路識別資料以及門號資料(步驟330)後,才呼叫行動裝置120之作業系統所提供的應用程式介面,使得行動裝置120的作業系統判斷使用者輸入的裝置解鎖資料是否通過驗證(步驟340)。In addition, in this embodiment, if the identification element 200 includes the authentication module 250, the communication module 280 of the identification element 200 transmits the network identification data and the door number data to the service server 110 through the mobile communication network (step 360), the authentication module 250 may first call the application program interface (API) provided by the operating system of the mobile device 120, so that the operating system of the mobile device 120 requires the user of the mobile device 120 to input the device unlocking data and verify the user input Of the device (step 340) to verify the identity of the user. If the verification module 250 determines that the device unlocking data does not pass the verification of the operating system of the mobile device 120, the communication module 280 may not transmit network identification data and door number data, and the verification module 250 may call the operating system of the mobile device 120 again The provided application program interface; and when the verification module 250 determines that the device unlocking data passes the verification of the operating system of the mobile device 120, the communication module 280 transmits the network identification data and the door number data to the service server 110 (step 360 ). It should be noted that the relationship between the data acquisition module 220 and the authentication module 250 of the identification component 200 does not perform a sequential relationship, but in general, the authentication module 250 can usually obtain network identification data at the data acquisition module 220 And the door number data (step 330), the application program interface provided by the operating system of the mobile device 120 is called, so that the operating system of the mobile device 120 determines whether the device unlocking data input by the user passes the verification (step 340).
在服務伺服器110接收行動裝置120所傳送的網路識別資料以及門號資料後,可以將所接收到的網路識別資料以及門號資料傳送給電信伺服器130(步驟370)。在本實施例中,也就是應用主機111將網路識別資料以及門號資料傳送給身份識別主機112,並由身份識別主機112透過身份驗證伺服器113將應用主機111所傳送的網路識別資料以及門號資料轉送到電信伺服器130。After the service server 110 receives the network identification data and the door number data transmitted by the mobile device 120, it can transmit the received network identification data and the door number data to the telecommunication server 130 (step 370). In this embodiment, the application host 111 transmits the network identification data and the door number data to the identification host 112, and the identification host 112 transmits the network identification data transmitted by the application host 111 through the authentication server 113. And the door number data is transferred to the telecommunication server 130.
在電信伺服器130接收到行動裝置120所傳送的網路識別資料以及門號資料後,電信伺服器130可以依據所接收到的網路識別資料以及門號資料產生登入結果。在本實施例中,假設電信伺服器130可以先判斷所接收到的網路位址是否為電信伺服器130所屬之電信單位/機構所擁有,也就是判斷網路位址是否包含在預先建立的資料記錄中,若否,則電信伺服器130可以產生表示辨識失敗的登入結果;若是,電信伺服器130可以接著判斷所接收到之門號資料中的門號是否為電信伺服器130所屬之電信單位/機構所擁有,也就是判斷門號是否包含於預先建立之資料記錄中,若否,則電信伺服器130可以產生表示辨識失敗的登入結果;若是,電信伺服器130可以繼續判斷門號資料中的門號是否與網路位址對應,也就是判斷是否有一筆資料同時包含門號與網路位址,若否,則電信伺服器130可以產生表示辨識失敗的登入結果;若是,電信伺服器130可以產生表示辨識成功的登入結果。After the telecommunication server 130 receives the network identification data and the door number data transmitted by the mobile device 120, the telecommunication server 130 may generate a login result according to the received network identification data and the door number data. In this embodiment, it is assumed that the telecommunication server 130 can first determine whether the received network address is owned by the telecommunication unit / institution to which the telecommunication server 130 belongs, that is, whether the network address is included in the pre-established In the data record, if not, the telecommunication server 130 can generate a login result indicating that the identification has failed; if so, the telecommunication server 130 can then determine whether the door number in the received door number data is the telecommunication to which the telecommunication server 130 belongs. Owned by the unit / institution, that is, determining whether the door number is included in the pre-established data record; if not, the telecommunication server 130 can generate a login result indicating that the identification has failed; if it is, the telecommunication server 130 can continue to judge the door number data Whether the gate number in the map corresponds to the network address, that is, to determine whether there is a piece of data containing both the gate number and the network address. If not, the telecommunication server 130 can generate a login result indicating that the identification has failed; if so, the telecommunication server The device 130 may generate a login result indicating that the identification is successful.
在電信伺服器130依據所接收到的網路識別資料以及門號資料產生登入結果後,可以將所產生的登入結果傳送給服務伺服器110(步驟380)。在本實施例中,電信伺服器130可以將登入結果傳送給身份驗證伺服器113,並由身份識別主機112將身份驗證伺服器113所接收到的登入結果轉送給應用主機111,使得應用主機111可以依據登入結果判斷行動裝置120是否成功登入。當登入結果表示登入失敗時,應用主機111可以判斷門號資料中的門號並非由行動裝置120的使用者所使用,因此可以認定使用者的資料有誤,拒絕行動裝置120的登入;而當登入結果表示登入成功時,應用主機111可以判斷門號資料中的門號確實由行動裝置120的使用者所使用,因此,可以認定使用者身份為真,如此,應用主機111可以完成行動裝置120的登入作業,也就是依據行動裝置120所傳送的門號資料讀取行動裝置120之使用者的使用者資料,並依據所讀出的使用者資料完成使用者登入作業。如此,透過本創作,服務伺服器110便可以透過電信伺服器130取得行動裝置120的登入結果,並可以將行動裝置120登入服務伺服器110。After the telecommunication server 130 generates a login result according to the received network identification data and door number data, the generated login result may be transmitted to the service server 110 (step 380). In this embodiment, the telecommunication server 130 may transmit the login result to the identity verification server 113, and the identity recognition host 112 forwards the login result received by the identity verification server 113 to the application host 111, so that the application host 111 Whether the mobile device 120 is successfully logged in may be determined according to the login result. When the login result indicates that the login fails, the application host 111 can determine that the door number in the door number data is not used by the user of the mobile device 120, so it can determine that the user's data is incorrect and reject the login of the mobile device 120; and when When the login result indicates that the login is successful, the application host 111 can determine that the door number in the door number data is indeed used by the user of the mobile device 120. Therefore, the user identity can be determined to be true. In this way, the application host 111 can complete the mobile device 120 The login operation is to read the user data of the user of the mobile device 120 according to the door number data sent by the mobile device 120, and complete the user login operation according to the read user data. In this way, through this creation, the service server 110 can obtain the login result of the mobile device 120 through the telecommunication server 130, and can log in the mobile device 120 to the service server 110.
繼續以第二實施例來解說本創作的運作系統,同樣請參照「第3A圖」。在本實施例中,假設行動裝置120與服務伺服器110都與第一實施例相同,且行動裝置120已經透過行動通訊網路與服務伺服器110中的應用主機111連接(步驟301),並已登入應用主機111。Continuing to explain the operation system of this creation with the second embodiment, please also refer to "Figure 3A". In this embodiment, it is assumed that the mobile device 120 and the service server 110 are the same as the first embodiment, and the mobile device 120 has been connected to the application host 111 in the service server 110 through a mobile communication network (step 301), and has been Log in to the application host 111.
與第一實施例不同的是,在本實施例中,假設行動裝置120的使用者在登入應用主機111後,若在網頁瀏覽器中點選需要確認執行服務之使用者為登入者本人的應用服務,例如,在網路銀行中執行轉帳交易或在線上證券交易平台中進行下單等服務,則應用主機111可能再次要求使用者登入,此時,應用主機111可以先讀取使用者資料中的門號資料,並在傳送進行下單之服務的網頁給執行於行動裝置120上的網頁伺服器時,一併傳送所讀出的門號資料。Different from the first embodiment, in this embodiment, it is assumed that, after the user of the mobile device 120 logs in to the application host 111, if he clicks in the web browser to confirm that the user who executes the service is the user who signed in Services, such as performing a transfer transaction in an online bank or placing an order in an online securities trading platform, the application host 111 may ask the user to log in again. At this time, the application host 111 may first read the user data When transmitting the webpage of the service for placing an order to the web server running on the mobile device 120, the readout of the webpage data is also transmitted.
網頁瀏覽器在接收到應用主機111所傳送的網頁與門號資料後可以顯示所接收到的網頁,並可以將所接收到的門號資料顯示於網頁中,及可以提示使用者確認是否選擇將被顯示的門號資料傳送到電信伺服器130進行使用者登入,在使用者選擇同意後,應用程式可以呼叫身份識別元件200。The web browser can display the received web page after receiving the web page and door number data transmitted by the application host 111, and can display the received door number data on the web page, and can prompt the user to confirm whether to choose The displayed door number data is transmitted to the telecommunication server 130 for user login. After the user selects consent, the application program can call the identity recognition element 200.
在身份識別元件200被喚起後,身份識別元件200的資料取得模組220可以取得網路識別資料以及門號資料(步驟330),身份識別元件200的通訊模組280可以透過行動通訊網路傳送資料取得模組220所取得之網路識別資料到服務伺服器110(步驟360),服務伺服器110可以傳送接收自行動裝置120的網路識別資料及門號資料至電信伺服器130(步驟370),電信伺服器130可以依據所接收到的網路識別資料以及門號資料產生登入結果,並可以將所產生的登入結果傳送給服務伺服器110(步驟380)。在本實施例中,由於上述步驟與第一實施例相同,故不再贅述。After the identification element 200 is awakened, the data acquisition module 220 of the identification element 200 can obtain the network identification data and the door number data (step 330), and the communication module 280 of the identification element 200 can transmit the data through the mobile communication network. The network identification data obtained by the obtaining module 220 is transmitted to the service server 110 (step 360). The service server 110 may transmit the network identification data and door number data received from the mobile device 120 to the telecommunication server 130 (step 370). The telecommunication server 130 may generate a login result according to the received network identification data and door number data, and may transmit the generated login result to the service server 110 (step 380). In this embodiment, since the above steps are the same as those in the first embodiment, they are not described again.
在服務伺服器110接收到電信伺服器所產生的登入結果後,可以依據所接收到的登入結果判斷行動裝置120是否成功登入,並可以在登入結果表示行動裝置120成功登入時,執行行動裝置120請求執行的服務。在本實施例中,也就是由服務伺服器110所包含的應用主機111判斷行動裝置120成功登入後,執行行動裝置120所請求的轉帳交易或線上下單等服務,並將執行結果傳回在行動裝置120上執行的網頁瀏覽器,使得網頁瀏覽器可以顯示執行結果。而當應用主機111判斷所接收到的登入結果表示登入失敗時,可以拒絕執行行動裝置120請求執行的服務,並傳送提示訊息到在行動裝置120上執行的網頁瀏覽器,使得網頁瀏覽器以在網頁中或以對話方塊的方式提示行動裝置120的使用者登入失敗。After the service server 110 receives the login result generated by the telecommunications server, it can determine whether the mobile device 120 has successfully logged in based on the received login result, and can execute the mobile device 120 when the login result indicates that the mobile device 120 has successfully logged in. The requested service. In this embodiment, that is, the application host 111 included in the service server 110 determines that the mobile device 120 has successfully logged in, executes the transfer transaction or online ordering service requested by the mobile device 120, and returns the execution result to the The web browser executed on the mobile device 120 enables the web browser to display the execution results. When the application host 111 determines that the received login result indicates that the login fails, it may refuse to execute the service requested by the mobile device 120, and send a prompt message to the web browser executed on the mobile device 120, so that the web browser uses the The webpage or a dialog box is used to prompt the user of the mobile device 120 that the login fails.
上述兩實施例中,若身份識別元件200還包含網路判斷模組260,則如「第3B圖」之流程所示,在身份識別元件200的資料取得模組220可以取得網路識別資料以及門號資料(步驟330)前,網路判斷模組260可以先判斷行動裝置120是否使用行動通訊網路(步驟321),若網路判斷模組260判斷行動裝置120當前使用行動通訊網路,則資料取得模組220可以取得網路識別資料以及門號資料(步驟330);而若網路判斷模組260判斷行動裝置120當前並非使用行動通訊網路,例如判斷當前使用WiFi等無線區域網路,則網路判斷模組260可以直接關閉行動裝置120的無線區域網路功能,藉以將行動裝置120設定為使用行動通訊網路,使得資料取得模組220可以取得行動通訊網路的網路識別資料;網路判斷模組260也可以在判斷行動裝置120當前並非使用行動通訊網路時,提示使用者將行動裝置120設定為使用行動通訊網路(步驟325),資料取得模組220可以在網路判斷模組260判斷行動裝置120被設定為使用行動通訊網路後才取得網路識別資料以及門號資料(步驟330)。In the above two embodiments, if the identity recognition component 200 further includes a network determination module 260, as shown in the flowchart of FIG. 3B, the data acquisition module 220 of the identity identification component 200 can obtain network identification data and Before the door number data (step 330), the network determination module 260 may first determine whether the mobile device 120 is using a mobile communication network (step 321). If the network determination module 260 determines that the mobile device 120 is currently using a mobile communication network, the data The obtaining module 220 can obtain network identification data and door number data (step 330); and if the network determining module 260 determines that the mobile device 120 is not currently using a mobile communication network, such as determining that a wireless local area network such as WiFi is currently used, The network determining module 260 can directly turn off the wireless LAN function of the mobile device 120, thereby setting the mobile device 120 to use a mobile communication network, so that the data acquisition module 220 can obtain network identification data of the mobile communication network; The determination module 260 may also prompt the user to use the mobile device 120 when determining that the mobile device 120 is not currently using a mobile communication network. Determined to use a mobile communication network (step 325), the data acquisition module 220 may obtain the network identification data and door number data only after the network determination module 260 determines that the mobile device 120 is set to use the mobile communication network (step 330) .
另外,上述實施例中,若身份識別元件200還包含資料輸入模組240,則包含身份識別元件200的網頁瀏覽器可以在網頁中需要進行登入的服務被使用者選擇或執行後,呼叫身份識別元件200,而不顯示輸入門號資料的網頁。而在身份識別元件200執行後,資料輸入模組240可以提供使用者輸入門號資料的使用者介面,如此,身份識別元件200的資料取得模組220同樣可以取得使用者輸入的門號資料,同時,身份識別元件200也可以偵測行動裝置120所使用的網路識別資料(步驟330)。其中,在資料取得模組220取得門號資料前,行動裝置120可以如「第3C圖」之流程所示,先由身份識別元件200的偵測模組230偵測行動裝置120上所安裝的用戶識別模組(步驟311),在資料取得模組220取得門號資料時,資料取得模組220可以判斷偵測模組230是否偵測到兩個或兩個以上的用戶識別模組(步驟313),若否,則資料取得模組220可以直接取得網路識別資料以及門號資料(步驟330);而若資料取得模組220偵測到多個用戶識別模組,則資料取得模組220可以提示使用者在門號資料中輸入與行動裝置120當前用來使用之行動通訊網路之用戶識別模組對應的門號資料(步驟315),並在使用者確認後取得門號資料,以及偵測取得網路識別資料(步驟330)。In addition, in the above embodiment, if the identity recognition element 200 further includes a data input module 240, a web browser including the identity recognition element 200 can call the identity recognition service after the user selects or executes a service that requires login in the webpage. Component 200 without displaying a web page for entering door number information. After the identification element 200 is executed, the data input module 240 can provide a user interface for the user to input the door number data. In this way, the data acquisition module 220 of the identification element 200 can also obtain the door number data input by the user. At the same time, the identification component 200 can also detect network identification data used by the mobile device 120 (step 330). Among them, before the data acquisition module 220 obtains the door number data, the mobile device 120 may first detect the installed on the mobile device 120 by the detection module 230 of the identification component 200 as shown in the flow chart in FIG. 3C. User identification module (step 311). When the data acquisition module 220 obtains the door number data, the data acquisition module 220 can determine whether the detection module 230 has detected two or more user identification modules (step 313), if not, the data acquisition module 220 can directly obtain the network identification data and the door number data (step 330); and if the data acquisition module 220 detects multiple user identification modules, the data acquisition module 220 may prompt the user to enter the door number data corresponding to the user identification module of the mobile communication network currently used by the mobile device 120 in the door number data (step 315), and obtain the door number data after the user confirms, and Detect network identification data (step 330).
綜上所述,可知本創作與先前技術之間的差異在於具有行動裝置所執行之身分識別元件取得網路識別資料及門號資料後,透過行動通訊網路傳送網路識別資料及門號資料至服務伺服器,並由服務伺服器傳送網路識別資料以及門號資料至電信伺服器,使得電信伺服器依據網路識別資料及門號資料產生登入結果並傳送登入結果給服務伺服器之技術手段,藉由此一技術手段可以解決先前技術所存在行動裝置不易連接硬體載具以辨識使用者身份的問題,進而達成單獨使用行動裝置完成身份辨識的技術功效。In summary, it can be seen that the difference between this creation and the prior art lies in the fact that the identity identification component executed by the mobile device obtains network identification data and door number data, and then transmits the network identification data and door number data to The service server, and the service server sends the network identification data and the door number data to the telecommunication server, so that the telecommunication server generates a login result based on the network identification data and the door number data and sends the login result to the service server. With this technical method, the problem that the mobile device in the prior art cannot easily connect to a hardware carrier to identify the user's identity can be solved, and the technical effect of using the mobile device to complete the identity identification can be achieved.
再者,本創作之以網路識別資料透過電信伺服器進行登入之系統,可實現於硬體、軟體或硬體與軟體之組合中,亦可在電腦系統中以集中方式實現或以不同元件散佈於若干互連之電腦系統的分散方式實現。Furthermore, the system created by using the network identification data to log in through a telecommunication server can be implemented in hardware, software, or a combination of hardware and software. It can also be implemented in a computer system in a centralized manner or with different components. Achieved in a decentralized manner spread across several interconnected computer systems.
雖然本創作所揭露之實施方式如上,惟所述之內容並非用以直接限定本創作之專利保護範圍。任何本創作所屬技術領域中具有通常知識者,在不脫離本創作所揭露之精神和範圍的前提下,對本創作之實施的形式上及細節上作些許之更動潤飾,均屬於本創作之專利保護範圍。本創作之專利保護範圍,仍須以所附之申請專利範圍所界定者為準。Although the implementation method disclosed in this creation is as above, the content is not intended to directly limit the scope of patent protection of this creation. Any person with ordinary knowledge in the technical field to which this creation belongs, without departing from the spirit and scope disclosed by this creation, can make some modifications to the form and details of the implementation of this creation, which are all covered by the patent protection of this creation. range. The scope of patent protection for this creation must still be defined by the scope of the attached patent application.
110‧‧‧服務伺服器
111‧‧‧應用主機
112‧‧‧身份識別主機
113‧‧‧身份驗證伺服器
120‧‧‧行動裝置
130‧‧‧電信伺服器
200‧‧‧身份識別元件
220‧‧‧資料取得模組
230‧‧‧偵測模組
240‧‧‧資料輸入模組
250‧‧‧驗證模組
260‧‧‧網路判斷模組
280‧‧‧通訊模組
步驟301‧‧‧行動裝置透過行動通訊網路連線至服務伺服器
步驟311‧‧‧行動裝置偵測用戶識別模組
步驟313‧‧‧行動裝置判斷是否偵測到多個網路識別資料
步驟315‧‧‧行動裝置提示輸入與行動通訊網路對應之網路識別資料對應之門號
步驟321‧‧‧行動裝置判斷是否使用行動通訊網路
步驟325‧‧‧行動裝置提示改用行動通訊網路
步驟330‧‧‧行動裝置取得網路識別資料及門號資料
步驟340‧‧‧行動裝置判斷裝置解鎖資料是否通過驗證
步驟360‧‧‧行動裝置傳送網路識別資料及門號資料至服務伺服器
步驟370‧‧‧服務伺服器傳送網路識別資料與門號資料至電信伺服器
步驟380‧‧‧電信伺服器依據網路識別資料及門號資料產生登入結果,並傳送登入結果至服務伺服器
110‧‧‧Service Server
111‧‧‧Application Host
112‧‧‧Identification Host
113‧‧‧Authentication Server
120‧‧‧ mobile device
130‧‧‧Telecom server
200‧‧‧Identification component
220‧‧‧Data Acquisition Module
230‧‧‧ Detection Module
240‧‧‧Data Entry Module
250‧‧‧ Verification Module
260‧‧‧Network judgment module
280‧‧‧ Communication module step 301‧‧‧ Mobile device connects to the service server via mobile communication network Step 311‧‧‧ Mobile device detection user identification module Step 313‧‧‧ Mobile device determines whether multiple detected Steps 315‧‧‧ Mobile device prompts to enter the gate number corresponding to the network identification data corresponding to the mobile communication network Step 321‧‧‧ The mobile device determines whether to use the mobile communication network Step 325‧‧‧ Mobile device prompts to change Use the mobile communication network step 330‧‧‧ mobile device to obtain network identification data and door number data step 340‧‧‧ mobile device to determine whether the device unlock data passed the verification step 360‧‧‧ mobile device to send network identification data and door number data To the service server, step 370‧‧‧ The service server sends network identification data and door number data to the telecommunication server. Step 380‧‧‧, the telecommunication server generates a login result based on the network identification data and door number data, and sends the login result. To service server
第1A圖為本創作所提之以網路識別資料透過電信伺服器進行登入之系統架構圖。
第1B圖為本創作所提之另一種以網路識別資料透過電信伺服器進行登入之系統架構圖。
第2圖為本創作所提之行動裝置之元件示意圖。
第3A圖為本創作所提之以網路識別資料透過電信伺服器進行登入之流程圖。
第3B圖為本創作所提之提示切換網路之流程圖。
第3C圖為本創作所提之提示輸入用以使用行動通訊網路之門號之流程圖。
Figure 1A is a diagram of the system architecture used to log in through a telecommunications server using network identification data.
Figure 1B is a diagram of another system architecture that uses network identification data to log in through a telecommunications server.
Figure 2 is a schematic diagram of the components of the mobile device mentioned in the creation.
Figure 3A is a flow chart of login through a telecommunication server using network identification data mentioned in the creation.
Fig. 3B is a flow chart for prompting network switching mentioned in the creation.
Fig. 3C is a flow chart for prompting input of a gate number for using a mobile communication network mentioned in the creation.
Claims (10)
一服務伺服器;
一行動裝置,用以執行一身份識別元件,該身份識別元件包含:
一資料取得模組,用以獲取一門號資料及一網路識別資料;及
一通訊模組,用以透過行動通訊網路與該服務伺服器連接,並傳送該網路識別資料及該門號資料至該服務伺服器;及
一電信伺服器,用以接收該服務伺服器所傳送之該網路識別資料及該門號資料,及用以依據該網路識別資料及該門號資料產生一登入結果,並傳送該登入結果至該服務伺服器。 A system for logging in through a telecommunications server with network identification data, the system includes at least:
A service server;
A mobile device for executing an identity recognition element, the identity recognition element includes:
A data acquisition module for acquiring a door number data and a network identification data; and a communication module for connecting to the service server through a mobile communication network and transmitting the network identification data and the door number data To the service server; and a telecommunications server for receiving the network identification data and the door number data transmitted by the service server, and for generating a login based on the network identification data and the door number data As a result, the login result is transmitted to the service server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW108208569U TWM586495U (en) | 2019-07-02 | 2019-07-02 | System using network identification data for login through telecommunication server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW108208569U TWM586495U (en) | 2019-07-02 | 2019-07-02 | System using network identification data for login through telecommunication server |
Publications (1)
Publication Number | Publication Date |
---|---|
TWM586495U true TWM586495U (en) | 2019-11-11 |
Family
ID=69190377
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW108208569U TWM586495U (en) | 2019-07-02 | 2019-07-02 | System using network identification data for login through telecommunication server |
Country Status (1)
Country | Link |
---|---|
TW (1) | TWM586495U (en) |
-
2019
- 2019-07-02 TW TW108208569U patent/TWM586495U/en not_active IP Right Cessation
Similar Documents
Publication | Publication Date | Title |
---|---|---|
TWI754811B (en) | System for using device identification to identify via telecommunication server and method thereof | |
WO2015135388A1 (en) | Device, system, and method for creating virtual credit card | |
US20230014746A1 (en) | Voice-assistant activated virtual card replacement | |
US20150317635A1 (en) | Electronic gesture-based signatures | |
CN106851613A (en) | Service request method, the verification method of business handling number and its terminal | |
TWM580206U (en) | System for identifying identity through telecommunication server by identification data device | |
TWM586494U (en) | ID recognition system using network identification data through telecommunication server | |
CN112711955A (en) | NFC information transmission method, NFC information transmission device and NFC terminal | |
JP5944891B2 (en) | Mobile communication device, system and method for communicating between local terminal and multiple mobile devices | |
TWI704796B (en) | System for using network identification to sign in service server via telecommunication server and method thereof | |
US20150324796A1 (en) | Device-based payment authorization | |
TWI780341B (en) | System for using network identification to identify via telecommunication server and method thereof | |
TWM586495U (en) | System using network identification data for login through telecommunication server | |
TWI724638B (en) | System for using carrier to verity identity in machine for opening account and method thereof | |
TWI754812B (en) | System for using a device identification to log in via telecommunication server and method thereof | |
TWM586390U (en) | A system for performing identity verification according to the service instruction to execute the corresponding service | |
TWM588313U (en) | System for confirming user identity through financial account information | |
TWI757925B (en) | System for making two applications run simultaneously by calling input program and method thereof | |
TWI745015B (en) | System and method for providing authorized content generated during identity authentication for verifying transaction data before transaction | |
TWM580207U (en) | System for logging in through telecommunication server by identification data device | |
TWI691859B (en) | System for identifying according to instruction to execute service and method thereof | |
TWI729535B (en) | System for using financial account to confirm identity and method thereof | |
TWM580295U (en) | System for managing certificate with embedded browser module and computing equipment | |
TWI790495B (en) | System for driving smart card by third-party device for identity verification and method thereof | |
TWI746920B (en) | System for using certificate to verify identity from different domain through portal and method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
MM4K | Annulment or lapse of a utility model due to non-payment of fees |