TWM602671U - Lottery redeem system - Google Patents

Lottery redeem system Download PDF

Info

Publication number
TWM602671U
TWM602671U TW109205413U TW109205413U TWM602671U TW M602671 U TWM602671 U TW M602671U TW 109205413 U TW109205413 U TW 109205413U TW 109205413 U TW109205413 U TW 109205413U TW M602671 U TWM602671 U TW M602671U
Authority
TW
Taiwan
Prior art keywords
mobile device
verification
instruction
bank server
redemption
Prior art date
Application number
TW109205413U
Other languages
Chinese (zh)
Inventor
黃珮婷
Original Assignee
華南商業銀行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 華南商業銀行股份有限公司 filed Critical 華南商業銀行股份有限公司
Priority to TW109205413U priority Critical patent/TWM602671U/en
Publication of TWM602671U publication Critical patent/TWM602671U/en

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

一種兌獎系統,包含:行動裝置以及銀行伺服器。行動裝置係用以於收到中獎通知後輸出兌獎指令。銀行伺服器通訊連接於行動裝置以接收兌獎指令,銀行伺服器用以於收到兌獎指令後依據安全控管程序的結果判斷行動裝置是否為認證裝置,銀行伺服器係於判斷行動裝置為認證裝置時,將對應認證裝置的身份驗證資料輸出至兌獎機構伺服器,以輸出兌獎完成通知至行動裝置。A rewarding system includes a mobile device and a bank server. The mobile device is used for outputting a prize redemption instruction after receiving the winning notification. The bank server is communicatively connected to the mobile device to receive the reward redemption instruction. The bank server is used to determine whether the mobile device is an authentication device based on the result of the security control procedure after receiving the redemption instruction. The bank server determines whether the mobile device is an authentication device At the time, the identity verification data of the corresponding authentication device is output to the server of the award redemption organization to output the award completion notification to the mobile device.

Description

兌獎系統Reward system

本新型係關於一種兌獎系統,特別係關於一種可以提高驗證資料傳輸的安全性的兌獎系統。The present invention relates to a rewarding system, in particular to a rewarding system that can improve the security of verification data transmission.

在現行技術中,可以將公用事業費(水費、電費)、電信費等費用設定為自動扣繳,並且當繳費成功時皆會收到該筆扣繳交易的發票號碼。而當該發票號碼中獎時,使用者在收到中獎通知後仍需自行申請領取中獎獎金。然而,使用者自行申請領取中獎獎金時,仍需攜帶紙本的發票以進行兌獎,且申請領取獎金仍需到超商、郵局等機構辦理,更是耗費許多人力及時間。In the current technology, the utility fee (water, electricity), telecommunications fee and other expenses can be set to be automatically deducted, and when the payment is successful, the invoice number of the deducted transaction will be received. When the invoice number wins the prize, the user still needs to apply for the winning prize by himself after receiving the notice of the prize. However, when the user applies for the winning bonus by himself, he still needs to bring a paper invoice to redeem the prize, and the application for the bonus still needs to be processed at supermarkets, post offices and other institutions, which consumes a lot of manpower and time.

此外,儘管目前已有部分的商家可以藉由掃描的方式將發票儲存至使用者的行動裝置並進行兌獎,然而在兌獎時仍需執行驗證程序,且在驗證的過程中仍需傳輸帳號、密碼、身份證號碼等較機密的資料以進行驗證。因此,當有心人士欲竊取資料時,不僅可能趁機在傳輸該些資料的過程中進行攔截,進而導致資料外洩,更可能在資料已遭攔截的情況下使用者仍不自知。In addition, although some merchants can scan the invoice to the user’s mobile device and redeem the reward, the verification process is still required when redeeming the reward, and the account number and password must be transmitted during the verification process. , ID number and other more confidential information for verification. Therefore, when a person intends to steal data, it may not only take the opportunity to intercept the data in the process of transmitting it, which will lead to the leakage of the data, but it is also possible that the user still does not know that the data has been intercepted.

鑒於上述,本新型提供一種以滿足上述需求的兌獎系統。In view of the above, the present invention provides a prize redemption system that meets the above requirements.

依據本新型一實施例的兌獎系統,包含:一行動裝置,用以於收到一中獎通知後輸出一兌獎指令;以及一銀行伺服器,通訊連接於該行動裝置以接收該兌獎指令,該銀行伺服器用以於收到該兌獎指令後依據一安全控管程序的結果判斷該行動裝置是否為一認證裝置,該銀行伺服器係於判斷該行動裝置為該認證裝置時,將對應該認證裝置的一身份驗證資料輸出至一兌獎機構伺服器,以輸出一兌獎完成通知。A prize redemption system according to an embodiment of the present invention includes: a mobile device for outputting a prize redemption instruction after receiving a winning notice; and a bank server communicatively connected to the mobile device to receive the prize redemption instruction, and the bank The server is used for judging whether the mobile device is an authentication device according to the result of a security control procedure after receiving the redemption instruction. The bank server will correspond to the authentication device when judging the mobile device as the authentication device An identity verification data of is output to a prize redemption agency server to output a prize redemption completion notice.

綜上所述,依據本新型一或多個實施例所示的兌獎系統,當使用者係以對應銀行伺服器的金融帳戶執行付款交易,且該筆交易的發票中獎時,使用者只需輸入兌獎指令,即可將發票的中獎金額轉入其執行付款交易的金融帳戶,以省去每次兌獎時仍需以人工的方式進行驗證程序。此外,依據本新型一或多個實施例所示的兌獎系統,更可以在驗證的過程中檢驗驗證的資料是否遭到攔截或外洩,以加強驗證過程中資料的安全性,並且當發現資料可能外洩時,可以留存相關的記錄以供銀行或是檢警單位查閱。In summary, according to the reward redemption system shown in one or more embodiments of the present invention, when a user executes a payment transaction with a financial account corresponding to the bank server, and the invoice of the transaction wins, the user only needs to enter The award instruction can transfer the winning amount of the invoice to the financial account where the payment transaction is executed, so as to eliminate the need for manual verification procedures each time the award is redeemed. In addition, according to the reward redemption system shown in one or more embodiments of the present invention, it is possible to check whether the verified data is intercepted or leaked during the verification process, so as to strengthen the security of the data during the verification process, and when the data is found When there is a possibility of leakage, relevant records can be kept for the bank or police unit to check.

以上之關於本揭露內容之說明及以下之實施方式之說明係用以示範與解釋本新型之精神與原理,並且提供本新型之專利申請範圍更進一步之解釋。The above description of the content of the disclosure and the description of the following embodiments are used to demonstrate and explain the spirit and principle of the present model, and to provide a further explanation of the scope of the patent application of the present model.

以下在實施方式中詳細敘述本新型之詳細特徵以及優點,其內容足以使任何熟習相關技藝者了解本新型之技術內容並據以實施,且根據本說明書所揭露之內容、申請專利範圍及圖式,任何熟習相關技藝者可輕易地理解本新型相關之目的及優點。以下之實施例係進一步詳細說明本新型之觀點,但非以任何觀點限制本新型之範疇。The detailed features and advantages of the new model will be described in detail in the following embodiments. The content is sufficient to enable anyone familiar with the relevant skills to understand the technical content of the new model and implement it accordingly, and based on the content disclosed in this specification, the scope of patent application and the drawings. , Anyone who is familiar with relevant skills can easily understand the purpose and advantages of the present invention. The following embodiments further illustrate the viewpoints of the present invention in detail, but do not limit the scope of the present invention by any viewpoint.

本新型所示的兌獎系統係用於當發票中獎時,使用者即可以藉由本新型所示的兌獎系統兌獎,以將中獎的獎金直接轉入使用者的金融帳戶。The rewarding system shown in the present invention is used when an invoice wins a prize, the user can use the rewarding system shown in the present invention to redeem the prize, so as to directly transfer the winning bonus to the user's financial account.

請參考圖1,圖1係依據本新型一實施例所繪示的兌獎系統的方塊圖。本新型所示的兌獎系統包含一行動裝置10以及一銀行伺服器20,且行動裝置10通訊連接於銀行伺服器20。Please refer to FIG. 1. FIG. 1 is a block diagram of a prize redemption system according to an embodiment of the present invention. The rewarding system shown in the present invention includes a mobile device 10 and a bank server 20, and the mobile device 10 is communicatively connected to the bank server 20.

本新型所示的行動裝置10例如是手機、筆記型電腦、平板型電腦等;銀行伺服器20較佳係銀行內部的伺服器或是銀行內部其他具有運算能力及訊號傳輸能力的運算裝置等。The mobile device 10 shown in the present invention is, for example, a mobile phone, a notebook computer, a tablet computer, etc.; the bank server 20 is preferably an internal server in the bank or other internal computing devices with computing capabilities and signal transmission capabilities.

為了更詳細說明本新型所揭示的兌獎系統,請一併參考圖1及圖2,其中圖2係依據本新型一實施例所繪示的兌獎方法的流程圖。In order to explain the prize redemption system disclosed by the present invention in more detail, please refer to FIG. 1 and FIG. 2 together, wherein FIG. 2 is a flowchart of the prize redemption method according to an embodiment of the present invention.

請參考圖2的步驟S10:於收到中獎通知後輸出兌獎指令至銀行伺服器。Please refer to step S10 in FIG. 2: outputting a prize redemption instruction to the bank server after receiving the winning notification.

行動裝置10較佳具有建置於銀行伺服器20的銀行應用程式(例如,網路銀行銀行應用程式),以供使用者將兌獎指令輸入至銀行應用程式,並將兌獎指令藉由行動裝置10輸出至銀行伺服器20。亦即,行動裝置10在收到來自兌獎機構的中獎通知後便會基於中獎通知輸出兌獎指令至銀行伺服器20 。行動裝置10在輸出兌獎指令時較佳一併輸出行動裝置10的座標位置,以供後續進行驗證,亦即銀行伺服器20較佳係在收到兌獎指令以及座標位置後始執行後續的步驟S20。The mobile device 10 preferably has a banking application (for example, an online banking banking application) built on the bank server 20, so that the user can input the reward redemption instruction into the banking application and pass the reward redemption instruction through the mobile device 10 Output to the bank server 20. That is, the mobile device 10 will output a prize redemption instruction to the bank server 20 based on the prize winning notice after receiving the prize winning notice from the prize redemption agency. The mobile device 10 preferably outputs the coordinate position of the mobile device 10 when outputting the reward redemption instruction for subsequent verification, that is, the bank server 20 preferably executes the subsequent step S20 after receiving the reward redemption instruction and the coordinate position. .

步驟S20:執行安全控管程序。Step S20: execute the safety control program.

銀行伺服器20於收到兌獎指令後便執行安全控管程序,以判斷行動裝置10是否為一認證裝置。步驟S20所述的安全控管程序將於以下圖3之實施例加以詳述。The bank server 20 executes the security control procedure after receiving the reward redemption instruction to determine whether the mobile device 10 is an authentication device. The security control procedure described in step S20 will be described in detail in the embodiment of FIG. 3 below.

請先繼續參考步驟S30:將對應認證裝置的身份驗證資料輸出至兌獎機構伺服器。Please continue to refer to step S30 first: output the identity verification data of the corresponding authentication device to the server of the awarding organization.

在銀行伺服器20於步驟S20判斷行動裝置10為認證裝置後,銀行伺服器20便將對應認證裝置(即認證的行動裝置10)的身份驗證資料輸出至兌獎機構伺服器,其中身份驗證資料例如是關聯於使用者的帳號、密碼、身份證字號等。After the bank server 20 determines that the mobile device 10 is an authentication device in step S20, the bank server 20 outputs the identity verification data of the corresponding authentication device (ie, the authenticated mobile device 10) to the awarding institution server, where the identity verification data is for example It is associated with the user's account, password, ID number, etc.

亦即,銀行伺服器20會於判斷行動裝置10為認證裝置後,將對應認證裝置的身份驗證資料輸出至兌獎機構伺服器,供兌獎機構伺服器對身份驗證資料進行驗證以於身份驗證資料通過驗證時,將兌獎金額轉帳至對應的金融帳戶。銀行伺服器20更可以於判斷中獎金額已轉帳至該金融帳戶時輸出一兌獎完成通知至行動裝置10,供行動裝置10呈現兌獎完成通知以通知使用者中獎金額已轉帳至其金融帳戶。That is, after determining that the mobile device 10 is an authentication device, the bank server 20 will output the identity verification data of the corresponding authentication device to the awarding institution server for the awarding institution server to verify the identity verification data so that the identity verification data passes When verifying, transfer the reward amount to the corresponding financial account. The bank server 20 may further output a reward redemption completion notification to the mobile device 10 when determining that the winning amount has been transferred to the financial account for the mobile device 10 to present the reward redemption completion notification to notify the user that the winning amount has been transferred to the financial account.

需特別說明的是,行動裝置10在收到中獎通知前,銀行伺服器20更可以基於一經常性支付項目,由關聯於該身份驗證資料的一金融帳戶進行繳費。具體而言,經常性支付項目例如係水費、電費等公共事業項目,使用者可以與銀行約定由銀行代為執行繳納該些費用,因此銀行即可從使用者的金融帳戶定期繳納該些費用。而在繳納經常性支付項目的費用後,若該次繳納費用的發票中獎時,行動裝置10即可從公共事業單位接收到對應該經常性支付項目的中獎通知,且行動裝置10可以係於收到中獎通知後即輸出兌獎指令,行動裝置10亦可以係於收到中獎通知後呈現中獎通知,以通知使用者行動裝置10已收到中獎通知並可以據以進行兌獎。It should be particularly noted that before the mobile device 10 receives the winning notification, the bank server 20 can also make payment based on a recurring payment item from a financial account associated with the identity verification data. Specifically, for recurring payment items such as water bills, electricity bills and other public utility items, the user can agree with the bank that the bank will pay these fees on behalf of the bank, so the bank can pay the fees regularly from the user's financial account. After paying the fees of the recurring payment items, if the invoice for the payment of the fees wins the prize, the mobile device 10 can receive the winning notice corresponding to the recurring payment items from the public utility, and the mobile device 10 can be tied to the receipt The reward redemption instruction is output after the winning notification, and the mobile device 10 can also present the winning notification after receiving the winning notification to notify the user that the mobile device 10 has received the winning notification and can redeem the prize accordingly.

此外,經常性支付項目亦可以是使用者定期或經常購買的商品及/或日用品等,本新型不對經常性支付項目的類型予以限制。亦即,所述的中獎通知不限於來自對經常性支付項目進行繳費的發票所取得的中獎通知,中獎通知亦可以是由購買其他商品等的發票所取得的中獎通知。In addition, the recurring payment items can also be commodities and/or daily necessities purchased regularly or frequently by the user, and the present invention does not limit the types of recurring payment items. That is, the winning notice is not limited to the winning notice obtained from the invoice for the payment of the recurring payment items, and the winning notice may also be the winning notice obtained from the invoice for purchasing other goods.

請一併參考圖1及圖3,其中圖3係依據本新型一實施例所繪示的安全控管程序的流程圖。Please refer to FIG. 1 and FIG. 3 together, where FIG. 3 is a flowchart of a safety control program drawn according to an embodiment of the present invention.

當銀行伺服器20收到兌獎指令時,表示使用者請求依據中獎通知進行兌獎程序,故銀行伺服器20在將兌獎機構伺服器所要求的身份驗證資料輸出至兌獎機構伺服器前,銀行伺服器20更會先執行安全控管程序,以避免中獎的金額轉入錯誤的金融帳戶。When the bank server 20 receives the prize redemption instruction, it means that the user requests the prize redemption process according to the winning notice. Therefore, the bank server 20 outputs the identity verification data required by the prize redemption institution server to the prize redemption institution server. 20 will also implement security control procedures first to prevent the winning amount from being transferred to the wrong financial account.

因此,當銀行伺服器20於圖2的步驟S10收到兌獎指令後,銀行伺服器20接著執行步驟S201:輸出驗證訊息至行動裝置。Therefore, after the bank server 20 receives the reward redemption instruction in step S10 of FIG. 2, the bank server 20 then executes step S201: outputting a verification message to the mobile device.

詳言之,銀行伺服器20將驗證訊息輸出至行動裝置10,然銀行伺服器20亦可以是將驗證訊息輸出至行動裝置10,以供行動裝置10基於驗證訊息進行後續的驗證。此外,行動裝置10可以藉設置於其的銀行應用程式呈現其接收到的驗證訊息,以供使用者查閱,然本新型不對行動裝置10是否呈現驗證訊息予以限制。In detail, the bank server 20 outputs the verification message to the mobile device 10, but the bank server 20 may also output the verification message to the mobile device 10 for the mobile device 10 to perform subsequent verification based on the verification message. In addition, the mobile device 10 can display the received verification message through a bank application installed in it for the user to check, but the present invention does not limit whether the mobile device 10 displays the verification message.

此外,銀行伺服器20輸出的驗證訊息較佳包含一指令關鍵字,且指令關鍵字係關聯於前述的兌獎指令。舉例而言,當兌獎指令係「確認要求兌獎」時,指令關鍵字例如為「確認兌獎」、「中獎金額為200元整」、「中獎發票號碼為AB-012345」等。In addition, the verification message output by the bank server 20 preferably includes a command keyword, and the command keyword is related to the aforementioned reward redemption command. For example, when the redemption instruction is "Confirm the redemption request", the instruction keywords are, for example, "Confirm redemption", "Winning amount is 200 yuan", "Winning invoice number is AB-012345", etc.

接著,在行動裝置10收到驗證訊息後,行動裝置10執行步驟S202:判斷驗證訊息是否對應兌獎指令。Then, after the mobile device 10 receives the verification message, the mobile device 10 executes step S202: judging whether the verification message corresponds to a reward redemption instruction.

行動裝置10判斷驗證訊息是否對應兌獎指令較佳係判斷驗證訊息的指令關鍵字是否對應兌獎指令。以上述的兌獎指令係「確認要求兌獎」為例,當指令關鍵字為「確認兌獎」時,行動裝置10即係判斷「確認兌獎」(指令關鍵字)是否對應「確認要求兌獎」(兌獎指令)。行動裝置10判斷指令關鍵字是否對應兌獎指令的方式可以是判斷兌獎指令是否包含指令關鍵字。The mobile device 10 preferably determines whether the verification message corresponds to the reward redemption instruction by determining whether the command keyword of the verification message corresponds to the reward redemption instruction. Taking the above redemption instruction "confirm request for redemption" as an example, when the instruction keyword is "confirm redemption", the mobile device 10 determines whether "confirm redemption" (instruction keyword) corresponds to "confirm request for redemption" (reward command ). The way for the mobile device 10 to determine whether the instruction keyword corresponds to the award instruction may be to determine whether the award instruction includes the instruction keyword.

此外, 兌獎指令與指令關鍵字之間的對應關係亦可以是預存的對應關係,故行動裝置10可以依據預存的對應關係判斷指令關鍵字是否對應兌獎指令。In addition, the correspondence between the reward instruction and the instruction keyword may also be a pre-stored correspondence, so the mobile device 10 can determine whether the instruction keyword corresponds to the reward instruction according to the pre-stored correspondence.

舉例而言,當兌獎指令係「兌換200元中獎獎金」,且與「兌換200元中獎獎金」具有預存的對應關係的指令關鍵字為上述的「中獎金額為200元整」,則當行動裝置10收到的指令關鍵字為「中獎金額為200元整」時,行動裝置10即可判斷指令關鍵字對應兌獎指令。For example, when the redemption instruction is "Exchange 200 yuan for winning prizes" and the instruction keyword that has a pre-stored corresponding relationship with "Exchange 200 yuan for winning prizes" is the above-mentioned "Winning amount is 200 yuan", then the mobile device 10 When the received instruction keyword is "the winning amount is 200 yuan", the mobile device 10 can determine that the instruction keyword corresponds to the prize redemption instruction.

又或者,行動裝置10判斷指令關鍵字是否對應兌獎指令的方式可以是先查找兌獎指令中的多個關鍵字,並據以判斷指令關鍵字是否包含相同的多個關鍵字,當行動裝置10判斷指令關鍵字包含與兌獎指令相同的多個關鍵字後,行動裝置10即可判斷指令關鍵字對應兌獎指令。Alternatively, the way for the mobile device 10 to determine whether the instruction keyword corresponds to the award instruction may be to first search for multiple keywords in the award instruction, and then determine whether the instruction keyword contains the same multiple keywords, when the mobile device 10 determines After the instruction keyword contains multiple keywords that are the same as the award instruction, the mobile device 10 can determine that the instruction keyword corresponds to the award instruction.

舉例而言,當兌獎指令係「兌換中獎發票:AB-012345」時,行動裝置10先查找兌獎指令中的多個關鍵字為「中獎發票」以及「AB-012345」,當行動裝置10收到的指令關鍵字為「中獎發票號碼為AB-012345」時,行動裝置10接著判斷指令關鍵字是否亦包含中獎發票」以及「AB-012345」的關鍵字,當行動裝置10判斷兌獎指令關鍵字包含與兌獎指令相同的多個關鍵字時,即判斷指令關鍵字對應兌獎指令。For example, when the redemption instruction is "redeem winning invoice: AB-012345", the mobile device 10 first searches for multiple keywords in the redemption instruction as "winning invoice" and "AB-012345". When the mobile device 10 receives When the command keyword of is "the winning invoice number is AB-012345", the mobile device 10 then determines whether the command keyword also contains the keywords of the winning invoice" and the keywords of "AB-012345", when the mobile device 10 determines that the winning command keyword contains When there are multiple keywords that are the same as the award instruction, it is determined that the instruction keyword corresponds to the award instruction.

請繼續參考步驟S202並一併參考步驟S203,當行動裝置10判斷驗證訊息非對應兌獎指令時,表示驗證訊息所含的指令關鍵字非對應到兌獎指令,故行動裝置10可以執行步驟S203:呈現錯誤通知。Please continue to refer to step S202 and also refer to step S203. When the mobile device 10 determines that the verification message does not correspond to the reward redemption instruction, it means that the command keyword contained in the verification message does not correspond to the reward redemption instruction, so the mobile device 10 can perform step S203: present Error notification.

亦即,行動裝置10可以基於指令關鍵字及兌獎指令判斷其先前輸出的兌獎指令是否遭有心人士攔截,故當行動裝置10判斷驗證訊息非對應兌獎指令時,使用者即可藉由行動裝置10呈現的錯誤通知判知銀行伺服器20可能接收到錯誤的兌獎指令,使用者並可以重新輸入兌獎指令。That is, the mobile device 10 can determine whether the previously output award instruction has been intercepted by an intentional person based on the instruction keyword and the award instruction. Therefore, when the mobile device 10 determines that the verification message does not correspond to the award instruction, the user can use the mobile device 10 The presented error notification judges that the bank server 20 may have received an incorrect reward redemption instruction, and the user can re-enter the reward redemption instruction.

請繼續參考步驟S202並一併參考步驟S204,當行動裝置10判斷驗證訊息對應兌獎指令時,則行動裝置10執行步驟S204:對驗證訊息解碼以產生驗證編碼。Please continue to refer to step S202 and also refer to step S204. When the mobile device 10 determines that the verification message corresponds to the reward redemption instruction, the mobile device 10 performs step S204: decoding the verification message to generate a verification code.

驗證訊息除了包含指令關鍵字,較佳更包含一加密編碼,行動裝置10可以對加密編碼解碼以產生驗證編碼,且行動裝置10可以係依據一預存規則將加密編碼解碼為驗證編碼。舉例而言,預存規則例如是「0」對應英文字母「A」;「1」對應英文字母「B」;「2」對應英文字母「C」;「25」對應英文字母「Z」等等以此類推。因此,當加密編碼為「21.4.17.8」時,行動裝置10即可將加密編碼解碼為「VERI」的驗證編碼。前述的預存規則僅為示例,數字對應英文字母亦可以是「25」對應英文字母「A」;「24」對應英文字母「B」;「23」對應英文字母「C」;「0」對應英文字母「Z」等等以此類推,或是將加密編碼以英文字母呈現,並將驗證編碼以數字呈現。行動裝置10亦可以係以運算符號、羅馬數字、顏色或其多個組合等方式做為加密編碼及驗證編碼,或是以雜湊運算做為預存規則,以將加密編碼解碼為驗證編碼,本新型不對預存規則、加密編碼與驗證編碼之間的對應關係及行動裝置10解碼加密編碼的方式予以限制。The verification message preferably includes an encryption code in addition to the command keyword. The mobile device 10 can decode the encryption code to generate a verification code, and the mobile device 10 can decode the encryption code into a verification code according to a pre-stored rule. For example, the pre-stored rules such as "0" corresponds to the English letter "A"; "1" corresponds to the English letter "B"; "2" corresponds to the English letter "C"; "25" corresponds to the English letter "Z", etc. And so on. Therefore, when the encryption code is "21.4.17.8", the mobile device 10 can decode the encryption code into a verification code of "VERI". The aforementioned pre-stored rules are only examples. Numbers corresponding to English letters can also be "25" corresponding to English letters "A"; "24" corresponds to English letters "B"; "23" corresponds to English letters "C"; "0" corresponds to English The letter "Z" and so on, or the encryption code is presented in English letters, and the verification code is presented in numbers. The mobile device 10 can also use arithmetic symbols, Roman numerals, colors, or multiple combinations thereof as encryption codes and verification codes, or use hash operations as pre-stored rules to decode encryption codes into verification codes. There are no restrictions on the pre-stored rules, the correspondence between the encryption code and the verification code, and the way the mobile device 10 decodes the encryption code.

請接續參考步驟S205:將驗證編碼輸出至銀行伺服器。Please continue to refer to step S205: output the verification code to the bank server.

在行動裝置10對驗證訊息解碼以產生驗證編碼(步驟S204)後,行動裝置10即將驗證編碼輸出至銀行伺服器20。After the mobile device 10 decodes the verification message to generate a verification code (step S204), the mobile device 10 will output the verification code to the bank server 20.

步驟S206:判斷驗證編碼是否對應驗證訊息。Step S206: Determine whether the verification code corresponds to the verification message.

亦即,銀行伺服器20判斷從行動裝置10接收到的驗證編碼是否對應其先前輸出的加密編碼。That is, the bank server 20 determines whether the verification code received from the mobile device 10 corresponds to the previously output encryption code.

當銀行伺服器20判斷從行動裝置10接收到的驗證編碼不對應其先前輸出的加密編碼時,銀行伺服器20執行步驟S207:記錄錯誤資料。When the bank server 20 determines that the verification code received from the mobile device 10 does not correspond to the previously output encryption code, the bank server 20 executes step S207: recording error data.

亦即,銀行伺服器20基於驗證編碼及加密編碼判斷行動裝置10是否為認證裝置。當銀行伺服器20判斷驗證編碼不對應其先前輸出的加密編碼時,表示銀行伺服器20輸出的驗證訊息可能遭有心人士攔截,故銀行伺服器20將錯誤資料記錄下來,以供銀行行員甚或是供檢警單位查驗,銀行伺服器20記錄錯誤資料亦可以是用以於收到來自行動裝置10的另一兌獎令時,輸出含有多個驗證編碼的驗證訊息至行動裝置10,以進行更嚴密的驗證,其中所述的錯誤記錄例如為行動裝置10的號碼、對應行動裝置10的銀行應用程式的帳號密碼以及行動裝置10在輸出兌獎指令時一併輸出的座標位置等。That is, the bank server 20 determines whether the mobile device 10 is an authentication device based on the verification code and the encryption code. When the bank server 20 determines that the verification code does not correspond to the previously output encryption code, it means that the verification message output by the bank server 20 may have been intercepted by someone interested. Therefore, the bank server 20 records the error data for the bank staff or even For inspection by procuratorial units, the bank server 20 records the wrong data and can also be used to output a verification message containing multiple verification codes to the mobile device 10 when another reward redemption order from the mobile device 10 is received for more stringent verification. For example, the error record is the number of the mobile device 10, the account password of the bank application corresponding to the mobile device 10, and the coordinate position output by the mobile device 10 when outputting the reward instruction.

請繼續參考步驟S206,當銀行伺服器20判斷驗證編碼對應驗證訊息時,銀行伺服器20即可接著執行步驟S30:將對應認證裝置的身份驗證資料輸出至兌獎機構伺服器,以供兌獎機構伺服器對身份驗證資料進行驗證,並於身份驗證資料通過驗證時將中獎金額轉帳至關聯於該身份驗證資料的金融帳戶。Please continue to refer to step S206. When the bank server 20 determines that the verification code corresponds to the verification message, the bank server 20 can proceed to step S30: output the identity verification data of the corresponding verification device to the awarding agency server for the awarding agency server The device verifies the identity verification data and transfers the winning amount to the financial account associated with the identity verification data when the identity verification data is verified.

請一併參考圖1及圖4,其中圖4係依據本新型一實施例所繪示的行動裝置與銀行伺服器之間的資料傳輸順序的示意圖。Please refer to FIG. 1 and FIG. 4 together. FIG. 4 is a schematic diagram of the data transmission sequence between the mobile device and the bank server according to an embodiment of the present invention.

詳言之,行動裝置10在收到來自使用者的兌獎指令CmdR後,便將兌獎指令CmdR輸出至銀行伺服器20。In detail, the mobile device 10 outputs the award instruction CmdR to the bank server 20 after receiving the award instruction CmdR from the user.

接著,銀行伺服器20在收到兌獎指令CmdR後,便開始執行安全控管程序。亦即,銀行伺服器20依據收到的兌獎指令CmdR產生驗證訊息Msg,且驗證訊息Msg包含加密編碼EC以及指令關鍵字CmdK。Then, the bank server 20 starts to execute the security control program after receiving the reward redemption instruction CmdR. That is, the bank server 20 generates the verification message Msg according to the received reward command CmdR, and the verification message Msg includes the encrypted code EC and the command keyword CmdK.

行動裝置10在收到驗證訊息Msg後,便接續執行安全控管程序。亦即,行動裝置10先判斷指令關鍵字CmdK是否對應其先前輸出的兌獎指令CmdR,以供行動裝置10藉由指令關鍵字CmdK判斷銀行伺服器20是否接收到正確的兌獎指令CmdR。且行動裝置10可以是直接指令關鍵字CmdK是否對應兌獎指令CmdR,,而不在行動裝置10上呈現指令關鍵字CmdK,然行動裝置10亦可以呈現其接收到的指令關鍵字CmdK,以供使用者查閱,本新型不對行動裝置10是否呈現指令關鍵字CmdK予以限制。After receiving the verification message Msg, the mobile device 10 continues to execute the security control procedure. That is, the mobile device 10 first determines whether the command keyword CmdK corresponds to the previously output award command CmdR, so that the mobile device 10 uses the command keyword CmdK to determine whether the bank server 20 receives the correct award command CmdR. And the mobile device 10 can directly instruct whether the keyword CmdK corresponds to the reward command CmdR, instead of presenting the command keyword CmdK on the mobile device 10, but the mobile device 10 can also present the received command keyword CmdK for the user For reference, the present invention does not limit whether the mobile device 10 presents the command keyword CmdK.

在行動裝置10判斷指令關鍵字CmdK對應其先前輸出的兌獎指令CmdR後,行動裝置10便進一步對驗證訊息Msg的加密編碼EC解碼以產生驗證編碼VC,並將驗證編碼VC輸出至銀行伺服器20,以供銀行伺服器20判斷行動裝置10是否為已認證裝置,並且於銀行伺服器20判斷行動裝置10為已認證裝置時,將對應該認證裝置(行動裝置10)的身份驗證資料輸出至兌獎機構伺服器,以供兌獎機構伺服器對該身份驗證資料進行驗證,以將中獎金額轉帳至關聯於該身份驗證資料的金融帳戶。此外,當銀行伺服器20判斷關聯於該身份驗證資料的金融帳戶已收到中獎金額後,即可輸出兌獎完成通知至行動裝置10,以告知使用者已完成兌獎。After the mobile device 10 determines that the command keyword CmdK corresponds to the previously output award command CmdR, the mobile device 10 further decodes the encrypted code EC of the verification message Msg to generate a verification code VC, and outputs the verification code VC to the bank server 20 , For the bank server 20 to determine whether the mobile device 10 is an authenticated device, and when the bank server 20 determines that the mobile device 10 is an authenticated device, it outputs the identity verification data corresponding to the authentication device (mobile device 10) to the prize redemption The agency server is used for the awarding agency server to verify the identity verification data to transfer the winning amount to the financial account associated with the identity verification data. In addition, after the bank server 20 determines that the financial account associated with the identity verification data has received the winning amount, it can output a reward redemption completion notification to the mobile device 10 to inform the user that the reward redemption has been completed.

綜上所述,依據本新型一或多個實施例所示的兌獎系統,當使用者係以對應銀行伺服器的金融帳戶執行付款交易,且該筆交易的發票中獎時,使用者只需輸入兌獎指令,即可將發票的中獎金額轉入其執行付款交易的金融帳戶,以省去每次兌獎時仍需以人工的方式進行驗證程序。此外,依據本新型一或多個實施例所示的兌獎系統,更可以對行動裝置及銀行伺服器進行驗證,以核實彼此的正當行,並且可以在驗證的過程中檢查驗證的資料是否遭到攔截或外洩,以加強驗證過程中資料的安全性,並且當發現資料可能外洩時,可以留存相關的記錄以供銀行或是檢警單位查閱。In summary, according to the reward redemption system shown in one or more embodiments of the present invention, when a user executes a payment transaction with a financial account corresponding to the bank server, and the invoice of the transaction wins, the user only needs to enter The award instruction can transfer the winning amount of the invoice to the financial account where the payment transaction is executed, so as to eliminate the need for manual verification procedures each time the award is redeemed. In addition, according to the reward redemption system shown in one or more embodiments of the present invention, the mobile device and the bank server can be verified to verify each other's proper conduct, and the verified data can be checked during the verification process. Intercept or leak to strengthen the security of the data in the verification process, and when it is discovered that the data may be leaked, relevant records can be kept for the bank or the police unit to check.

雖然本新型以前述之實施例揭露如上,然其並非用以限定本新型。在不脫離本新型之精神和範圍內,所為之更動與潤飾,均屬本新型之專利保護範圍。關於本新型所界定之保護範圍請參考所附之申請專利範圍。Although the present invention is disclosed in the foregoing embodiments as above, it is not intended to limit the present invention. Without departing from the spirit and scope of this new model, all changes and modifications made are within the scope of patent protection of this new model. For the scope of protection defined by this model, please refer to the attached scope of patent application.

10:行動裝置 20:銀行伺服器 Msg:驗證訊息 EC:加密編碼 VC:驗證編碼 CmdR:兌獎指令 CmdK:指令關鍵字 10: Mobile device 20: Bank server Msg: Verification message EC: Encryption code VC: Verification code CmdR: Redemption instruction CmdK: Command keyword

圖1係依據本新型一實施例所繪示的兌獎系統的方塊圖。 圖2係依據本新型一實施例所繪示的兌獎方法的流程圖。 圖3係依據本新型一實施例所繪示的安全控管程序的流程圖。 圖4係依據本新型一實施例所繪示的行動裝置與銀行伺服器之間的資料傳輸順序的示意圖。 Fig. 1 is a block diagram of a prize redemption system according to an embodiment of the present invention. Fig. 2 is a flowchart of a prize redemption method according to an embodiment of the present invention. FIG. 3 is a flowchart of a safety control program drawn according to an embodiment of the present invention. 4 is a schematic diagram of the data transmission sequence between the mobile device and the bank server according to an embodiment of the present invention.

10:行動裝置 10: Mobile device

20:銀行伺服器 20: Bank server

Claims (5)

一種兌獎系統,包含:一行動裝置,用以於收到一中獎通知後輸出一兌獎指令;以及一銀行伺服器,通訊連接於該行動裝置以接收該兌獎指令,該銀行伺服器用以於收到該兌獎指令後依據一安全控管程序的結果判斷該行動裝置是否為一認證裝置,該銀行伺服器係於判斷該行動裝置為該認證裝置時,將對應該認證裝置的一身份驗證資料輸出至一兌獎機構伺服器,以輸出一兌獎完成通知。A prize redemption system includes: a mobile device for outputting a prize redemption instruction after receiving a winning notification; and a bank server, which is communicatively connected to the mobile device to receive the prize redemption instruction, and the bank server is used for receiving After the reward instruction is received, it is determined whether the mobile device is an authentication device according to the result of a security control program, and the bank server outputs an identity verification data corresponding to the authentication device when determining that the mobile device is the authentication device To the server of a reward redemption agency to output a reward completion notification. 如請求項1所述的兌獎系統,其中該安全控管程序係:該銀行伺服器輸出一驗證訊息至該行動裝置,該行動裝置係於判斷該驗證訊息對應該兌獎指令時,對該驗證訊息解碼以產生一驗證編碼,該行動裝置更將該驗證編碼輸出至該銀行伺服器,該銀行伺服器係於判斷該驗證編碼對應該驗證訊息時判斷該行動裝置為該認證裝置。According to the award redemption system of claim 1, wherein the security control procedure is: the bank server outputs a verification message to the mobile device, and the mobile device determines that the verification message corresponds to the award instruction. Decoding to generate a verification code, the mobile device further outputs the verification code to the bank server, and the bank server determines that the mobile device is the verification device when determining that the verification code corresponds to the verification message. 如請求項2所述的兌獎系統,其中該驗證訊息包含一指令關鍵字,該行動裝置判斷該驗證訊息對應該兌獎指令係:該行動裝置判斷該指令關鍵字對應該兌獎指令。For example, in the award system of claim 2, wherein the verification message includes a command keyword, the mobile device determines that the verification message corresponds to the award instruction system: the mobile device determines that the command keyword corresponds to the award instruction. 如請求項2所述的兌獎系統,其中該驗證訊息包含一加密編碼,該行動裝置對該驗證訊息解碼以產生該驗證編碼係:該行動裝置依據一預存規則將該加密編碼解碼為該驗證編碼。The reward system of claim 2, wherein the verification message includes an encryption code, and the mobile device decodes the verification message to generate the verification code: the mobile device decodes the encryption code into the verification code according to a pre-stored rule . 如請求項1所述的兌獎系統,其中在該行動裝置收到該中獎通知前,該銀行伺服器更基於一經常性支付項目由關聯於該身份驗證資料的一金融帳戶進行繳費,該行動裝置收到該中獎通知係:該行動裝置收到對應該經常性支付項目的該中獎通知。The prize redemption system according to claim 1, wherein before the mobile device receives the winning notice, the bank server further pays fees from a financial account associated with the identity verification data based on a recurring payment item, and the mobile device Receipt of the winning notification means: the mobile device receives the winning notification corresponding to the regular payment item.
TW109205413U 2020-05-06 2020-05-06 Lottery redeem system TWM602671U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109205413U TWM602671U (en) 2020-05-06 2020-05-06 Lottery redeem system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109205413U TWM602671U (en) 2020-05-06 2020-05-06 Lottery redeem system

Publications (1)

Publication Number Publication Date
TWM602671U true TWM602671U (en) 2020-10-11

Family

ID=74095244

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109205413U TWM602671U (en) 2020-05-06 2020-05-06 Lottery redeem system

Country Status (1)

Country Link
TW (1) TWM602671U (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI780429B (en) * 2020-05-06 2022-10-11 華南商業銀行股份有限公司 Redemption system and redemption method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI780429B (en) * 2020-05-06 2022-10-11 華南商業銀行股份有限公司 Redemption system and redemption method

Similar Documents

Publication Publication Date Title
US11956243B2 (en) Unified identity verification
CN109711858B (en) Method and system for preventing fraudulent gift cards via blockchain
US7548890B2 (en) Systems and methods for identification and authentication of a user
JP5642932B2 (en) Authentication and verification services for third-party vendors using mobile devices
US7730314B2 (en) Method and apparatus for electronic commerce using digital ticket to provide anonymity
US20080120717A1 (en) Systems and methods for identification and authentication of a user
US20170249639A9 (en) Method and System for Controlling Risk in a Payment Transaction
US20130282582A1 (en) System and method for data and identity verfication and authentication
BRPI0708276A2 (en) methods for effecting transaction authentication on an email order and telephone order and for authenticating to an online payment transaction
CA3008396A1 (en) Browser extension for limited-use secure token payment
WO2008127431A2 (en) Systems and methods for identification and authentication of a user
WO2010053899A2 (en) Online challenge-response
US20170024742A1 (en) Methods and systems for using a consumer identity to perform electronic transactions
US20230169535A1 (en) System, method and computer-accessible medium for authentication of rewards information
US20130191641A1 (en) Captcha (completely automated public test to tell computers and humans apart) data generation methods and related data management systems and computer program products thereof
US11720882B2 (en) Identity deep freeze
RU2144695C1 (en) Method for claiming liability for card-related action by client and for accepting the claim by issuer
TWM602671U (en) Lottery redeem system
US20070100752A1 (en) Systems and methods for secure financial transaction authorization
TWI780429B (en) Redemption system and redemption method
TWI787145B (en) Redemption system and redemption method recording coordinate position of mobile device
US10997827B2 (en) Distributed and deterministic random number generation for lottery drawings
AU758404B2 (en) An on-line incentive system
US11430294B2 (en) Lottery transaction processing system
TWM633609U (en) Remittance system based on contact information of payee

Legal Events

Date Code Title Description
MM4K Annulment or lapse of a utility model due to non-payment of fees