TWM609003U - System for transferring to client end to continue operation after confirming the identity on the public equipment - Google Patents

System for transferring to client end to continue operation after confirming the identity on the public equipment Download PDF

Info

Publication number
TWM609003U
TWM609003U TW109214385U TW109214385U TWM609003U TW M609003 U TWM609003 U TW M609003U TW 109214385 U TW109214385 U TW 109214385U TW 109214385 U TW109214385 U TW 109214385U TW M609003 U TWM609003 U TW M609003U
Authority
TW
Taiwan
Prior art keywords
server
verification
client
identity
multimedia server
Prior art date
Application number
TW109214385U
Other languages
Chinese (zh)
Inventor
周克遠
呂柏頡
游汶艗
Original Assignee
臺灣網路認證股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 臺灣網路認證股份有限公司 filed Critical 臺灣網路認證股份有限公司
Priority to TW109214385U priority Critical patent/TWM609003U/en
Publication of TWM609003U publication Critical patent/TWM609003U/en

Links

Images

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

一種於公用設備確認身分後轉客戶端繼續作業之系統,其透過多媒體服務機驅動所連接之晶片卡使晶片卡產生驗證資料後,將驗證資料傳送給驗證伺服器進行身分確認,驗證伺服器在驗證資料通過驗證後產生移轉訊息,使客戶端依據移轉訊息連線至服務伺服器完成後續作業之技術手段,可以讓公用的多媒體服務機提供全方位的服務,並達成以私人設備完成在公用設備上開始進行之服務的技術功效。A system that transfers to the client to continue operations after the public equipment confirms the identity. It uses the multimedia server to drive the connected chip card to make the chip card generate verification data, and then sends the verification data to the verification server for identity verification. The verification server is in After the verification data is verified, a transfer message is generated, which enables the client to connect to the service server to complete subsequent operations based on the transfer message. This allows the public multimedia server to provide a full range of services and achieve the completion of a private device. The technical effect of the service started on the public equipment.

Description

於公用設備確認身分後轉客戶端繼續作業之系統After confirming the identity on the public equipment, transfer to the client to continue the operation system

一種變更作業設備之系統,特別係指一種於公用設備確認身分後轉客戶端繼續作業之系統。A system for changing operating equipment, especially a system that transfers to the client to continue operating after the identity of the public equipment is confirmed.

互動式資訊服務站(Kiosk)可以提供通訊、商業、娛樂或是教育的資訊與應用服務。互動式資訊服務站通常被放置在人流較高的區域,例如商場、旅館大廳或是機場,在台灣,主要被設置在便利商店。The interactive information service station (Kiosk) can provide information and application services for communication, business, entertainment or education. Interactive information service stations are usually placed in high-traffic areas, such as shopping malls, hotel lobbies, or airports. In Taiwan, they are mainly set up in convenience stores.

隨著資訊技術進步與整合,互動式資訊服務站可以提供自助服務等更多元的服務,例如提供使用者訂購商品或票劵、查閱圖書館館藏、搜尋商品資訊、列印文件等。甚至,互動式資訊服務站可以搭配讀卡器、各種連接介面、與感熱紙印表機等零組件來擴充可提供的服務,例如繳費、小額付款、兌換商品等。With the advancement and integration of information technology, interactive information service stations can provide more diversified services such as self-service, such as providing users to order products or tickets, check library collections, search for product information, print documents, and so on. Moreover, the interactive information service station can be equipped with card readers, various connection interfaces, and thermal paper printers and other components to expand the available services, such as payment, micropayment, and exchange of goods.

目前的互動式資訊服務站就像一台電腦,可提供執行大多數的線上服務,但是,由於互動式資訊服務站是公用的設備而非私人設備,因此,互動式資訊服務站並不適合記錄操作者的私人資料,例如私鑰(private)與憑證,所以,互動式資訊服務站仍有部分的服務無法提供,例如,需要簽章的線上交易或需要簽署文件才能提供的服務等。The current interactive information service station is like a computer, which can provide and execute most online services. However, since the interactive information service station is a public device rather than a private device, the interactive information service station is not suitable for recording operations The private information of the user, such as private keys (private) and certificates, so there are still some services that the interactive information service station cannot provide, for example, online transactions that require signatures or services that require signatures to be provided.

雖然可以使用儲存有私鑰與憑證等私人資料的硬體載具來進行需要簽章或簽署的服務,但若使用者沒有硬體載具或忘記攜帶硬體載具,使用者仍然無法使用服務。Although you can use hardware vehicles that store private data such as private keys and certificates to perform services that require signatures or signatures, if the user does not have a hardware vehicle or forgets to bring it, the user will still be unable to use the service .

綜上所述,可知先前技術中長期以來一直存在互動式資訊服務站不適合儲存私人資料以至於無法進行某些服務的問題,因此有必要提出改進的技術手段,來解決此一問題。In summary, it can be seen that in the prior art, interactive information service stations are not suitable for storing private data and cannot perform certain services for a long time. Therefore, it is necessary to propose improved technical means to solve this problem.

有鑒於先前技術存在互動式資訊服務站不適合儲存私人資料以至於無法進行某些服務的問題,本創作遂揭露一種於公用設備確認身分後轉客戶端繼續作業之系統,其中:In view of the problem of the prior art that the interactive information service station is not suitable for storing private data and cannot perform certain services, this creation discloses a system that transfers to the client to continue operation after confirming the identity of the public device, in which:

本創作所揭露之於公用設備確認身分後轉客戶端繼續作業之系統,至少包含:服務伺服器;晶片卡,用以產生驗證資料;多媒體服務機,用以連接並驅動晶片卡,並接收驗證資料;驗證伺服器,用以接收多媒體服務機所傳送之驗證資料,並判斷驗證資料通過驗證後產生移轉訊息;客戶端,用以取得移轉訊息,並依據移轉訊息連線至服務伺服器完成後續作業。The system disclosed by this creation that after confirming the identity of the public equipment and transferring to the client to continue the operation, at least includes: a service server; a chip card to generate verification data; a multimedia server to connect and drive the chip card and receive verification Data; the verification server is used to receive the verification data sent by the multimedia server, and to determine that the verification data passes the verification to generate a transfer message; the client is used to obtain the transfer message and connect to the service server according to the transfer message The processor completes subsequent operations.

本創作所揭露之系統如上,與先前技術之間的差異在於本創作透過多媒體服務機驅動所連接之晶片卡使晶片卡產生驗證資料後,將驗證資料傳送給驗證伺服器進行身分確認,驗證伺服器在驗證資料通過驗證後產生移轉訊息,使客戶端依據移轉訊息連線至服務伺服器完成後續作業,藉以解決先前技術所存在的問題,並可以達成以私人設備完成在公用設備上開始進行之服務的技術功效。The system disclosed in this creation is as above. The difference between the system and the previous technology is that the creation uses the multimedia server to drive the connected chip card to make the chip card generate verification data, and then send the verification data to the verification server for identity verification and verification server. The server generates a transfer message after the verification data is verified, so that the client connects to the service server to complete the follow-up operations according to the transfer message, so as to solve the problems of the previous technology, and can be achieved with a private device to complete the start on a public device The technical efficacy of the service performed.

以下將配合圖式及實施例來詳細說明本創作之特徵與實施方式,內容足以使任何熟習相關技藝者能夠輕易地充分理解本創作解決技術問題所應用的技術手段並據以實施,藉此實現本創作可達成的功效。The following will describe the features and implementation methods of this creation in detail with the drawings and embodiments. The content is sufficient to enable any person familiar with relevant skills to easily and fully understand the technical means used in this creation to solve technical problems and implement them accordingly. The achievable effect of this creation.

本創作可以讓使用者在多媒體服務機上選擇欲執行的服務後,先由多媒體服務機以使用者所持有的晶片卡確認使用者的身分,再由使用者所使用的客戶端完成被選擇之服務所提供的後續作業。其中,本創作所提之多媒體服務機通常是設置在便利商店中的計算設備,但本創作並不以此為限。This creation allows the user to select the service to be executed on the multimedia server, and the multimedia server first confirms the identity of the user with the chip card held by the user, and then the client used by the user completes the selection Follow-up work provided by the service. Among them, the multimedia server mentioned in this creation is usually a computing device installed in a convenience store, but this creation is not limited to this.

本創作所提之計算設備包含但不限於一個或多個處理模組、一條或多條記憶體模組、以及連接不同硬體元件(包括記憶體模組和處理模組)的匯流排等硬體元件。透過所包含之多個硬體元件,計算設備可以載入並執行作業系統,使作業系統在計算設備上運行,也可以執行軟體或程式。另外,計算設備也包含一個外殼,上述之各個硬體元件設置於外殼內。The computing devices mentioned in this creation include but are not limited to one or more processing modules, one or more memory modules, and hardware such as buses connecting different hardware components (including memory modules and processing modules). Body components. Through the included multiple hardware components, the computing device can load and execute the operating system, make the operating system run on the computing device, and can also execute software or programs. In addition, the computing device also includes a housing, and each of the above-mentioned hardware components is arranged in the housing.

本創作所提之計算設備的匯流排可以包含一種或多個類型,例如包含資料匯流排(data bus)、位址匯流排(address bus)、控制匯流排(control bus)、擴充功能匯流排(expansion bus)、及/或局域匯流排(local bus)等類型的匯流排。計算設備的匯流排包括但不限於的工業標準架構(Industry Standard Architecture, ISA)匯流排、周邊元件互連(Peripheral Component Interconnect, PCI)匯流排、視頻電子標準協會(Video Electronics Standards Association, VESA)局域匯流排、以及串列的通用序列匯流排(Universal Serial Bus, USB)、快速周邊元件互連(PCI Express, PCI-E/PCIe)匯流排等。The bus of the computing device mentioned in this creation can include one or more types, such as data bus, address bus, control bus, and extended function bus ( expansion bus), and/or local bus (local bus). The bus bars of computing devices include but are not limited to Industry Standard Architecture (ISA) bus, Peripheral Component Interconnect (PCI) bus, Video Electronics Standards Association (VESA) Bureau Domain bus, serial universal serial bus (Universal Serial Bus, USB), fast peripheral component interconnection (PCI Express, PCI-E/PCIe) bus, etc.

本創作所提之計算設備的處理模組與匯流排耦接。處理模組包含暫存器(Register)組或暫存器空間,暫存器組或暫存器空間可以完全的被設置在處理模組之處理晶片上,或全部或部分被設置在處理晶片外並經由專用電氣連接及/或經由匯流排耦接至處理晶片。處理模組可為中央處理器、微處理器或任何合適的處理元件。若計算設備為多處理器設備,也就是計算設備包含多個處理模組,則計算設備所包含的處理模組都相同或類似,且透過匯流排耦接與通訊。處理模組可以解釋一個計算機指令或一連串的多個計算機指令以進行特定的運算或操作,例如,數學運算、邏輯運算、資料比對、複製/移動資料等,藉以驅動計算設備中的其他硬體元件或運行作業系統或執行各種程式及/或模組。The processing module of the computing device mentioned in this creation is coupled with the bus. The processing module includes a register group or register space. The register group or register space can be completely set on the processing chip of the processing module, or all or part of it can be set outside the processing chip It is coupled to the processing chip via a dedicated electrical connection and/or via a bus. The processing module can be a central processing unit, a microprocessor, or any suitable processing element. If the computing device is a multi-processor device, that is, the computing device includes multiple processing modules, the processing modules included in the computing device are all the same or similar, and they are coupled and communicated through a bus. The processing module can interpret a computer instruction or a series of multiple computer instructions to perform specific operations or operations, such as mathematical operations, logical operations, data comparison, copy/move data, etc., to drive other hardware in the computing device Components or run operating systems or execute various programs and/or modules.

計算設備中通常也包含一個或多個晶片組(Chipset)。計算設備的處理模組可以與晶片組耦接或透過匯流排與晶片組電性連接。晶片組是由一個或多個積體電路(Integrated Circuit, IC)組成,包含記憶體控制器以及周邊輸出入(I/O)控制器等,也就是說,記憶體控制器以及周邊輸出入控制器可以包含在一個積體電路內,也可以使用兩個或更多的積體電路實現。晶片組通常提供了輸出入和記憶體管理功能、以及提供多個通用及/或專用暫存器、計時器等,其中,上述之通用及/或專用暫存器與計時器可以讓耦接或電性連接至晶片組的一個或多個處理模組存取或使用。Computing equipment usually also contains one or more chipsets. The processing module of the computing device can be coupled to the chipset or electrically connected to the chipset through a bus. The chipset is composed of one or more integrated circuits (Integrated Circuit, IC), including memory controller and peripheral input/output (I/O) controller, that is, memory controller and peripheral input/output control The device can be included in one integrated circuit, or it can be implemented using two or more integrated circuits. Chipsets usually provide I/O and memory management functions, as well as multiple general-purpose and/or special-purpose registers, timers, etc., among which the aforementioned general-purpose and/or special-purpose registers and timers can be coupled or One or more processing modules electrically connected to the chipset are accessed or used.

計算設備的處理模組也可以透過記憶體控制器存取安裝於計算設備上的記憶體模組和大容量儲存區中的資料。上述之記憶體模組包含任何類型的揮發性記憶體(volatile memory)及/或非揮發性(non-volatile memory, NVRAM)記憶體,例如靜態隨機存取記憶體(Static Random Access Memory, SRAM)、動態隨機存取記憶體(Dynamic Random Access Memory, DRAM)、唯讀記憶體(Read-Only Memory, ROM)、快閃記憶體(Flash memory)等。上述之大容量儲存區可以包含任何類型的儲存裝置或儲存媒體,例如,硬碟機、光碟(optical disc)、隨身碟(flash drive)、記憶卡(memory card)、固態硬碟(Solid State Disk, SSD)、或任何其他儲存裝置等。也就是說,記憶體控制器可以存取靜態隨機存取記憶體、動態隨機存取記憶體、快閃記憶體、硬碟機、固態硬碟中的資料。The processing module of the computing device can also access the data in the memory module and the large-capacity storage area installed on the computing device through the memory controller. The above-mentioned memory modules include any type of volatile memory (volatile memory) and/or non-volatile memory (NVRAM), such as Static Random Access Memory (SRAM) , Dynamic Random Access Memory (DRAM), Read-Only Memory (ROM), Flash memory, etc. The aforementioned mass storage area can include any type of storage device or storage medium, such as hard disk drives, optical discs, flash drives, memory cards, and solid state disks. , SSD), or any other storage device, etc. In other words, the memory controller can access data in static random access memory, dynamic random access memory, flash memory, hard disk drives, and solid state drives.

計算設備的處理模組也可以透過周邊輸出入控制器經由周邊輸出入匯流排與周邊輸出裝置、周邊輸入裝置、通訊介面、及GPS接收器等周邊裝置或介面連接並通訊。周邊輸入裝置可以是任何類型的輸入裝置,例如鍵盤、滑鼠、軌跡球、觸控板、搖桿等,周邊輸出裝置可以是任何類型的輸出裝置,例如顯示器、印表機等,周邊輸入裝置與周邊輸出裝置也可以是同一裝置,例如觸控螢幕等。通訊介面可以包含無線通訊介面及/或有線通訊介面,無線通訊介面可以包含支援無線區域網路(如Wi-Fi、Zigbee等)、藍牙、紅外線、近場通訊(Near-field communication, NFC)、3G/4G/5G等行動通訊網路(蜂巢式網路)或其他無線資料傳輸協定的介面,有線通訊介面可為乙太網路裝置、DSL數據機、纜線(Cable)數據機、非同步傳輸模式(Asynchronous Transfer Mode, ATM)裝置、或光纖通訊介面及/或元件等。處理模組可以週期性地輪詢(polling)各種周邊裝置與介面,使得計算設備能夠透過各種周邊裝置與介面進行資料的輸入與輸出,也能夠與具有上面描述之硬體元件的另一個計算設備進行通訊。The processing module of the computing device can also connect and communicate with peripheral output devices, peripheral input devices, communication interfaces, and GPS receivers and other peripheral devices or interfaces through the peripheral I/O controller via the peripheral I/O bus. The peripheral input device can be any type of input device, such as a keyboard, mouse, trackball, touchpad, joystick, etc. The peripheral output device can be any type of output device, such as a display, a printer, etc., a peripheral input device It can also be the same device as the peripheral output device, such as a touch screen. The communication interface can include a wireless communication interface and/or a wired communication interface. The wireless communication interface can include support for wireless local area networks (such as Wi-Fi, Zigbee, etc.), Bluetooth, infrared, near-field communication (NFC), 3G/4G/5G and other mobile communication network (cellular network) or other wireless data transmission protocol interface, wired communication interface can be Ethernet device, DSL modem, cable modem, asynchronous transmission Mode (Asynchronous Transfer Mode, ATM) devices, or optical fiber communication interfaces and/or components, etc. The processing module can periodically poll various peripheral devices and interfaces, so that the computing device can input and output data through various peripheral devices and interfaces, and can also interact with another computing device with the hardware components described above. To communicate.

以下先以「第1圖」本創作所提之於公用設備確認身分後轉客戶端繼續作業之系統架構圖來說明本創作的系統運作。如「第1圖」所示,本創作之系統含有多媒體服務機130、晶片卡140、驗證伺服器170、客戶端190,及可附加的服務伺服器120、應用伺服器150。其中,服務伺服器120、多媒體服務機130、應用伺服器150、驗證伺服器170、客戶端190都可以是計算設備。The following first uses the system architecture diagram of "Figure 1" mentioned in the creation of the public equipment to confirm the identity and then transfer to the client to continue the operation to illustrate the system operation of this creation. As shown in "Figure 1", the creative system includes a multimedia server 130, a chip card 140, a verification server 170, a client 190, and a service server 120 and an application server 150 that can be attached. Among them, the service server 120, the multimedia server 130, the application server 150, the verification server 170, and the client 190 may all be computing devices.

服務伺服器120可以提供多媒體服務機130連接,藉以在多媒體服務機130上提供服務。在服務伺服器1210提供服務時,可以要求多媒體服務機130對操作者(使用者)進行身分確認。The service server 120 can provide a connection to the multimedia server 130 to provide services on the multimedia server 130. When the service server 1210 provides services, the multimedia server 130 may be required to confirm the identity of the operator (user).

服務伺服器120可以提供一種或多種服務。一般而言,服務伺服器120所提供的每一個服務可以有一個對應的圖示(icon)及一個或多個回傳參數。其中,回傳參數可以是提供服務的網址,也可以包含服務伺服器120的網路位址(IP address)或網域名稱(domain name)、服務伺服器120所提供之服務的應用程式介面、服務伺服器120的連接埠、需要提供給服務伺服器120的參數等資料,但本創作並不以此為限。The service server 120 may provide one or more services. Generally speaking, each service provided by the service server 120 may have a corresponding icon and one or more return parameters. Among them, the return parameter can be the URL of the service provided, or it can include the network address (IP address) or domain name of the service server 120, the application program interface of the service provided by the service server 120, The port of the service server 120, the parameters that need to be provided to the service server 120, and other data, but this creation is not limited to this.

多媒體服務機130可以取得與服務伺服器120所提供之服務對應的圖示與回傳參數,並可以顯示與服務伺服器120所提供之服務對應的圖示,並可以在圖示被選擇時,連線至提供對應之服務的服務伺服器120。The multimedia server 130 can obtain the icon and return parameters corresponding to the service provided by the service server 120, and can display the icon corresponding to the service provided by the service server 120, and when the icon is selected, Connect to the service server 120 that provides the corresponding service.

多媒體服務機130也可以在被服務伺服器120要求對操作者進行身分確認時,產生身分確認請求,並將所產生之身分確認請求傳送給應用伺服器150。The multimedia server 130 may also generate an identity confirmation request when requested by the service server 120 to confirm the identity of the operator, and send the generated identity confirmation request to the application server 150.

多媒體服務機130也負責連接晶片卡140。一般而言,多媒體服務機130可以包含晶片卡插槽(圖中未示),並可以透過晶片卡插槽連接晶片卡140,但多媒體服務機130與晶片卡140的連接方式並不以此為限,例如,多媒體服務機130也可以透過近場通訊等方式與晶片卡140連接。The multimedia server 130 is also responsible for connecting the chip card 140. Generally speaking, the multimedia server 130 may include a chip card slot (not shown in the figure), and the chip card 140 can be connected through the chip card slot, but the connection method of the multimedia server 130 and the chip card 140 is not in this way. However, for example, the multimedia server 130 can also be connected to the chip card 140 through a near field communication or the like.

多媒體服務機130也可以輸入卡片資訊。多媒體服務機130所輸入的卡片資訊包含將連接之晶片卡140的卡片種類、發卡單位等。其中,卡片種類包含但不限於金融卡、自然人憑證、工商憑證等;發卡單位通常表示發出晶片卡的銀行或政府部門等,但本創作並不以此為限。The multimedia server 130 can also input card information. The card information input by the multimedia server 130 includes the card type and the issuing unit of the chip card 140 to be connected. Among them, the card types include but are not limited to financial cards, natural person certificates, industrial and commercial certificates, etc.; the card issuer usually refers to the bank or government department that issued the chip card, but this creation is not limited to this.

在部分的實施例中,卡片資訊還可以包含晶片卡140的晶片密碼。晶片密碼可以是文字或生物特徵等形式,其中,文字形式的晶片密碼例如傳統以字母、數字、符號所組成的密碼,生物特徵形式的晶片密碼例如由指紋、虹膜或人臉所取出的特徵等,但本創作所提之晶片密碼亦不以上述為限。In some embodiments, the card information may also include the chip password of the chip card 140. Chip passwords can be in the form of text or biometrics. Among them, chip passwords in text form are traditional passwords composed of letters, numbers, and symbols, and chip passwords in biometric form are features extracted from fingerprints, irises, or human faces, etc. , But the chip cipher mentioned in this creation is not limited to the above.

多媒體服務機130也可以提供操作者輸入聯絡資訊。多媒體服務機130所輸入的連絡資訊包含但不限於操作者的電話號碼或電子郵件帳號或預先在應用伺服器150中註冊的帳號等能夠與操作者聯繫的資料。The multimedia server 130 can also provide the operator to input contact information. The contact information input by the multimedia server 130 includes, but is not limited to, the operator's phone number or e-mail account, or the account registered in the application server 150 in advance, and other information capable of contacting the operator.

多媒體服務機130也負責驅動所連接之晶片卡140。一般而言,多媒體服務機130可以依據與卡片資訊中的卡片種類(在部分的實施中還需要參考發卡單位)對應的方式驅動晶片卡140。多媒體服務機130也可以判斷所連接之晶片卡140是否與所取得之卡片資訊中的卡片類型相符。例如,多媒體服務機130可以使用與卡片類型對應的驅動方式或存取方式存取晶片卡140,並依據驅動或存取成功與否判斷晶片卡140是否與卡片類型相符。The multimedia server 130 is also responsible for driving the connected chip card 140. Generally speaking, the multimedia server 130 can drive the chip card 140 in a manner corresponding to the card type in the card information (in some implementations, the card issuing unit needs to be referred to). The multimedia server 130 can also determine whether the connected chip card 140 matches the card type in the obtained card information. For example, the multimedia server 130 can access the chip card 140 using a drive mode or an access mode corresponding to the card type, and determine whether the chip card 140 matches the card type according to whether the drive or access is successful.

在部分的實施例中,多媒體服務機130也可以接收應用伺服器150所傳送的驗證參數,並可以將所接收到的驗證參數提供給晶片卡140。本創作所提之驗證參數包含識別信物(token)、運算參數等項目。In some embodiments, the multimedia server 130 may also receive the verification parameters transmitted by the application server 150, and may provide the received verification parameters to the chip card 140. The verification parameters mentioned in this creation include items such as identification tokens (token) and calculation parameters.

多媒體服務機130也負責透過與晶片卡140的連接方式取得晶片卡140所產生的驗證資料。多媒體服務機130所取得的驗證資料通常是由特定數量之字母、數字、符號所組成的資料,在部分的實施例中,多媒體服務機130也可以在驗證資料中加入回傳參數。其中,回傳參數與被選擇之圖示所對應之服務伺服器120所提供之服務相對應。The multimedia server 130 is also responsible for obtaining the verification data generated by the chip card 140 through the connection with the chip card 140. The verification data obtained by the multimedia server 130 is usually data composed of a specific number of letters, numbers, and symbols. In some embodiments, the multimedia server 130 may also add return parameters to the verification data. Among them, the return parameter corresponds to the service provided by the service server 120 corresponding to the selected icon.

多媒體服務機130也可以將所取得的驗證資料傳送給驗證伺服器170。其中,多媒體服務機130可以直接將驗證資料傳送給驗證伺服器170,也可以間接地透過應用伺服器150將驗證資料傳送給驗證伺服器170。The multimedia server 130 may also send the obtained verification data to the verification server 170. Among them, the multimedia server 130 may directly send the verification data to the verification server 170, or may indirectly send the verification data to the verification server 170 through the application server 150.

多媒體服務機130也可以接收應用伺服器150所傳送的移轉訊息。本創作所提之移轉訊息可以讓客戶端190連線到驗證伺服器170,舉例來說,移轉訊息可以是與驗證伺服器170連接的網址或連接資訊,也可以是能夠藉以取得與驗證伺服器170連接之網址或連接資訊的資料,如二維條碼或圖片等。其中,連接參數可以包含驗證伺服器170所提供的應用程式介面或網路位址(IP address)或網域名稱(domain name)、驗證伺服器170的連接埠、及需要提供給驗證伺服器170的參數等,但本創作並不以此為限。The multimedia server 130 can also receive the transfer message sent by the application server 150. The transfer message mentioned in this creation can allow the client 190 to connect to the verification server 170. For example, the transfer message can be a URL or connection information connected to the verification server 170, or it can be obtained and verified. The web address or connection information to which the server 170 is connected, such as a two-dimensional bar code or a picture. Wherein, the connection parameters may include the application program interface or IP address or domain name provided by the authentication server 170, the port of the authentication server 170, and the port that needs to be provided to the authentication server 170 Parameters, etc., but this creation is not limited to this.

多媒體服務機130也可以顯示所接收到的移轉訊息,或可以將所接收到的移轉訊息傳送給客戶端190。其中,多媒體服務機130可以透過連接線或近場通訊等方式將移轉訊息傳送給客戶端190。The multimedia server 130 may also display the received transfer message, or may send the received transfer message to the client 190. Among them, the multimedia server 130 can transmit the transfer message to the client 190 through a connection line or near field communication.

晶片卡140負責產生驗證資料,並負責將所產生的驗證資料傳送給多媒體服務機130。一般而言,晶片卡140可以對特定資料進行特定運算以產生驗證資料。其中,上述之特定資料可以是預定的資料,也可以是多媒體服務機130所提供的資料,如驗證參數中的識別信物,但本創作所提之特定資料亦不以上述為限。The chip card 140 is responsible for generating verification data, and is responsible for transmitting the generated verification data to the multimedia server 130. Generally speaking, the chip card 140 can perform specific operations on specific data to generate verification data. The above-mentioned specific data may be predetermined data or data provided by the multimedia server 130, such as the identification token in the verification parameter, but the specific data mentioned in this creation is not limited to the above.

更詳細的,晶片卡140所進行之特定運算隨著晶片卡的卡片種類不同而有不同,例如,當晶片卡140的卡片種類為金融卡時,晶片卡140所進行之特定運算為押碼;而當晶片卡140的卡片種類為自然人憑證或工商憑證等憑證載具時,晶片卡所進行之特定運算為簽章。但本創作並不以此為限。另外,要說明的是,若驗證參數中包含運算參數,則晶片卡140可以依據運算參數運行特定運算,但本創作亦不以此為限。In more detail, the specific operation performed by the chip card 140 varies with the card type of the chip card. For example, when the card type of the chip card 140 is a financial card, the specific operation performed by the chip card 140 is a deposit; When the card type of the chip card 140 is a certificate carrier such as a natural person certificate or an industrial and commercial certificate, the specific calculation performed by the chip card is a signature. But this creation is not limited to this. In addition, it should be noted that if the verification parameters include calculation parameters, the chip card 140 can perform specific calculations according to the calculation parameters, but this creation is not limited to this.

應用伺服器150可以接收多媒體服務機130所傳送的身分確認請求,並可以在接收到身分確認請求時,連線至驗證伺服器170下載驗證參數,及可以將所下載的驗證參數傳送給多媒體服務機130。要說明的是,若驗證參數包含多種項目,則應用伺服器150可以一次下載所有項目,也可以分次下載不同項目,例如,應用伺服器150可以先連線到驗證伺服器170下載識別信物後,再次連線到驗證伺服器170下載運算參數。The application server 150 can receive the identity confirmation request sent by the multimedia server 130, and when receiving the identity confirmation request, it can connect to the authentication server 170 to download the authentication parameters, and can send the downloaded authentication parameters to the multimedia service机130. It should be noted that if the verification parameter contains multiple items, the application server 150 can download all the items at once, or download different items in stages. For example, the application server 150 can first connect to the verification server 170 after downloading the identification tokens. , Connect to the verification server 170 again to download the calculation parameters.

應用伺服器150也可以接收多媒體服務機130所傳送之由晶片卡140產生的驗證資料,並可以將所接收到的驗證資料轉傳給驗證伺服器170。在部分的實施例中,應用伺服器150也可以接收多媒體服務機130提供操作者輸入的聯絡資訊。The application server 150 can also receive the verification data generated by the chip card 140 sent by the multimedia server 130, and can forward the received verification data to the verification server 170. In some embodiments, the application server 150 may also receive the contact information input by the operator provided by the multimedia server 130.

應用伺服器150也可以將裝置識別資料傳送給驗證伺服器170。其中,裝置識別資料可以是應用伺服器150的網路位址或網域名稱、應用伺服器150的產品序號或設置於應用伺服器150中特定硬體的硬體序號等能夠代表應用伺服器150的資料,但本創作並不以此為限。The application server 150 may also send the device identification data to the verification server 170. The device identification data can be the network address or domain name of the application server 150, the product serial number of the application server 150, or the hardware serial number of a specific hardware set in the application server 150, which can represent the application server 150. Data, but this creation is not limited to this.

應用伺服器150也可以接收驗證伺服器170所產生的移轉訊息,並可以將所接收到的移轉訊息傳送到客戶端190或多媒體服務機130。其中,應用伺服器150可以依據多媒體伺服器130所傳送的連絡資訊取得操作者的電話號碼或電子郵件帳號,並可以透過簡訊或推播或電子郵件等方式將移轉訊息傳送給操作者所使用的客戶端190。The application server 150 may also receive the transfer message generated by the verification server 170, and may send the received transfer message to the client 190 or the multimedia server 130. Among them, the application server 150 can obtain the operator's phone number or email account based on the contact information sent by the multimedia server 130, and can send the transfer message to the operator by means of SMS, push broadcast, or email.的Client 190.

驗證伺服器170可以產生驗證參數,並可以將所產生的驗證參數傳送給應用伺服器150。驗證伺服器170可以隨機、流水號、及對應用伺服器150之裝置識別資料進行特定運算等一種或多種方式產生驗證參數,但本創作並不以此為限。其中,上述特定運算包含但不限於MD5等。The verification server 170 may generate verification parameters, and may transmit the generated verification parameters to the application server 150. The verification server 170 can generate verification parameters in one or more ways, such as random, serial number, and specific calculations on the device identification data of the application server 150, but this creation is not limited to this. Among them, the above-mentioned specific operations include but are not limited to MD5 and so on.

驗證伺服器170負責接收多媒體服務機130所傳送的驗證資料,並負責判斷所接收到的驗證資料是否通過驗證。例如,驗證伺服器170可以對驗證資料驗章,並可以依據驗章結果判斷驗證資料是否通過驗證;驗證伺服器170也可以使用與晶片卡140相同之特定運算以產生運算值,並比對所產生之運算值與驗證資料是否相同以判斷驗證資料是否通過驗證,但驗證伺服器170判斷驗證資料是否通過驗證之方式並不以上述為限。The verification server 170 is responsible for receiving the verification data sent by the multimedia server 130, and is responsible for determining whether the received verification data passes the verification. For example, the verification server 170 can verify the verification data, and can determine whether the verification data passes the verification based on the verification result; the verification server 170 can also use the same specific operation as the chip card 140 to generate the calculated value, and compare the results. Whether the generated calculated value is the same as the verification data is used to determine whether the verification data passes the verification, but the manner in which the verification server 170 determines whether the verification data passes the verification is not limited to the above.

驗證伺服器170也負責產生移轉訊息。一般而言,驗證伺服器170可以在判斷所接收到之驗證資料通過驗證時產生移轉訊息。在部分的實施例中,若驗證資料中包含回傳參數,則驗證伺服器170可以在產生移轉訊息時,將驗證資料中的回傳參數加入被產生的移轉訊息中。The verification server 170 is also responsible for generating the transfer message. Generally speaking, the verification server 170 can generate a transfer message when determining that the received verification data passes verification. In some embodiments, if the verification data includes return parameters, the verification server 170 may add the return parameters in the verification data to the generated migration message when generating the migration message.

客戶端190負責取得驗證伺服器170所產生的移轉訊息。客戶端190可以拍攝多媒體服務機130所顯示的移轉訊息,也可以接收應用伺服器150或多媒體服務機130所傳送的移轉訊息,但客戶端190取得移轉訊息之方式並不以上述為限。The client 190 is responsible for obtaining the transfer message generated by the verification server 170. The client 190 can capture the transfer message displayed by the multimedia server 130, and can also receive the transfer message sent by the application server 150 or the multimedia server 130, but the client 190 obtains the transfer message in a different way. limit.

客戶端190也負責依據所取得之移轉訊息連線至服務伺服器120。客戶端190可以將所取得之移轉訊息轉換為能夠連線到服務伺服器120的回傳參數,並依據回傳參數連線至服務伺服器120。The client 190 is also responsible for connecting to the service server 120 according to the obtained transfer message. The client 190 can convert the obtained transfer message into a return parameter that can be connected to the service server 120, and connect to the service server 120 according to the return parameter.

客戶端190也負責在連線至服務伺服器120後完成後續作業。上述之後續作業包含但不限於文件簽章及/或透過驗證伺服器170進行憑證申請等。The client 190 is also responsible for completing subsequent operations after connecting to the service server 120. The above-mentioned subsequent operations include, but are not limited to, document signing and/or certificate application through the verification server 170, etc.

接著以一個實施例來解說本創作的運作,並請參照「第2A圖」本創作所提之於公用設備確認身分後轉客戶端繼續作業之流程圖。在本實施例中,假設客戶端190為手機,但本創作並不以此為限。Next, an example is used to explain the operation of this authoring, and please refer to the flowchart of "Figure 2A" in this authoring for the transfer to the client after confirming the identity on the public device. In this embodiment, it is assumed that the client 190 is a mobile phone, but the creation is not limited to this.

當多媒體服務機130的操作者在操作多媒體服務機130時,若操作者在多媒體服務機130上選擇特定的圖示,則多媒體服務機130可以連接晶片卡140並驅動所連接的晶片卡140(步驟220)。在本實施例中,假設多媒體服務機130在操作者選擇圖示後,可以提示操作者將晶片卡140插入多媒體服務機130上的晶片卡插槽中,並可以在偵測到晶片卡140插入晶片卡插槽後連接並驅動晶片卡140。When the operator of the multimedia server 130 is operating the multimedia server 130, if the operator selects a specific icon on the multimedia server 130, the multimedia server 130 can connect the chip card 140 and drive the connected chip card 140 ( Step 220). In this embodiment, it is assumed that the multimedia server 130 can prompt the operator to insert the chip card 140 into the chip card slot on the multimedia server 130 after the operator selects the icon, and can detect that the chip card 140 is inserted The chip card slot is connected to and drives the chip card 140 after the chip card slot.

在晶片卡140被多媒體服務機130驅動後,晶片卡140可以產生驗證資料,並可以將所產生的驗證資料傳回多媒體服務機130(步驟240)。在本實施例中,若晶片卡140為憑證載具,則晶片卡140可以進行簽章運算以產生驗證資料;而若晶片卡為金融卡,則晶片卡140可以進行押碼運算以產生驗證資料。After the chip card 140 is driven by the multimedia server 130, the chip card 140 can generate verification data, and can transmit the generated verification data back to the multimedia server 130 (step 240). In this embodiment, if the chip card 140 is a credential carrier, the chip card 140 can perform a signature operation to generate verification data; and if the chip card is a financial card, the chip card 140 can perform a code operation to generate verification data .

實務上,上述多媒體服務機130連接並驅動晶片卡140(步驟220)及晶片卡140產生驗證資料並將所產生的驗證資料傳回多媒體服務機130(步驟240)的步驟也可以如「第2B圖」所示之流程。In practice, the above-mentioned multimedia server 130 connects and drives the chip card 140 (step 220) and the chip card 140 generates verification data and sends the generated verification data back to the multimedia server 130 (step 240). Figure" shows the process.

在操作者操作多媒體服務機130時,當操作者選擇圖示後,多媒體服務機130可以將服務請求傳送到與被選擇之圖示對應的服務伺服器120。若服務伺服器120判斷所接收到之服務請求所請求的服務需要進行身分確認,則服務伺服器120可以要求多媒體服務機130進行身分確認(步驟205)。When the operator operates the multimedia server 130, after the operator selects an icon, the multimedia server 130 may transmit a service request to the service server 120 corresponding to the selected icon. If the service server 120 determines that the service requested by the received service request requires identity verification, the service server 120 may request the multimedia server 130 to perform identity verification (step 205).

多媒體服務機130在接收到服務伺服器120的要求後,可以產生身分確認請求並可以將所產生的身分確認請求傳送到應用伺服器150(步驟211)。應用伺服器150在接收到多媒體服務機130所產生的身分確認請求後,可以連線到驗證伺服器170下載驗證參數,並可以將所下載的驗證參數傳送給多媒體服務機130(步驟215)。其中,驗證參數可以包含驗證伺服器170所產生的識別信物及運算參數。After receiving the request from the service server 120, the multimedia server 130 may generate an identity confirmation request and may transmit the generated identity confirmation request to the application server 150 (step 211). After receiving the identity confirmation request generated by the multimedia server 130, the application server 150 can connect to the authentication server 170 to download the authentication parameters, and can transmit the downloaded authentication parameters to the multimedia server 130 (step 215). Among them, the verification parameters may include the identification tokens and calculation parameters generated by the verification server 170.

在多媒體服務機130接收到應用伺服器150所傳送之驗證伺服器170產生的驗證參數後,可以顯示將晶片卡140插入多媒體服務機130的晶片卡插槽以進行身分確認的提示訊息,使得操作者將晶片卡140插入晶片卡插槽。多媒體服務機130也可以在偵測到晶片卡140插入晶片卡插槽後,顯示輸入卡片資訊的輸入介面,使得提供操作者輸入卡片種類、發卡單位、晶片密碼等卡片資訊(步驟225)。多媒體服務機130並可以在操作者完成卡片資訊的輸入後,連接被操作者插入晶片卡插槽的晶片卡140,並依據操作者所輸入之卡片資訊中的卡片種類(及發卡單位)驅動所連接的晶片卡140(步驟227),及將接收自應用伺服器150的驗證參數提供給晶片卡140(步驟230)。After the multimedia server 130 receives the authentication parameters generated by the authentication server 170 sent by the application server 150, it can display a prompt message for inserting the chip card 140 into the chip card slot of the multimedia server 130 for identity confirmation, so that the operation Insert the chip card 140 into the chip card slot. The multimedia server 130 can also display an input interface for inputting card information after detecting that the chip card 140 is inserted into the chip card slot, so that the operator can input card information such as card type, card issuing unit, chip password, etc. (step 225). The multimedia server 130 can also connect the chip card 140 inserted into the chip card slot by the operator after the operator completes the input of the card information, and drive the station according to the card type (and the issuing unit) in the card information input by the operator. The connected chip card 140 (step 227), and the verification parameters received from the application server 150 are provided to the chip card 140 (step 230).

晶片卡140可以在接收到多媒體服務機130所提供的驗證參數後,依據多媒體服務機130所提供的驗證參數產生驗證資料(步驟245)。也就是依據驗證參數中的運算參數對驗證參數中的識別信物進行運算以產生驗證資料。After receiving the verification parameters provided by the multimedia server 130, the chip card 140 may generate verification data according to the verification parameters provided by the multimedia server 130 (step 245). That is, the identification tokens in the verification parameters are calculated according to the calculation parameters in the verification parameters to generate verification data.

回到「第2A圖」,在多媒體服務機130取得晶片卡140所產生的驗證資料後,多媒體服務機130可以將所取得的驗證資料傳送到驗證伺服器170(步驟250)。在本實施例中,多媒體服務機130可以將與被操作者選擇之服務對應的回傳參數加入所取得的驗證資料中,並可以直接將驗證資料傳送給驗證伺服器170或透過應用伺服器150間接將驗證資料傳送給驗證伺服器170。Returning to "Figure 2A", after the multimedia server 130 obtains the verification data generated by the chip card 140, the multimedia server 130 may send the obtained verification data to the verification server 170 (step 250). In this embodiment, the multimedia server 130 may add the return parameters corresponding to the service selected by the operator to the obtained verification data, and may directly send the verification data to the verification server 170 or through the application server 150 The verification data is sent to the verification server 170 indirectly.

在驗證伺服器170接收到多媒體服務機130所傳送之由晶片卡140產生的驗證資料後,驗證伺服器170可以對所接收到的驗證資料進行驗證。若驗證伺服器170判斷驗證資料沒有通過驗證,則驗證伺服器170可以產生表示驗證失敗的驗證結果,並可以與多媒體服務機130傳送驗證資料到驗證伺服器170相同的方式將驗證結果傳回多媒體服務機130,使得多媒體服務機130可以在接收到表示驗證失敗的驗證結果後顯示相對應的結果畫面。After the verification server 170 receives the verification data generated by the chip card 140 sent by the multimedia server 130, the verification server 170 can verify the received verification data. If the verification server 170 determines that the verification data has not passed the verification, the verification server 170 can generate a verification result indicating that the verification failed, and can send the verification result back to the multimedia server 130 in the same way as the multimedia server 130 sends the verification data to the verification server 170. The server 130 allows the multimedia server 130 to display a corresponding result screen after receiving the verification result indicating that the verification failed.

而若驗證伺服器判斷驗證資料通過驗證,則驗證伺服器170可以產生移轉訊息(步驟260)。在本實施例中,假設驗證伺服器170可以先由驗證資料中取出回傳參數,再產生包含回傳參數的移轉訊息,並可以再產生包含移轉訊息之表示驗證成功的驗證結果。其中,移轉訊息可以是QR code。If the verification server determines that the verification data is verified, the verification server 170 may generate a transfer message (step 260). In this embodiment, it is assumed that the verification server 170 can first extract the return parameters from the verification data, then generate a transfer message including the return parameters, and then generate a verification result including the transfer message indicating that the verification is successful. Among them, the transfer message can be a QR code.

在驗證伺服器170產生移轉訊息後,客戶端190(多媒體服務機130之操作者所使用的手機)可以取得驗證伺服器170所產生的移轉訊息(步驟280)。在本實施例中,假設可以「第2D圖」所示之流程,驗證伺服器170可以使用與多媒體服務機130傳送驗證資料到驗證伺服器170相同的方式直接或透過應用伺服器150間接將所產生的驗證結果傳送給多媒體服務機130(步驟275),多媒體服務機130可以在接收到表示驗證通過的驗證結果後將驗證結果所包含的移轉訊息提供給客戶端190(步驟277),例如,多媒體服務機130可以顯示包含移轉訊息的結果畫面,操作者可以操作客戶端190拍攝多媒體服務機130所顯示的移轉訊息,或者,若多媒體服務機130可以與客戶端190以近場通訊或透過USB連接線等方式連接,則操作者也可以操作客戶端190與多媒體服務機130,使得客戶端190由多媒體服務機130下載移轉訊息;另外,在本實施例中,也可以「第2C圖」所示之流程,驗證伺服器170也可以將所產生的驗證結果傳送給應用伺服器150(步驟271),應用伺服器150可以在判斷驗證結果表示驗證資料通過驗證後,由驗證結果中取出移轉資料,並可以將所取出的移轉資料提供給客戶端190(步驟273),例如,應用伺服器150可以透過推播將移轉資料傳送到客戶端190,操作者可以操作客戶端190開啟收到推播的應用程式以取得移轉資料,或應用伺服器150也可以透過電子郵件將移轉資料發送給操作者,操作者可以操作客戶端190開啟電子郵件程式下載包含移轉資料的電子郵件。After the verification server 170 generates the transfer message, the client 190 (the mobile phone used by the operator of the multimedia server 130) can obtain the transfer message generated by the verification server 170 (step 280). In this embodiment, assuming that the process shown in "Figure 2D" can be used, the verification server 170 can use the same method as the multimedia server 130 to send verification data to the verification server 170, directly or indirectly through the application server 150. The generated verification result is sent to the multimedia server 130 (step 275), and the multimedia server 130 may provide the transfer message contained in the verification result to the client 190 after receiving the verification result indicating that the verification is passed (step 277), for example , The multimedia server 130 can display a result screen containing the transfer message, and the operator can operate the client 190 to capture the transfer message displayed by the multimedia server 130, or, if the multimedia server 130 can communicate with the client 190 in the near field or Connected via a USB cable, etc., the operator can also operate the client 190 and the multimedia server 130, so that the client 190 downloads the transfer message from the multimedia server 130; in addition, in this embodiment, it is also possible to "2C In the process shown in Figure, the verification server 170 may also send the generated verification result to the application server 150 (step 271). The application server 150 may determine that the verification result indicates that the verification data has passed the verification. Fetch the transfer data, and provide the fetched transfer data to the client 190 (step 273). For example, the application server 150 can send the transfer data to the client 190 through push broadcast, and the operator can operate the client 190 Open the application that received the push to obtain the transfer data, or the application server 150 can also send the transfer data to the operator via email, and the operator can operate the client 190 to open the email program to download the transfer data. email of.

回到「第2A圖」,在客戶端190取得驗證伺服器170所產生的移轉資料(步驟280)後,可以依據移轉資料連線到服務伺服器120完成後續作業(步驟290)。在本實施例中,假設客戶端190可以將所取得的移轉資料解碼為包含回傳參數的網址後,依據解碼產生的網址連線到服務伺服器120,服務伺服器120可以在客戶端190中沒有可使用的憑證時,將客戶端190導向至驗證伺服器170申請憑證,服務伺服器120也可以在客戶端190有可使用的憑證時,或在客戶端190已申請憑證後,產生合約等相關文件並將相關文件傳送給客戶端190,客戶端190可以在對相關文件簽章後將簽章值傳回服務伺服器120,服務伺服器120可以儲存所產生之相關文件與所接收到的簽章值。Returning to "Figure 2A", after the client 190 obtains the migration data generated by the verification server 170 (step 280), it can connect to the service server 120 according to the migration data to complete subsequent operations (step 290). In this embodiment, it is assumed that the client 190 can decode the acquired transfer data into a URL containing the return parameters, and then connects to the service server 120 according to the URL generated by the decoding, and the service server 120 can access the client 190 When there is no usable certificate in the server, the client 190 is directed to the verification server 170 to apply for a certificate. The service server 120 can also generate a contract when the client 190 has a usable certificate, or after the client 190 has applied for a certificate And other related documents and send the related documents to the client 190. The client 190 can send the signature value back to the service server 120 after signing the related documents. The service server 120 can store the generated related documents and the received documents. The signature value of.

如此,透過本創作,多媒體服務機130的操作者可以使用晶片卡140在多媒體服務機130上完成身分確認後,由客戶端190繼續後續程序。In this way, through this creation, the operator of the multimedia server 130 can use the chip card 140 to complete the identity verification on the multimedia server 130, and the client 190 will continue the subsequent procedures.

綜上所述,可知本創作與先前技術之間的差異在於具有多媒體服務機驅動所連接之晶片卡使晶片卡產生驗證資料後,將驗證資料傳送給驗證伺服器進行身分確認,驗證伺服器在驗證資料通過驗證後產生移轉訊息,使客戶端依據移轉訊息連線至服務伺服器完成後續作業之技術手段,藉由此一技術手段可以來解決先前技術所存在互動式資訊服務站不適合儲存私人資料以至於無法進行特定服務的問題,進而達成以私人設備完成在公用設備上開始進行之服務的技術功效。In summary, it can be seen that the difference between this creation and the prior art is that after the chip card is connected to the multimedia server driver to generate the verification data, the verification data is sent to the verification server for identity verification. The verification server is in After the verification data is verified, a transfer message is generated, which enables the client to connect to the service server to complete subsequent operations based on the transfer message. This technical method can solve the problem that the interactive information service station in the previous technology is not suitable for storage. The problem of private data so that it is impossible to perform a specific service, and then achieve the technical effect of using private equipment to complete the service started on the public equipment.

雖然本創作所揭露之實施方式如上,惟所述之內容並非用以直接限定本創作之專利保護範圍。任何本創作所屬技術領域中具有通常知識者,在不脫離本創作所揭露之精神和範圍的前提下,對本創作之實施的形式上及細節上作些許之更動潤飾,均屬於本創作之專利保護範圍。本創作之專利保護範圍,仍須以所附之申請專利範圍所界定者為準。Although the implementation of this creation is disclosed as above, the content described is not used to directly limit the scope of patent protection of this creation. Any person with ordinary knowledge in the technical field to which this creation belongs, without departing from the spirit and scope of this creation, makes a little modification in the form and details of the implementation of this creation, and it belongs to the patent protection of this creation. range. The scope of patent protection for this creation shall still be subject to the scope of the attached patent application.

120:服務伺服器 130:多媒體服務機 140:晶片卡 150:應用伺服器 170:驗證伺服器 190:客戶端 步驟205:服務伺服器要求多媒體服務機進行身分確認 步驟211:多媒體服務機傳送身分確認請求至應用伺服器 步驟215:應用伺服器連線至驗證伺服器下載驗證參數並將驗證參數傳送至多媒體服務機 步驟220:多媒體服務機連接晶片卡並驅動晶片卡 步驟225:多媒體服務機輸入卡片資訊 步驟227:多媒體服務機依據卡片資訊驅動晶片卡 步驟230:多媒體服務機提供驗證參數給晶片卡 步驟240:晶片卡產生驗證資料並將驗證資料傳回多媒體服務機 步驟245:晶片卡依據驗證參數產生驗證資料 步驟250:多媒體服務機傳送驗證資料至驗證伺服器 步驟260:驗證伺服器判斷驗證資料通過驗證後產生移轉訊息 步驟271:驗證伺服器傳送移轉訊息至應用伺服器 步驟273:應用伺服器提供移轉資料給客戶端 步驟275:應用伺服器傳送移轉訊息給多媒體服務機 步驟277:多媒體服務機提供移轉訊息給客戶端 步驟280:客戶端取得移轉訊息 步驟290:客戶端依據移轉訊息連線至服務伺服器完成後續作業120: service server 130: Multimedia server 140: chip card 150: application server 170: Verify server 190: client Step 205: The service server requests the multimedia server to confirm the identity Step 211: The multimedia server sends an identity confirmation request to the application server Step 215: The application server connects to the verification server to download the verification parameters and send the verification parameters to the multimedia server Step 220: The multimedia server connects the chip card and drives the chip card Step 225: Multimedia server enters card information Step 227: The multimedia server drives the chip card according to the card information Step 230: The multimedia server provides verification parameters to the chip card Step 240: The chip card generates verification data and sends the verification data back to the multimedia server Step 245: The chip card generates verification data according to the verification parameters Step 250: The multimedia server sends the verification data to the verification server Step 260: The verification server generates a migration message after determining that the verification data has passed verification Step 271: Verify that the server sends a migration message to the application server Step 273: The application server provides the transfer data to the client Step 275: The application server sends a transfer message to the multimedia server Step 277: The multimedia server provides the transfer message to the client Step 280: The client obtains the transfer message Step 290: The client connects to the service server according to the transfer message to complete subsequent operations

第1圖為本創作所提之於公用設備確認身分後轉客戶端繼續作業之系統架構圖。 第2A圖為本創作所提之於公用設備確認身分後轉客戶端繼續作業之流程圖。 第2B圖為本創作所提之觸發多媒體服務機驅動晶片卡產生驗證資料之流程圖。 第2C圖為本創作所提之客戶端取得驗證伺服器產生之移轉資料之流程圖。 第2D圖為本創作所提之另一種客戶端取得驗證伺服器產生之移轉資料之流程圖。 Figure 1 is a system architecture diagram of the creation of the system that the public equipment confirms the identity and then transfers to the client to continue the operation. Figure 2A is the flow chart of transferring to the client to continue the operation after confirming the identity on the public device mentioned in the creation. Figure 2B is the flow chart of triggering the multimedia server to drive the chip card to generate verification data. Figure 2C is the flow chart of the creation of the client to obtain the transfer data generated by the verification server. Figure 2D is a flow chart for another client to obtain the transfer data generated by the verification server.

120:服務伺服器 120: service server

130:多媒體服務機 130: Multimedia server

140:晶片卡 140: chip card

150:應用伺服器 150: application server

170:驗證伺服器 170: Verify server

190:客戶端 190: client

Claims (10)

一種於公用設備確認身分後轉客戶端繼續作業之系統,該系統至少包含: 一服務伺服器; 一晶片卡,用以產生一驗證資料; 一多媒體服務機,用以連接並驅動該晶片卡,並接收該驗證資料; 一驗證伺服器,用以接收該多媒體服務機所傳送之該驗證資料,並判斷該驗證資料通過驗證後產生一移轉訊息;及 一客戶端,用以取得該移轉訊息,並依據該移轉訊息連線至該服務伺服器完成後續作業。 A system that transfers to the client to continue operations after the identity of the public device is confirmed, the system at least includes: A service server; A chip card for generating a verification data; A multimedia server for connecting and driving the chip card and receiving the verification data; A verification server for receiving the verification data sent by the multimedia server, and generating a transfer message after determining that the verification data has passed the verification; and A client is used to obtain the transfer message, and connect to the service server according to the transfer message to complete subsequent operations. 如請求項1所述之於公用設備確認身分後轉客戶端繼續作業之系統,其中該系統更包含一應用伺服器,用以於接收到該多媒體服務機傳送之身分確認請求時,連線至該驗證伺服器下載一驗證參數並將該驗證參數傳送至該多媒體服務機,該多媒體服務機更用以提供該驗證參數給該晶片卡,使該晶片卡依據該驗證參數產生該驗證資料。As described in claim 1, the system that transfers to the client to continue the operation after confirming the identity on the public device, wherein the system further includes an application server for connecting to the multimedia server when the identity confirmation request sent by the multimedia server is received The verification server downloads a verification parameter and transmits the verification parameter to the multimedia server. The multimedia server is further used to provide the verification parameter to the chip card so that the chip card generates the verification data according to the verification parameter. 如請求項1所述之於公用設備確認身分後轉客戶端繼續作業之系統,其中該服務伺服器更用以提供該多媒體服務機連接,及要求該多媒體服務機進行身分確認。As described in claim 1, the system that transfers to the client to continue the operation after confirming the identity of the public device, wherein the service server is further used to provide the multimedia server connection and request the multimedia server to confirm the identity. 如請求項1所述之於公用設備確認身分後轉客戶端繼續作業之系統,其中該多媒體服務機是輸入一卡片資訊並依據該卡片資訊驅動該晶片卡。As described in claim 1, the system that transfers to the client to continue the operation after confirming the identity of the public equipment, wherein the multimedia server inputs a card information and drives the chip card according to the card information. 如請求項1所述之於公用設備確認身分後轉客戶端繼續作業之系統,其中該系統更包含一應用伺服器,用以接收該多媒體服務機傳送之該驗證資料並將該驗證資料傳送至該驗證伺服器。As described in claim 1, the system that transfers to the client to continue the operation after confirming the identity of the public equipment, wherein the system further includes an application server for receiving the verification data sent by the multimedia server and sending the verification data to The verification server. 如請求項1所述之於公用設備確認身分後轉客戶端繼續作業之系統,其中該系統更包含一應用伺服器,用以接收該驗證伺服器傳送之該移轉訊息,及用以傳送該移轉訊息至該客戶端、該應用伺服器傳送該移轉訊息給多媒體服務機使多媒體服務機顯示該移轉訊息給該客戶端拍攝、或該應用伺服器傳送該移轉訊息給該多媒體服務機使該多媒體服務機傳送該移轉訊息給該客戶端,使該客戶端取得該移轉訊息。As described in claim 1, the system that transfers to the client to continue the operation after the identity is confirmed on the public equipment, wherein the system further includes an application server for receiving the transfer message sent by the authentication server and for sending the The transfer message is transferred to the client, the application server sends the transfer message to the multimedia server so that the multimedia server displays the transfer message to the client for shooting, or the application server sends the transfer message to the multimedia service The machine causes the multimedia server to send the transfer message to the client, so that the client obtains the transfer message. 如請求項1所述之於公用設備確認身分後轉客戶端繼續作業之系統,其中該客戶端是透過該驗證伺服器進行憑證申請、文件簽章及/或與服務伺服器連接以完成後續作業。As described in claim 1, the system that transfers to the client to continue the operation after confirming the identity on the public device, where the client uses the authentication server to apply for certificate, sign documents and/or connect with the service server to complete subsequent operations . 如請求項1所述之於公用設備確認身分後轉客戶端繼續作業之系統,其中該多媒體服務機更用以將與該服務伺服器對應之一回傳參數加入該驗證資料,該驗證伺服器更用以將該回傳資料加入該移轉訊息,使該客戶端依據該回傳資料連線至該服務伺服器。As described in claim 1, the system that transfers to the client to continue the operation after confirming the identity on the public device, wherein the multimedia server is further used to add a return parameter corresponding to the service server to the verification data, and the verification server It is further used to add the returned data to the transfer message, so that the client can connect to the service server based on the returned data. 如請求項1所述之於公用設備確認身分後轉客戶端繼續作業之系統,其中該多媒體服務機更用以輸入一卡片資訊,並依據該卡片資訊驅動該晶片卡。As described in claim 1, the system that transfers to the client to continue the operation after confirming the identity of the public equipment, wherein the multimedia server is further used to input a card information, and drive the chip card according to the card information. 如請求項9所述之於公用設備確認身分後轉客戶端繼續作業之系統,其中該晶片卡更用以於該卡片資訊中之晶片密碼通過驗證後產生該驗證資料。As described in claim 9, the system that transfers to the client to continue the operation after confirming the identity on the public equipment, wherein the chip card is further used to generate the verification data after the chip password in the card information is verified.
TW109214385U 2020-10-30 2020-10-30 System for transferring to client end to continue operation after confirming the identity on the public equipment TWM609003U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109214385U TWM609003U (en) 2020-10-30 2020-10-30 System for transferring to client end to continue operation after confirming the identity on the public equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109214385U TWM609003U (en) 2020-10-30 2020-10-30 System for transferring to client end to continue operation after confirming the identity on the public equipment

Publications (1)

Publication Number Publication Date
TWM609003U true TWM609003U (en) 2021-03-11

Family

ID=76036943

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109214385U TWM609003U (en) 2020-10-30 2020-10-30 System for transferring to client end to continue operation after confirming the identity on the public equipment

Country Status (1)

Country Link
TW (1) TWM609003U (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI798997B (en) * 2021-12-15 2023-04-11 中慧通金融科技股份有限公司 Information system and information managing method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI798997B (en) * 2021-12-15 2023-04-11 中慧通金融科技股份有限公司 Information system and information managing method

Similar Documents

Publication Publication Date Title
CN107851254B (en) Seamless transactions with minimized user input
CN109804376A (en) User and equipment certification for web application
CN103942897A (en) Method for money withdrawing without card on ATM
TWM539667U (en) System of online credentials application for network transaction via carrier
TWI644276B (en) System for opening account and applying mobile banking account online and method thereof
TWI720738B (en) System for combining architectures of fido and pki to identity user and method thereof
TWM601411U (en) System for digital account application by using ATM to obtain authentication
WO2006017144A2 (en) Real-time entry and verification of pin at point-of-sale terminal
TWM594186U (en) Device and system combining online rapid authentication and public key infrastructure to identify identity
TWM609003U (en) System for transferring to client end to continue operation after confirming the identity on the public equipment
TWM539668U (en) System for opening account online and applying for mobile banking
TWM641468U (en) Electronic certificate and digital certificate verification system through third-party platform
TWI784339B (en) System for changing to client to continue operations after confirming identity on public device and method thereof
TWI653588B (en) Method of cross-platform payment in mobile devices
JP2018116727A (en) System, storage medium processor, point account registration method and program
TWM618726U (en) System for verifying identity on different devices based on certificates and verification data
TWM620550U (en) System for verifying identity on different devices by verifying valid certificates
TWI792010B (en) System for using automation machine to scan barcode and verify identity for applying account and method thereof
TWI790495B (en) System for driving smart card by third-party device for identity verification and method thereof
TWM583978U (en) System of using physical carrier to store digital certificate for performing online transaction
TWM588313U (en) System for confirming user identity through financial account information
TWM608117U (en) System of identity verification by third-party device driven chip card
TW201824129A (en) System for applying for certificate online through carrier for transaction and method thereof
JP6310562B2 (en) System, storage medium processing apparatus, electronic money account registration method, digital ticket account registration method, and program
TWI831029B (en) System for confirming identity on different devices by verifying certification and verification code and method thereof

Legal Events

Date Code Title Description
MM4K Annulment or lapse of a utility model due to non-payment of fees