TWI488480B - Identification system for network service and identification method using for the same - Google Patents
Identification system for network service and identification method using for the same Download PDFInfo
- Publication number
- TWI488480B TWI488480B TW101145544A TW101145544A TWI488480B TW I488480 B TWI488480 B TW I488480B TW 101145544 A TW101145544 A TW 101145544A TW 101145544 A TW101145544 A TW 101145544A TW I488480 B TWI488480 B TW I488480B
- Authority
- TW
- Taiwan
- Prior art keywords
- verification
- server
- electronic device
- information
- service
- Prior art date
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Description
本發明係有關於提供網路服務的系統與方法,尤其更有關於可對網路服務進行驗證的驗證系統與驗證方法。 The present invention relates to systems and methods for providing network services, and more particularly to authentication systems and verification methods for authenticating network services.
現年來,網路技術越來越普及化,最大的影響在於,各式各樣的服務,使用者幾乎都可以通過網路來實現。舉例來說,以往使用者欲購買一物品時,必須親自前往購物中心選購,如今,只需使用電腦,通過網路連接至提供網路購物服務之網站,即可於任何地點進行購物,相當便利。 In the past few years, network technology has become more and more popular. The biggest impact is that all kinds of services can be realized by users almost all over the Internet. For example, in the past, when users want to buy an item, they must go to the shopping center to buy it. Now, just use a computer and connect to the website that provides online shopping service, you can shop at any place. convenient.
然而,任何的商務服務,例如購物、銀行提款及轉帳等,因為涉及到使用者的金錢流通,故其安全性比起其他的服務就顯得更為重要。因此,要如何能夠通過網路,提供使用者便於操作的商務服務,但又不會因為網路的使用,造成使用者的資料有被他人竊取之風險,即為本領域從業人員所需潛心研究之課題。 However, any business services, such as shopping, bank withdrawals, and transfers, are more important than other services because they involve the circulation of money from users. Therefore, how to provide a user-friendly business service through the Internet, but without the use of the network, the user's data is at risk of being stolen by others, that is, the research for the practitioners in the field needs to be studied. The subject.
本發明之主要目的,在於提供一種網路服務的驗證系統及其驗證方法,係可通過分開的兩個設備,分別執行網路服務的請求以及網路服務的驗證,藉以在不影響網路安全的前提下,令網路服務 的請求更為便利。 The main purpose of the present invention is to provide a network service verification system and a verification method thereof, which can perform network service request and network service verification separately through two separate devices, so as not to affect network security. Network service The request is more convenient.
為達上述目的,本發明係包括雲端的一服務提供伺服器、一驗證伺服器,以及使用端的一電子設備及一驗證設備。驗證設備預先向驗證伺服器進行註冊,以將一與驗證設備相關的驗證資訊儲存於驗證伺服器中。當使用者使用電子設備連接服務提供伺服器,並於線上請求一商務服務時,服務提供伺服器係要求電子設備上傳驗證資訊,電子設備可由驗證設備取得所需之驗證資訊,並上傳至服務提供伺服器。服務提供伺服器將驗證資訊傳送至驗證伺服器,待確認電子設備所上傳的驗證資訊經過註冊後,允許執行所請求的商務服務。 To achieve the above objective, the present invention includes a service providing server, a verification server, and an electronic device and a verification device in the cloud. The verification device registers with the verification server in advance to store verification information related to the verification device in the verification server. When the user uses the electronic device to connect to the service providing server and requests a business service online, the service providing server requests the electronic device to upload the verification information, and the electronic device can obtain the required verification information by the verification device and upload it to the service provider. server. The service providing server transmits the verification information to the verification server, and after confirming that the verification information uploaded by the electronic device is registered, the requested business service is allowed to be executed.
本發明對照先前技術所能達成的功效在於,讓使用者預先使用一個特定的設備來向驗證伺服器進行註冊,以將該設備當作一驗證設備來使用。如此一來,無論使用者使用在何時、何地、使用哪一台電子設備來連上網路,並請求執行一項網路服務,皆可使用已註冊過的該驗證設備來進行安全性的驗證,以令該項網路服務可以順利地被執行。也就是說,通過本系統與方法,只要使用者隨身攜帶已經註冊過的該驗證設備,即可在隨時、隨地,並以任意的電子設備來執行網路服務,並且不會因為這樣的便利性而降低網路服務最重視之安全性。 The effect achieved by the present invention over the prior art is that the user is pre-registered with the authentication server using a particular device to use the device as a verification device. In this way, regardless of when, where, and which electronic device the user uses to connect to the network and request to perform a network service, the verified device can be used for security verification. So that the network service can be successfully executed. In other words, with the system and method, as long as the user carries the verified device that has already been registered, the network service can be executed anytime, anywhere, and with any electronic device, and is not because of such convenience. And reduce the security that network services pay most attention to.
再者,該驗證設備主要是使用與其本身相關的資訊來向驗證伺服器進行註冊,並做為驗證所需的一驗證資訊,故該驗證資訊與該驗證設備是不可分離的,因此使用者只有隨身攜帶該驗證設備,才可以通過網路服務的驗證動作,藉此更可提昇安全性。 Furthermore, the verification device mainly uses the information related to itself to register with the verification server and serves as a verification information required for verification, so the verification information is inseparable from the verification device, so the user only has to carry Carrying the verification device can improve the security through the verification action of the network service.
1‧‧‧服務提供伺服器 1‧‧‧Service Serving Server
2‧‧‧驗證伺服器 2‧‧‧Verification server
3‧‧‧電子設備 3‧‧‧Electronic equipment
4‧‧‧驗證設備 4‧‧‧Verification equipment
41‧‧‧中央處理單元 41‧‧‧Central Processing Unit
42‧‧‧無線傳輸模組 42‧‧‧Wireless Transmission Module
421‧‧‧WiFi模組 421‧‧‧WiFi module
422‧‧‧近場通訊模組 422‧‧‧ Near Field Communication Module
423‧‧‧藍芽模組 423‧‧‧Bluetooth Module
424‧‧‧紅外線模組 424‧‧‧Infrared module
425‧‧‧Zigbee模組 425‧‧‧Zigbee Module
43‧‧‧觸控螢幕 43‧‧‧ touch screen
44‧‧‧揚聲器 44‧‧‧Speakers
45‧‧‧記憶體 45‧‧‧ memory
451‧‧‧應用程式 451‧‧‧Application
46‧‧‧sim卡插槽 46‧‧‧sim card slot
461‧‧‧sim卡 461‧‧‧sim card
47‧‧‧連接埠 47‧‧‧Connector
5‧‧‧使用者 5‧‧‧Users
6‧‧‧傳輸線 6‧‧‧ transmission line
P1‧‧‧商務服務請求頁面 P1‧‧‧Business Service Request Page
S10~S16‧‧‧步驟 S10~S16‧‧‧Steps
S20~S40‧‧‧步驟 S20~S40‧‧‧Steps
第一圖為本發明的第一較佳具體實施例的系統架構圖。 The first figure is a system architecture diagram of a first preferred embodiment of the present invention.
第二A圖為本發明的網路服務第一動作圖。 The second A diagram is the first action diagram of the network service of the present invention.
第二B圖為本發明的網路服務第二動作圖。 The second B diagram is a second action diagram of the network service of the present invention.
第二C圖為本發明的網路服務第三動作圖。 The second C diagram is a third action diagram of the network service of the present invention.
第三圖為本發明的第一較佳具體實施例的註冊流程圖。 The third figure is a registration flow chart of the first preferred embodiment of the present invention.
第四圖為本發明的第一較佳具體實施例的驗證流程圖。 The fourth figure is a verification flow chart of the first preferred embodiment of the present invention.
第五圖為本發明的第一較佳具體實施例的驗證設備方塊圖。 Figure 5 is a block diagram of a verification device of a first preferred embodiment of the present invention.
第六A圖為本發明的第二較佳具體實施例的系統架構圖。 Figure 6A is a system architecture diagram of a second preferred embodiment of the present invention.
第六B圖為本發明的第三較佳具體實施例的系統架構圖。 Figure 6B is a system architecture diagram of a third preferred embodiment of the present invention.
第六C圖為本發明的第四較佳具體實施例的系統架構圖。 Figure 6C is a system architecture diagram of a fourth preferred embodiment of the present invention.
茲就本發明之一較佳實施例,配合圖式,詳細說明如後。 DETAILED DESCRIPTION OF THE INVENTION A preferred embodiment of the present invention will be described in detail with reference to the drawings.
首請參閱第一圖,為本發明的第一較佳具體實施例的系統架構圖。本發明揭露的驗證系統,主要包括了位於雲端的一服務提供伺服器1及一驗證伺服器2,以及位於使用端的一電子設備3及一驗證設備4。該服務提供伺服器1係可供該電子設備3通過網路系統連線登入,以提供至少一種的商務服務,例如網路銀行服務或是網路購物服務等等。使用者可以操作該電子設備3,以登入該服務提供伺服器1中,並且向該服務提供伺服器1提出執行上述商務服務之請求。 Referring first to the first figure, a system architecture diagram of a first preferred embodiment of the present invention is shown. The verification system disclosed in the present invention mainly includes a service providing server 1 and a verification server 2 located in the cloud, and an electronic device 3 and a verification device 4 at the use end. The service providing server 1 is configured to allow the electronic device 3 to log in through a network system to provide at least one type of business service, such as an online banking service or an online shopping service. The user can operate the electronic device 3 to log in to the service providing server 1, and submit a request to the service providing server 1 to execute the above-mentioned business service.
該驗證伺服器2係與該服務提供伺服器1連接,藉以,當一使用者操作該電子設備3,並對該服務提供伺服器1提出其中一種商務服務的請求時,該服務提供伺服器1係可交由該驗證伺服器2來對該電子設備3進行驗證,只有在驗證通過後,該服務提供伺服器1才會允許執行該電子設備3所請求的該商務服務。 The verification server 2 is connected to the service providing server 1 so that when a user operates the electronic device 3 and requests the service provider 1 for one of the business services, the service providing server 1 The electronic device 3 can be authenticated by the verification server 2, and the service providing server 1 can only execute the business service requested by the electronic device 3 after the verification is passed.
本實施例中,該電子設備3可例如為智慧型行動裝置、平板電腦、筆記型電腦及個人電腦的至少其中之一,使用者可操作該電子設備3,並通過瀏覽器(Browser)來連線至該服務提供伺服器1,以於線上提出該商務服務之請求。再者,於另一實施例中,該電子設備3中可安裝該服務提供伺服器1所提供的一應用程式(圖未標示),該應用程式被執行後,可自動連線至該服務提供伺服器1,並開啟該服務提供伺服器1提供的一商務服務請求頁面(例如第二A圖中所示的商務服務請求頁面P1),以令使用者選取欲請求的該商務服務,並且輸入相關之資訊,例如欲轉帳之金額、或是欲購物之物品等。 In this embodiment, the electronic device 3 can be, for example, at least one of a smart mobile device, a tablet computer, a notebook computer, and a personal computer. The user can operate the electronic device 3 and connect through a browser. The line is provided to the service provider server 1 to make a request for the business service online. Furthermore, in another embodiment, an application (not shown) provided by the service providing server 1 can be installed in the electronic device 3. After the application is executed, the application can be automatically connected to the service. Server 1, and opening a service service request page provided by the service provider 1 (for example, the business service request page P1 shown in FIG. 2A), so that the user selects the business service to be requested, and inputs Relevant information, such as the amount of money to be transferred, or items to be purchased.
該驗證設備4主要係可為智慧型行動裝置、平板電腦、筆記型電腦及個人電腦的至少其中之一,並不加以限定。本發明的主要技術特徵在於,該驗證設備4已預先向該驗證伺服器2進行過註冊動作,因此,當該服務提供伺服器1需要對該電子設備3進行驗證時,該電子設備3係從該驗證設備4來取得一驗證資訊,並且將該驗證資訊上傳給該服務提供伺服器1後,該服務提供伺服器1再進一步將該驗證資訊交由該驗證伺服器2來進行驗證。 The verification device 4 is mainly one of at least one of a smart mobile device, a tablet computer, a notebook computer, and a personal computer, and is not limited thereto. The main technical feature of the present invention is that the verification device 4 has previously registered the authentication server 2, and therefore, when the service providing server 1 needs to verify the electronic device 3, the electronic device 3 is slaved. After the verification device 4 obtains a verification information and uploads the verification information to the service providing server 1, the service providing server 1 further passes the verification information to the verification server 2 for verification.
本實施例中,該驗證設備4主要可將其被製造時即定義的、一固定不變的裝置序號(device serial number)當作該驗證資訊。並 且,在進行註冊程序時,係可將該驗證資訊(即,該裝置序號)做為一註冊資料,並儲存於該驗證伺服器2中,以完成註冊程序。如此一來,當該電子設備3向該服務提供伺服器1提出該商務服務之請求時,該服務提供伺服器1會要求該電子設備3上傳可供驗證的該驗證資訊。此時,該電子設備3可與該驗證設備4連接,以由該驗證設備4取得其註冊所使用的該驗證資訊,並加上傳至該服務提供伺服器1。接著,該服務提供伺服器1將所接收的該驗證資訊傳送給該驗證伺服器2,該驗證伺服器4即可將該驗證資訊與其內部儲存的一或多組註冊資料進行比對,確認發出該驗證資訊的該驗證設備4是否已經註冊過。若該驗證設備4已經註冊過,即告知該服務提供伺服器1可允許執行該電子設備3所請求的該商務服務。 In this embodiment, the verification device 4 can mainly regard a fixed device serial number (device serial number) defined when it is manufactured as the verification information. and Moreover, when the registration process is performed, the verification information (ie, the device serial number) can be used as a registration data and stored in the verification server 2 to complete the registration process. In this way, when the electronic device 3 requests the service provider 1 for the business service, the service providing server 1 requests the electronic device 3 to upload the verification information that can be verified. At this time, the electronic device 3 can be connected to the verification device 4 to obtain the verification information used by the verification device 4 for registration, and upload it to the service providing server 1. Then, the service providing server 1 transmits the received verification information to the verification server 2, and the verification server 4 can compare the verification information with one or more sets of registration materials stored therein to confirm the issue. Whether the verification device 4 of the verification information has been registered. If the verification device 4 has been registered, it is informed that the service providing server 1 can allow the execution of the business service requested by the electronic device 3.
本發明的主要目的,在於讓使用者預先使用一個特定的電子器物,例如智慧型手機或平板電腦等,向該驗證伺服器2進行註冊,以做為該驗證設備4。如此一來,無論使用者在何時、位於何地、使用什麼設備連接網路系統,以請求執行一網路商務服務,皆可通過該驗證設備4來進行驗證,藉以通過最便利的方式,提供最安全的驗證方式。通過本發明的系統與方法,使用者只要隨身攜帶該驗證設備4,則於驗證時,使用者只需將驗證設備4靠近該電子設備3,以有線或無線方式將該驗證資訊傳送給該電子設備3,即可進行驗證,使用者甚至可以不必手動輸入任何的文字或數字密碼,相當便利。 The main object of the present invention is to allow a user to register with the authentication server 2 as a verification device 4 by using a specific electronic device such as a smart phone or a tablet computer in advance. In this way, no matter when, where, and what device the user uses to connect to the network system to request to perform a network business service, the verification device 4 can be used for verification, thereby providing the most convenient way. The safest way to verify. With the system and method of the present invention, the user only needs to carry the verification device 4 with him or her, and at the time of verification, the user only needs to bring the verification device 4 close to the electronic device 3 to transmit the verification information to the electronic device in a wired or wireless manner. Device 3 can be verified, and the user can even enter any text or digital password manually, which is quite convenient.
請同時參閱第二A圖至第二C圖,分別為本發明的網路服務第一動作圖至第三動作圖。首先如第二A圖所示,使用者(如第二C圖所 示的使用者5)可操作該電子設備3(圖中以一筆記型電腦為例),以通過瀏覽器或應用程式來連線並登入該服務提供伺服器1,並開啟該商務服務請求頁面P1。本實施例中,該服務提供伺服器1係以一可以提供網路轉帳服務的網路銀行伺服器為例,以方便說明。當使用者5選取了一網路轉帳服務後,即可於該商務服務請求頁面P1中輸入一轉入帳號及一轉帳金額,並於按下確定鍵後,請求該服務提供伺服器1執行所請求的網路轉帳服務。 Please refer to FIG. 2A to FIG. 2C at the same time, which are respectively the first action diagram to the third action diagram of the network service of the present invention. First, as shown in Figure A, the user (such as the second C map The user 5) can operate the electronic device 3 (for example, a notebook computer in the figure) to connect to the service providing server 1 through a browser or an application, and open the business service request page. P1. In this embodiment, the service providing server 1 is exemplified by an online banking server that can provide a network transfer service for convenience of description. After the user 5 selects a network transfer service, a transfer account and a transfer amount can be input into the business service request page P1, and after the OK button is pressed, the service provider server 1 is requested to execute the service. Requested network transfer service.
接著如第二B圖所示,該服務提供伺服器1要執行該網路轉帳服務之前,係通過該商務服務請求頁面P1,要求使用者5通過該驗證設備4來取得該驗證資訊。於本實施例中,在該電子設備3尚未由該驗證設備4取得該驗證資訊,而該服務提供伺服器1尚未由該電子設備3接收該驗證資訊之前,該網路轉帳服務不會被執行。 Then, as shown in FIG. 2B, before the service providing server 1 executes the network transfer service, the service request page P1 is requested to request the user 5 to obtain the verification information through the verification device 4. In this embodiment, after the electronic device 3 has not obtained the verification information by the verification device 4, and the service providing server 1 has not received the verification information by the electronic device 3, the network transfer service will not be executed. .
最後如第二C圖所示,當使用者5將該驗證設備4靠近該電子設備3,並以有線或無線的方式將該驗證資訊傳送給該電子設備3後,該電子設備3即可直接上傳該驗證資訊,並由該驗證伺服器2進行驗證。本實施例中,該電子設備3與該驗證設備4係以無線方式進行連接,以傳送該驗證資訊,然而,該驗證設備4亦可通過有線方式來傳送該驗證資訊,不應加以限定。如第二C圖所示,當該服務提供伺服器1接收該驗證資訊後,即會通過該驗證伺服器2進行驗證,並通過該商務服務請求頁面P1顯示「驗證中」之訊息。並且,於驗證成功之後,該服務提供伺服器1即可允許執行使用者5通過該電子設備3所請求之商務服務,於本實施例中,即為該網路轉帳服務。 Finally, as shown in FIG. C, when the user 5 approaches the verification device 4 to the electronic device 3 and transmits the verification information to the electronic device 3 in a wired or wireless manner, the electronic device 3 can directly The verification information is uploaded and verified by the verification server 2. In this embodiment, the electronic device 3 and the verification device 4 are connected in a wireless manner to transmit the verification information. However, the verification device 4 may also transmit the verification information through a wired manner, which is not limited. As shown in FIG. C, when the service providing server 1 receives the verification information, it is verified by the verification server 2, and the message "in verification" is displayed through the business service request page P1. Moreover, after the verification is successful, the service providing server 1 can permit the execution of the business service requested by the user 5 through the electronic device 3, which is the network transfer service in this embodiment.
續請參閱第三圖,為本發明的第一較佳具體實施例的註冊流程圖 。若要通過本發明的系統與方法來進行網路服務之驗證,則使用者5必須預先設定該驗證設備4,並讓該驗證設備4具備有對上述商務服務進行驗證的權限。首先,係於該驗證設備4中安裝一應用程式(如第五圖中所示的應用程式451),並且,啟動該應用程式451(步驟S10)。接著,該驗證設備4可通過該應用程式451的執行,自動連線至該驗證伺服器2(步驟S12),同時,該驗證設備4通過該應用程式451的執行,自動取得要用來註冊的該驗證資訊(步驟S14),即,該驗證設備4的該裝置序號。本實施例中,該步驟S12與該步驟S14並沒有執行上的順序關係,該應用程式451係可先連線至該驗證伺服器2,再擷取該驗證設備4的該裝置序號,反之亦然,不可加以限定。 Please refer to the third figure for the registration flowchart of the first preferred embodiment of the present invention. . To perform verification of the network service by the system and method of the present invention, the user 5 must pre-set the verification device 4 and have the authentication device 4 have the authority to verify the business service. First, an application (such as the application 451 shown in the fifth figure) is installed in the verification device 4, and the application 451 is started (step S10). Then, the verification device 4 can be automatically connected to the verification server 2 by the execution of the application 451 (step S12), and at the same time, the verification device 4 automatically obtains the registration to be used by the execution of the application 451. The verification information (step S14), that is, the device serial number of the verification device 4. In this embodiment, the step S12 and the step S14 are not performed in the sequential relationship. The application 451 may first connect to the verification server 2, and then retrieve the device serial number of the verification device 4, and vice versa. However, it cannot be limited.
該步驟S12與該步驟S14執行完畢後,該驗證設備4即可通過該驗證資訊,向該驗證伺服器2進行註冊動作(步驟S16),以將該驗證資訊做為該註冊資料,儲存於該驗證伺服器2中,以便於該電子設備3在請求執行該商務服務時驗證之用。 After the step S12 and the step S14 are performed, the verification device 4 can perform a registration operation to the verification server 2 by using the verification information (step S16), and the verification information is used as the registration data, and is stored in the verification information. The verification server 2 is used to facilitate the verification of the electronic device 3 when requesting execution of the business service.
值得一提的是,該驗證設備4在進行註冊程序時,使用者5更可設定該驗證資訊允許對哪些特定的商務服務之請求進行驗證(步驟S18),舉例來說,使用者5可設定該驗證設備4的該驗證資訊可用來對網路轉帳服務的請求進行驗證,但不允許用來對網路購物服務的請求進行驗證。如此一來,當使用者5操作該電子設備3,於線上請求一網路轉帳服務時,可以直接使用該驗證設備4來進行驗證。然而,若使用者5於線上請求一網路購物服務時,若仍通過該驗證設備4來進行驗證,則該驗證設備4提供的該驗證資訊將會被驗證失敗,進而該服務提供伺服器1無法執行使用者提出的 該網路購物服務之請求。 It is worth mentioning that when the verification device 4 performs the registration process, the user 5 can further set which verification service information allows the verification of the specific business service request (step S18). For example, the user 5 can set The verification information of the verification device 4 can be used to verify the request of the network transfer service, but is not allowed to verify the request for the online shopping service. In this way, when the user 5 operates the electronic device 3 and requests a network transfer service on the line, the verification device 4 can be directly used for verification. However, if the user 5 requests an online shopping service online, if the verification device 4 still performs verification, the verification information provided by the verification device 4 will be verified to be failed, and then the service providing server 1 Unable to execute the user's proposed The request for the online shopping service.
通過上述技術手段,使用者5更可對多樣化的網路商務服務進行把關,例如可註冊多台的驗證設備4,並讓每一台驗證設備4分別對應至不同類別的商務服務請求。然而,以上所述僅為本發明的一較佳具體實施例,不應以此為限。 Through the above technical means, the user 5 can check the diversified network commerce services, for example, the plurality of verification devices 4 can be registered, and each verification device 4 is respectively corresponding to a different type of business service request. However, the above description is only a preferred embodiment of the present invention and should not be limited thereto.
續請參閱第四圖,為本發明的第一較佳具體實施例的驗證流程圖。當使用者5要於線上請求一商務服務時,係需先操作該電子設備3,以通過瀏覽器或應用程式連線並登入該服務提供伺服器1(步驟S20)。接著,於該服務提供伺服器1上,請求執行該服務提供伺服器1所能提供的多項商務服務的至少其中之一(步驟S22)。更具體而言,該電子設備3登入後,該服務提供伺服器1係提供該商務服務請求頁面P1並顯示於該電子設備3的螢幕上,藉以,使用者5可操作該電子設備3,並於該商務服務請求頁面P1上,選擇欲請求的該商務服務,並且輸入相關的資料。 Referring to the fourth figure, a verification flow chart of the first preferred embodiment of the present invention is shown. When the user 5 wants to request a business service online, the electronic device 3 needs to be operated first to connect to the service providing server 1 through a browser or an application (step S20). Next, on the service providing server 1, it is requested to execute at least one of a plurality of business services that the service providing server 1 can provide (step S22). More specifically, after the electronic device 3 logs in, the service providing server 1 provides the business service request page P1 and displays it on the screen of the electronic device 3, so that the user 5 can operate the electronic device 3, and On the business service request page P1, select the business service to be requested, and input relevant materials.
接著,在該商務服務執行前,該服務提供伺服器1係要求該電子設備3先進行驗證(步驟S24),更具體而言,該服務提供伺服器1係通過該商務服務請求頁面P1,要求該電子設備3上傳該驗證資訊。接著,使用者5可將該驗證設備4靠近該電子設備3,藉以通過有線或無線的連接方式,讓該電子設備3可從該驗證設備4來取得該驗證資訊(步驟S26)。 Then, before the execution of the business service, the service providing server 1 requests the electronic device 3 to perform verification first (step S24), and more specifically, the service providing server 1 requests the page through the business service request page P1. The electronic device 3 uploads the verification information. Next, the user 5 can bring the verification device 4 close to the electronic device 3, so that the electronic device 3 can obtain the verification information from the verification device 4 by wired or wireless connection (step S26).
該電子設備3取得該驗證資訊後,即將該驗證資訊上傳至該服務提供伺服器1(步驟S28),接著,由該服務提供伺服器1將上傳的該驗證資訊傳送給該驗證伺服器2(步驟S30),再由該驗證伺服器 2來進行驗證。如此一來,只要該驗證伺服器2驗證通過,該服務提供伺服器1即可允許執行該電子設備3所請求的該商務服務。 After the electronic device 3 obtains the verification information, the verification information is uploaded to the service providing server 1 (step S28), and then the service providing server 1 transmits the uploaded verification information to the verification server 2 ( Step S30), and then the verification server 2 to verify. In this way, as long as the verification server 2 verifies the verification, the service providing server 1 can allow the execution of the business service requested by the electronic device 3.
本實施例中,該驗證伺服器2主要是通過該驗證資訊,判斷發出該驗證資訊的該驗證設備4是否已經註冊過(步驟S32),並且更具體而言,該驗證伺服器2主要是將該驗證資訊與其內部儲存的一或多組的該註冊資料進行比對,若有其中一組該註冊資料與該驗證資訊相同,表示該驗證設備4已經註冊過;反之,若該驗證資訊無法與該些註冊資料的其中之一比對符合,表示該驗證設備4沒有註冊過。 In this embodiment, the verification server 2 mainly determines whether the verification device 4 that issued the verification information has been registered through the verification information (step S32), and more specifically, the verification server 2 mainly The verification information is compared with one or more sets of the registration data stored therein. If one of the registration materials is the same as the verification information, the verification device 4 has been registered; otherwise, if the verification information cannot be One of the registration materials is aligned, indicating that the verification device 4 has not been registered.
若該驗證伺服器2比對後,判斷該驗證設備4沒有註冊過,則會回覆一驗證失敗訊息給該服務提供伺服器1(步驟S34),藉以,該服務提供伺服器1將拒絕執行該電子設備3所請求的該商務服務。若該驗證伺服器2比對後,確認該驗證設備4有註冊過,則該驗證伺服器2可回覆一驗證成功訊息給該服務提供伺服器1。 If the verification server 2 determines that the verification device 4 has not been registered, it will reply a verification failure message to the service providing server 1 (step S34), so that the service providing server 1 will refuse to execute the The business service requested by the electronic device 3. If the verification server 2 compares and confirms that the verification device 4 has been registered, the verification server 2 can reply a verification success message to the service providing server 1.
於另一實施例中,若該驗證伺服器2確認該驗證設備4有註冊過,則該驗證伺服器2可進一步判斷該驗證資訊是否被允許對該電子設備3所請求的該商務服務進行驗證(步驟S36),即,該電子設備3所請求的該商務服務之類別,是否屬於該驗證設備4的驗證範圍。若該驗證伺服器2比對後,判斷該驗證資訊不被允許用來驗證該商務服務之請求,則執行該步驟S34,回覆該驗證失敗訊息給該服務提供伺服器1。反之,若該驗證伺服器確認該驗證資訊被允許對該商務服務之請求進行驗證,則可回覆該驗證成功訊息給該服務提供伺服器1(步驟S38)。進而,該服務提供伺服器1可允許執行該電子設備3所請求的該商務服務(步驟S40)。 In another embodiment, if the verification server 2 confirms that the verification device 4 has been registered, the verification server 2 may further determine whether the verification information is allowed to verify the business service requested by the electronic device 3. (Step S36), that is, whether the category of the business service requested by the electronic device 3 belongs to the verification range of the verification device 4. If the verification server 2 determines that the verification information is not allowed to be used to verify the request for the business service, the step S34 is executed to reply the verification failure message to the service providing server 1. On the other hand, if the verification server confirms that the verification information is allowed to verify the request for the business service, the verification success message may be replied to the service providing server 1 (step S38). Further, the service providing server 1 can allow the execution of the business service requested by the electronic device 3 (step S40).
接續請參閱第五圖,為本發明的第一較佳具體實施例的驗證設備方塊圖。如圖所示,本實施例中的該驗證設備4主要可例如為一智慧型手機,並且可例如包括有一中央處理單元41、至少一無線傳輸模組42、一觸控螢幕43、揚聲器44、一記憶體45、一sim卡插槽46及至少一連接埠47,其中該中央處理單元41電性連接該至少一無線傳輸模組42、該觸控螢幕43、該揚聲器44、該記憶體45、該sim卡插槽46及該至少一連接埠47,以處理該驗證設備4中的各項數位訊號。 Next, please refer to the fifth figure, which is a block diagram of a verification device according to a first preferred embodiment of the present invention. As shown in the figure, the verification device 4 in this embodiment can be, for example, a smart phone, and can include, for example, a central processing unit 41, at least one wireless transmission module 42, a touch screen 43, and a speaker 44. The memory unit 45, the sim card slot 46, and the at least one port 47, wherein the central processing unit 41 is electrically connected to the at least one wireless transmission module 42, the touch screen 43, the speaker 44, and the memory 45. The sim card slot 46 and the at least one port 47 are configured to process various digital signals in the verification device 4.
本實施例中,該至少一無線傳輸模組42可例如為WiFi模組421、近場通訊(Near Field Communication,NFC)模組422、藍芽(Bluetooth)模組423、紅外線模組424及Zigbee模組425等,但不加以限定。只要該驗證設備4與該電子設備3分別具有上述該些無線傳輸模組42的至少其中之一,就可以建立對應的無線連接,例如WiFi連接、NFC連接、藍芽連接、紅外線連接或Zigbee連接等。如此一來,該驗證說備4就可以在需要進行驗證的時候,通過上述傳輸方式傳輸該驗證資訊至該電子設備3。然而,以上所述僅為本發明的一較佳具體實施例,不應以此為限。 In this embodiment, the at least one wireless transmission module 42 can be, for example, a WiFi module 421, a near field communication (NFC) module 422, a Bluetooth module 423, an infrared module 424, and a Zigbee. Module 425, etc., but is not limited. As long as the verification device 4 and the electronic device 3 respectively have at least one of the wireless transmission modules 42 described above, a corresponding wireless connection can be established, such as a WiFi connection, an NFC connection, a Bluetooth connection, an infrared connection, or a Zigbee connection. Wait. In this way, the verification device 4 can transmit the verification information to the electronic device 3 through the above transmission mode when the verification is needed. However, the above description is only a preferred embodiment of the present invention and should not be limited thereto.
該應用程式451係儲存於該記憶體45中,並且如上所述,該驗證設備4係可通過該應用程式451的執行,自動執行下列動作:1、於該驗證設備4內部擷取出的該驗證資訊,即,該裝置序號;2、自動連線至該驗證伺服器2,以進行註冊動作;及3、自動與該電子設備3建立連接,以傳送該驗證資訊給該電子設備3。 The application 451 is stored in the memory 45, and as described above, the verification device 4 can automatically perform the following actions through execution of the application 451: 1. The verification extracted inside the verification device 4 Information, that is, the device serial number; 2, automatically connected to the verification server 2 for registration operation; and 3. automatically establishing a connection with the electronic device 3 to transmit the verification information to the electronic device 3.
於本實施例中,該驗證資訊係可例如為該驗證設備4的裝置序號,而於另一實施例中,該驗證資訊更可包含該驗證設備4的該裝 置序號、以及至少一與該驗證設備4相關的附加資料。舉例來說,若該驗證設備4具備有上述該藍芽模組423,則該附加資料可為該藍芽模組423所使用的一媒體存取控制位址(Media Access Control Address,MAC Address)。若該驗證設備4具備有上述該觸控螢幕43,則該附加資料可為該使用者5通過該觸控螢幕43偵測所得的一指紋資料。若該驗證設備4具備有上述該sim卡插槽46,且該sim卡插槽46中插置有一sim卡461,則該附加資料可為該sim卡461的號碼(即,該驗證設備4所使用的電話號碼)。也就是說,在上述的註冊程序中,該驗證設備4係可通過該應用程式451的執行,同時取得該裝置序號及該附加資料,以進行註冊;而在驗證程序中,該應用程式451以相同的執行程序來取得該裝置序號及該附加資料,以組成該驗證資訊,並傳送給該電子設備3。 In this embodiment, the verification information may be, for example, the device serial number of the verification device 4, and in another embodiment, the verification information may further include the installation of the verification device 4. The serial number and at least one additional material associated with the verification device 4. For example, if the verification device 4 is provided with the Bluetooth module 423, the additional data may be a Media Access Control Address (MAC Address) used by the Bluetooth module 423. . If the verification device 4 is provided with the touch screen 43 , the additional data may be detected by the user 5 through the touch screen 43 . If the verification device 4 is provided with the sim card slot 46 and the sim card 461 is inserted into the sim card slot 46, the additional data may be the number of the sim card 461 (ie, the verification device 4 The phone number used). That is, in the above registration process, the verification device 4 can obtain the device serial number and the additional data through the execution of the application 451 to register, and in the verification program, the application 451 The same execution program is used to obtain the device serial number and the additional data to form the verification information and transmit the verification information to the electronic device 3.
值得一提的是,若該驗證設備4具備有上述該揚聲器44,則該應用程式451還可通過數位類比轉換程序(Digital to Analogy conversion,ADC),將數位的該驗證資訊轉換為一類比的聲音訊號,以對外發出。該電子設備3則可通過其上的麥克風來接收該聲音訊號,並通過一類比數位轉換程序(Analogy to Digital conversion,DAC),將該聲音訊號還原為該驗證資訊,以上傳給該服務提供伺服器1。再者,若該驗證設備4具備有上述該連接埠47,例如一通用序列匯流排(Universal Serial Bus,USB)連接埠,則該驗證設備4與該電子設備3更可通過一外部的傳輸線(例如第六B圖所示的傳輸線6)建立有線連接,藉以傳輸該驗證資訊。然而,以上所述皆僅為本發明的較佳具體實例,但並不以此為限。 It is worth mentioning that if the verification device 4 is provided with the speaker 44, the application 451 can also convert the digital verification information into an analogy by a digital to analogy conversion (ADC) program. The sound signal is sent out to the outside world. The electronic device 3 can receive the sound signal through the microphone thereon, and restore the sound signal to the verification information through an analogy digital conversion (DAC) to upload the servo to the service. Device 1. Furthermore, if the verification device 4 is provided with the connection port 47, for example, a universal serial bus (USB) port, the verification device 4 and the electronic device 3 can pass through an external transmission line ( For example, the transmission line 6) shown in FIG. 6B establishes a wired connection for transmitting the verification information. However, the above descriptions are only preferred embodiments of the present invention, but are not limited thereto.
如上所述,該驗證設備4實可通過多種方式來將該驗證資訊傳送給該電子設備3,也就是說,只要使用者5操作該電子設備3時,讓該驗證設備4距離該電子設備3在一定的範圍內,就可以順利的通過該驗證設備4來進行驗證。更具體而言,係可分別執行該電子設備3及該驗證設備4中相對應的應用程式,自動依上述該些傳輸模式的其中之一來建立連線,以傳輸該驗證資訊,但不加以限定。 As described above, the verification device 4 can transmit the verification information to the electronic device 3 in various ways, that is, as long as the user 5 operates the electronic device 3, the verification device 4 is allowed to be away from the electronic device 3. Within a certain range, the verification device 4 can be successfully verified. More specifically, the electronic device 3 and the corresponding application in the verification device 4 are respectively executed, and the connection is automatically established according to one of the foregoing transmission modes to transmit the verification information, but not limited.
續請同時參閱第六A圖至第六C圖,分別為本發明的第二較佳具體實施例至第四較佳具體實施例的系統架構圖。首先如第六A圖所示,使用者5可以操作一桌上型電腦,做為該電子設備3,以連線至該服務提供伺服器1,並且,使用一智慧型手機來做為該驗證設備4,以進行驗證動作,並且,該驗證設備4與該電子設備3可無線連接,以傳輸該驗證資訊。 Continuing to refer to the sixth to sixth sixth embodiments, respectively, are system architecture diagrams of the second preferred embodiment to the fourth preferred embodiment of the present invention. First, as shown in FIG. 6A, the user 5 can operate a desktop computer as the electronic device 3 to connect to the service providing server 1, and use a smart phone as the verification. The device 4 performs a verification action, and the verification device 4 is wirelessly connected to the electronic device 3 to transmit the verification information.
接著如第六B圖所示,使用者5亦可操作一智慧型手機,以做為該電子設備3,連線至該服務提供伺服器1,並且,使用一筆記型電腦來做為該驗證設備4。其中,該驗證設備4與該電子設備3可通過該傳輸線6來實體連接,以傳輸該驗證資訊。而如第六C圖所示,使用者5還可操作一筆記型電腦,以做為該電子設備3,連線至該服務提供伺服器1,並且,使用一平板電腦來做為該驗證設備4,並通過無線連接來傳輸該驗證資訊給該電子設備3。然而,無論使用者5運用何種電子器物來做為該驗證設備4,該驗證設備4皆需具備有一原廠設定的裝置序號,並且在使用本發明的系統與方法之前,預先向該驗證伺服器2進行註冊。 Then, as shown in FIG. 6B, the user 5 can also operate a smart phone as the electronic device 3, connect to the service providing server 1, and use a notebook computer as the verification. Device 4. The verification device 4 and the electronic device 3 can be physically connected through the transmission line 6 to transmit the verification information. As shown in FIG. C, the user 5 can also operate a notebook computer as the electronic device 3, connect to the service providing server 1, and use a tablet computer as the verification device. 4. The verification information is transmitted to the electronic device 3 via a wireless connection. However, regardless of which electronic device is used by the user 5 as the verification device 4, the verification device 4 is required to have an original factory-set device serial number, and the verification servo is provided in advance before using the system and method of the present invention. Device 2 is registered.
以上所述僅為本發明之較佳具體實例,非因此即侷限本發明之專 利範圍,故舉凡運用本發明內容所為之等效變化,均同理皆包含於本發明之範圍內,合予陳明。 The above description is only a preferred embodiment of the present invention, and thus is not intended to limit the scope of the present invention. The equivalents of the present invention are all included in the scope of the present invention and are combined with Chen Ming.
1‧‧‧服務提供伺服器 1‧‧‧Service Serving Server
2‧‧‧驗證伺服器 2‧‧‧Verification server
3‧‧‧電子設備 3‧‧‧Electronic equipment
4‧‧‧驗證設備 4‧‧‧Verification equipment
Claims (15)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW101145544A TWI488480B (en) | 2012-12-04 | 2012-12-04 | Identification system for network service and identification method using for the same |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW101145544A TWI488480B (en) | 2012-12-04 | 2012-12-04 | Identification system for network service and identification method using for the same |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TW201424323A TW201424323A (en) | 2014-06-16 |
| TWI488480B true TWI488480B (en) | 2015-06-11 |
Family
ID=51394230
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW101145544A TWI488480B (en) | 2012-12-04 | 2012-12-04 | Identification system for network service and identification method using for the same |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI488480B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI637337B (en) * | 2017-02-10 | 2018-10-01 | 緯創資通股份有限公司 | Electronic system and automatic website login and security payment method using near-field communication |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6223291B1 (en) * | 1999-03-26 | 2001-04-24 | Motorola, Inc. | Secure wireless electronic-commerce system with digital product certificates and digital license certificates |
| TW200917784A (en) * | 2007-10-12 | 2009-04-16 | Chi Mei Comm Systems Inc | System and method for validating user identity |
-
2012
- 2012-12-04 TW TW101145544A patent/TWI488480B/en not_active IP Right Cessation
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6223291B1 (en) * | 1999-03-26 | 2001-04-24 | Motorola, Inc. | Secure wireless electronic-commerce system with digital product certificates and digital license certificates |
| TW200917784A (en) * | 2007-10-12 | 2009-04-16 | Chi Mei Comm Systems Inc | System and method for validating user identity |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI637337B (en) * | 2017-02-10 | 2018-10-01 | 緯創資通股份有限公司 | Electronic system and automatic website login and security payment method using near-field communication |
Also Published As
| Publication number | Publication date |
|---|---|
| TW201424323A (en) | 2014-06-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10212154B2 (en) | Method and system for authenticating a user | |
| US10230727B2 (en) | Method and system for authenticating a user | |
| US10079826B2 (en) | Methods and systems for data entry | |
| US20170116596A1 (en) | Mobile Communication Device with Proximity Based Communication Circuitry | |
| US9680841B2 (en) | Network authentication method for secure user identity verification using user positioning information | |
| US11070549B2 (en) | Electronic mechanism to self-authenticate and automate actions | |
| CN103632265A (en) | Method and system for authenticating transaction request from device | |
| CN109102266B (en) | Account value transferring method and device | |
| TW201516908A (en) | Method, device and system for verifying payment | |
| JP6034995B2 (en) | Method and system for authenticating services | |
| US20140298486A1 (en) | Granting access to digital content obtained from a third-party service | |
| US20180270226A1 (en) | Secure Transfer of User Information Between Devices Based on User Credentials | |
| WO2018165830A1 (en) | Payment method and device based on verification terminal | |
| KR20150106198A (en) | Method, server and device for certification | |
| KR101549514B1 (en) | Payment system using near field communication and Method of payment the same | |
| JP7416860B2 (en) | Method and apparatus for communicating credentials | |
| TW201419183A (en) | Integrating system for services based on mobile terminal, and integrating method using for the same | |
| KR101245105B1 (en) | Method and System for Authentication in Electronic commerce using Smart Phone | |
| TWI488480B (en) | Identification system for network service and identification method using for the same | |
| KR20120122450A (en) | Payment system using mobile authentication and method thereof | |
| KR20210051684A (en) | Multiple authentication system with user's choice and method for the same | |
| KR20150074445A (en) | Method and apparatus for opening bank account | |
| CN116843332A (en) | Hardware wallet-based payment methods and devices | |
| KR101369905B1 (en) | Method and system for e-commerce credit card payment using mobile handset | |
| KR20210006119A (en) | Server and system for authentication processing, and control method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| MM4A | Annulment or lapse of patent due to non-payment of fees |