TW200536337A - Method of user authentication - Google Patents

Method of user authentication Download PDF

Info

Publication number
TW200536337A
TW200536337A TW93111325A TW93111325A TW200536337A TW 200536337 A TW200536337 A TW 200536337A TW 93111325 A TW93111325 A TW 93111325A TW 93111325 A TW93111325 A TW 93111325A TW 200536337 A TW200536337 A TW 200536337A
Authority
TW
Taiwan
Prior art keywords
user
computer system
identity
patent application
scope
Prior art date
Application number
TW93111325A
Other languages
Chinese (zh)
Inventor
Kuo-Chung Cheng
Original Assignee
Kuo-Chung Cheng
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kuo-Chung Cheng filed Critical Kuo-Chung Cheng
Priority to TW93111325A priority Critical patent/TW200536337A/en
Publication of TW200536337A publication Critical patent/TW200536337A/en

Links

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method of user authentication is disclosed. According to the method, a host system, such as a server, shows a list of personal information, and a part of the list corresponds with correct answer. After the user responding to the question, the host system will verify the answer; then permit or reject the login procedure.

Description

200536337 五、發明說明(1) 【發明所屬之技術領域】 本發明係關於電腦系統核對使用端身份之方法,特 別是電腦利用使用者已登錄之個人資訊,輸出身份驗證 選單,再由使用端選擇正確之對應資訊,以達到強化身 份驗證之安全性,減少他人惡意盜用之機會。 【先前技術】 在使用電腦系統時,通常在使用端輸入登錄名稱及 密碼,經電腦系統查核後授權使用或拒絕登入。而應用 在金融交易時,通常由使用端***金融卡,並鍵入個人 密碼,經電腦系統查核後授權使用者取款、轉帳或查 詢。 不過上述習知之技藝,經常發生他人惡意盜用。例 如:側錄金融卡磁條資訊及密碼,即可很容易複製偽 卡,進行盜領。因此如何以經濟有效方法,提高身份驗 證之保密安全等級,進而保障用戶及業者之權益,為目 前急待解決之課題。 【發明内容】 本發明之目的,即針對上述問題發展出新的電腦系 統核對使用端身份之實施方式。本發明電腦系統核對使 用端身份之方法,其特點為電腦系統利用已登錄之個人 資料,輸出身份驗證選單,由使用端輸入正確之對應資 訊,經電腦系統查核後,核定使用端之權限,藉以提高 身份驗証之安全性。200536337 V. Description of the invention (1) [Technical field to which the invention belongs] The present invention relates to a method for a computer system to verify the identity of a user, in particular, the computer uses the personal information that the user has logged in to output an identity verification menu, which is then selected by the user. Correct the corresponding information to enhance the security of identity verification and reduce the chance of malicious misappropriation by others. [Previous technology] When using a computer system, usually enter the login name and password at the user end, and after the computer system checks, authorize the use or reject the login. For applications in financial transactions, the user usually inserts a financial card and enters a personal password. After checking by the computer system, the user is authorized to withdraw, transfer or query. However, the above-mentioned conventional skills often involve malicious misappropriation by others. For example, by recording the magnetic stripe information and password of a financial card, you can easily copy the fake card and steal it. Therefore, how to raise the level of confidentiality and security of identity verification in a cost-effective manner to protect the rights and interests of users and operators is an urgent issue. [Summary of the Invention] The object of the present invention is to develop a new computer system for checking the identity of the user based on the above problems. The method for verifying the identity of the user by the computer system of the present invention is characterized in that the computer system uses the registered personal data to output an identity verification menu, and the user inputs the correct corresponding information. After checking by the computer system, the authority of the user is verified, thereby Improve the security of authentication.

200536337 五、發明說明(2) 依據本發明之特色,利用一本發明較佳之實例,以 說明此種身份驗證方法應用在金融自動櫃員機系統之驗 證程序,其目的乃在提高交易操作之安全防護,其方法 包含下列步驟: 1. 使用者將金融卡***自動櫃員機系統; 2. 自動櫃員機系統讀取金融卡内資訊; 3. 使用者輸入個人密碼; 4. 自動櫃員機系統查核登入資訊和密碼,決定是否授權 使用端繼續進行登入程序; 5. 如果初步通過驗註,自動櫃員機系統依據原先登錄之 個人資料,輸出身份驗證選單,輸出螢幕出現多個待選 項目,其中只有一個或二個(含)以上符合使用者原先登 載在資料系統中之個人資訊,例如選項顯示如下: 您的通訊電話後四碼為何? (1) xxxxl234 (2) xxxx5678 (3) χχχχ 012 5 (4) xxxxl 123 (5) xxxx2222 (6) xxxx3333 (7) xxxx2266 (8) χχχχ 3 3 5 6200536337 V. Description of the invention (2) According to the features of the present invention, a better example of the present invention is used to illustrate the application of this identity verification method to the financial ATM system verification procedure, the purpose of which is to improve the security protection of transaction operations, The method includes the following steps: 1. The user inserts a financial card into the ATM system; 2. The ATM system reads the information in the financial card; 3. The user enters a personal password; 4. The ATM system checks the login information and password to determine Whether to authorize the user to continue the login process; 5. If the initial verification is passed, the ATM system will output the authentication menu based on the personal information that was originally registered, and there will be multiple items to be selected on the output screen, including only one or two (inclusive) The above is consistent with the personal information that the user originally posted in the data system. For example, the options are displayed as follows: What is the last four digits of your communication phone? (1) xxxxl234 (2) xxxx5678 (3) χχχχ 012 5 (4) xxxxl 123 (5) xxxx2222 (6) xxxx3333 (7) xxxx2266 (8) χχχχ 3 3 5 6

200536337 五、發明說明(3) (9) xxxx 9 0 2 5 (10) xxxx4236 請按選項碼後確認。 假設第(7 )項才是符合原先登載之選項,其他項目則 由電腦隨機或依設定產生。使用者選取身份驗證項次, 自動櫃員機系統查核登錄資料,如果和設定符合則屬登 入成功,可以進行交易,反之則拒絕登入操作。 選項之種類可由個人資料組成,舉例如下: 1 .姓名之全部或部分; 2. 身分證字號之全部或部分; 3. 出生年月日之全部或部分; 4. 登錄地址之全部或部分; 5. 登錄電話之全部或部分; 6. 登錄電子郵件地址之全部或部分; 7. 出生地之全部或部分; 8. 星座、血型之全部或部分; 9. 車牌號碼之全部或部分; 1 0 ·畢業學校; 11.電影、書名、運動、歌名等個人偏好。 上述身份驗證選項可以依設定循環或隨機輸出提供 使用端選擇,以供查核。例如:第一次使用端登入時, 查核地址資料;第二次登入時查核電話號碼;第三次查200536337 V. Description of the invention (3) (9) xxxx 9 0 2 5 (10) xxxx4236 Please press the option code to confirm. It is assumed that item (7) is the option that fits the original publication, and the other items are randomly generated or set by the computer. The user selects an authentication item, and the ATM system checks the login data. If it matches the settings, the login is successful and the transaction can be performed. Otherwise, the login operation is refused. The types of options can be composed of personal information, for example as follows: 1. All or part of the name; 2. All or part of the identity card number; 3. All or part of the date of birth; 4. All or part of the registered address; 5 All or part of the login phone; 6. All or part of the login email address; 7. All or part of the place of birth; 8. All or part of the constellation and blood type; 9. All or part of the license plate number; 1 0 · Graduation school; 11. Personal preferences such as movie, book title, sports, song title. The above authentication options can provide user-end selections for verification based on set loops or random output. For example: the first time the user logs in, check the address information; the second time check the phone number; the third check

200536337 五、發明說明(4) 核出生日期等,以降低他人惡意側錄盜用之機會。 另外本發明之特點為,可以由上述身份驗證選項作 二種或者二種以上之組合驗証程序,以降低他人惡意側 錄盜用之機會。 本發明之重大優點為,在不須要改變現有設備下, 即可著手引入本發明之方法,立刻提昇現有金融櫃員機 之安全等級。200536337 V. Description of the invention (4) Nuclear birth date, etc., to reduce the chance of others maliciously recording and embezzling. In addition, the present invention is characterized in that the above-mentioned identity verification option can be used as two or more kinds of combined verification procedures to reduce the chance of malicious profile theft by others. The great advantage of the present invention is that without changing the existing equipment, the method of the present invention can be introduced to immediately improve the security level of the existing financial teller machine.

以上說明係利用一較佳實施例詳細闡明本發明,而 非限制本發明之範疇,而且熟知此類技藝之人士皆可明 瞭,適度而作些微之調整或改變,仍將不失本發明之要 義所在,亦不脫離本發明之精神和範圍。The above description uses a preferred embodiment to clarify the present invention in detail, but not to limit the scope of the present invention, and those skilled in the art will understand that modest adjustments or changes will still be made without departing from the spirit of the present invention. It does not depart from the spirit and scope of the present invention.

第8頁 200536337 圖式簡單說明 第9頁Page 8 200536337 Schematic Description Page 9

Claims (1)

200536337 六、申請專利範圍 1. 一種電腦系統核對使用端身份之方法,其方法至少包 含: (1 )使用端輸入登入資訊; (2 )電腦系統輸出身份驗證選單,其中只有部分項次為已 登載在電腦系統上之正確使用端資料; (3 )使用端從輸出之身份驗證選單中,輸入對應之資訊; (4 )電腦系統核對使用端輸入之對應資訊,以決定使用端 之授權等級,或者拒絕使用端之登入。 2 . 如申請專利範圍第1項之電腦系統核對使用端身份之 方法,其中使用端輸入登入資訊之方法,至少包含利用 可讀取之媒體輸入登入資訊至電腦系統。 3. 如申請專利範圍第1項之電腦系統核對使用端身份之 方法,其中使用端輸入登入資訊之方法,至少包含使用 端以人工方式輸入登入資訊至電腦系統。 4. 如申請專利範圍第1項之電腦系統核對使用端身份之 方法,其t使用端輸入登入資訊之方法,至少包含使用 端利用可讀取之媒體輸入密碼。 5. 如申請專利範圍第1項之電腦系統核對使用端身份之 方法,其中使用端輸入登入資訊之方法,至少包含使用 者以人工方式輸入密碼。 6. 如申請專利範圍第1、2、3、4或5項之電腦系統核對 使用端身份之方法,其中電腦系統輸出身份驗證選單項 目,更包含已登載在電腦系統上使用端資料中之一項或 多項的組合。200536337 VI. Scope of Patent Application 1. A method for verifying the identity of the user by a computer system, the method at least includes: (1) the user enters the login information; (2) the computer system outputs an identity verification menu, only some of which are registered The correct user-end information on the computer system; (3) the user enters the corresponding information from the output authentication menu; (4) the computer system checks the corresponding information entered by the user to determine the authorization level of the user, or Deny login from the client. 2. For the method of verifying the identity of the client by the computer system in item 1 of the scope of patent application, the method of entering login information by the client includes at least entering the login information to the computer system using a readable medium. 3. For the method of verifying the identity of the user by the computer system in item 1 of the scope of patent application, the method of entering the login information by the user includes at least the user manually entering the login information into the computer system. 4. For the method of verifying the identity of the user by the computer system in item 1 of the scope of patent application, the method for the user to enter the login information includes at least the user using a readable medium to enter the password. 5. For the method of verifying the identity of the client by the computer system in item 1 of the scope of patent application, the method of entering the login information by the client includes at least the user entering the password manually. 6. For the method of verifying the user's identity by the computer system in the scope of patent application No. 1, 2, 3, 4 or 5, the computer system outputs an identity verification menu item, and it also contains one of the user's information posted on the computer system Item or combination of items. 第10頁 200536337 六、申請專利範圍 7. 如申請專利範圍第1 、2、3、4、5或6項,其中電腦系 統更包含金融交易系統,至少可供使用端取款,和/或轉 帳,和/或查詢,和/或加值,和/或變更密碼,和/或申 請,和/或啟用,和/或設定之操作。 im· 200536337 六、指定代表圖 (一) 、本案代表圖為:第________圖 (二) 、本案代表圖之元件代表符號簡單說明: IB·!Page 10 200536337 6. Scope of Patent Application 7. If the scope of patent application is No. 1, 2, 3, 4, 5 or 6, the computer system also includes a financial transaction system, which can be used for at least withdrawals and / or transfers, And / or query, and / or add value, and / or change password, and / or apply, and / or enable, and / or set operations. im · 200536337 VI. Designated Representative Map (1) The representative map in this case is: Figure ________ (II). The component representative symbols of the representative map in this case are simply explained: IB ·!
TW93111325A 2004-04-23 2004-04-23 Method of user authentication TW200536337A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW93111325A TW200536337A (en) 2004-04-23 2004-04-23 Method of user authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW93111325A TW200536337A (en) 2004-04-23 2004-04-23 Method of user authentication

Publications (1)

Publication Number Publication Date
TW200536337A true TW200536337A (en) 2005-11-01

Family

ID=52348890

Family Applications (1)

Application Number Title Priority Date Filing Date
TW93111325A TW200536337A (en) 2004-04-23 2004-04-23 Method of user authentication

Country Status (1)

Country Link
TW (1) TW200536337A (en)

Similar Documents

Publication Publication Date Title
US11991175B2 (en) User authentication based on device identifier further identifying software agent
US9992194B2 (en) System and method of notifying mobile devices to complete transactions
RU2747947C2 (en) Systems and methods of personal identification and verification
US9596089B2 (en) Method for generating a certificate
US8661520B2 (en) Systems and methods for identification and authentication of a user
US8146143B1 (en) Fraud detection
US7548890B2 (en) Systems and methods for identification and authentication of a user
CN101258507B (en) Mass storage device with automated credentials loading
US20080052245A1 (en) Advanced multi-factor authentication methods
KR100548638B1 (en) Creating and authenticating one time password using smartcard and the smartcard therefor
US20110142234A1 (en) Multi-Factor Authentication Using a Mobile Phone
US20080216172A1 (en) Systems, methods, and apparatus for secure transactions in trusted systems
JP2004519874A (en) Trusted Authentication Digital Signature (TADS) System
EP2095221A2 (en) Systems and methods for identification and authentication of a user
CN1956016A (en) Storage media issuing method
JP2015088080A (en) Authentication system, authentication method, and program
KR20070084801A (en) Creating and authenticating one time password using smartcard and the smartcard therefor
WO2012051590A1 (en) Systems and methods for authenticating aspects of an oline transaction using a secure peripheral device having a message display and/or user input
WO2006132175A1 (en) Web page real/fake confirming device, web page real/fake confirming method, and its program
EP3443501A1 (en) Account access
JP2002312326A (en) Multiple authentication method using electronic device with usb interface
US11893587B2 (en) System for enhanced authentication using non-fungible tokens (NFTs)
KR100648986B1 (en) Service system and method for electronic name card, device and method for authentication of electronic name card
WO2008024362A9 (en) Advanced multi-factor authentication methods
CN1604525A (en) Granting access to a system based on the use of a card having stored user data thereon