TW201935357A - Method and system for electrical transaction - Google Patents
Method and system for electrical transaction Download PDFInfo
- Publication number
- TW201935357A TW201935357A TW107104689A TW107104689A TW201935357A TW 201935357 A TW201935357 A TW 201935357A TW 107104689 A TW107104689 A TW 107104689A TW 107104689 A TW107104689 A TW 107104689A TW 201935357 A TW201935357 A TW 201935357A
- Authority
- TW
- Taiwan
- Prior art keywords
- transaction
- data set
- data
- electronic device
- public key
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 238000012795 verification Methods 0.000 claims description 76
- 238000013475 authorization Methods 0.000 claims description 40
- PCHJSUWPFVWCPO-UHFFFAOYSA-N gold Chemical compound [Au] PCHJSUWPFVWCPO-UHFFFAOYSA-N 0.000 claims description 3
- 239000010931 gold Substances 0.000 claims description 3
- 229910052737 gold Inorganic materials 0.000 claims description 3
- 238000010200 validation analysis Methods 0.000 abstract description 4
- 230000000694 effects Effects 0.000 description 5
- VBMOHECZZWVLFJ-GXTUVTBFSA-N (2s)-2-[[(2s)-6-amino-2-[[(2s)-6-amino-2-[[(2s,3r)-2-[[(2s,3r)-2-[[(2s)-6-amino-2-[[(2s)-2-[[(2s)-6-amino-2-[[(2s)-2-[[(2s)-2-[[(2s)-2,6-diaminohexanoyl]amino]-5-(diaminomethylideneamino)pentanoyl]amino]propanoyl]amino]hexanoyl]amino]propanoyl]amino]hexan Chemical compound NC(N)=NCCC[C@@H](C(O)=O)NC(=O)[C@H](CCCCN)NC(=O)[C@H](CCCCN)NC(=O)[C@H]([C@@H](C)O)NC(=O)[C@H]([C@H](O)C)NC(=O)[C@H](CCCCN)NC(=O)[C@H](C)NC(=O)[C@H](CCCCN)NC(=O)[C@H](C)NC(=O)[C@H](CCCN=C(N)N)NC(=O)[C@@H](N)CCCCN VBMOHECZZWVLFJ-GXTUVTBFSA-N 0.000 description 3
- 108010068904 lysyl-arginyl-alanyl-lysyl-alanyl-lysyl-threonyl-threonyl-lysyl-lysyl-arginine Proteins 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
本發明是有關於一種交易方法,特別是指一種涉及線上交易的電子交易方法。本發明還有關於實施該電子交易方法的一種電子交易系統。The present invention relates to a transaction method, and particularly to an electronic transaction method involving online transactions. The invention also relates to an electronic transaction system for implementing the electronic transaction method.
近年來,使用電子裝置進行線上的電子交易已經逐漸普及,然而,電子交易涉及許多個人私密資料及帳款資料的傳輸,因此,確保電子交易的安全性始終是不容忽視的課題。In recent years, the use of electronic devices for online electronic transactions has gradually become popular. However, electronic transactions involve the transmission of many personal private information and account information. Therefore, ensuring the security of electronic transactions is always a topic that cannot be ignored.
目前的電子交易方法涉及由一使用者所持有的一使用端電子裝置,以及一用於接收來自該使用端電子裝置之交易資料的電子交易系統。以現有的電子交易方法而言,為了確保該電子交易系統所接收到之交易資料的合法性,當一使用者欲以該使用端電子裝置執行一電子交易時,需先藉由該使用端電子裝置向該電子交易系統傳送一憑證申請,當該使用端電子裝置接收到由該電子交易系統核發的該憑證後,使用者需再藉由該使用端電子裝置將該憑證及相關於該電子交易的一交易資料一併傳送給該電子交易系統,以供該電子交易系統進行驗證,而在該電子交易系統驗證該交易資料的合法性後,才會執行該電子交易。雖然現有的電子交易方法能藉由該電子交易系統的憑證核發及交易驗證機制提升電子交易的安全性,但對使用者而言,其操作流程過於費力耗時,因此仍存在不便。The current electronic transaction method involves a user-end electronic device held by a user, and an electronic transaction system for receiving transaction data from the user-end electronic device. In terms of the existing electronic transaction methods, in order to ensure the legality of the transaction data received by the electronic transaction system, when a user wants to perform an electronic transaction with the user-end electronic device, the user must first use the user-end electronic device. The device sends a voucher application to the electronic transaction system. After the user-end electronic device receives the certificate issued by the electronic transaction system, the user needs to use the user-end electronic device to pass the certificate and the related electronic transaction. A piece of transaction information is transmitted to the electronic transaction system for verification by the electronic transaction system, and the electronic transaction is executed after the electronic transaction system verifies the legality of the transaction information. Although the existing electronic transaction method can improve the security of electronic transactions by using the certificate issuance and transaction verification mechanism of the electronic transaction system, for users, the operation process is too laborious and time-consuming, so there are still inconveniences.
因此,本發明之目的,即在提供一種能克服現有技術之不便的電子交易方法。Therefore, an object of the present invention is to provide an electronic transaction method which can overcome the inconvenience of the prior art.
於是,本發明電子交易方法由一電子交易系統實施,該電子交易系統包含一憑證授權伺服器、一驗證伺服器及一使用端電子裝置,該電子交易方法包含下列步驟:(A)當該使用端電子裝置接收到關於一線上交易的一交易指令時,該使用端電子裝置根據該交易指令產生並傳送一交易申請資料集至該憑證授權伺服器,該交易申請資料集包含一關於該線上交易的交易內容資料,以及一對應該使用端電子裝置的公鑰;(B)當該憑證授權伺服器接收到該交易申請資料集時,該憑證授權伺服器根據該公鑰產生一包含該公鑰的憑證資料;(C) 該憑證授權伺服器將該交易內容資料及該憑證資料作為一該待驗證交易資料集並自動地將該待驗證交易資料集傳送至該驗證伺服器;及(D)當該驗證伺服器接收到該待驗證交易資料集,且判斷出該待驗證交易資料集符合一與該憑證資料相關的預定條件時,該驗證伺服器根據該待驗證交易資料集所包含的該交易內容資料執行該線上交易。Therefore, the electronic transaction method of the present invention is implemented by an electronic transaction system. The electronic transaction system includes a certificate authorization server, an authentication server, and a user-end electronic device. The electronic transaction method includes the following steps: (A) When it is used When the terminal electronic device receives a transaction instruction regarding an online transaction, the consumer electronic device generates and transmits a transaction application data set to the certificate authorization server according to the transaction instruction, and the transaction application data set includes an information about the online transaction. And the public key of the pair of end-use electronic devices; (B) When the certificate authority server receives the transaction application data set, the certificate authority server generates a public key containing the public key based on the public key (C) the certificate authorization server uses the transaction content data and the certificate data as a set of transaction data to be verified and automatically transmits the set of transaction data to the verification server; and (D) When the verification server receives the transaction data set to be verified and judges that the transaction data set to be verified matches one of the certificate data When related to the predetermined condition, the verification server executes the online transaction according to the transaction content data included in the transaction data set to be verified.
在本發明電子交易方法的一些實施態樣中,在步驟(C)中,該憑證授權伺服器是將該待驗證交易資料集經由該使用端電子裝置傳送至該驗證伺服器。In some implementation aspects of the electronic transaction method of the present invention, in step (C), the certificate authorization server transmits the transaction data set to be verified to the verification server via the user-end electronic device.
在本發明電子交易方法的一些實施態樣中,在步驟(A)中,該交易申請資料集還包含一對應該使用端電子裝置的數位簽章資料,且該使用端電子裝置是根據該交易內容資料及一對應該公鑰的私鑰產生該數位簽章資料;在步驟(C)中,該待驗證交易資料集還包含該公鑰及該數位簽章資料;及在步驟(D)中,該預定條件包含該待驗證交易資料集所包含的該公鑰與該憑證資料所包含的該公鑰相符。In some implementation aspects of the electronic transaction method of the present invention, in step (A), the transaction application data set further includes a pair of digital signature data of the end-use electronic device, and the end-use electronic device is based on the transaction. The content data and a pair of private keys corresponding to the public key generate the digital signature data; in step (C), the transaction data set to be verified also includes the public key and the digital signature data; and in step (D) , The predetermined condition includes that the public key included in the transaction data set to be verified matches the public key included in the certificate data.
在本發明電子交易方法的一些實施態樣中,在步驟(A)中,該使用端電子裝置是先對該交易內容資料套用一雜湊函數演算法而產生一第一字串,再以該私鑰對該第一字串加密而產生該數位簽章資料;及在步驟(D)中,當該驗證伺服器接收到該待驗證交易資料集時,該驗證伺服器以該待驗證交易資料集所包含的該公鑰或該憑證資料所包含的該公鑰對該數位簽章資料解密而獲得該第一字串,並將該待驗證交易資料集所包含的該交易內容資料套用該雜湊函數演算法而產生一第二字串,該預定條件還包含該第一字串與該第二字串相符。In some implementation aspects of the electronic transaction method of the present invention, in step (A), the consumer electronic device first applies a hash function algorithm to the transaction content data to generate a first string, and then uses the private Key to encrypt the first string to generate the digital signature data; and in step (D), when the verification server receives the transaction data set to be verified, the verification server uses the transaction data set to be verified The public key included or the public key included in the credential data decrypts the digital signature data to obtain the first string, and applies the transaction content data included in the transaction data set to be verified to the hash function. The algorithm generates a second character string, and the predetermined condition further includes that the first character string matches the second character string.
在本發明電子交易方法的一些實施態樣中,在步驟(A)中,該使用端電子裝置在產生該交易申請資料集之前,該使用端電子裝置還先產生一金鑰對,且該金鑰對包含該公鑰及該私鑰。In some implementation aspects of the electronic transaction method of the present invention, in step (A), before the consumer electronic device generates the transaction application data set, the consumer electronic device also generates a key pair, and the gold The key pair contains the public key and the private key.
本發明的另一種電子交易方法,由一電子交易系統實施,該電子交易系統包含一註冊管理伺服器、一憑證授權伺服器、一驗證伺服器及一使用端電子裝置,該電子交易方法包含下列步驟:(A)當該使用端電子裝置接收到關於一線上交易的一交易指令時,該使用端電子裝置根據該交易指令產生並傳送一交易申請資料集至該註冊管理伺服器,該交易申請資料集包含一關於該線上交易的交易內容資料,以及一對應該使用端電子裝置的公鑰;(B)當該註冊管理伺服器接收到該交易申請資料集時,該註冊管理伺服器根據該公鑰產生並傳送一包含該公鑰的憑證申請資料至該憑證授權伺服器;(C)當該憑證授權伺服器接收到該憑證申請資料時,該憑證授權伺服器根據該公鑰產生並傳送一包含該公鑰的憑證資料至該註冊管理伺服器;(D)當該註冊管理伺服器接收到該憑證資料時,該註冊管理伺服器產生一包含該交易內容資料及該憑證資料的待驗證交易資料集,並自動地將該待驗證交易資料集傳送至該驗證伺服器;及(E)當該驗證伺服器接收到該待驗證交易資料集,且判斷出該交易申請資料集符合一與該憑證資料相關的預定條件時,該驗證伺服器根據該交易申請資料集所包含的該交易內容資料執行該線上交易。Another electronic transaction method of the present invention is implemented by an electronic transaction system. The electronic transaction system includes a registration management server, a certificate authorization server, a verification server, and an end-use electronic device. The electronic transaction method includes the following: Steps: (A) When the consumer electronic device receives a transaction instruction regarding an online transaction, the consumer electronic device generates and transmits a transaction application data set to the registration management server according to the transaction instruction, and the transaction application The data set contains a transaction content data about the online transaction and a pair of public keys that should be used by the electronic device; (B) When the registration management server receives the transaction application data set, the registration management server according to the The public key generates and sends a certificate application data containing the public key to the certificate authority server; (C) When the certificate authority server receives the certificate application data, the certificate authority server generates and transmits the certificate key based on the public key A certificate data containing the public key to the registration management server; (D) when the registration management server receives the certificate information , The registration management server generates a pending transaction data set containing the transaction content data and the voucher data, and automatically transmits the pending transaction data set to the verification server; and (E) when the verification server When the server receives the transaction data set to be verified and determines that the transaction application data set meets a predetermined condition related to the voucher data, the verification server executes the online according to the transaction content data included in the transaction application data set. transaction.
在本發明另該電子交易方法的一些實施態樣中,該交易申請資料集還包含一對應該使用端電子裝置的數位簽章資料,且該使用端電子裝置是根據該交易內容資料及一對應該公鑰的私鑰產生該數位簽章資料;在步驟(D)中,該待驗證交易資料集還包含該公鑰及該數位簽章資料;及在步驟(E)中,該預定條件包含該待驗證交易資料集所包含的該公鑰與該憑證資料所包含的該公鑰相符。In some implementation aspects of the electronic transaction method of the present invention, the transaction application data set further includes a pair of digital signature data that should be used by the end-use electronic device, and the end-use electronic device is based on the transaction content data and a pair The digital signature data should be generated from the public key's private key; in step (D), the transaction data set to be verified also includes the public key and the digital signature data; and in step (E), the predetermined condition includes The public key contained in the transaction data set to be verified matches the public key contained in the certificate data.
在本發明另該電子交易方法的一些實施態樣中,在步驟(A)中,該使用端電子裝置是先對該交易內容資料套用一雜湊函數演算法而產生一第一字串,再以該私鑰對該第一字串加密而產生該數位簽章資料;及在步驟(E)中,當該驗證伺服器接收到該待驗證交易資料集時,該驗證伺服器以該待驗證交易資料集所包含的該公鑰或該憑證資料所包含的該公鑰對該數位簽章資料解密而獲得該第一字串,並將該待驗證交易資料集所包含的該交易內容資料套用該雜湊函數演算法而產生一第二字串,該預定條件還包含該第一字串與該第二字串相符。In some embodiments of the electronic transaction method of the present invention, in step (A), the consumer electronic device first applies a hash function algorithm to the transaction content data to generate a first string, and then The private key encrypts the first string to generate the digital signature data; and in step (E), when the authentication server receives the transaction data set to be verified, the authentication server uses the transaction to be verified The public key contained in the data set or the public key contained in the certificate data decrypts the digital signature data to obtain the first string, and applies the transaction content data included in the transaction data set to be verified to the A hash function algorithm generates a second string, and the predetermined condition further includes that the first string is consistent with the second string.
在本發明另該電子交易方法的一些實施態樣中,在步驟(A)中,該使用端電子裝置在產生該交易申請資料集之前,該使用端電子裝置還先產生一金鑰對,且該金鑰對包含該公鑰及該私鑰。In some implementation aspects of the electronic transaction method of the present invention, in step (A), before the consumer electronic device generates the transaction application data set, the consumer electronic device first generates a key pair, and The key pair includes the public key and the private key.
本發明之另一目的在於提供一種能實施該電子交易方法的電子交易系統。Another object of the present invention is to provide an electronic transaction system capable of implementing the electronic transaction method.
本發明電子交易系統包含一使用端電子裝置、一憑證授權伺服器及一驗證伺服器。該憑證授權伺服器能與該使用端電子裝置彼此通訊。該驗證伺服器能與該憑證授權伺服器彼此通訊。其中,該使用端電子裝置接收到關於一線上交易的一交易指令時,該使用端電子裝置根據該交易指令產生並傳送一交易申請資料集至該憑證授權伺服器,該交易申請資料集包含一關於該線上交易的交易內容資料,以及一對應該使用端電子裝置的公鑰。該憑證授權伺服器根據該交易申請資料集中的該公鑰產生一包含該公鑰的憑證資料,將該交易內容資料及該憑證資料作為一該待驗證交易資料集並自動地將該待驗證交易資料集傳送至該驗證伺服器。該驗證伺服器判斷出該待驗證交易資料集符合一與該憑證資料相關的預定條件時,該驗證伺服器根據該待驗證交易資料集所包含的該交易內容資料執行該線上交易。The electronic transaction system of the present invention includes a user-end electronic device, a certificate authorization server, and an authentication server. The certificate authority server can communicate with the consumer electronic device. The authentication server can communicate with the certificate authority server. Wherein, when the consumer electronic device receives a transaction instruction regarding an online transaction, the consumer electronic device generates and transmits a transaction application data set to the certificate authorization server according to the transaction instruction, and the transaction application data set includes a Information about the transaction content of the online transaction and the public key of a pair of end-use electronic devices. The certificate authorization server generates a certificate data including the public key according to the public key in the transaction application data set, and uses the transaction content data and the certificate data as a set of transaction data to be verified and automatically transmits the transaction to be verified The data set is sent to the authentication server. When the verification server determines that the transaction data set to be verified meets a predetermined condition related to the voucher data, the verification server executes the online transaction according to the transaction content data contained in the transaction data set to be verified.
在本發明電子交易系統的一些實施態樣中,該憑證授權伺服器是將該待驗證交易資料集經由該使用端電子裝置傳送至該驗證伺服器。In some embodiments of the electronic transaction system of the present invention, the certificate authorization server transmits the transaction data set to be verified to the verification server via the user-end electronic device.
在本發明電子交易系統的一些實施態樣中,該交易申請資料集還包含一對應該使用端電子裝置的數位簽章資料,且該使用端電子裝置是根據該交易內容資料及一對應該公鑰的私鑰產生該數位簽章資料;該待驗證交易資料集還包含該公鑰及該數位簽章資料;該預定條件包含該待驗證交易資料集所包含的該公鑰與該憑證資料所包含的該公鑰相符。In some implementation aspects of the electronic transaction system of the present invention, the transaction application data set further includes a pair of digital signature data of the electronic device that should be used, and the electronic device of the user is based on the data of the transaction content and a pair of public information The private key of the key generates the digital signature data; the transaction data set to be verified also includes the public key and the digital signature data; the predetermined condition includes the public key and the certificate data included in the transaction data set to be verified The contained public key matches.
在本發明電子交易系統的一些實施態樣中,該使用端電子裝置是先對該交易內容資料套用一雜湊函數演算法而產生一第一字串,再以該私鑰對該第一字串加密而產生該數位簽章資料;該驗證伺服器是以該待驗證交易資料集所包含的該公鑰或該憑證資料所包含的該公鑰對該數位簽章資料解密而獲得該第一字串,並將該待驗證交易資料集所包含的該交易內容資料套用該雜湊函數演算法而產生一第二字串,該預定條件還包含該第一字串與該第二字串相符。In some embodiments of the electronic transaction system of the present invention, the consumer electronic device first applies a hash function algorithm to the transaction content data to generate a first string, and then uses the private key to the first string. The digital signature data is generated by encryption; the verification server obtains the first word by decrypting the digital signature data with the public key included in the transaction data set to be verified or the public key included in the certificate data. String, and applying the transaction function data contained in the transaction data set to be verified to the hash function algorithm to generate a second string, the predetermined condition further includes that the first string is consistent with the second string.
在本發明電子交易系統的一些實施態樣中,該使用端電子裝置在產生該交易申請資料集之前,該使用端電子裝置還先產生一金鑰對,且該金鑰對包含該公鑰及該私鑰。In some implementation aspects of the electronic transaction system of the present invention, before the consumer electronic device generates the transaction application data set, the consumer electronic device also generates a key pair, and the key pair includes the public key and The private key.
本發明的另一種電子交易系統包含一使用端電子裝置、一能與該使用端電子裝置彼此通訊註冊管理伺服器、一能與該註冊管理伺服器彼此通訊憑證授權伺服器,及一能與該註冊管理伺服器彼此通訊驗證伺服器。其中,當該使用端電子裝置接收到關於一線上交易的一交易指令時,該使用端電子裝置根據該交易指令產生並傳送一交易申請資料集至該註冊管理伺服器,該交易申請資料集包含一關於該線上交易的交易內容資料,以及一對應該使用端電子裝置的公鑰;當該註冊管理伺服器接收到該交易申請資料集時,該註冊管理伺服器根據該公鑰產生並傳送一包含該公鑰的憑證申請資料至該憑證授權伺服器;當該憑證授權伺服器接收到該憑證申請資料時,該憑證授權伺服器根據該公鑰產生並傳送一包含該公鑰的憑證資料至該註冊管理伺服器;當該註冊管理伺服器接收到該憑證資料時,該註冊管理伺服器產生一包含該交易內容資料及該憑證資料的待驗證交易資料集,並自動地將該待驗證交易資料集傳送至該驗證伺服器;當該驗證伺服器接收到該待驗證交易資料集,且判斷出該交易申請資料集符合一與該憑證資料相關的預定條件時,該驗證伺服器根據該交易申請資料集所包含的該交易內容資料執行該線上交易。Another electronic transaction system of the present invention includes a user-end electronic device, a registration management server capable of communicating with the user-end electronic device, a certificate authorization server capable of communicating with the registration management server, and a server capable of communicating with the The registration servers communicate with each other to authenticate the server. Wherein, when the consumer electronic device receives a transaction instruction related to an online transaction, the consumer electronic device generates and transmits a transaction application data set to the registration management server according to the transaction instruction, and the transaction application data set includes A transaction content data about the online transaction, and a pair of public keys of the end-use electronic device; when the registration management server receives the transaction application data set, the registration management server generates and transmits a The certificate application data containing the public key is sent to the certificate authorization server; when the certificate authorization server receives the certificate application data, the certificate authorization server generates and sends a certificate data containing the public key to the public key to The registration management server; when the registration management server receives the voucher data, the registration management server generates a set of transaction data to be verified including the transaction content data and the voucher data, and automatically generates the transaction to be verified The data set is sent to the verification server; when the verification server receives the transaction data set to be verified, When the transaction is determined that the application data set meet a predetermined condition associated with the voucher information, the authentication server executes the online transaction based on the transaction the transaction content information included in the application data set.
在本發明另該電子交易方法的一些實施態樣中,其中:該交易申請資料集還包含一對應該使用端電子裝置的數位簽章資料,且該使用端電子裝置是根據該交易內容資料及一對應該公鑰的私鑰產生該數位簽章資料;該待驗證交易資料集還包含該公鑰及該數位簽章資料;該預定條件包含該待驗證交易資料集所包含的該公鑰與該憑證資料所包含的該公鑰相符。In some implementation aspects of the electronic transaction method of the present invention, the transaction application data set further includes a pair of digital signature data that should be used by the end-use electronic device, and the end-use electronic device is based on the transaction content data and A pair of private keys corresponding to the public key generates the digital signature data; the transaction data set to be verified also includes the public key and the digital signature data; the predetermined condition includes the public key and The public key contained in the certificate data matches.
在本發明另該電子交易方法的一些實施態樣中,其中:該使用端電子裝置是先對該交易內容資料套用一雜湊函數演算法而產生一第一字串,再以該私鑰對該第一字串加密而產生該數位簽章資料;當該驗證伺服器接收到該待驗證交易資料集時,該驗證伺服器以該待驗證交易資料集所包含的該公鑰或該憑證資料所包含的該公鑰對該數位簽章資料解密而獲得該第一字串,並將該待驗證交易資料集所包含的該交易內容資料套用該雜湊函數演算法而產生一第二字串,該預定條件還包含該第一字串與該第二字串相符。In some implementation aspects of the electronic transaction method of the present invention, wherein the consumer electronic device first applies a hash function algorithm to the transaction content data to generate a first string, and then uses the private key for the The first string is encrypted to generate the digital signature data. When the verification server receives the transaction data set to be verified, the verification server uses the public key or the certificate information contained in the transaction data set to be verified. The public key contained in the digital signature data is decrypted to obtain the first string, and the transaction content data included in the transaction data set to be verified is applied to the hash function algorithm to generate a second string. The predetermined condition further includes that the first string matches the second string.
在本發明另該電子交易方法的一些實施態樣中,該使用端電子裝置在產生該交易申請資料集之前,該使用端電子裝置還先產生一金鑰對,且該金鑰對包含該公鑰及該私鑰。In some implementation aspects of the electronic transaction method of the present invention, before the consumer electronic device generates the transaction application data set, the consumer electronic device also generates a key pair, and the key pair includes the public key Key and the private key.
本發明其中一種電子交易方法的功效在於:該憑證授權伺服器於產生該憑證資料及該待驗證交易資料集後,會自動地將該待驗證交易資料集傳送至該驗證伺服器,以驗證該線上交易的合法性及安全性。而本發明的另一種電子交易方法的功效在於:該註冊管理伺服器接收到該憑證資料時,會自動地產生一包含該交易內容資料及該憑證資料的待驗證交易資料集,並自動地將該待驗證交易資料集傳送至該驗證伺服器。也就是說,本發明所提供的兩種電子交易方法及系統皆能一次性地完成該憑證資料的申請以及該待驗證交易資料集的驗證。因此,對於持有該使用端電子裝置的使用者而言,當使用者欲執行線上交易時,僅需透過該使用端電子裝置輸入交易內容資料並送出,即可一併完成該憑證資料的申請以及核發,而不需在欲執行線上交易之前特地執行該憑證資料的申請流程,在使用上更加方便快速。One of the effects of the electronic transaction method of the present invention is that after the certificate authorization server generates the certificate data and the transaction data set to be verified, it automatically sends the transaction data set to be verified to the verification server to verify the Legality and security of online transactions. The effect of another electronic transaction method of the present invention is that when the registration management server receives the voucher data, it automatically generates a set of transaction data to be verified including the transaction content data and the voucher data, and automatically The transaction data set to be verified is sent to the verification server. That is, the two electronic transaction methods and systems provided by the present invention can complete the application of the voucher data and the verification of the transaction data set to be verified at one time. Therefore, for the user holding the use-side electronic device, when the user wants to perform an online transaction, he only needs to input the transaction content data through the use-side electronic device and submit it, and then the application for the voucher data can be completed together. And it is not necessary to specifically execute the application process of the voucher data before performing online transactions, which is more convenient and quick to use.
在本發明被詳細描述之前,應當注意在以下的說明內容中,類似的元件是以相同的編號來表示。Before the present invention is described in detail, it should be noted that in the following description, similar elements are represented by the same numbers.
參閱圖1,本發明電子交易系統1之一第一實施例包含一憑證授權(Certificate Authority)伺服器11、一驗證(Validation Authority)伺服器12及一使用端電子裝置13。在本實施例中,該使用端電子裝置13可例如為一智慧型手機、一平板電腦、一筆記型電腦或者一桌上型電腦,該憑證授權伺服器11例如是由台灣網路認證(Taiwan Certificate Authority,簡稱TWCA)中心所管理的一憑證伺服器,該驗證伺服器12則例如是由一銀行所管理的一驗證暨交易執行伺服器,但並不以此為限。在其他實施例中,該使用端電子裝置13的數量也可為多個,而並不以本實施例為限。Referring to FIG. 1, a first embodiment of an electronic transaction system 1 of the present invention includes a Certificate Authority server 11, a Validation Authority server 12, and a consumer electronic device 13. In this embodiment, the user-end electronic device 13 may be, for example, a smartphone, a tablet computer, a notebook computer, or a desktop computer, and the certificate authorization server 11 is, for example, certified by the Taiwanese network (Taiwan A certificate server managed by a Certificate Authority (TWCA) center. The verification server 12 is, for example, a verification and transaction execution server managed by a bank, but it is not limited to this. In other embodiments, the number of the use-side electronic devices 13 may also be multiple, and is not limited to this embodiment.
配合參閱圖2,以下針對本實施例電子交易系統1所實施的一電子交易方法進行詳細說明。With reference to FIG. 2, an electronic transaction method implemented by the electronic transaction system 1 of this embodiment is described in detail below.
首先,執行步驟S1。該使用端電子裝置13藉由一使用者的操作而產生一交易內容資料及一交易指令,且該交易內容資料及該交易指令是有關於一線上交易。該線上交易可例如為一證券交易或是一股票交易,但並不以此為限。在本實施例中,該交易內容資料是指示出該線上交易的實際交易內容,且該交易內容資料是供該驗證伺服器12實際執行該線上交易時所需的必要資料。在本實施例中,該交易內容資料包含例如有關該線上交易的一商品名稱、一商品編號、一交易數量、一交易日期及一交易金額等,但並不以此為限。接著,執行步驟S2。First, step S1 is performed. The user-end electronic device 13 generates a transaction content data and a transaction instruction through a user operation, and the transaction content data and the transaction instruction are related to an online transaction. The online transaction may be, for example, a securities transaction or a stock transaction, but is not limited thereto. In this embodiment, the transaction content data indicates the actual transaction content of the online transaction, and the transaction content data is necessary information for the verification server 12 to actually execute the online transaction. In this embodiment, the transaction content data includes, for example, a product name, a product number, a transaction quantity, a transaction date, a transaction amount, and the like related to the online transaction, but is not limited thereto. Then, step S2 is executed.
在步驟S2中,該使用端電子裝置13產生一對應其本身的金鑰對,該金鑰對包含一公鑰(public key),以及一對應該公鑰的私鑰(private key)。該公鑰與該私鑰各代表一種數學演算法,且該公鑰與該私鑰之間存在一唯一對應的數學關係,舉例來說:假設該私鑰代表的數學演算法為f(x),該公鑰代表的數學演算法為g(x),則在將一原始訊息M以該私鑰加密而獲得一加密訊息M’(即M’=f(M))後,若欲根據該加密訊息M’獲得該原始訊息M時,僅能以該公鑰對該加密訊息M’進行解密,才能重新獲得該原始訊息M,即g(f(M))=M。在本實施例中,該使用端電子裝置13是在產生該交易內容資料及該交易指令後才產生該金鑰對,然而,在其他實施例中,該使用端電子裝置13也可以是在產生該交易內容資料及該交易指令之前,藉由安裝一線上交易應用程式而預先地產生該金鑰對,而並不以本實施例為限。接著,執行步驟S3。In step S2, the user-end electronic device 13 generates a key pair corresponding to itself. The key pair includes a public key and a pair of private keys corresponding to the public key. The public key and the private key each represent a mathematical algorithm, and there is a unique corresponding mathematical relationship between the public key and the private key. For example: suppose the mathematical algorithm represented by the private key is f (x) , The mathematical algorithm represented by the public key is g (x). After encrypting an original message M with the private key to obtain an encrypted message M '(that is, M' = f (M)), When the encrypted message M 'obtains the original message M, the encrypted message M' can only be decrypted with the public key to obtain the original message M again, that is, g (f (M)) = M. In this embodiment, the consumer electronic device 13 generates the key pair only after generating the transaction content data and the transaction instruction. However, in other embodiments, the consumer electronic device 13 may also generate the key pair. Prior to the transaction content data and the transaction instruction, the key pair is generated in advance by installing an online transaction application, and is not limited to this embodiment. Then, step S3 is executed.
在步驟S3中,該使用端電子裝置13產生一對應其本身的數位簽章資料。具體而言,該使用端電子裝置13是先對該交易內容資料套用一雜湊函數演算法而產生一第一字串,再以該私鑰對該第一字串加密而產生該數位簽章資料。其中,該雜湊函數演算法可例如為MD5雜湊演算法(Message-Digest algorithm 5)、SHA雜湊演算法(Secure Hash Algorithm)、MAC雜湊演算法(Message Authentication Code)或者是HMAC雜湊演算法(Hash-based Message Authentication Code),但並不以此為限。接著,執行步驟S4。In step S3, the user-end electronic device 13 generates a digital signature data corresponding to itself. Specifically, the consumer electronic device 13 first applies a hash function algorithm to the transaction content data to generate a first string, and then encrypts the first string with the private key to generate the digital signature data. . The hash function algorithm may be, for example, a MD5 hash algorithm (Message-Digest algorithm 5), a SHA hash algorithm (Secure Hash Algorithm), a MAC hash algorithm (Message Authentication Code), or a HMAC hash algorithm (Hash- based Message Authentication Code). Then, step S4 is executed.
在步驟S4中,該使用端電子裝置13產生一交易申請資料集並將該交易申請資料集傳送至該憑證授權伺服器11。在本實施例中,該交易申請資料集包含該交易內容資料、該數位簽章資料及該公鑰,其中,該數位簽章資料例如是採用公鑰加密標準(Public Key Cryptography Standards,簡稱PKCS)中的PKCS#7格式,而該公鑰則例如是採用公鑰加密標準中的PKCS#10格式,但並不以此為限。在本實施例中,該使用端電子裝置13是將該交易申請資料集直接地傳送至該憑證授權伺服器11。In step S4, the user-end electronic device 13 generates a transaction application data set and transmits the transaction application data set to the certificate authorization server 11. In this embodiment, the transaction application data set includes the transaction content data, the digital signature data, and the public key. The digital signature data is, for example, a public key cryptography standard (Public Key Cryptography Standards, PKCS). PKCS # 7 format, and the public key is, for example, the PKCS # 10 format in the public key encryption standard, but it is not limited to this. In this embodiment, the user-end electronic device 13 directly transmits the transaction application data set to the certificate authorization server 11.
在步驟S5中,當該憑證授權伺服器11接收到該交易申請資料集時,該憑證授權伺服器11根據該公鑰產生一對應該使用端電子裝置13的憑證資料,且該憑證資料包含該公鑰。接著,執行步驟S6。In step S5, when the certificate authority server 11 receives the transaction application data set, the certificate authority server 11 generates a pair of certificate data that should be used by the end-use electronic device 13 according to the public key, and the certificate data includes Public key. Then, step S6 is executed.
在步驟S6中,一旦該憑證授權伺服器11接收到該交易申請資料集並產生該的憑證資料時,該憑證授權伺服器11自動地產生一包含該憑證資料、該公鑰、該數位簽章資料及該交易內容資料的待驗證交易資料集,並自動地將該待驗證交易資料集傳送至該驗證伺服器12。特別說明的是:在本實施例中,該憑證授權伺服器11是將該待驗證交易資料集經由該使用端電子裝置13傳送至該驗證伺服器12,也就是說,該憑證授權伺服器11是先將該待驗證交易資料集傳送至該使用端電子裝置13,而當該使用端電子裝置13自該憑證授權伺服器11接收到該待驗證交易資料集時,該使用端電子裝置13即自動地將該待驗證交易資料集傳送至該驗證伺服器12,而不需要使用者額外的操作。然而,在其他實施例中,該憑證授權伺服器11也可以是在步驟S8中將該待驗證交易資料集直接地傳送至該驗證伺服器12,而不透過該使用端電子裝置13。接著,執行步驟S7。In step S6, once the certificate authority server 11 receives the transaction application data set and generates the certificate data, the certificate authority server 11 automatically generates a certificate data server containing the certificate data, the public key, and the digital signature. Data and the transaction data set to be verified of the transaction content data, and automatically transmit the transaction data set to be verified to the verification server 12. In particular, in this embodiment, the certificate authorization server 11 transmits the transaction data set to be verified to the verification server 12 through the user-end electronic device 13, that is, the certificate authorization server 11 The transaction data set to be verified is first transmitted to the consumer electronic device 13, and when the consumer electronic device 13 receives the transaction data set to be verified from the certificate authorization server 11, the consumer electronic device 13 is The transaction data set to be verified is automatically transmitted to the verification server 12 without additional operation by the user. However, in other embodiments, the credential authorization server 11 may also directly transmit the to-be-verified transaction data set to the verification server 12 in step S8 without passing through the consumer electronic device 13. Then, step S7 is executed.
在步驟S7中,當該驗證伺服器12自該使用端電子裝置13接收到該待驗證交易資料集時,該驗證伺服器12以該待驗證交易資料集所包含的該公鑰對該數位簽章資料解密而獲得該第一字串,並將該待驗證交易資料集所包含的該交易內容資料套用該雜湊函數演算法而產生一第二字串。在其他實施例中,該驗證伺服器12也可以是以該憑證資料所包含的該公鑰對該數位簽章資料解密而獲得該第一字串,而並不以本實施例為限。接著,執行步驟S8。In step S7, when the verification server 12 receives the transaction data set to be verified from the user-end electronic device 13, the verification server 12 signs the digital signature with the public key included in the transaction data set to be verified. Chapter data is decrypted to obtain the first string, and the transaction content data included in the transaction data set to be verified is applied to the hash function algorithm to generate a second string. In other embodiments, the verification server 12 may also obtain the first string by decrypting the digital signature data with the public key included in the certificate data, and is not limited to this embodiment. Then, step S8 is executed.
在步驟S8中,該驗證伺服器12判斷該待驗證交易資料集是否符合一預定條件,以驗證該線上交易的合法性及安全性。具體而言,在本實施例中,該預定條件包含一與該憑證資料相關的第一子條件,以及一與該數位簽章資料相關的第二子條件。In step S8, the verification server 12 determines whether the transaction data set to be verified meets a predetermined condition to verify the legality and security of the online transaction. Specifically, in this embodiment, the predetermined condition includes a first sub-condition related to the voucher data and a second sub-condition related to the digital signature data.
該第一子條件代表該待驗證交易資料集所包含的該公鑰與該憑證資料所包含的該公鑰相符。若該待驗證交易資料集符合該第一子條件,代表該待驗證交易資料集所包含的該公鑰是經過該憑證授權伺服器11的驗證,以及該公鑰的確是來自於該使用端電子裝置13。The first sub-condition represents that the public key included in the transaction data set to be verified matches the public key included in the certificate data. If the transaction data set to be verified meets the first sub-condition, it means that the public key contained in the transaction data set to be verified is verified by the certificate authority server 11 and that the public key is indeed from the consumer electronics装置 13。 Device 13.
該第二子條件代表該第一字串與該第二字串相符。由於該私鑰僅儲存於該使用端電子裝置13,因此,僅有該使用端電子裝置13能以該私鑰產生該數位簽章資料。也就是說,若該待驗證交易資料集符合該第二子條件,代表該交易內容資料的確是由該使用端電子裝置13所產生,而並未遭第三方中途攔截而竄改其內容。The second sub-condition indicates that the first string matches the second string. Since the private key is only stored in the consumer electronic device 13, only the consumer electronic device 13 can generate the digital signature data with the private key. That is, if the transaction data set to be verified meets the second sub-condition, it means that the transaction content data is indeed generated by the user-side electronic device 13 and has not been intercepted by a third party to alter its content.
當該驗證伺服器12判斷出該待驗證交易資料集符合該預定條件時,執行步驟S9。當該驗證伺服器12判斷出該待驗證交易資料集不符合該預定條件時,執行步驟S10。When the verification server 12 determines that the transaction data set to be verified meets the predetermined condition, step S9 is performed. When the verification server 12 determines that the transaction data set to be verified does not meet the predetermined condition, step S10 is executed.
在步驟S9中,該驗證伺服器12根據該待驗證交易資料集所包含的該交易內容資料執行該線上交易,並產生一交易成功通知且將其傳送至該使用端電子裝置13,以致該使用端電子裝置13自該驗證伺服器12接收到該交易成功通知時將該交易成功通知輸出,而達成提醒的效果。In step S9, the verification server 12 executes the online transaction according to the transaction content data included in the transaction data set to be verified, generates a transaction success notification and sends it to the user-end electronic device 13, so that the use The terminal electronic device 13 outputs the transaction success notification when the verification server 12 receives the transaction success notification, thereby achieving the effect of reminding.
在步驟S10中,該驗證伺服器12產生並傳送一驗證失敗訊息至該使用端電子裝置13。接著,執行步驟S11。In step S10, the verification server 12 generates and sends a verification failure message to the user-end electronic device 13. Then, step S11 is executed.
在步驟S11中,當該使用端電子裝置13自該驗證伺服器12接收到該驗證失敗訊息時,該使用端電子裝置13輸出該驗證失敗訊息,而達成提醒的效果。In step S11, when the consumer electronic device 13 receives the verification failure message from the authentication server 12, the consumer electronic device 13 outputs the verification failure message, thereby achieving the effect of reminding.
參閱圖3,圖3為本發明電子交易系統1之一第二實施例,該第二實施例與該第一實施例不同之處在於:電子交易系統1還包含一能與該憑證授權伺服器11、該驗證伺服器12及該使用端電子裝置13通訊的註冊管理(Registration Authority)伺服器14。配合參閱圖4,以下說明第二實施例的該電子交易系統1所實施的該電子交易方法。Referring to FIG. 3, FIG. 3 is a second embodiment of an electronic transaction system 1 according to the present invention. The second embodiment is different from the first embodiment in that the electronic transaction system 1 further includes a server capable of communicating with the certificate. 11. A registration authority (Registration Authority) server 14 for communication between the authentication server 12 and the user-end electronic device 13. With reference to FIG. 4, the electronic transaction method implemented by the electronic transaction system 1 of the second embodiment is described below.
首先,執行步驟S12。該使用端電子裝置13藉由使用者的操作而產生該交易內容資料及該交易指令。接著,執行步驟S13。First, step S12 is executed. The user-end electronic device 13 generates the transaction content data and the transaction instruction through a user operation. Then, step S13 is executed.
在步驟S13中,該使用端電子裝置13產生包含該公鑰及該私鑰的該金鑰對。接著,執行步驟S14。In step S13, the consumer electronic device 13 generates the key pair including the public key and the private key. Then, step S14 is executed.
在步驟S14中,該使用端電子裝置13產生該數位簽章資料,且產生的方式與第一實施例相同,在此不再贅述。接著,執行步驟S15。In step S14, the user-end electronic device 13 generates the digital signature data, and the method of generating the digital signature data is the same as that of the first embodiment, and details are not described herein again. Then, step S15 is performed.
在步驟S15中,該使用端電子裝置13產生該交易申請資料集,該交易申請資料集所包含的內容與第一實施例相同,在此不再贅述。與第一實施例不同的是,該使用端電子裝置13產生該交易申請資料集後,是將該交易申請資料集傳送至該註冊管理伺服器14。接著,執行步驟S16。In step S15, the user-end electronic device 13 generates the transaction application data set, and the content of the transaction application data set is the same as that in the first embodiment, and details are not described herein again. Different from the first embodiment, after the user-end electronic device 13 generates the transaction application data set, it transmits the transaction application data set to the registration management server 14. Then, step S16 is executed.
在步驟S16中,當該註冊管理伺服器14自該使用端電子裝置13接收到該交易申請資料集時,該註冊管理伺服器14根據該公鑰產生一包含該公鑰的憑證申請資料,並將該憑證申請資料傳送至該憑證授權伺服器。接著,執行步驟S17。In step S16, when the registration management server 14 receives the transaction application data set from the consumer electronic device 13, the registration management server 14 generates a certificate application data containing the public key according to the public key, and Send the certificate application data to the certificate authority server. Then, step S17 is executed.
在步驟S17中,當該憑證授權伺服器接收到該憑證申請資料時,該憑證授權伺服器根據該公鑰產生包含該公鑰的該憑證資料,並將該憑證資料回傳至該註冊管理伺服器14。接著,執行步驟S18。In step S17, when the certificate authority server receives the certificate application data, the certificate authority server generates the certificate data including the public key according to the public key, and returns the certificate data to the registration management server.器 14。 14. Then, step S18 is executed.
在步驟S18中,當該註冊管理伺服器14接收到該憑證資料時,該註冊管理伺服器14自動地產生該待驗證交易資料集,並自動地將該待驗證交易資料集傳送至該驗證伺服器,該待驗證交易資料集所包含的內容與第一實施例相同,在此不再贅述。接著,執行步驟S19。In step S18, when the registration management server 14 receives the voucher data, the registration management server 14 automatically generates the transaction data set to be verified and automatically transmits the transaction data set to be verified to the verification server. The content contained in the transaction data set to be verified is the same as that in the first embodiment, and is not repeated here. Then, step S19 is executed.
在步驟S19中,當該驗證伺服器接收到該待驗證交易資料集,該驗證伺服器12以該待驗證交易資料集所包含的該公鑰對該數位簽章資料解密而獲得該第一字串,並將該待驗證交易資料集所包含的該交易內容資料套用該雜湊函數演算法而產生該第二字串。接著,執行步驟20。In step S19, when the verification server receives the transaction data set to be verified, the verification server 12 decrypts the digital signature data with the public key included in the transaction data set to be verified to obtain the first word. String, and applying the hash function algorithm to the transaction content data included in the transaction data set to be verified to generate the second string. Then, go to step 20.
在步驟S20中,該驗證伺服器12判斷該待驗證交易資料集是否符合該預定條件,以驗證該線上交易的合法性及安全性。本實施例中的該預定條件與第一實施例相同,在此不再贅述。當該驗證伺服器12判斷出該待驗證交易資料集符合該預定條件時,執行步驟S21。當該驗證伺服器12判斷出該待驗證交易資料集不符合該預定條件時,執行步驟S22。In step S20, the verification server 12 determines whether the transaction data set to be verified meets the predetermined condition to verify the legality and security of the online transaction. The predetermined condition in this embodiment is the same as that in the first embodiment, and details are not described herein again. When the verification server 12 determines that the transaction data set to be verified meets the predetermined condition, step S21 is performed. When the verification server 12 determines that the transaction data set to be verified does not meet the predetermined condition, step S22 is performed.
在步驟S21中,該驗證伺服器12根據該待驗證交易資料集所包含的該交易內容資料執行該線上交易,並產生一交易成功通知且將其傳送至該使用端電子裝置13以供該使用端電子裝置13輸出。In step S21, the verification server 12 executes the online transaction according to the transaction content data included in the transaction data set to be verified, generates a transaction success notification and sends it to the user-end electronic device 13 for the use. The terminal electronic device 13 outputs.
在步驟S22中,該驗證伺服器12產生並傳送一驗證失敗訊息至該使用端電子裝置13以供該使用端電子裝置13輸出。In step S22, the verification server 12 generates and sends a verification failure message to the user-end electronic device 13 for output by the user-end electronic device 13.
綜上所述,在第一實施例中,該電子交易系統1藉由實施該電子交易方法,能使該憑證授權伺服器11於產生該待驗證交易資料集後,自動地將該待驗證交易資料集傳送至該驗證伺服器12,以驗證該線上交易的合法性及安全性。而在第二實施例中,該註冊管理伺服器14接收到該憑證資料時,也能自動地產生並傳送該待驗證交易資料集至該驗證伺服器12。也就是說,無論是第一實施例或第二實施例,該電子交易系統1皆能一次性地完成該憑證資料的申請以及該待驗證交易資料集的驗證。對於持有該使用端電子裝置13的使用者而言,當使用者欲執行線上交易時,僅需透過該使用端電子裝置13輸入交易內容資料並送出,即可一併完成該憑證資料的申請以及核發,而不需在欲執行線上交易之前特地執行該憑證資料的申請流程,在使用上更加方便快速,故確實能達成本發明之目的。In summary, in the first embodiment, by implementing the electronic transaction method, the electronic transaction system 1 can enable the certificate authorization server 11 to automatically generate the transaction to be verified after generating the transaction data set to be verified. The data set is transmitted to the verification server 12 to verify the legality and security of the online transaction. In the second embodiment, when the registration management server 14 receives the voucher data, it can also automatically generate and transmit the transaction data set to be verified to the verification server 12. That is, whether in the first embodiment or the second embodiment, the electronic transaction system 1 can complete the application of the voucher data and the verification of the transaction data set to be verified at one time. For the user holding the use-side electronic device 13, when the user wants to perform an online transaction, he only needs to input the transaction content data through the use-side electronic device 13 and submit it, and then the application for the voucher data can be completed together. And it is not necessary to specifically execute the application process of the voucher information before performing online transactions, which is more convenient and fast to use, so it can indeed achieve the purpose of cost invention.
惟以上所述者,僅為本發明之實施例而已,當不能以此限定本發明實施之範圍,凡是依本發明申請專利範圍及專利說明書內容所作之簡單的等效變化與修飾,皆仍屬本發明專利涵蓋之範圍內。However, the above are only examples of the present invention. When the scope of implementation of the present invention cannot be limited in this way, any simple equivalent changes and modifications made in accordance with the scope of the patent application and the content of the patent specification of the present invention are still Within the scope of the invention patent.
1‧‧‧電子交易系統 1‧‧‧ electronic trading system
11‧‧‧憑證授權伺服器11‧‧‧Certificate Authorization Server
12‧‧‧驗證伺服器12‧‧‧ authentication server
13‧‧‧使用端電子裝置13‧‧‧ Consumer electronics
14‧‧‧註冊管理伺服器14‧‧‧Registration Server
S1~S11‧‧‧步驟S1 ~ S11‧‧‧step
本發明之其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中: 圖1是一方塊示意圖,說明本發明電子交易系統的一第一實施例; 圖2是一流程圖,說明該第一實施例所執行的一電子交易方法; 圖3是一方塊示意圖,說明本發明電子交易系統的一第二實施例;及 圖4是一流程圖,說明該第二實施例所執行的另一電子交易方法。Other features and effects of the present invention will be clearly presented in the embodiment with reference to the drawings, wherein: FIG. 1 is a block diagram illustrating a first embodiment of the electronic transaction system of the present invention; FIG. 2 is a flowchart To explain an electronic transaction method executed by the first embodiment; FIG. 3 is a block diagram illustrating a second embodiment of the electronic transaction system of the present invention; and FIG. 4 is a flowchart illustrating the second embodiment. Another method of electronic trading performed.
Claims (18)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW107104689A TWI669672B (en) | 2018-02-09 | 2018-02-09 | Electronic trading method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW107104689A TWI669672B (en) | 2018-02-09 | 2018-02-09 | Electronic trading method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TWI669672B TWI669672B (en) | 2019-08-21 |
| TW201935357A true TW201935357A (en) | 2019-09-01 |
Family
ID=68316318
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW107104689A TWI669672B (en) | 2018-02-09 | 2018-02-09 | Electronic trading method and system |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI669672B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI730549B (en) * | 2019-12-18 | 2021-06-11 | 臺灣網路認證股份有限公司 | System for checking key pair generating algorithm during certificate applying process and method thereof |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101131759A (en) * | 2006-08-24 | 2008-02-27 | 中国信托商业银行股份有限公司 | One-time password generation and application method for network transaction and system for executing method |
| TW201101215A (en) * | 2009-06-26 | 2011-01-01 | Inst Information Industry | Two-factor authentication method and system for securing online transactions |
| TW201305935A (en) * | 2011-07-20 | 2013-02-01 | F2Ware Inc | One time password generation and application method and system using the same |
| US9231925B1 (en) * | 2014-09-16 | 2016-01-05 | Keypasco Ab | Network authentication method for secure electronic transactions |
-
2018
- 2018-02-09 TW TW107104689A patent/TWI669672B/en active
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI730549B (en) * | 2019-12-18 | 2021-06-11 | 臺灣網路認證股份有限公司 | System for checking key pair generating algorithm during certificate applying process and method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| TWI669672B (en) | 2019-08-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12294661B2 (en) | Personal device security using cryptocurrency wallets | |
| JP7181539B2 (en) | METHOD AND APPARATUS FOR MANAGING USER IDENTIFICATION AND AUTHENTICATION DATA | |
| CN108235806B (en) | Method, device and system for safely accessing block chain, storage medium and electronic equipment | |
| CN109088889B (en) | SSL encryption and decryption method, system and computer readable storage medium | |
| CN108292402B (en) | Determination of a common secret and hierarchical deterministic keys for the secure exchange of information | |
| US8532620B2 (en) | Trusted mobile device based security | |
| JP2023502346A (en) | Quantum secure networking | |
| WO2020062668A1 (en) | Identity authentication method, identity authentication device, and computer readable medium | |
| CN111512608A (en) | Authentication Protocol Based on Trusted Execution Environment | |
| CN107210914A (en) | Method for secure credential provisioning | |
| JP2004304304A (en) | Electronic signature generation method, electronic signature verification method, electronic signature generation request program, and electronic signature verification request program | |
| CN110213195B (en) | Login authentication method, server and user terminal | |
| JPWO2019239591A1 (en) | Authentication system, authentication method, application provider, authentication device, and authentication program | |
| CN109922027B (en) | Credible identity authentication method, terminal and storage medium | |
| JP6378424B1 (en) | User authentication method with enhanced integrity and security | |
| CN111404680B (en) | Password management method and device | |
| JP2004140636A (en) | System, server, and program for sign entrustment of electronic document | |
| CN109981667B (en) | User data transmission method and device | |
| US12047496B1 (en) | Noncustodial techniques for granular encryption and decryption | |
| TW201935357A (en) | Method and system for electrical transaction | |
| WO2016165662A1 (en) | Mobile phone quasi-digital certificate subsystem, and system and method thereof | |
| CN103312671A (en) | Method and system for verifying server | |
| CN115242471A (en) | Information transmission method and device, electronic equipment and computer readable storage medium | |
| JP6165044B2 (en) | User authentication apparatus, system, method and program | |
| TWI759090B (en) | Platform login method |