TWM592134U - System for verifying identity for opening an account using a vehicle in an ATM - Google Patents
System for verifying identity for opening an account using a vehicle in an ATM Download PDFInfo
- Publication number
- TWM592134U TWM592134U TW108215313U TW108215313U TWM592134U TW M592134 U TWM592134 U TW M592134U TW 108215313 U TW108215313 U TW 108215313U TW 108215313 U TW108215313 U TW 108215313U TW M592134 U TWM592134 U TW M592134U
- Authority
- TW
- Taiwan
- Prior art keywords
- account
- data
- atm
- certificate
- account opening
- Prior art date
Links
Images
Abstract
一種在自動櫃員機中使用載具驗證身分以開戶之系統,其透過在自動櫃員機中安裝硬體載具之驅動程式,使自動櫃員機可以透過硬體載具對開戶資料簽章,並將開戶資料與簽章資料傳送給開戶伺服器,開戶伺服器可以透過憑證驗證伺服器驗證簽章資料後,使用開戶資料完成開戶程序之技術手段,可以無需臨櫃進行開戶,並達成讓開戶者選擇合適的時間與地點完成開戶的技術功效。A system for verifying identity by using a vehicle in an ATM to open an account. By installing a hardware vehicle driver in the ATM, the ATM can sign the account opening data through the hardware vehicle and sign the account opening data with The signature data is sent to the account opening server. After the account opening server can verify the signature data through the certificate verification server, the account opening data can be used to complete the account opening process. It can be used to open the account without going to the counter and achieve the right time for the account opener. Complete the technical effect of opening an account with the location.
Description
一種遠端開戶系統,特別係指一種在自動櫃員機中使用載具驗證身分以開戶之系統。A remote account opening system, especially a system that uses a vehicle to verify identity in an ATM to open an account.
銀行是提供支付、存款、儲蓄、貸款、電匯等業務的金融機構。要使用銀行所提供的業務,通常需要先在銀行開戶。Banks are financial institutions that provide services such as payment, deposits, savings, loans, and wire transfers. To use the services provided by the bank, you usually need to open an account with the bank first.
目前要在銀行開戶通常需要臨櫃進行,服務人員檢視開戶者所提供的開戶資料,並在需要時詢問開戶者一個或多個與開戶者相關的問題,藉以判斷是否允許開戶者開戶。Currently, opening an account at a bank usually needs to be done in the counter. The service staff examines the account opening information provided by the account opener, and asks the account opener one or more questions related to the account opener when necessary to determine whether the account opener is allowed to open the account.
然而,銀行的服務時間往往與大多數人工作的時間重疊,因此,開戶者需要請假才能夠到銀行開戶,造成開戶者的不便。However, the service hours of banks often overlap with the working hours of most people. Therefore, account holders need to take time off to open an account at the bank, causing inconvenience to the account holder.
綜上所述,可知先前技術中長期以來一直存在需要臨櫃才能開戶導致開戶不便的問題,因此有必要提出改進的技術手段,來解決此一問題。In summary, it can be seen that the prior art has long had the problem of inconvenience in opening an account in order to open an account, so it is necessary to propose improved technical means to solve this problem.
有鑒於先前技術存在需要臨櫃才能開戶導致開戶不便的問題,本創作遂揭露一種在自動櫃員機中使用載具驗證身分以開戶之系統,其中:In view of the prior art's problem that it is inconvenient to open an account to open an account, this creation discloses a system for using a vehicle to verify identity in an ATM to open an account, in which:
本創作所揭露之在自動櫃員機中使用載具驗證身分以開戶之系統,至少包含:憑證驗證伺服器;硬體載具,用以儲存私鑰及數位憑證;自動櫃員機,提供硬體載具連接,用以輸入開戶資料,及用以驅動硬體載具並提供開戶資料給硬體載具,使硬體載具使用私鑰對開戶資料簽章以產生簽章資料,並將簽章資料傳回自動櫃員機,其中,簽章資料包含數位憑證;開戶伺服器,用以接收自動櫃員機所傳送之開戶資料及簽章資料,並傳送開戶資料及簽章資料至憑證驗證伺服器以透過憑證驗證伺服器驗證簽章資料,及用以於簽章資料通過憑證驗證伺服器之驗證後,使用開戶資料完成開戶程序。The system disclosed in this creation that uses a vehicle to verify identity in an ATM to open an account includes at least: a certificate verification server; a hardware vehicle to store private keys and digital certificates; an ATM to provide a hardware vehicle connection , Used to input account opening data, and used to drive the hardware vehicle and provide account opening data to the hardware vehicle, so that the hardware vehicle uses the private key to sign the account opening data to generate signature data, and transfer the signature data Back to the ATM, where the signature data contains digital certificates; the account opening server is used to receive the account opening data and signature data sent by the ATM, and send the account opening data and signature data to the certificate verification server to verify the server through the certificate Device to verify the signature data, and to use the account opening data to complete the account opening process after the signature data is verified by the certificate verification server.
本創作所揭露之系統如上,與先前技術之間的差異在於本創作透過在自動櫃員機中安裝硬體載具之驅動程式,使自動櫃員機可以透過硬體載具對開戶資料簽章,並將開戶資料與簽章資料傳送給開戶伺服器,開戶伺服器可以透過憑證驗證伺服器驗證簽章資料後,使用開戶資料完成開戶程序,藉以解決先前技術所存在的問題,並可以達成讓開戶者選擇合適的時間與地點完成開戶的技術功效。The system disclosed in this creation is the same as above, and the difference between it and the previous technology is that this creation allows the ATM to sign the account opening data through the hardware vehicle and install the account by installing the hardware carrier driver in the ATM The data and signature data are sent to the account opening server. After the account opening server can verify the signature data through the certificate verification server, the account opening data can be used to complete the account opening process, so as to solve the problems in the previous technology and allow the account opener to choose the right Time and place to complete the technical effect of opening an account.
以下將配合圖式及實施例來詳細說明本創作之特徵與實施方式,內容足以使任何熟習相關技藝者能夠輕易地充分理解本創作解決技術問題所應用的技術手段並據以實施,藉此實現本創作可達成的功效。The following will describe the features and implementation of this creation in detail with reference to the drawings and examples. The content is sufficient for any person skilled in the relevant arts to easily fully understand and implement the technical means applied to solve the technical problems of this creation to implement accordingly, thereby realizing The effect that this creation can achieve.
本創作可以讓使用者使用具有數位憑證(digital certificate)的硬體載具透過自動櫃員機完成如銀行等金融機構的開戶程序。其中,本創作所提之硬體載具為可以管理數位憑證並可以加密資料或對資料簽章的硬體裝置,例如晶片卡(IC卡)或特殊的隨身碟等,但本創作並不以此為限;本創作所提之自動櫃員機包含但不限於自動提款機(Automated Teller Machine, ATM)或自動存款機(Cash Deposit Machine, CDM)等。This creation allows users to complete the account opening procedures of financial institutions such as banks through ATMs using hardware vehicles with digital certificates. Among them, the hardware carrier mentioned in this creation is a hardware device that can manage digital certificates and can encrypt data or sign data, such as chip cards (IC cards) or special pen drives, etc., but this creation does not use This is limited; the ATMs mentioned in this creation include but are not limited to Automated Teller Machine (ATM) or Cash Deposit Machine (CDM), etc.
以下先以「第1圖」本創作所提之在自動櫃員機中使用載具驗證身分以開戶之系統架構圖來說明本創作的系統。如「第1圖」所示,本創作之系統含有硬體載具110、自動櫃員機120、開戶伺服器130、憑證驗證伺服器150,以及可以附加的身分確認伺服器170、客戶端190。其中,自動櫃員機120、開戶伺服器130、憑證驗證伺服器150,、身分確認伺服器170、與客戶端190都是計算裝置。The following first describes the system of the system of creation with the system architecture diagram of using the vehicle verification identity to open an account in the ATM, which is mentioned in the creation of "Picture 1". As shown in "Figure 1", the system of this creation includes a
本創作所提之計算設備包含但不限於一個或多個處理器、一個或多個記憶體模組、以及連接不同元件(包括記憶體模組和處理器)的匯流排等元件。透過所包含之多個元件,計算設備可以載入並執行作業系統,使作業系統在計算設備上運行,也可以執行軟體或程式。另外,計算設備也包含一個外殼,上述之各個元件設置於外殼內。The computing devices mentioned in this creation include but are not limited to one or more processors, one or more memory modules, and buses that connect different components (including memory modules and processors). Through the included multiple components, the computing device can load and execute the operating system, so that the operating system runs on the computing device, and can also execute software or programs. In addition, the computing device also includes a housing, and the above-mentioned components are disposed in the housing.
本創作所提之計算設備的匯流排可以包含一種或多個類型,例如包含資料匯流排(data bus)、位址匯流排(address bus)、控制匯流排(control bus)、擴充功能匯流排(expansion bus)、及/或局域匯流排(local bus)等類型的匯流排。計算設備的匯流排包括但不限於並列的工業標準架構(ISA)匯流排、周邊元件互連(PCI)匯流排、視頻電子標準協會(VESA)局域匯流排、以及串列的通用序列匯流排(USB)、快速周邊元件互連(PCI-E)匯流排等。The bus of the computing device mentioned in this creation may include one or more types, for example, including a data bus, an address bus, a control bus, and an extended function bus ( Expansion bus), and/or local bus (local bus) and other types of bus. Computing equipment buses include but are not limited to parallel industrial standard architecture (ISA) buses, peripheral component interconnect (PCI) buses, video electronics standards association (VESA) local buses, and serial universal serial buses (USB), fast peripheral component interconnect (PCI-E) bus, etc.
本創作所提之計算設備的處理器與匯流排耦接。處理器包含暫存器(Register)組或暫存器空間,暫存器組或暫存器空間可以完全的被設置在處理晶片上,或全部或部分被設置在處理晶片外並經由專用電氣連接及/或經由匯流排耦接至處理器。處理器可為處理單元、微處理器或任何合適的處理元件。若計算設備為多處理器設備,也就是計算設備包含多個處理器,則計算設備所包含的處理器都相同或類似,且透過匯流排耦接與通訊。處理器可以解釋一連串的多個指令以進行特定的運算或操作,例如,數學運算、邏輯運算、資料比對、複製/移動資料等,藉以運行作業系統或執行各種程式、模組、及/或元件。The processor of the computing device mentioned in this creation is coupled to the bus. The processor includes a register group or register space. The register group or register space can be completely set on the processing wafer, or all or part of it can be set outside the processing wafer and connected via a dedicated electrical connection. And/or coupled to the processor via a bus. The processor may be a processing unit, a microprocessor, or any suitable processing element. If the computing device is a multi-processor device, that is, the computing device includes multiple processors, the processors included in the computing device are all the same or similar, and are coupled and communicated through the bus. The processor can interpret a series of multiple instructions to perform specific operations or operations, such as mathematical operations, logical operations, data comparison, copy/move data, etc., to run the operating system or execute various programs, modules, and/or element.
計算設備的處理器可以與晶片組耦接或透過匯流排與晶片組電性連接。晶片組是由一個或多個積體電路(IC)組成,包含記憶體控制器以及周邊輸出入(I/O)控制器,也就是說,記憶體控制器以及周邊輸出入控制器可以包含在一個積體電路內,也可以使用兩個或更多的積體電路實現。晶片組通常提供了輸出入和記憶體管理功能、以及提供多個通用及/或專用暫存器、計時器等,其中,上述之通用及/或專用暫存器與計時器可以讓耦接或電性連接至晶片組的一個或多個處理器存取或使用。The processor of the computing device may be coupled to the chipset or electrically connected to the chipset through the bus. The chipset is composed of one or more integrated circuits (ICs), including a memory controller and peripheral I/O controller, that is, the memory controller and peripheral I/O controller can be included in Within an integrated circuit, two or more integrated circuits can also be used. The chipset usually provides I/O and memory management functions, and provides multiple general-purpose and/or dedicated registers, timers, etc. Among them, the above-mentioned general-purpose and/or dedicated registers and timers can be coupled or One or more processors electrically connected to the chipset are accessed or used.
計算設備的處理器也可以透過記憶體控制器存取安裝於計算設備上的記憶體模組和大容量儲存區中的資料。上述之記憶體模組包含任何類型的揮發性記憶體(volatile memory)及/或非揮發性(non-volatile memory, NVRAM)記憶體,例如靜態隨機存取記憶體(SRAM)、動態隨機存取記憶體(DRAM)、快閃記憶體(Flash)、唯讀記憶體(ROM)等。上述之大容量儲存區可以包含任何類型的儲存裝置或儲存媒體,例如,硬碟機、光碟片、隨身碟(快閃記憶體)、記憶卡(memory card)、固態硬碟(Solid State Disk, SSD)、或任何其他儲存裝置等。也就是說,記憶體控制器可以存取靜態隨機存取記憶體、動態隨機存取記憶體、快閃記憶體、硬碟機、固態硬碟中的資料。The processor of the computing device can also access the data in the memory module and the mass storage area installed on the computing device through the memory controller. The above memory module includes any type of volatile memory (volatile memory) and/or non-volatile (non-volatile memory, NVRAM) memory, such as static random access memory (SRAM), dynamic random access Memory (DRAM), flash memory (Flash), read-only memory (ROM), etc. The above-mentioned large-capacity storage area may include any type of storage device or storage medium, for example, a hard disk drive, an optical disc, a flash drive (flash memory), a memory card (memory card), a solid state drive (Solid State Disk, SSD), or any other storage device, etc. In other words, the memory controller can access data in static random access memory, dynamic random access memory, flash memory, hard drives, and solid state drives.
計算設備的處理器也可以透過周邊輸出入控制器經由周邊輸出入匯流排與周邊輸出裝置、周邊輸入裝置、通訊介面、以及GPS接收器等周邊裝置或介面連接並通訊。周邊輸入裝置可以是任何類型的輸入裝置,例如鍵盤、滑鼠、軌跡球、觸控板、搖桿等,周邊輸出裝置可以是任何類型的輸出裝置,例如顯示器、印表機等,周邊輸入裝置與周邊輸出裝置也可以是同一裝置,例如觸控螢幕等。通訊介面可以包含無線通訊介面及/或有線通訊介面,無線通訊介面可以包含支援Wi-Fi、Zigbee等無線區域網路、藍牙、紅外線、近場通訊(NFC)、3G/4G/5G等行動通訊網路或其他無線資料傳輸協定的介面,有線通訊介面可為乙太網路裝置、非同步傳輸模式(ATM)裝置、DSL數據機、纜線(Cable)數據機等。處理器可以週期性地輪詢(polling)各種周邊裝置與介面,使得計算設備能夠透過各種周邊裝置與介面進行資料的輸入與輸出,也能夠與具有上面描述之元件的另一個計算設備進行通訊。The processor of the computing device can also connect and communicate with peripheral devices or interfaces such as peripheral output devices, peripheral input devices, communication interfaces, and GPS receivers through the peripheral input and output busses through the peripheral input and output controllers. The peripheral input device can be any type of input device, such as a keyboard, mouse, trackball, trackpad, joystick, etc. The peripheral output device can be any type of output device, such as a display, printer, etc., peripheral input device It can also be the same device as the peripheral output device, such as a touch screen. The communication interface may include a wireless communication interface and/or a wired communication interface. The wireless communication interface may include a wireless communication network supporting Wi-Fi, Zigbee, etc., Bluetooth, infrared, near field communication (NFC), 3G/4G/5G and other mobile communication networks The interface of wireless communication or other wireless data transmission protocol, wired communication interface can be Ethernet device, asynchronous transmission mode (ATM) device, DSL modem, cable modem, etc. The processor can periodically poll various peripheral devices and interfaces, so that the computing device can input and output data through the various peripheral devices and interfaces, and can also communicate with another computing device having the components described above.
硬體載具110負責儲存私鑰(private key)及數位憑證,其中,私鑰通常為開戶者所擁有,數位憑證包含相對應的憑證序號及與硬體載具110所儲存之私鑰對應的公鑰(public key)。更詳細的說,硬體載具110可以是能夠執行如晶片作業系統(Chip Operating System, COS)等具有管理數位憑證之功能的硬體裝置。The
硬體載具110也可以使用所儲存的私鑰加密目標資料或對目標資料簽章。硬體載具110在對目標資料簽章後,可以產生簽章資料。在本創作中,硬體載具110所產生的簽章資料可以包含目標資料及硬體載具110對目標資料簽章所產生的簽章值,簽章資料也可以包含硬體載具110所儲存的數位憑證。The
自動櫃員機120可以提供硬體載具110連接,並可以驅動硬體載具110,藉以在硬體載具110被驅動後傳送資料到硬體載具110,及接收硬體載具110所傳送的資料。一般而言,自動櫃員機120可以設有連接介面(圖中未示),使得硬體載具110可以透過連接介面與自動櫃員機120連接。其中,連接介面包含但不限於晶片卡插槽或USB插槽等。The
需要說明的是,自動櫃員機120在驅動硬體載具110時,可以先載入與硬體載具110連接之連接介面的驅動程式。自動櫃員機120在載入連接介面之驅動程式時,通常是以預先設定於自動櫃員機120的檔案存取順序至各個存取位置中尋找連接介面的驅動程式,也就是依序至檔案存取順序所定義的存取位置中搜尋連接介面的驅動程式,在自動櫃員機120找到連接介面的驅動程式後,便不會再至其他存取位置中搜尋驅動程式。由於習知之ATM/CDM等自動櫃員機120中通常安裝或儲存有連接介面的預設驅動程式,但預設驅動程式通常僅能夠讓習知之自動櫃員機120驅動金融卡,但無法驅動本創作所提之硬體載具110,所以,為了讓習知的ATM/CDM等自動櫃員機120可以驅動金融卡之外的硬體載具110,可以將與硬體載具110對應之連接介面的介面驅動程式安裝或儲存在順序優先於連接介面之預設驅動程式所安裝或存放的預設存取位置之前的自設存取位置中,使得自動櫃員機120在載入連接介面的驅動程式時,依據檔案存取順序優先選擇至自設存放位置搜尋連接介面的介面驅動程式,進而載入介面驅動程式,而不是由安裝或存放預設驅動程式的預設存取位置中載入預設驅動程式,藉以在保留預設驅動程式的情況下讓自動櫃員機120可以改為載入與硬體載具110對應之連接介面的介面驅動程式,進而與硬體載具110通訊。其中,本創作所提之存取位置通常為特定的目錄,例如,自訂存取位置為介面驅動程式的安裝目錄、預設存取位置為作業系統的驅動程式存放目錄等。It should be noted that, when the
自動櫃員機120也負責輸入開戶資料。自動櫃員機120可以在一般螢幕或觸控螢幕等顯示器上顯示輸入介面,並提供觸控螢幕或鍵盤等輸入裝置給開戶者輸入開戶資料。自動櫃員機120輸入之開戶資料包含但不限於開戶者的姓名、識別資料、性別、生日、住址、手機號碼、電子郵件帳號等,其中,開戶者的識別資料通常為身分證號、護照號碼或簽證號碼,但本創作並不以此為限。The
在部分的實施例中,自動櫃員機120所輸入的開戶資料也可以包含開戶者持有之身分證件的證件影像,在部分的實施例中,開戶資料還可以包含開戶者使用本創作之當下的影像(在本創作中亦以「開戶者影像」表示)。其中,開戶者的身分證件通常是身分證、駕照、健保卡等具有開戶者之面部影像的證件,開戶者影像包含完整的開戶者臉部。In some embodiments, the account opening data input by the
自動櫃員機120可以使用相同或不同的影像擷取模組(圖中未示)擷取證件影像及開戶者影像,本創作沒有特別的限制。其中,影像擷取模組包含但不限於相機、攝影機等。The
自動櫃員機120負責提供開戶資料給硬體載具110,使硬體載具110使用所儲存的私鑰對開戶資料簽章;自動櫃員機120也負責接收硬體載具110所傳回的簽章資料。更詳細的,自動櫃員機120可以呼叫連接硬體載具110之連接介面的驅動程式,並透過所呼叫之驅動程式產生與硬體載具110相容的指令,藉以使用所產生的指令與硬體載具110通訊,進而傳送資料給硬體載具110、執行指令及由硬體載具110接收資料。The
自動櫃員機120也可以透過有線或無線網路與開戶伺服器130或客戶端190連接,並可以接收開戶伺服器130/客戶端190所傳送的資料或訊號,也可以傳送資料或訊號至開戶伺服器130/客戶端190。例如,自動櫃員機120可以將所輸入之開戶資料及硬體載具110所提供的簽章資料傳送給開戶伺服器130。The
在部分的實施例中,自動櫃員機120也可以在所輸入的開戶資料包含證件影像及開戶者影像時,先判斷證件影像上之面部影像的臉部是否與開戶者影像所包含的開戶者臉部相符,並在兩者相符時將開戶資料及硬體載具110所提供的簽章資料傳送給開戶伺服器130,而當自動櫃員機120判斷證件影像上之面部影像的臉部與開戶者影像中之開戶者臉部不符時,可以在顯示器上顯示對應的提示訊息,並可以結束開戶程序。其中,自動櫃員機120可以在本地端(自動櫃員機120自身)或透過遠端伺服器(圖中未示)使用人臉辨識技術判斷證件影像上之面部影像的臉部特徵與開戶者影像中之開戶者臉部的特徵是否相符,藉以判斷證件影像上之面部影像是否與開戶者影像是否相符,但本創作並不以此為限。In some embodiments, the
自動櫃員機120也可以接收並播放客戶端190所傳送的聲音及/或影像,也可以接收開戶者所發出的聲音及/或擷取開戶者的即時影像,藉以提供開戶者與客戶端190即時通訊。The
開戶伺服器130可以透過有線或無線網路與自動櫃員機120及憑證驗證伺服器150連接,並可以接收自動櫃員機120/憑證驗證伺服器150所傳送的資料或訊號,也可以傳送資料或訊號給自動櫃員機120/憑證驗證伺服器150。例如,開戶伺服器130可以接收自動櫃員機120所傳送的開戶資料及簽章資料,並可以將所接收到的開戶資料以及簽章資料傳送給憑證驗證伺服器150,也可以接收憑證驗證伺服器150所傳送的驗證結果。The
開戶伺服器130負責在自動櫃員機120所傳送的簽章資料通過憑證驗證伺服器150的驗證時,使用接收自自動櫃員機120的開戶資料完成開戶程序。一般而言,開戶伺服器130是依據憑證驗證伺服器150所產生的驗證結果判斷簽章資料是否通過憑證驗證伺服器150的驗證。The
憑證驗證伺服器150可以透過有線或無線網路與開戶伺服器130及身分確認伺服器170連接,並可以接收開戶伺服器130/身分確認伺服器170所傳送的資料或訊號,也可以傳送資料或訊號給開戶伺服器130/身分確認伺服器170。The
憑證驗證伺服器150負責接收開戶伺服器130所傳送的開戶資料及簽章資料,也負責產生所接收之簽章資料的驗證結果,並負責將所產生的驗證結果傳回給開戶伺服器130。一般而言,憑證驗證伺服器150可以如習知驗證簽章的方式,由簽章資料所包含的數位憑證中取得開戶者的公鑰,並使用開戶者的公鑰與開戶資料驗證簽章資料以產生對應的驗證結果。The
在部分的實施例中,憑證驗證伺服器150還可以由所接收到之開戶資料中讀出開戶者識別資料,及由所接收到之簽章資料包含的數位憑證中讀出憑證序號,並可以產生包含所讀出之開戶者識別資料及憑證序號的憑證確認資料,也可以將所產生的憑證確認資料傳送給身分確認伺服器170。In some embodiments, the
憑證驗證伺服器150也可以接收身分確認伺服器170所傳送的身分確認結果,並可以在所接收到之簽章資料通過憑證驗證伺服器150自身的驗證且所接收到之身分確認結果表示所產生之憑證確認資料通過身分確認伺服器170的驗證時,才產生表示簽章資料通過驗證的驗證結果,反之,若簽章資料沒有通過憑證驗證伺服器150的驗證,或身分確認結果表示憑證確認資料沒有通過身分確認伺服器170的驗證時,憑證驗證伺服器150可以產生表示簽章資料沒有通過驗證的驗證結果。The
身分確認伺服器170可以透過有線或無線網路與憑證驗證伺服器150連接,並可以接收憑證驗證伺服器150所傳送的資料或訊號,也可以傳送資料或訊號給憑證驗證伺服器150。The
身分確認伺服器170可以接收憑證驗證伺服器150所傳送的憑證確認資料,並可以依據憑證確認資料中之憑證序號讀出相對應之數位憑證的相關資料。身分確認伺服器170所讀出之數位憑證的相關資料包含憑證擁有者的擁有者識別資料。The
身分確認伺服器170也可以判斷所讀出之數位憑證的相關資料所包含之憑證擁有者的擁有者識別資料是否與憑證確認資料中的開戶者識別資料相同,並產生相對應的身分確認結果,及將所產生的身分確認結果傳回憑證驗證伺服器150。若擁有者識別資料與開戶者識別資料相同,則身分確認伺服器170可以確認憑證確認資料與憑證驗證伺服器150所接收到之簽章資料中的數位憑證的擁有者相符,反之,若擁有者識別資料與開戶者識別資料不同,身分確認伺服器170可以判斷憑證確認資料與數位憑證之擁有者不符。The
客戶端190可以透過有線或無線網路與自動櫃員機120連接,並可以接收自動櫃員機120所傳送的資料或訊號,也可以傳送資料或訊號給自動櫃員機120。The
客戶端190可以接收自動櫃員機120所輸入之開戶資料中的證件影像及開戶者影像,並可以將證件影像及開戶者影像顯示給服務人員,使得服務人員可以確認客戶端190所顯示之證件影像與開戶者影像,並判斷證件影像與開戶者影像是否相符。The
客戶端190也可以透過即時傳遞之文字、聲音及/或影像的通訊方式提供使用客戶端190的服務人員與開戶者對談,使得服務人員可以向開戶者確認開戶資料的內容,藉以確認開戶者的開戶資料是否正確,服務人員也可以詢問開戶者開戶相關問題,藉以了解開戶者的開戶動機與目的。The
接著以一個實施例來解說本創作的系統運作,並請參照「第2A圖」本創作所提之在自動櫃員機中使用載具驗證身分以開戶之流程圖。Next, an embodiment is used to explain the operation of the system of this creation, and please refer to the flow chart of using the vehicle to verify the identity in the ATM mentioned in this creation in "Figure 2A" to open an account.
首先,自動櫃員機120可以輸入開戶資料(步驟210)。在本實施例中,假設自動櫃員機120為設有觸控螢幕、照相機及IC卡讀卡機的ATM或CDM,開戶者在觸控螢幕上點選開戶的選項後,可以依照觸控螢幕所顯示的指示,在自動櫃員機120中輸入姓名、身分證號、性別、地址、手機號碼、電子郵件帳號,並將身分證及健保卡放置在自動櫃員機120上的指定位置以提供照相機拍照,使得自動櫃員機120可以輸入包含開戶者所輸入之資料及身分證與健保卡正反面之影像資料的開戶資料。First, the
在自動櫃員機120輸入開戶資料(步驟210)後,自動櫃員機120可以提示使用者插入硬體載具110,藉以連接硬體載具110與自動櫃員機120(步驟230)。在本實施例中,假設開戶者使用自然人憑證IC卡作為硬體載具110,並將自然人憑證IC卡插入自動櫃員機120的IC卡讀卡機中。After the
在硬體載具110與自動櫃員機120連接(步驟230)後,自動櫃員機120可以驅動硬體載具110,並可以將所輸入的開戶資料提供給硬體載具110(步驟241),硬體載具110在接收到自動櫃員機120所提供的開戶資料後,可以使用所儲存的私鑰對所接收到的開戶資料簽章,並產生包含所儲存之數位憑證的簽章資料(步驟245),以及將所產生的簽章資料傳回自動櫃員機120(步驟249)。在本實施例中,假設自動櫃員機120所安裝之IC卡讀卡機的預設驅動程式只能產生與一般IC金融卡通訊的指令,也就是自動櫃員機120無法透過IC卡讀卡機的預設驅動程式與自然人憑證IC卡通訊,因此,自動櫃員機120的提供者可以預先在自動櫃員機120中安裝可以讓IC卡讀卡機與一般IC金融卡及自然人憑證IC卡都能通訊之與自然人憑證IC卡對應的介面驅動程式,使得自動櫃員機120在自然人憑證IC卡被插入IC卡讀卡機後,載入IC卡讀卡機的驅動程式時,可以依照預先設定的檔案存取順序,優先由自設存放位置(也就是安裝介面驅動程式的目錄)載入介面驅動程式,而不是由存放預設驅動程式的目錄中載入預設驅動程式,如此,自動櫃員機120便可以執行與自然人憑證IC卡對應介面驅動程式,藉以產生讓自然人憑證IC卡接收開戶資料,並對開戶資料簽章,以及將簽章所產生之簽章資料傳回的指令。After the
在自動櫃員機120接收到硬體載具110所傳回的簽章資料後,自動櫃員機120可以將所輸入的開戶資料以及所接收到的簽章資料傳送到開戶伺服器130(步驟250)。開戶伺服器130在接收到自動櫃員機120所傳送的開戶資料以及簽章資料後,可以將所接收到的開戶資料以及簽章資料傳送給憑證驗證伺服器150驗證(步驟260)。在本實施例中,假設憑證驗證伺服器150可以先使用所接收到之簽章資料中的數位憑證所包含之公鑰對所接收到的開戶資料進行演算,藉以產生驗證值,並可以比對所產生之驗證值與簽章資料中的簽章值,若兩者不同,則憑證驗證伺服器150可以產生表示驗證失敗的驗證結果。After the
而若憑證驗證伺服器150所產生之驗證值與簽章資料中的簽章值相同,則憑證驗證伺服器150除了可以產生表示驗證通過的驗證結果外,也可以如「第2B圖」之流程所示,產生憑證確認資料,並將所產生的憑證確認資料傳送給身分確認伺服器170(步驟273)。在本實施例中,假設身分確認伺服器170為執行身分確認服務(Identity Confirmation Service, ICS)的計算設備,憑證驗證伺服器150可以先讀出開戶資料中的身分證號(開戶者識別資料)及數位憑證中的憑證序號,並對所讀出之身分證號與憑證序號簽章,再將簽章所產生的資料作為憑證確認資料,並將憑證確認資料傳送給身分確認伺服器170。If the verification value generated by the
身分確認伺服器170接收到憑證驗證伺服器150所傳送的憑證確認資料後,身分確認伺服器170可以依據所接收到的憑證確認資料確認開戶資料中的身分證號(開戶者識別資料)是否與數位憑證之擁有者相符(步驟275),並產生相對應的驗證結果(步驟277)。例如,身分確認伺服器170可以依據憑證序號讀取數位憑證之擁有者的擁有者訊息,並比對擁有者訊息中之身分證號(擁有者識別資料)與開戶資料中的身分證號是否相同,當兩者相同時,身分確認伺服器170可以產生表示確認成功的驗證結果,反之,若擁有者識別資料與開戶資料中的開戶者識別資料不同,身分確認伺服器170可以產生表示確認失敗的驗證結果。After the
在身分確認伺服器170產生驗證結果後,可以將所產生的驗證結果傳回憑證驗證伺服器150。憑證驗證伺服器150在接收到身分確認伺服器170所產生之驗證結果後,可以在判斷所接收到之驗證結果是否表示確認成功。憑證驗證伺服器150可以在驗證結果表示確認成功時,產生表示簽章資料通過驗證的驗證結果,也可以在判斷驗證結果表示確認失敗時,產生表示簽章資料未通過驗證的驗證結果。After the
在憑證驗證伺服器150產生驗證結果後,可以將所產生的驗證結果傳回開戶伺服器130。在開戶伺服器130接收到憑證驗證伺服器150所產生的驗證結果後,可以在判斷驗證結果表示簽章資料為未通過驗證時,產生對應的回應訊息,並將所產生的回應訊息傳回自動櫃員機120,使得自動櫃員機120顯示回應訊息以通知開戶者沒有通過驗證,未完成開戶。After the
而若開戶伺服器130判斷所接收到的驗證結果表示簽章資料通過驗證時,則開戶伺服器130可以使用所接收到的開戶資料完成開戶程序(步驟280),並可以在完成開戶程序後產生表示開戶完成的回應訊息,以及將所產生的回應訊息傳回自動櫃員機120,使得自動櫃員機120顯示回應訊息以通知開戶者開戶完成。如此,透過本創作,開戶者便可以透過隨處可見的自動櫃員機進行開戶,不再需要配合金融機構的營業時間。If the
上述實施例中,在自動櫃員機120輸入開戶資料(步驟210)後,連接自動櫃員機120與硬體載具110(步驟230)前,自動櫃員機120也可以判斷所輸入之開戶資料包含之證件影像上的面部影像的特徵是否與開戶資料所包含之開戶者影像中的開戶者臉部的特徵相符,或可以如「第2C圖」所示之流程,將開戶資料包含之證件影像與開戶者影像傳送給客戶端190(步驟221),客戶端190在接收到證件影像與開戶者影像後,可以顯示所接收到的證件影像與開戶者影像,使得客戶端190的服務人員可以透過客戶端190所顯示之證件影像中的面部影像與開戶者影像中包含的開戶者臉部確認證件影像與開戶者影像是否相符(步驟223)。當客戶端190的服務人員依據證件影像中的面部影像與開戶者影像中包含的開戶者臉部的相似度判斷證件影像與開戶者影像相符時,服務人員可以操作客戶端190傳送影像相符的確認訊息至自動櫃員機120,使得自動櫃員機120在接收到影像相符的確認訊息後,可以提示開戶者連接硬體載具110與自動櫃員機120(步驟230)並繼續進行開戶程序;而當客戶端190的服務人員依據證件影像中的面部影像與開戶者影像中包含的開戶者臉部判斷證件影像與開戶者影像不相符時,服務人員可以操作客戶端190傳送影像不相符的確認訊息至自動櫃員機120,自動櫃員機120在接收到影像不相符的確認訊息後,可以產生提示訊息以提示開戶者證件影像與開戶者不符,並可以結束開戶服務。In the above embodiment, after the
綜上所述,可知本創作與先前技術之間的差異在於具有在自動櫃員機中安裝硬體載具之驅動程式,使自動櫃員機可以透過硬體載具對開戶資料簽章,並將開戶資料與簽章資料傳送給開戶伺服器,開戶伺服器可以透過憑證驗證伺服器驗證簽章資料後,使用開戶資料完成開戶程序之技術手段,藉由此一技術手段可以解決先前技術所存在需要臨櫃才能開戶導致開戶不便的問題,進而達成讓開戶者選擇合適的時間與地點完成開戶之技術功效。In summary, the difference between this creation and the previous technology is that it has a driver for installing a hardware carrier in the ATM, so that the ATM can sign the account opening data through the hardware carrier, and the account opening data and The signature data is sent to the account opening server. The account opening server can verify the signature data through the certificate verification server, and then use the account opening data to complete the account opening process. This technical method can solve the need of the previous technology to be in the cabinet. Opening an account leads to the problem of inconvenience in opening an account, thereby achieving the technical effect of allowing the account opener to choose an appropriate time and place to complete the account opening.
再者,本創作之在自動櫃員機中使用載具驗證身分以開戶之系統,可實現於硬體、軟體或硬體與軟體之組合中,亦可在電腦系統中以集中方式實現或以不同元件散佈於若干互連之電腦系統的分散方式實現。In addition, the system created by using the vehicle verification identity in the ATM to open an account can be implemented in hardware, software, or a combination of hardware and software, and can also be implemented in a centralized manner or with different components in a computer system. Distributed in several interconnected computer systems.
雖然本創作所揭露之實施方式如上,惟所述之內容並非用以直接限定本創作之專利保護範圍。任何本創作所屬技術領域中具有通常知識者,在不脫離本創作所揭露之精神和範圍的前提下,對本創作之實施的形式上及細節上作些許之更動潤飾,均屬於本創作之專利保護範圍。本創作之專利保護範圍,仍須以所附之申請專利範圍所界定者為準。Although the embodiments disclosed in this creation are as above, the content described is not intended to directly limit the patent protection scope of this creation. Anyone with ordinary knowledge in the technical field to which this creation belongs, without departing from the spirit and scope disclosed in this creation, makes some modifications to the form and details of the implementation of this creation, which belongs to the patent protection of this creation range. The scope of patent protection for this creation must still be as defined in the scope of the attached patent application.
110:硬體載具 120:自動櫃員機 130:開戶伺服器 150:憑證驗證伺服器 170:身分確認伺服器 190:客戶端 步驟210:自動櫃員機輸入開戶資料 步驟221:自動櫃員機傳送開戶資料中之證件影像及開戶者影像至客戶端 步驟223:客戶端確認證件影像與開戶者影像相符 步驟230:連接硬體載具與自動櫃員機 步驟241:自動櫃員機驅動硬體載具並提供開戶資料給硬體載具 步驟245:硬體載具使用私鑰對開戶資料簽章以產生簽章資料 步驟249:自動櫃員機接收硬體載具所傳回之簽章資料 步驟250:自動櫃員機將開戶資料及簽章資料傳送至開戶伺服器 步驟260:開戶伺服器傳送開戶資料及簽章資料至驗證伺服器驗證 步驟273:驗證伺服器產生憑證確認資料並傳送至身分確認伺服器 步驟275:身分確認伺服器依據憑證確認資料確認開戶資料中之開戶者識別資料是否與數位憑證之擁有者相符 步驟277:驗證伺服器產生驗證結果 步驟280:開戶伺服器於簽章資料通過驗證伺服器之驗證後,使用開戶資料完成開戶程序 110: hardware vehicle 120: ATM 130: Account opening server 150: Certificate verification server 170: Identity confirmation server 190: Client Step 210: ATM input account opening information Step 221: The ATM transmits the ID image and account opener image in the account opening data to the client Step 223: The client confirms that the certificate image matches the account opener image Step 230: Connect the hardware vehicle to the ATM Step 241: ATM drives the hardware vehicle and provides account opening information to the hardware vehicle Step 245: The hardware vehicle uses the private key to sign the account opening data to generate the signature data Step 249: The ATM receives the signature data returned by the hardware vehicle Step 250: The ATM sends the account opening information and signature data to the account opening server Step 260: The account opening server sends the account opening data and signature data to the verification server for verification Step 273: The verification server generates the certificate confirmation data and sends it to the identity verification server Step 275: The identity confirmation server confirms whether the account opening identification data in the account opening data matches the owner of the digital certificate based on the certificate confirmation data Step 277: The verification server generates the verification result Step 280: The account opening server uses the account opening data to complete the account opening process after the signature data passes the verification of the verification server
第1圖為本創作所提之在自動櫃員機中使用載具驗證身分以開戶之系統架構圖。 第2A圖為本創作所提之在自動櫃員機中使用載具驗證身分以開戶之流程圖。 第2B圖為本創作所提之透過身分確認伺服器驗證簽章資料之流程圖。 第2C圖為本創作所提之透過客戶端確認開戶者之流程圖。 Figure 1 is a system architecture diagram of using a vehicle to verify identity in an ATM to open an account for the creation. Figure 2A is a flow chart of using the vehicle to verify identity in the ATM to open an account as mentioned in the creation. Figure 2B is a flow chart of verification of signature data through identity verification server mentioned in the creation. Figure 2C is a flow chart of confirming the account opener through the client as mentioned in the creation.
110:硬體載具 110: hardware vehicle
120:自動櫃員機 120: ATM
130:開戶伺服器 130: Account opening server
150:憑證驗證伺服器 150: Certificate verification server
170:身分確認伺服器 170: Identity confirmation server
190:客戶端 190: Client
Claims (8)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW108215313U TWM592134U (en) | 2019-11-19 | 2019-11-19 | System for verifying identity for opening an account using a vehicle in an ATM |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW108215313U TWM592134U (en) | 2019-11-19 | 2019-11-19 | System for verifying identity for opening an account using a vehicle in an ATM |
Publications (1)
Publication Number | Publication Date |
---|---|
TWM592134U true TWM592134U (en) | 2020-03-11 |
Family
ID=70768312
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW108215313U TWM592134U (en) | 2019-11-19 | 2019-11-19 | System for verifying identity for opening an account using a vehicle in an ATM |
Country Status (1)
Country | Link |
---|---|
TW (1) | TWM592134U (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI724638B (en) * | 2019-11-19 | 2021-04-11 | 臺灣網路認證股份有限公司 | System for using carrier to verity identity in machine for opening account and method thereof |
TWI774011B (en) * | 2020-06-23 | 2022-08-11 | 國泰世華商業銀行股份有限公司 | System for getting certification through automation machine for applying account and method thereof |
TWI792010B (en) * | 2020-06-23 | 2023-02-11 | 國泰世華商業銀行股份有限公司 | System for using automation machine to scan barcode and verify identity for applying account and method thereof |
-
2019
- 2019-11-19 TW TW108215313U patent/TWM592134U/en not_active IP Right Cessation
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI724638B (en) * | 2019-11-19 | 2021-04-11 | 臺灣網路認證股份有限公司 | System for using carrier to verity identity in machine for opening account and method thereof |
TWI774011B (en) * | 2020-06-23 | 2022-08-11 | 國泰世華商業銀行股份有限公司 | System for getting certification through automation machine for applying account and method thereof |
TWI792010B (en) * | 2020-06-23 | 2023-02-11 | 國泰世華商業銀行股份有限公司 | System for using automation machine to scan barcode and verify identity for applying account and method thereof |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20040122774A1 (en) | Method and system for executing applications on a mobile device | |
TWM592134U (en) | System for verifying identity for opening an account using a vehicle in an ATM | |
TWM601411U (en) | System for digital account application by using ATM to obtain authentication | |
TW202040385A (en) | System for using device identification to identify via telecommunication server and method thereof | |
TWI724638B (en) | System for using carrier to verity identity in machine for opening account and method thereof | |
TWM606868U (en) | Device for identifying identity based on document image and living body image | |
TWM592629U (en) | System to obtain appended data and execute corresponding operation when identity is confirmed | |
TWM539668U (en) | System for opening account online and applying for mobile banking | |
TWM586390U (en) | A system for performing identity verification according to the service instruction to execute the corresponding service | |
TWM588313U (en) | System for confirming user identity through financial account information | |
TWI691859B (en) | System for identifying according to instruction to execute service and method thereof | |
TWI729535B (en) | System for using financial account to confirm identity and method thereof | |
TWM586494U (en) | ID recognition system using network identification data through telecommunication server | |
TWI745015B (en) | System and method for providing authorized content generated during identity authentication for verifying transaction data before transaction | |
TWI787655B (en) | System for identification based on comparing id photo and live photo and method thereof | |
TWM583978U (en) | System of using physical carrier to store digital certificate for performing online transaction | |
TWI774011B (en) | System for getting certification through automation machine for applying account and method thereof | |
TWI792010B (en) | System for using automation machine to scan barcode and verify identity for applying account and method thereof | |
TWI807219B (en) | System for performing identification based on comparing photo stored in chip and real-time live photo and method thereof | |
TWI780341B (en) | System for using network identification to identify via telecommunication server and method thereof | |
TWI757925B (en) | System for making two applications run simultaneously by calling input program and method thereof | |
TWI767113B (en) | System for using certificate stored in carrier to conduct online transactions and method thereof | |
TWI704796B (en) | System for using network identification to sign in service server via telecommunication server and method thereof | |
TWI746920B (en) | System for using certificate to verify identity from different domain through portal and method thereof | |
TW202121304A (en) | System for obtaining additional data when identifying to execute operation and method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
MM4K | Annulment or lapse of a utility model due to non-payment of fees |