TWM536775U - Authentication system of electronic transaction utilizing mobile device application - Google Patents

Authentication system of electronic transaction utilizing mobile device application Download PDF

Info

Publication number
TWM536775U
TWM536775U TW105215804U TW105215804U TWM536775U TW M536775 U TWM536775 U TW M536775U TW 105215804 U TW105215804 U TW 105215804U TW 105215804 U TW105215804 U TW 105215804U TW M536775 U TWM536775 U TW M536775U
Authority
TW
Taiwan
Prior art keywords
data
account identification
transaction
biometric
user
Prior art date
Application number
TW105215804U
Other languages
Chinese (zh)
Inventor
hong-long Shao
Original Assignee
Fubon Securities Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fubon Securities Co Ltd filed Critical Fubon Securities Co Ltd
Priority to TW105215804U priority Critical patent/TWM536775U/en
Publication of TWM536775U publication Critical patent/TWM536775U/en

Links

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Collating Specific Patterns (AREA)

Description

利用行動裝置應用程式的電子交易認證系統 Electronic transaction authentication system using mobile device application

本新型是有關於電子交易認證,特別是指一種利用行動裝置應用程式的電子交易認證系統。 The new model is related to electronic transaction authentication, and in particular to an electronic transaction authentication system that utilizes a mobile device application.

隨著金融科技(FinTech)風潮興起,一般投資人通常可經由執行一安裝於一行動裝置的應用程式來進行相關於金融的操作,例如在線的股票看盤、股票電子下單的電子交易等。由於執行應用程式期間,使用者在登入使用者電子帳戶之前或者欲進行一電子交易時,通常需要以手動方式輸入使用者相關資料,諸如使用者電子帳號及密碼,作為判定是否准予登入該使用者電子帳戶或者執行該電子交易的使用者身分識別資料。然而,此手動輸入操作恐因無法避免的誤動作,例如按錯輸入鍵而導致密碼鎖定或無法登入/交易的窘境。如此,對於例如股票投資人而言上述的使用者身分驗證方式恐無法滿足「速度」、「安全」與「便利」的需求。因此,現有使用者身分驗證方法仍有改良的空間。 With the rise of the financial technology (FinTech), the average investor can usually perform financial related operations by executing an application installed on a mobile device, such as online stock trading, electronic trading of stock electronic orders, and the like. During the execution of the application, the user usually needs to manually input user-related information, such as the user's electronic account number and password, before deciding to log in to the user's electronic account or to conduct an electronic transaction. An electronic account or a user identity identification material that performs the electronic transaction. However, this manual input operation may be an unavoidable malfunction, such as a password lock or a failure to log in/transaction by pressing the wrong input key. As such, for example, the stock user verification method described above may not satisfy the requirements of "speed", "safety" and "convenience". Therefore, there is still room for improvement in the existing user identity verification method.

因此,本新型的目的,即在提供一種電子交易認證系統,能克服習知技藝至少一個缺點。 Accordingly, it is an object of the present invention to provide an electronic transaction authentication system that overcomes at least one of the disadvantages of the prior art.

於是,本新型一種電子交易認證系統,包含一行動裝置,屬於一使用者,並包括一組配來經由一通訊網路連接一伺服器的通訊模組、一儲存模組、一可***作來產生輸入資料的使用者輸入輸出單元、一可用來擷取至少一個相關於人的特徵以產生對應的生物特徵資料的生物特徵擷取單元、及一處理單元。該儲存模組組配來儲存一相關於金融交易的應用程式,以及相關於該使用者的帳號識別資料、參考登入認證資料及參考交易認證資料,該帳戶識別資料已預先儲存於該伺服器且包含一對應於一由該伺服器所提供且指派給該使用者的使用者帳戶的使用者帳號、及一唯一對應於該使用者帳號之密碼,該參考登入認證資料包含該帳戶識別資料及登入生物特徵資料其中至少一者,該登入生物特徵資料相關於至少一生物特徵,該參考交易認證資料包含該帳戶識別資料及交易生物特徵資料其中至少一者,該交易生物特徵資料相關於至少一生物特徵。該處理單元電連接該通訊模組、該儲存模組、該生物特徵擷取單元及該使用者輸入輸出單元,其中,當該處理單元執行儲存於該儲存模組的該應用程式時,該處理單元接收到來自於該使用者輸入輸出單元與該生物特徵擷取單元其中至少一者且經由該使用者輸入輸出單元與該生物特徵擷取單元其中該至少一者之操作所產生的登入 認證資料,並判定該登入認證資料與該儲存模組所儲存的該參考登入認證資料是否相同,而且在判定出該登入認證資料與該參考登入認證資料相同時,產生一包含該儲存模組所儲存的該帳戶識別資料的登入請求,並將該登入請求藉由該通訊模組經由該通訊網路傳送至該伺服器,以致該伺服器根據所接收到來自該行動裝置的該登入請求資料及所儲存的該帳戶識別資料,決定是否允許該行動裝置登入該使用者帳戶。該處理單元在該行動裝置登入該使用者帳戶期間內接收到經由該使用者輸入輸出單元之操作所產生且相關於該使用者帳戶的一電子交易之交易資料時,該處理單元接收到來自於該使用者輸入輸出單元與該生物特徵擷取單元其中至少一者且經由該使用者輸入輸出單元與該生物特徵擷取單元其中該至少一者之操作所產生的交易認證資料,並判定該交易認證資料與該儲存模組所儲存的該參考交易認證資料是否相同,而且在判定出該交易認證資料與該參考交易認證資料相同時,產生一包含該儲存模組所儲存的該帳戶識別資料及所接收的該交易資料的交易請求,並且將該交易請求藉由該通訊模組經由該通訊網路傳送至該伺服器,以致該伺服器根據所接收到來自該行動裝置的該交易請求及所儲存的該帳戶識別資料,決定是否執行該電子交易。 Therefore, the electronic transaction authentication system of the present invention comprises a mobile device belonging to a user, and comprises a communication module, a storage module, and an operable module, which are configured to be connected to a server via a communication network. The user input and output unit of the input data, a biometric extraction unit that can be used to retrieve at least one feature related to the person to generate corresponding biometric data, and a processing unit. The storage module is configured to store an application related to the financial transaction, and the account identification data, the reference login authentication data and the reference transaction authentication data related to the user, the account identification data is pre-stored on the server and Included in the user account corresponding to a user account provided by the server and assigned to the user, and a password corresponding to the user account, the reference login authentication data includes the account identification information and login At least one of the biometric data, the login biometric data is related to at least one biometric, the reference transaction authentication material comprising at least one of the account identification data and the transaction biometric data, the transaction biometric data being related to at least one biometric feature. The processing unit is electrically connected to the communication module, the storage module, the biometric extraction unit, and the user input and output unit, wherein when the processing unit executes the application stored in the storage module, the processing Receiving, by the unit, the login generated by the at least one of the user input and output unit and the biometric capture unit and the operation of the at least one of the biometric capture unit and the biometric capture unit Authenticating the data, and determining whether the login authentication data is the same as the reference login authentication data stored by the storage module, and when determining that the login authentication data is the same as the reference login authentication data, generating a storage module Storing the login request of the account identification data, and transmitting the login request to the server via the communication network by the communication module, so that the server receives the login request data and the location from the mobile device according to the The stored account identification data determines whether the mobile device is allowed to log in to the user account. The processing unit receives the transaction data generated by the operation of the user input and output unit and is related to an electronic transaction of the user account during the login of the mobile device to the user account, the processing unit receives the transaction data from the electronic transaction Determining the transaction by at least one of the user input and output unit and the biometric capture unit and via the operation of the at least one of the user input and output unit and the biometric capture unit Whether the authentication data is the same as the reference transaction authentication data stored by the storage module, and when it is determined that the transaction authentication data is the same as the reference transaction authentication data, generating an account identification data stored by the storage module and Receiving a transaction request for the transaction data, and transmitting the transaction request to the server via the communication network by the communication module, so that the server receives and stores the transaction request and the stored information from the mobile device The account identifies the information and decides whether to execute the electronic transaction.

本新型的功效在於:該行動裝置在傳送該登入/交易請求至該伺服器之前,該行動裝置的該處理單元必須先藉由執行該應用 程式進行欲登入/交易者的身分驗證程序,以便安全且正確地驗證使用者身分。特別是,在該身分驗證程序中,被該處理單元用來作為比對標的的該參考登入/交易認證資料除了是可含有習知文字形式的該帳戶識別資料(即,該使用者帳號及該密碼)外,還可以是含有相關於至少一生物特徵的資料,或者是不僅含有該帳戶識別資料而且含有相關於至少一生物特徵的資料,故在登入該使用者帳戶及執行該電子交易前,確實能以高度安全性來驗證使用者身分。 The effect of the novel is that the processing unit of the mobile device must first execute the application before transmitting the login/transaction request to the server. The program performs an identity verification procedure for the login/trader to verify the identity of the user safely and correctly. In particular, in the identity verification program, the reference login/transaction authentication data used by the processing unit as a comparison target is in addition to the account identification data in the form of a conventional text (ie, the user account and the In addition to the password, it may also contain data related to at least one biometric feature, or contain not only the account identification data but also information related to at least one biometric, so before logging into the user account and executing the electronic transaction, It is true that the user's identity can be verified with a high degree of security.

100‧‧‧電子交易認證系統 100‧‧‧Electronic Transaction Certification System

1‧‧‧行動裝置 1‧‧‧ mobile device

11‧‧‧通訊模組 11‧‧‧Communication module

12‧‧‧儲存模組 12‧‧‧ Storage Module

13‧‧‧使用者輸入輸出單元 13‧‧‧User input and output unit

14‧‧‧生物特徵擷取單元 14‧‧‧Biometric extraction unit

141‧‧‧收音模組 141‧‧‧ Radio Module

142‧‧‧影像拍攝模組 142‧‧‧Image Capture Module

143‧‧‧影像掃描模組 143‧‧‧Image scanning module

2‧‧‧伺服器 2‧‧‧Server

3‧‧‧帳戶識別資料 3‧‧‧Account identification information

31‧‧‧使用者帳號 31‧‧‧User account

32‧‧‧密碼 32‧‧‧ password

4‧‧‧應用程式 4‧‧‧Application

5‧‧‧參考登入認證資料 5‧‧‧Refer to login authentication information

6‧‧‧參考交易認證資料 6‧‧‧Reference transaction certification information

200‧‧‧通訊網路 200‧‧‧Communication network

S21~S35‧‧‧步驟 S21~S35‧‧‧Steps

本新型的其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中:圖1是一方塊圖,示例性地說明本新型利用行動裝置應用程式的電子交易認證系統的一實施例;及圖2是一流程圖,示例性地說明該實施例如何利用行動裝置應用程式來執行電子交易認證程序。 Other features and effects of the present invention will be apparent from the following description of the drawings. FIG. 1 is a block diagram illustrating an implementation of the electronic transaction authentication system of the present invention using a mobile device application. And FIG. 2 is a flow chart exemplarily illustrating how the embodiment utilizes a mobile device application to execute an electronic transaction authentication program.

參閱圖1,本新型實施例的一種電子交易認證系統100包含一行動裝置1及一伺服器2。該行動裝置1係屬於一使用者,且該使用者擁有一個由例如一證劵公司的金融機構所提供並指派給該使用者的使用者帳戶,例如一證券帳戶。該伺服器2係屬於該金融機構,並能決定是否允許該行動裝置1登入該使用者帳戶以及是否 執行相關於該使用者帳戶的任何交易。 Referring to FIG. 1, an electronic transaction authentication system 100 of the present invention includes a mobile device 1 and a server 2. The mobile device 1 belongs to a user and the user owns a user account provided by the financial institution such as a securities company and assigned to the user, such as a securities account. The server 2 belongs to the financial institution and can decide whether to allow the mobile device 1 to log in to the user account and whether Perform any transaction related to this user account.

該行動裝置1包括一組配來經由例如網際網路的一通訊網路200連接該伺服器2的通訊模組11、一儲存模組12、一使用者輸入輸出單元13、一生物特徵擷取單元14、及一處理單元15。在本實施例中,該行動裝置1可被實施為例如一智慧型手機,並不以此為限,而在其他的實施態樣中,該行動裝置1亦可被實施為一平板電腦。 The mobile device 1 includes a communication module 11 connected to the server 2 via a communication network 200 such as the Internet, a storage module 12, a user input and output unit 13, and a biometric capture unit. 14. A processing unit 15. In this embodiment, the mobile device 1 can be implemented as a smart phone, for example, and in other embodiments, the mobile device 1 can also be implemented as a tablet computer.

該使用者輸入輸出單元13可***作來產生輸入資料,在本實施例中,該使用者輸入輸出單元13可被實施為例如一觸控顯示面板,但不以此為限。 The user input and output unit 13 can be operated to generate input data. In this embodiment, the user input and output unit 13 can be implemented as, for example, a touch display panel, but not limited thereto.

該生物特徵擷取單元14可用來擷取至少一個相關於人的特徵以產生對應的生物特徵資料。在本實施例中,生物特徵擷取單元14能擷取多個人的特徵,例如人聲、指紋人臉及虹膜等特徵,且例如包括一用於收集人聲的音頻信號的收音模組141、一用於拍攝例如人臉及虹膜的影像的影像拍攝模組142、及一用於掃描例如指紋的影像的影像掃描模組143,並不以此為限。 The biometric extraction unit 14 can be configured to capture at least one human related feature to generate corresponding biometric data. In this embodiment, the biometric capture unit 14 can capture features of a plurality of people, such as vocals, fingerprint faces, and irises, and includes, for example, a radio module 141 for collecting audio signals of human voices. The image capturing module 142 for capturing images of the face and the iris, and the image scanning module 143 for scanning images such as fingerprints are not limited thereto.

該處理單元15電連接該通訊模組11、該儲存模組12、該使用者輸入輸出單元13、及該生物特徵擷取單元14。 The processing unit 15 is electrically connected to the communication module 11 , the storage module 12 , the user input and output unit 13 , and the biometric extraction unit 14 .

在本實施例中,該伺服器2已預先儲存相關於該使用者的帳戶識別資料3,該帳戶識別資料3例如包含一對應於該使用者帳戶 該的使用者帳號31、及一唯一對應於該使用者帳號31的密碼32,該伺服器2還提供一相關於金融交易的應用程式4。 In this embodiment, the server 2 has pre-stored the account identification data 3 related to the user, and the account identification data 3 includes, for example, a corresponding account. The user account 31 and a password 32 uniquely corresponding to the user account 31, the server 2 also provides an application 4 related to the financial transaction.

以下將配合圖1及圖2,示例性地說明利該電子交易認證系統100如何利用該應用程式4來執行電子交易認證程序。該電子交易認證程序包含以下步驟。 1 and 2, an example of how the electronic transaction authentication system 100 utilizes the application 4 to execute an electronic transaction authentication program will be exemplarily illustrated. The electronic transaction certification program includes the following steps.

在步驟S21中,在建立該通訊模組11與該伺服器2之間的連接後,該處理單元15藉由該通訊模組11且經由該通訊網路200下載來自於該伺服器2的該應用程式4。 In step S21, after establishing the connection between the communication module 11 and the server 2, the processing unit 15 downloads the application from the server 2 via the communication module 11 and via the communication network 200. Program 4.

在步驟S22中,該處理單元15初始執行在步驟S21所下載的該應用程式4以便經由該使用者輸入輸出單元13的操作獲得該帳戶識別資料3且經由該使用者輸入輸出單元13及該生物特徵擷取單元14其中至少一者的操作獲得參考登入認證資料5及參考交易認證資料6,並將所獲得的該帳戶識別資料3、該參考登入認證資料5、該參考交易認證資料6及該應用程式4儲存於該儲存模組12。值得注意的是,該參考登入認證資料5包含該帳戶識別資料3及登入生物特徵資料其中至少一者,且該登入生物特徵資料相關於至少一生物特徵,而該參考交易認證資料6包含該帳戶識別資料3及交易生物特徵資料其中至少一者,且該交易生物特徵資料相關於至少一生物特徵。本實施例中,該登入生物特徵資料所相關的該至少一生物特徵係選自例如聲音特徵、指紋特徵、虹膜特徵及人臉特徵的任一組 合。同樣地,該交易生物特徵資料所相關的該至少一生物特徵係選自例如聲音特徵、指紋特徵、虹膜特徵及人臉特徵的任一組合,但不以此為限。 In step S22, the processing unit 15 initially executes the application 4 downloaded in step S21 to obtain the account identification material 3 via the operation of the user input and output unit 13 and via the user input and output unit 13 and the creature. The operation of at least one of the feature extraction unit 14 obtains the reference login authentication data 5 and the reference transaction authentication data 6, and obtains the obtained account identification data 3, the reference login authentication data 5, the reference transaction authentication data 6 and the The application 4 is stored in the storage module 12. It should be noted that the reference login authentication material 5 includes at least one of the account identification data 3 and the login biometric data, and the login biometric data is related to at least one biometric, and the reference transaction authentication material 6 includes the account. Identifying at least one of the material 3 and the transaction biometric data, and the transaction biometric data is related to at least one biometric. In this embodiment, the at least one biometric associated with the login biometric data is selected from any group of, for example, a sound feature, a fingerprint feature, an iris feature, and a face feature. Hehe. Similarly, the at least one biometric associated with the transaction biometric data is selected from any combination of, for example, a sound feature, a fingerprint feature, an iris feature, and a face feature, but is not limited thereto.

更具體地,當該處理單元初始執行該應用程式4時,使得該使用者輸入輸出單元13經由人為操作而產生該帳戶識別資料3,值得注意的是,該帳戶識別資料3的該密碼32可是一由該伺服器2所給予的密碼,或者是一由該使用者所決定的密碼。於是,該處理單元15在接收到該使用者輸入輸出單元13所產生的該帳戶識別資料3時,先將所接收的該帳戶識別資料3加密後再儲存於該儲存模組12,換言之,該處理單元15是以一加密形式儲存該帳戶識別資料3,但不在此限。此外,依照該使用者所決定,該使用者輸入輸出單元13或(及)該生物特徵擷取單元14(共同)產生該參考登入認證資料5及該參考交易認證資料6。舉例而言,若該參考登入認證資料5僅包含該登入生物特徵資料且該登入生物特徵資料僅相關於例如虹膜特徵的單一生物特徵時,在此情況下,僅需藉由該生物特徵擷取單元14的該影像拍攝模組142拍攝該使用者眼睛以擷取具有虹膜特徵的影像資料作為該登入生物特徵資料,且另一方面,若該參考交易認證資料6包含該帳戶識別資料及該交易生物特徵資料且同時該交易生物特徵資料相關於例如指紋特徵及虹膜特徵的兩個生物特徵時,在此情況下,不僅需藉由該使用者輸入輸出單元13產生 該帳戶識別資料3,而且需藉由該生物特徵擷取單元14的該影像拍攝模組142拍攝該使用者眼睛以擷取具有虹膜特徵的影像資料並藉由該影像掃描模組143掃描該使用者指紋以擷取具有指紋特徵的指紋資料,在此情況下,該影像資料與該指紋資料共同構成該交易生物特徵資料。於是,該處理單元15在接收到該使用者輸入輸出單元13或(及)該生物特徵擷取單元14所(共同)產生的該參考登入認證資料5及該參考交易認證資料6時,將該參考登入認證資料5及該參考交易認證資料6儲存於該儲存模組12。 More specifically, when the processing unit initially executes the application 4, the user input and output unit 13 causes the account identification data 3 to be generated through a human operation. It is noted that the password 32 of the account identification material 3 may be A password given by the server 2, or a password determined by the user. Therefore, when receiving the account identification data 3 generated by the user input and output unit 13, the processing unit 15 first encrypts the received account identification data 3 and stores it in the storage module 12, in other words, the The processing unit 15 stores the account identification data 3 in an encrypted form, but is not limited thereto. In addition, the user input/output unit 13 or (and) the biometric extraction unit 14 (commonly) generates the reference login authentication data 5 and the reference transaction authentication data 6 according to the user's decision. For example, if the reference login authentication material 5 only includes the login biometric data and the login biometric data is only related to a single biometric such as an iris feature, in this case, only the biometric feature needs to be captured. The image capturing module 142 of the unit 14 captures the user's eyes to capture the image data having the iris characteristics as the login biometric data, and on the other hand, if the reference transaction authentication data 6 includes the account identification data and the transaction The biometric data and at the same time the transaction biometric data is related to two biometric features such as fingerprint features and iris features, in this case, not only by the user input and output unit 13 The account identification data 3 is captured by the image capturing module 142 of the biometrics capturing unit 14 to capture image data having iris characteristics and scan the image by the image scanning module 143. The fingerprint is used to capture fingerprint data having fingerprint characteristics. In this case, the image data and the fingerprint data together constitute the transaction biometric data. Therefore, when the processing unit 15 receives the reference login authentication data 5 generated by the user input/output unit 13 or (and) the biometric extraction unit 14 and the reference transaction authentication data 6, the processing unit 15 The reference login authentication data 5 and the reference transaction authentication data 6 are stored in the storage module 12.

由上述可知,步驟S21及S22可被視為實際上利用該應用程式4進行登入該使用者帳戶之前的前置準備程序,此前置準備程序是為了準備好對於之後所進行的登入程序及交易程序時要被用來驗證使用者身分的驗證資料。 As can be seen from the above, steps S21 and S22 can be regarded as a pre-preparation procedure before actually logging in to the user account by using the application 4. The pre-preparation procedure is to prepare for the login procedure and transaction performed later. The verification data to be used to verify the identity of the user.

當一使用者欲藉由該行動裝置1登入該使用者帳戶時,在步驟S23中,該處理單元15經由執行儲存於該儲存模組12的該應用程式4,接收到來自於該使用者輸入輸出單元13與該生物特徵擷取單元14其中至少一者且經由該使用者輸入輸出單元13與該生物特徵擷取單元14其中該至少一者之操作所產生的登入認證資料。依照前例,在此階段,相似於該參考登入認證資料5,該處理單元15所接收到的該登入認證資料例如僅包含由該生物特徵擷取單元14的該影像拍攝模組142所拍攝欲登入者之眼睛而擷取到具有虹膜特徵 的影像資料。 When a user wants to log in to the user account by the mobile device 1, the processing unit 15 receives the user input from the application 4 stored in the storage module 12 in step S23. The login authentication data generated by the operation of at least one of the output unit 13 and the biometric capture unit 14 and via the user input and output unit 13 and the at least one of the biometric capture unit 14 . According to the previous example, at this stage, similar to the reference login authentication data 5, the login authentication data received by the processing unit 15 includes, for example, only the image capturing module 142 of the biometrics capturing unit 14 is required to log in. Iris eye with the characteristics of the iris Image data.

在步驟S24中,該處理單元15判定該登入認證資料與該儲存模組12所儲存的該參考登入認證資料5是否相同。當該判定結果為肯定時,流程進行步驟S25,否則流程進行步驟S26。更具體地,依照前例,若該處理單元15判定出該登入認證資料(即具有欲登入者之虹膜特徵的該影像資料)相同於該參考登入認證資料5(即具有該使用者之虹膜特徵的該影像資料)時,意謂欲登入該使用者帳戶的使用者身分被成功驗證。相反地,若該處理單元15判定出該登入認證資料不同於該參考登入認證資料5時,意謂欲登入者的使用者身分未被成功驗證(即驗證失敗),在此情況下,該處理單元15將一指示出身分驗證失敗的錯誤訊息輸出至該使用者輸入輸出單元13並控制該使用者輸入輸出單元13顯示該錯誤訊息(步驟S26)。 In step S24, the processing unit 15 determines whether the login authentication data is the same as the reference login authentication data 5 stored in the storage module 12. When the result of the determination is affirmative, the flow proceeds to step S25, otherwise the flow proceeds to step S26. More specifically, according to the previous example, if the processing unit 15 determines that the login authentication data (ie, the image data having the iris feature of the registrant) is the same as the reference login authentication data 5 (ie, has the iris characteristic of the user) In the case of the image data, it means that the identity of the user who wants to log in to the user account is successfully verified. Conversely, if the processing unit 15 determines that the login authentication data is different from the reference login authentication data 5, it means that the user identity of the logged in user is not successfully verified (ie, the verification fails), in this case, the processing The unit 15 outputs an error message indicating that the identity verification has failed to the user input/output unit 13 and controls the user input/output unit 13 to display the error message (step S26).

在步驟S25中,該處理單元15在判定出該登入認證資料與該參考登入認證資料5相同時,產生一包含該儲存模組12所儲存的該帳戶識別資料3的登入請求,並將該登入請求藉由該通訊模組11經由該通訊網路200傳送至該伺服器2。值得一提的是,為了傳輸安全,該登入請求所包含的該帳戶識別資料3例如可以是一加密形式,但不在此限。 In step S25, the processing unit 15 generates a login request including the account identification data 3 stored by the storage module 12 when the login authentication data is determined to be the same as the reference login authentication data 5, and the login is generated. The request is transmitted to the server 2 via the communication network 200 by the communication module 11. It is worth mentioning that, for transmission security, the account identification data 3 included in the login request may be, for example, an encrypted form, but not limited thereto.

跟隨在步驟S25的步驟S27中,該伺服器2在接收到來自該行動裝置1的該登入請求時,判定該登入請求的該帳戶識別資料3 與所儲存的該帳戶識別資料3是否相同。當該判定結果為肯定時,該伺服器2允許該行動裝置2登入該使用者帳戶(步驟S28),否則流程進行步驟S29。如此,該伺服器2可根據所接收到的該登入請求及所儲存的該帳戶識別資料3,決定是否允許該行動裝置1登入該使用者帳戶。值得一提的是,若該登入請求的該帳戶識別資料3為加密資料時,該伺服器2須先以一對應於先前加密方式的解密方式將該帳戶識別資料解密後再行比對。理想上,該登入請求的該帳戶識別資料3應相同於該伺服器2所儲存的該帳戶識別資料3。惟,若在資料傳輸過程中因故導致該登入請求的該帳戶識別資料3發生缺損的情況下,該伺服器2恐將判定出該登入請求的該帳戶識別資料3不同於該伺服器2所儲存的該帳戶識別資料3。在此情況下,該伺服器2經由該通訊網路200傳送一指示出登入失敗的錯誤訊息至該行動裝置1(步驟S29)。 Following step S27 of step S25, the server 2 determines the account identification data 3 of the login request upon receiving the login request from the mobile device 1. Whether it is the same as the stored account identification data 3. When the result of the determination is affirmative, the server 2 allows the mobile device 2 to log in to the user account (step S28), otherwise the flow proceeds to step S29. In this way, the server 2 can decide whether to allow the mobile device 1 to log in to the user account according to the received login request and the stored account identification data 3. It is worth mentioning that if the account identification data 3 of the login request is encrypted data, the server 2 first decrypts the account identification data in a decryption manner corresponding to the previous encryption mode and then compares the account identification data. Ideally, the account identification data 3 of the login request should be identical to the account identification data 3 stored by the server 2. However, if the account identification data 3 of the login request is defective during the data transmission process, the server 2 may determine that the account identification data 3 of the login request is different from the server 2 The account identification data stored is 3. In this case, the server 2 transmits an error message indicating the login failure to the mobile device 1 via the communication network 200 (step S29).

在該行動裝置1登入該使用者帳戶期間,當一使用者欲進行一相關於該使用者帳戶的電子交易時,跟隨在步驟S28的步驟S30中,該處理單元15在接收到經由該使用者輸入輸出單元13之操作所產生的該電子交易之交易資料後,經由執行儲存於該儲存模組12的該應用程式4,接收來自於該使用者輸入輸出單元13與該生物特徵擷取單元14其中至少一者且經由該使用者輸入輸出單元13與該生物特徵擷取單元14其中該至少一者之操作所產生的交易認證 資料。依照前例,在此階段,相似於該參考交易認證資料6,該處理單元15所接收到的該登入認證資料例如不僅包含由該使用者輸入輸出單元13所產生的帳戶資料,還包含由該生物特徵擷取單元14的該影像拍攝模組142所拍攝欲交易者之眼睛所擷取到具有虹膜特徵的影像資料,以及由該影像掃描模組142掃描欲交易者之指紋所擷取到具有指紋特徵的指紋資料。 During the login of the mobile device 1 to the user account, when a user wants to perform an electronic transaction related to the user account, following the step S30 of step S28, the processing unit 15 receives the user via the user. After the transaction data of the electronic transaction generated by the operation of the input and output unit 13 is received, the application input unit 13 and the biometric extraction unit 14 are received from the application 4 stored in the storage module 12. At least one of the transaction authentication generated by the operation of the at least one of the user input and output unit 13 and the biometric extraction unit 14 data. According to the previous example, at this stage, similar to the reference transaction authentication data 6, the login authentication data received by the processing unit 15 includes, for example, not only the account data generated by the user input and output unit 13, but also the creature. The image capturing module 142 of the feature capturing unit 14 captures image data having iris characteristics captured by the eye of the trader, and scans the fingerprint of the trader by the image scanning module 142 to obtain the fingerprint. Characteristic fingerprint data.

在步驟S31中,該處理單元15判定該交易認證資料與該儲存模組12所儲存的該參考交易認證資料6是否相同。當該判定結果為肯定時,流程進行步驟32,否則流程返回至步驟S26。更具體地,依照前例,若該處理單元15判定出該登入認證資料(即該帳戶資料,以及相關於欲交易者的該影像資料及該指紋資料)相同於該參考交易認證資料6(即該帳戶識別資料,以及相關於該使用者的該影像資料及該指紋資料)時,意謂欲交易者的使用者身分被成功驗證。相反地,若該處理單元15判定出該登入認證資料不同於該參考交易認證資料6時,意謂欲交易者的使用者身分未被成功驗證(即驗證失敗),在此情況下,該處理單元15將一指示出身分驗證失敗的錯誤訊息輸出至該使用者輸入輸出單元13並控制該使用者輸入輸出單元13顯示該錯誤訊息(步驟S26)。 In step S31, the processing unit 15 determines whether the transaction authentication data is the same as the reference transaction authentication data 6 stored in the storage module 12. When the result of the determination is affirmative, the flow proceeds to step 32, otherwise the flow returns to step S26. More specifically, according to the previous example, if the processing unit 15 determines that the login authentication data (ie, the account information, and the image data related to the trader and the fingerprint data) is the same as the reference transaction authentication data 6 (ie, the The account identification data, as well as the image data and the fingerprint data related to the user, means that the user identity of the trader is successfully verified. Conversely, if the processing unit 15 determines that the login authentication data is different from the reference transaction authentication data 6, it means that the user identity of the trader is not successfully verified (ie, the verification fails), in this case, the processing The unit 15 outputs an error message indicating that the identity verification has failed to the user input/output unit 13 and controls the user input/output unit 13 to display the error message (step S26).

在步驟S32中,該處理單元15在判定出該交易認證資料與該參考登入認證資料5相同時,產生一包含該儲存模組12所儲存 的該帳戶識別資料3及該交易資料的交易請求,並將該交易請求藉由該通訊模組11經由該通訊網路200傳送至該伺服器2。值得一提的是,為了傳輸安全,該交易請求所包含的該帳戶識別資料3及該交易資料例如可以是一加密形式,但不在此限。 In step S32, when the processing unit 15 determines that the transaction authentication data is the same as the reference login authentication data 5, the processing unit 15 generates a storage module 12 The account identification data 3 and the transaction request of the transaction data, and the transaction request is transmitted to the server 2 via the communication network 200 by the communication module 11. It is worth mentioning that, for transmission security, the account identification data 3 and the transaction data contained in the transaction request may be, for example, an encrypted form, but not limited thereto.

在步驟S33中,該伺服器2在接收到來自該行動裝置1的該交易請求時,判定該交易請求的該帳戶識別資料3與所儲存的該帳戶識別資料3是否相同。當該判定結果為肯定時,該伺服器2執行該電子交易(步驟S34),否則流程進行步驟S35。如此,該伺服器2可根據所接收到的該交易請求及所儲存的該帳戶識別資料3,決定是否執行該電子交易。值得一提的是,若該交易請求的該帳戶識別資料3及該交易資料均為加密資料時,該伺服器2須先以一對應於先前加密方式的解密方式將該帳戶識別資料及該交易資料解密。理想上,該交易請求的該帳戶識別資料3應相同於該伺服器2所儲存的該帳戶識別資料3。惟,若在資料傳輸過程中因故導致該登入請求的該帳戶識別資料3發生缺損的情況下,該伺服器2恐將判定出該交易請求的該帳戶識別資料3不同於該伺服器2所儲存的該帳戶識別資料3。在此情況下,該伺服器2經由該通訊網路200傳送一指示出交易失敗的錯誤訊息至該行動裝置1(步驟S35)。 In step S33, upon receiving the transaction request from the mobile device 1, the server 2 determines whether the account identification data 3 of the transaction request is the same as the stored account identification data 3. When the result of the determination is affirmative, the server 2 executes the electronic transaction (step S34), otherwise the flow proceeds to step S35. In this way, the server 2 can decide whether to execute the electronic transaction according to the received transaction request and the stored account identification data 3. It is worth mentioning that if the account identification data 3 and the transaction data of the transaction request are encrypted data, the server 2 must first identify the account and the transaction in a decryption manner corresponding to the previous encryption mode. Data decryption. Ideally, the account identification data 3 of the transaction request should be identical to the account identification data 3 stored by the server 2. However, if the account identification data 3 of the login request is defective due to the data transmission process, the server 2 may determine that the account identification data 3 of the transaction request is different from the server 2 The account identification data stored is 3. In this case, the server 2 transmits an error message indicating the failure of the transaction to the mobile device 1 via the communication network 200 (step S35).

此外,附帶一提的是,在本實施例中,該應用程式4提了供變更密碼的功能。所以,當該使用者欲更新該帳戶識別資料3的 該密碼32時,在該行動裝置1登入該使用者帳戶期間,該處理單元經由該應用程式4的執行,以一來自於該使用者輸入輸出單元13的更新密碼更新該儲存模組12所儲存的該帳戶識別資料3,並藉由該通訊模組11且經由該通訊網路將該儲存模組12所儲存且已被更新的該帳戶識別資料3傳送至該伺服器。於是,該伺服器2在接收到來自該行動裝置1的該帳戶識別資料3時,以所接收的該帳戶識別資料3來更新所儲存的該帳戶識別資料3。 In addition, it is noted that, in this embodiment, the application 4 provides a function for changing a password. Therefore, when the user wants to update the account identification data 3 When the mobile device 1 is logged into the user account, the processing unit updates the storage module 12 with an update password from the user input/output unit 13 via the execution of the application 4. The account identification data 3 is transmitted to the server by the communication module 11 and via the communication network, the account identification data 3 stored and updated by the storage module 12. Then, when receiving the account identification data 3 from the mobile device 1, the server 2 updates the stored account identification data 3 with the received account identification data 3.

綜上所述,該行動裝置1在傳送該登入/交易請求至該伺服器2之前,該行動裝置4的該處理單元15必須先藉由執行該應用程式4進行欲登入/交易者的身分驗證程序,以便安全且正確地驗證使用者身分。特別是,在該身分驗證程序中,被該處理單元15用來作為比對標的的該參考登入/交易認證資料5/6除了是可含有習知文字形式的帳戶資料(即,該使用者帳號31及該密碼32)外,還可以是含有相關於至少一生物特徵的資料,或者是不僅含有該帳戶識別資料而且含有相關於至少一生物特徵的資料,故在登入該使用者帳戶及執行該電子交易前,確實能以高度安全性來驗證的使用者身分。另一方面,若該參考登入/交易認證資料5/6為僅含有相關於單一生物特徵(如虹膜特徵或指紋特徵)的資料時,對比於習知需要使用者手動鍵入帳戶資料(即使用者帳號及密碼)之方式,此身分驗證程序不僅對於使用者而言操作上相對方便,而且能確保高度安全性 的同時,更可相對快速地完成。故確實能達成本新型的目的。 In summary, before the mobile device 1 transmits the login/transaction request to the server 2, the processing unit 15 of the mobile device 4 must first perform verification of the identity of the user to be logged in/executed by executing the application 4. Program to verify user identity safely and correctly. In particular, in the identity verification program, the reference login/transaction authentication material 5/6 used by the processing unit 15 as the comparison target is in addition to the account information (ie, the user account) in the form of a conventional text. 31 and the password 32) may also be related to at least one biometric material, or contain not only the account identification data but also information related to at least one biometric, so the user account is logged in and executed. Before the electronic transaction, the user identity can be verified with high security. On the other hand, if the reference login/transaction authentication material 5/6 is only containing information related to a single biometric (such as iris feature or fingerprint feature), the user is required to manually type the account data (ie, the user). The account and password method, this identity verification program is not only convenient for the user, but also ensures high security. At the same time, it can be done relatively quickly. Therefore, the purpose of this novel can be achieved.

惟以上所述者,僅為本新型的實施例而已,當不能以此限定本新型實施的範圍,凡依本新型申請專利範圍及專利說明書內容所作的簡單的等效變化與修飾,皆仍屬本新型專利涵蓋的範圍內。 However, the above is only the embodiment of the present invention, and when it is not possible to limit the scope of the present invention, the simple equivalent changes and modifications made according to the scope of the novel application and the contents of the patent specification are still This new patent covers the scope.

100‧‧‧電子交易認證系統 100‧‧‧Electronic Transaction Certification System

1‧‧‧行動裝置 1‧‧‧ mobile device

11‧‧‧通訊模組 11‧‧‧Communication module

12‧‧‧儲存模組 12‧‧‧ Storage Module

13‧‧‧使用者輸入輸出單元 13‧‧‧User input and output unit

14‧‧‧生物特徵擷取單元 14‧‧‧Biometric extraction unit

141‧‧‧影像拍攝模組 141‧‧‧Image Capture Module

142‧‧‧收音模組 142‧‧‧ Radio Module

143‧‧‧影像掃描模組 143‧‧‧Image scanning module

2‧‧‧伺服器 2‧‧‧Server

3‧‧‧帳戶識別資料 3‧‧‧Account identification information

31‧‧‧使用者帳號 31‧‧‧User account

32‧‧‧密碼 32‧‧‧ password

4‧‧‧應用程式 4‧‧‧Application

5‧‧‧參考登入認證資料 5‧‧‧Refer to login authentication information

6‧‧‧參考交易認證資料 6‧‧‧Reference transaction certification information

200‧‧‧通訊網路 200‧‧‧Communication network

Claims (7)

一種電子交易認證系統,包含:一行動裝置,屬於一使用者,並包括一通訊模組,組配來經由一通訊網路連接一伺服器,一儲存模組,組配來儲存一相關於金融交易的應用程式,以及相關於該使用者的帳戶識別資料、參考登入認證資料及參考交易認證資料,該帳戶識別資料已預先儲存於該伺服器且包含一對應於一由該伺服器所提供且指派給該使用者的使用者帳戶的使用者帳號、及一唯一對應於該使用者帳號之密碼,該參考登入認證資料包含該帳戶識別資料及登入生物特徵資料其中至少一者,該登入生物特徵資料相關於至少一生物特徵,該參考交易認證資料包含該帳戶識別資料及交易生物特徵資料其中至少一者,該交易生物特徵資料相關於至少一生物特徵,一使用者輸入輸出單元,可***作來產生輸入資料,一生物特徵擷取單元,可用來擷取至少一個相關於人的特徵,以產生對應的生物特徵資料,及一處理單元,電連接該通訊模組、該儲存模組、該生物特徵擷取單元及該使用者輸入輸出單元;其中,當該處理單元執行儲存於該儲存模組的該應用程式時,該處理單元接收到來自於該使用者輸入輸出單 元與該生物特徵擷取單元其中至少一者且經由該使用者輸入輸出單元與該生物特徵擷取單元其中該至少一者之操作所產生的登入認證資料,並判定該登入認證資料與該儲存模組所儲存的該參考登入認證資料是否相同,而且在判定出該登入認證資料與該參考登入認證資料相同時,產生一包含該儲存模組所儲存的該帳戶識別資料的登入請求,並將該登入請求藉由該通訊模組經由該通訊網路傳送至該伺服器,以致該伺服器根據所接收到來自該行動裝置的該登入請求資料及所儲存的該帳戶識別資料,決定是否允許該行動裝置登入該使用者帳戶,及該處理單元在該行動裝置登入該使用者帳戶期間內接收到經由該使用者輸入輸出單元之操作所產生且相關於該使用者帳戶的一電子交易之交易資料後,該處理單元接收到來自於該使用者輸入輸出單元與該生物特徵擷取單元其中至少一者且經由該使用者輸入輸出單元與該生物特徵擷取單元其中該至少一者之操作所產生的交易認證資料,並判定該交易認證資料與該儲存模組所儲存的該參考交易認證資料是否相同,而且在判定出該交易認證資料與該參考交易認證資料相同時,產生一包含該儲存模組所儲存的該帳戶識別資料及所接收的該交易資料的交易請求,並且將該交易請求藉由該通訊模組經由該通訊網路傳送至該伺服器,以致該伺服器根據所接收到來自該行動裝置的該交易請求及所儲存的該帳戶識別資料,決定是否執行該電子交易。 An electronic transaction authentication system comprising: a mobile device belonging to a user, and comprising a communication module, configured to connect to a server via a communication network, a storage module, and a combination to store a related financial transaction An application, and account identification data related to the user, reference login authentication data, and reference transaction authentication data, the account identification data is pre-stored in the server and includes a corresponding one provided by the server and assigned a user account of the user account of the user, and a password corresponding to the user account, the reference login authentication data including at least one of the account identification data and the login biometric data, the login biometric data Corresponding to at least one biometric, the reference transaction authentication data includes at least one of the account identification data and the transaction biometric data, wherein the transaction biometric data is related to at least one biometric, a user input and output unit, operable Generating input data, a biometric extraction unit, which can be used to capture at least one Corresponding to the characteristics of the person to generate corresponding biometric data, and a processing unit electrically connecting the communication module, the storage module, the biometric extraction unit and the user input and output unit; wherein, when the processing When the unit executes the application stored in the storage module, the processing unit receives the input and output list from the user And the at least one of the biometric feature capture unit and the login authentication data generated by the operation of the at least one of the user input and output unit and the biometric extraction unit, and determining the login authentication data and the storage Whether the reference login authentication data stored by the module is the same, and when it is determined that the login authentication data is the same as the reference login authentication data, generating a login request including the account identification data stored by the storage module, and The login request is transmitted to the server via the communication network by the communication module, so that the server determines whether to allow the action according to the login request data received from the mobile device and the stored account identification data. The device logs into the user account, and the processing unit receives the transaction data of an electronic transaction generated by the operation of the user input and output unit and related to the user account during the period when the mobile device logs in the user account. The processing unit receives the input and output unit from the user and the biometric feature At least one of the unit and the transaction authentication data generated by the operation of the at least one of the user input and output unit and the biometric extraction unit, and determining the transaction authentication data and the reference stored by the storage module Whether the transaction authentication data is the same, and when it is determined that the transaction authentication data is the same as the reference transaction authentication data, generating a transaction request including the account identification data stored by the storage module and the received transaction data, and The transaction request is transmitted to the server via the communication network by the communication module, so that the server determines whether to execute the electronic transaction according to the received transaction request from the mobile device and the stored account identification data. . 如請求項1所述的電子交易認證系統,還包含該伺服器,其中,該伺服器提供該應用程式,該行動裝置的該儲存模組所儲存的該應用程式係下載自於該伺服器,該處理單元在初始執行該應用程式時,接收到來自該使用者輸入輸出單元且經由該使用者輸入輸出單元之操作所產生的該帳戶識別資料,以及來自該使用者輸入輸出單元及該生物特徵擷取單元其中至少一者且經由該使用者輸入輸出單元及該生物特徵擷取單元其中該至少一者之操作所產生的該參考登入認證資料及該參考交易認證資料,並將該帳戶識別資料、該參考登入認證資料及該參考交易認證資料儲存於該儲存模組。 The electronic transaction authentication system of claim 1, further comprising the server, wherein the server provides the application, and the application stored by the storage module of the mobile device is downloaded from the server. The processing unit receives the account identification data generated by the user input and output unit and the operation of the user input and output unit, and the user input and output unit and the biometric feature when initially executing the application And the at least one of the capture unit and the reference transaction authentication data generated by the operation of the at least one of the user input and output unit and the biometric extraction unit, and the account identification data The reference login authentication data and the reference transaction authentication data are stored in the storage module. 如請求項2所述的電子交易認證系統,其中:當該使用者欲更新該帳戶識別資料的該密碼時,在該行動裝置登入該使用者帳戶期間,該處理單元經由該應用程式的執行,以一來自於該使用者輸入輸出單元的更新密碼更新該儲存模組所儲存的該帳戶識別資料,並藉由該通訊模組且經由該通訊網路將該儲存模組所儲存且已被更新的該帳戶識別資料傳送至該伺服器;及該伺服器在接收到來自該行動裝置的該帳戶識別資料時,以所接收的該帳戶識別資料來更新所儲存的該帳戶識別資料。 The electronic transaction authentication system of claim 2, wherein: when the user wants to update the password of the account identification data, the processing unit executes the application through the application during the login of the mobile device to the user account. Updating the account identification data stored by the storage module with an update password from the user input and output unit, and storing and updating the storage module via the communication module via the communication network The account identification data is transmitted to the server; and when the server receives the account identification data from the mobile device, the server updates the stored account identification data with the account identification data received. 如請求項2所述的電子交易認證系統,其中:該伺服器在接收到來自該行動裝置的該登入請求時,判定該登入請求的該帳戶識別資料與所儲存的該帳戶 識別資料是否相同,並在判定出該登入請求的該帳戶識別資料與所儲存的該帳戶識別資料相同時,允許該行動裝置登入該使用者帳戶;及該伺服器在接收到來自該行動裝置的該交易請求時,判定該交易請求的該帳戶識別資料與所儲存的該帳戶識別資料是否相同,並在判定出該交易請求的該帳戶識別資料與所儲存的該帳戶識別資料相同時,執行該電子交易。 The electronic transaction authentication system of claim 2, wherein: the server determines the account identification data of the login request and the stored account upon receiving the login request from the mobile device Identifying whether the data is the same, and allowing the mobile device to log in to the user account when the account identification data of the login request is determined to be the same as the stored account identification data; and the server is receiving the mobile device from the mobile device When the transaction request is made, it is determined whether the account identification data of the transaction request is the same as the stored account identification data, and when it is determined that the account identification data of the transaction request is the same as the stored account identification data, Electronic trading. 如請求項1所述的電子交易認證系統,其中,該行動通訊裝置的該處理單元先將所接收的該帳戶識別資料加密後再儲存於該儲存模組。 The electronic transaction authentication system of claim 1, wherein the processing unit of the mobile communication device first encrypts the received account identification data and then stores the same in the storage module. 如請求項1所述的電子交易認證系統,其中,該帳戶識別資料的該密碼是一由該伺服器所給予的密碼,或者是一由該使用者所決定的密碼。 The electronic transaction authentication system of claim 1, wherein the password of the account identification data is a password given by the server or a password determined by the user. 如請求項1所述的電子交易認證系統,其中:該登入生物特徵資料所相關的該至少一生物特徵係選自聲音特徵、指紋特徵、虹膜特徵及人臉特徵的任一組合,並且該交易生物特徵資料所相關的該至少一生物特徵係選自聲音特徵、指紋特徵、虹膜特徵及人臉特徵的任一組合;及該行動裝置的該生物特徵擷取單元包括一用於收集音頻信號的收音模組、一用於拍攝影像的影像拍攝模組、及一用於掃描影像的影像掃描模組。 The electronic transaction authentication system of claim 1, wherein: the at least one biometric associated with the login biometric data is selected from any combination of a sound feature, a fingerprint feature, an iris feature, and a face feature, and the transaction The at least one biometric associated with the biometric data is selected from any combination of a sound feature, a fingerprint feature, an iris feature, and a face feature; and the biometric capture unit of the mobile device includes an audio signal for collecting audio signals. A radio module, an image capture module for capturing images, and an image scanning module for scanning images.
TW105215804U 2016-10-18 2016-10-18 Authentication system of electronic transaction utilizing mobile device application TWM536775U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW105215804U TWM536775U (en) 2016-10-18 2016-10-18 Authentication system of electronic transaction utilizing mobile device application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW105215804U TWM536775U (en) 2016-10-18 2016-10-18 Authentication system of electronic transaction utilizing mobile device application

Publications (1)

Publication Number Publication Date
TWM536775U true TWM536775U (en) 2017-02-11

Family

ID=58607071

Family Applications (1)

Application Number Title Priority Date Filing Date
TW105215804U TWM536775U (en) 2016-10-18 2016-10-18 Authentication system of electronic transaction utilizing mobile device application

Country Status (1)

Country Link
TW (1) TWM536775U (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI636407B (en) * 2017-06-08 2018-09-21 林淑貞 Housing agency's daily trip management device
TWI645308B (en) * 2016-10-18 2018-12-21 富邦綜合證券股份有限公司 Electronic transaction authentication method and system using mobile device application

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI645308B (en) * 2016-10-18 2018-12-21 富邦綜合證券股份有限公司 Electronic transaction authentication method and system using mobile device application
TWI636407B (en) * 2017-06-08 2018-09-21 林淑貞 Housing agency's daily trip management device

Similar Documents

Publication Publication Date Title
US20200295940A1 (en) System and method for device registration and authentication
AU2018222744B2 (en) Universal digital identity authentication service
US7613929B2 (en) Method and system for biometric identification and authentication having an exception mode
EP3343831B1 (en) Identity authentication method and apparatus
US9892576B2 (en) Biometrics identification module and personal wearable electronics network based authentication and transaction processing
EP3385895A1 (en) Biometric information personal identity authenticating system and method using financial card information stored in mobile communication terminal
KR20030097847A (en) Authenticating user on computer network for biometric information
US10410040B2 (en) Fingerprint lock control method and fingerprint lock system
TWI645308B (en) Electronic transaction authentication method and system using mobile device application
KR101622377B1 (en) USB Dvice having an Iris Recognition Security Function and Controlling Method for the Same
US11936649B2 (en) Multi-factor authentication
TWM536775U (en) Authentication system of electronic transaction utilizing mobile device application
JP4643313B2 (en) Relief method when biometric authentication is impossible for client / server system with biometric authentication function
CN113205342A (en) User identity authentication method and device based on multi-terminal payment
US20140215586A1 (en) Methods and systems for generating and using a derived authentication credential
KR101787389B1 (en) Iris Scan USB Device using an OTP Function and Controlling Method for the Same
EP2916509B1 (en) Network authentication method for secure user identity verification
KR102123405B1 (en) System and method for providing security membership and login hosting service
JP2019161405A (en) Authentication server device, and system and method for authentication
CN109344593B (en) Biological information verification method, verification server and entry and verification client
JP5793593B2 (en) Network authentication method for securely verifying user identification information
JP7242513B2 (en) Information management method
KR102105122B1 (en) Security authentication method generating one time password by using name matching up with identifier as a seed value
US20210136062A1 (en) Form based biometric data collection and authentication
JP2008234316A (en) Portable communication terminal device, authentication server for financial institution, personal identification number request program, and personal identification number response program