TWI579728B - Online certificate verification server and method for online certificate verification - Google Patents

Description

Online authentication server and online authentication method

The present invention relates to an online authentication technology, in particular, to an online authentication server that can skip the fishing process or avoid middleman eavesdropping and an online authentication method.

With the popularity of the Internet and information devices, the types of services provided through the Internet are becoming more diverse. Users can obtain diverse information from the Internet through personal computers, laptops, and smart phones. service. For example, users can use a computer to download software via the Internet, make online purchases, and even transfer money or buy or sell stocks on mobile banking software.

It is convenient and efficient to obtain diversified services through the Internet. However, there have always been doubts about the users. The relevant information of users is easily intercepted, copied, destroyed, tampered with or stolen. Of course, the information devices of users are subject to viruses or other information. Attack by a malicious program. In recent years, online scams have been rampant, and various phishing websites that imitate real official websites are often used. Scammers often use highly simulated phishing websites to make users mistakenly think that they are connected to the real official website, thereby stealing the user's account and password. Even the key certification information.

In order to solve the problem of such phishing website fraud, many solutions have been proposed in the past. The technical solution, such as installing an additional suite on the user's browser, is used by the browser to warn the phishing website when the user mistakenly connects to the phishing website to prevent the user from performing subsequent operations. However, this method requires the installation of the guest software on the browser side, and needs to be built and needs to be maintained frequently for comparing the databases whose websites are phishing websites.

However, not all users have the right or high security concept, which will affect the user's willingness to install such a customized software in the browser. If you suspect the trustworthiness and give up the installation, it may cause a more serious middle. Man-in-the-Middle or Man-in-the-Browser is more harmful than phishing websites that only steal accounts and passwords. Therefore, this program often encounters considerable resistance during promotion, and it is difficult to fully popularize it.

In addition, there are ways to prevent the search and identification technology of phishing websites, and use the mechanism that the search engine can pre-index and cache the content of the website to identify in advance whether the website is a fraudulent website. In the future, when users search the webpage, they can be excluded, filtered, avoid listing the phishing website, or mark the search results to prevent users from connecting to fraudulent websites or phishing websites. Although effective, this method is limited to web search. It is difficult to avoid other ways of fraud. For example, fraudsters use fake emails or increasingly popular instant messaging software to pass the URL of a phishing website, thereby tricking users into clicking or Connecting to a malicious website, this method will not solve the problem effectively.

In order to prevent phishing websites from having the opportunity to defraud users of authentication information, or to avoid interception of connection information packets, many websites use SSL credentials to encrypt connection information or use two-stage verification (Two-factor). Authentication), in addition to entering the account password, you need to enter a set of dynamically generated One Time Password (OTP), also known as one-time password, expecting to reduce the risk of account password outflow, because even if the account password is Stealing, but because the dynamic password is difficult to predict or can not be reused, it can effectively protect users.

However, although the foregoing method greatly reduces the risk of the account password flowing out, if the user connects to the fraud website or the phishing website from the beginning, the user may not enter it, and may input the account number, password and dynamic password to the phishing website. This causes the protection mechanism of the dynamic password to be ineffective. After obtaining the user's account number, password and dynamic password, the scammer can transfer it to the real official website, and perform privileged access such as transfer, change of account password, change of data, etc., such as Figure 1 shows.

In view of the risk of the above-mentioned dynamic password being stolen, there is a technical solution for transmitting the dynamic password through the second channel, thereby reducing the user's mistakenly inputting important important information into the website (first channel) originally requested to be logged in to avoid The dynamic password was stolen. As shown in Figure 2, the method of transmitting or returning a dynamic password on a heterogeneous channel (second channel) can effectively prevent people who are interested in installing the keyboard side program on the same channel (for example, using network eavesdropping technology). Etc.) stealing information such as dynamic passwords can greatly increase the difficulty of stealing critical information.

Although the above solution is available, if the user connects to the phishing website from the beginning, there is still the possibility of data being stolen. As shown in Figure 3, the main example is the imitation client simulation program of the phishing website, which can simulate the interaction between the real user and the official website, and tamper with the actual user submission. Information, in which after the user takes the initiative to return the authentication information in the second channel, the client simulation program receives the successful verification message from the official website, and immediately intervenes in the process to reply to the real user forged execution success message or system maintenance. A medium error message, while the phishing website continues to interact with the official website at the same time for privileged access (such as changing data, transferring funds, etc.), and the rights have already suffered losses when the real user finds a strange.

Although the heterogeneous channel transmits the dynamic password in a good way, it still has its risk, especially when the user connects to the phishing website and is not aware of it. At this time, the phishing website is in the same invisible middleman device and exists on the user and the official website. In the meantime, it monitors all the information, and then tampers with the user's data or performs the service. Because of the above scheme, the official website cannot ensure that the connected person is a real user or a middleman device.

In view of the above technical solutions, there are insurmountable problems. Therefore, find a secure online authentication mechanism. In particular, how to allow users to jump off existing connections and avoid phishing websites when users are connected to phishing websites. The opportunity to disguise as a real user, which in turn leads to subsequent injuries, has become an important issue for those skilled in the art.

In view of the shortcomings of the prior art, the object of the present invention is to provide an online authentication server and an online authentication method, which utilizes the authentication short code to enable the browser of the user terminal to be interrupted by the currently browsed page and open a new connection to browse. The page leads to the exclusive certification waiting page, thereby taking the risk of disconnecting the connected phishing website.

In order to achieve the foregoing and other objects, the present invention proposes an online recognition The method includes the following steps: the user transmits a service request to the service server through the browser of the user terminal; transmits an authentication request to the authentication server via the service server; and causes the authentication server to obtain the authentication request according to the authentication request The authentication device specified by the user, and transmitting the authentication short code to the user terminal, for the browser to reconnect to the webpage specified by the authentication server by the authentication short code, so that the user is required to use the authentication device The authentication device performs two-stage authentication; transmits a signature verification request to the authentication device via the authentication server, and after the authentication server receives the digital signature returned by the authentication device, checks the digital signature and ends the second phase Authentication; when the digital signature is correct, the authentication server sends a forwarding notification to the browser to redirect the browser to the service server again and request connection, or the digital signature is incorrect Interrupting the authentication process; and the service server confirms the result of the two-stage authentication to the authentication server upon receiving the request connection, thereby allowing the The proposed service's browser requests.

In an embodiment, the authenticating device returns the digital signature including the authenticating device directly transmitting the digital signature to the authentication server, or transferring the authentication signature to the authentication server.

In another embodiment, the authentication short code is transmitted to the user end to transmit the authentication short code to the authentication device, and the user inputs the authentication short code to the browser address list to re-create the browser. Connect, or send the authentication shortcode to the browser for the user to click on the authentication shortcode to reconnect the browser.

In yet another embodiment, the browser and the authentication device transmit using different channels.

In still another embodiment, before the user transmits the service request to the service server through the browser, the method further includes setting, by the authentication server, the authentication device for authentication or setting the browser to receive The push of the authentication server.

The invention further provides an online authentication server, which is configured to perform identity authentication of the user when the user makes a service request to the service server through the browser of the user end, and the online authentication server includes: a processing module, Receiving an authentication request from the service server to obtain an authentication device specified by the user from the pre-stored comparison table according to the authentication request; the short code generation module generates an authentication short code to transmit the authentication short code to the user Ending, the browser reconnects to the designated web interface by the authentication short code to request the user to perform the two-stage authentication using the authentication device; the dynamic password module performs the two-stage authentication, including transmitting the signature Verifying the request to the authentication device, and receiving the digital signature returned by the authentication device to check the digital signature; and notifying the module to transmit the forwarding notification to the browser to redirect the browser to the service server again And after the service server confirms the authentication result of the digital signature to the authentication server, the service requested by the browser is allowed. .

In summary, the online authentication server and the online authentication method of the present invention mainly transmit the authentication short code to the user to re-connect to the authentication interface in the authentication phase. In this case, the original phishing website is disconnected. And further implement the follow-up certification process, so even if the account password is stolen due to the connection to the phishing website, the mechanism is used to disconnect from the invisible intermediary device to avoid the invisible intermediary device in the unknown situation. carry out Certification leads to complete outflow of the entire information. In other words, the present invention can effectively disconnect or terminate the fraud process when the user accidentally connects to the phishing website, that is, re-connect to the authentication interface through the authentication short code, and the risk of possible fraud of the existing connection can be removed. The subsequent certification process can be continued, or in the authentication process, the invisible middleman device is perceived to be different, and the phishing method is terminated to end the authentication process.

5‧‧‧Authentication server

51‧‧‧Processing module

52‧‧‧ Shortcode generation module

53‧‧‧Dynamic crypto module

54‧‧‧Notification module

100‧‧‧ browser

200‧‧‧Service Server

300‧‧‧Authorized device

S41~S46‧‧‧Steps

S601~S603‧‧‧ Process

S701~S707, S704-1, S704-2, S706'‧‧‧ Process

S801~S807, S804-1, S804-2, S806'‧‧‧ flow

S901~S907, S904-1, S904-2, S901'‧‧‧ flow

S1001~S1007, S1001'‧‧‧ flow

1 is a timing diagram of possible defects in dynamic password authentication in the prior art; FIG. 2 is a timing diagram of dynamic password authentication in a heterogeneous channel in the prior art; and FIG. 3 is a dynamic password in a heterogeneous channel in the prior art. A timing diagram of possible defects for authentication; FIG. 4 is a step diagram of an online authentication method of the present invention; FIG. 5 is a schematic diagram of an architecture of an online authentication server of the present invention; and FIG. 6 is a first method of online authentication of the present invention. A flowchart of a pre-stage of the implementation aspect; FIG. 7 is a flowchart of an authentication phase of the first embodiment of the online authentication method of the present invention; and FIG. 8 is a certification of the second embodiment of the online authentication method of the present invention a flowchart of the stage; FIG. 9 is a timing diagram of the first embodiment of the present invention on the misconnected phishing website; and FIG. 10 is a second embodiment of the present invention under the misconnection phishing website. Timing diagram.

The embodiments of the present invention are described below by way of specific examples, and those skilled in the art can readily understand other features and functions of the present invention from the disclosure herein. The invention may also be embodied or applied by other different embodiments.

Referring to Figure 4, there is shown a step diagram of the online authentication method of the present invention. When the user sends a service request through the browser, the backend service server needs the authentication server to assist in confirming the identity of the user. In this case, in order to prevent the user from connecting to the phishing website and the phishing website becomes the invisible middle of the service server and the user end. Therefore, the present invention proposes that during the authentication process, the original link is interrupted, and a new link is generated, so that subsequent damage can be effectively avoided. The online authentication method of the present invention includes the following steps.

In step S41, the user transmits a service request to the service server through the browser of the user end. In detail, this step is a process in which a user sends a service request through a browser of his electronic device to a service server of the service provider, such as a bank website.

In step S42, an authentication request is transmitted to the authentication server via the service server. In this step, the service server of the service provider cannot ensure whether the user is a legitimate user, so the requesting authentication service provider requests assistance to confirm whether the user is legal. At this time, the authentication request is transmitted to the authentication service provider. The server, this authentication request will contain the information entered by the user in the service request, such as account number, phone number, identity, and so on.

In step S43, the authentication server is configured to obtain the authentication device specified by the user according to the authentication request, and send the authentication short code to the user end, and the browser is reconnected to the browser by the authentication short code to The authentication server specifies a web interface to require the user to perform the two-stage authentication using the authentication device. In detail, the authentication server stores user-related data, such as a comparison table, which records the identity of the user and its corresponding authentication device, such as a mobile phone. The reference table may record the name of the person named Wang Xiaoming, which is used to authenticate the mobile phone number as 0912345678. Therefore, the authentication server can obtain the authentication device specified by the user according to the content of the authentication request.

Then, the authentication server generates an authentication short code to transmit the authentication short code to the user end, and the user can input the authentication short code into the address bar of the browser to reconnect the browser to the web interface specified by the authentication server. This web interface guides the user to perform two-stage authentication using their authentication device.

In an embodiment, the authentication short code is transmitted to the user end to be an authentication device for transmitting the authentication short code to the user. After the user obtains the authentication short code by the authentication device, the authentication short code may be input to the browser. The URL is listed to reconnect the browser.

In another embodiment, the transmission authentication short code to the user end may also be a browser for transmitting the authentication short code to the user's electronic device, for example, by pushing the user, the user may directly click the authentication short code to make the browser Reconnect.

In step S44, the signature verification request is transmitted to the authentication device via the authentication server, and after the authentication server receives the digital signature returned by the authentication device, after checking the digital signature, the second-stage authentication is terminated. . In this step, when performing the two-stage authentication, the authentication server sends a signature. To verify the request to the user's authentication device, if the user confirms that the authentication is related to it, the user may return a digital signature after receiving the signature verification request, if the authentication server checks that the digital signature is correct, After completing the second-stage certification, it is easy to say that the user has been authenticated.

In an embodiment, the authentication device returns the digital signature to directly return the digital signature to the authentication server for the authentication device. In another embodiment, the return digital signature can also be forwarded to the authentication server via the service server.

In order to ensure that the packets in the transmission channel are intercepted, in the present invention, the browser and the authentication device use different channels for transmission. For example, the browser may be transmitted through a general network packet, and the authentication device may be a mobile phone. By using the SMS to perform data transmission, the data thief will not be able to extract all the information in the heterogeneous channel. For example, the browser packet transmission can be in the first channel, and the authentication device data transmission can be in the second channel.

In step S45, when the digital signature is correct, the authentication server sends a forwarding notification to the browser to redirect the browser to the service server and request connection, or the digital signature. When the chapter is incorrect, the authentication process is interrupted. This step indicates that when the digital signature is correct, that is, the user is a legitimate user, the authentication server sends a forwarding notification to the user's browser, that is, the user's browser is sent to the authentication server. Issue a connection request.

On the other hand, if the digital signature is incorrect after checking by the authentication server, the authentication process is interrupted, and the second-stage authentication is terminated. That is, the authentication server considers that the user is not a legitimate user, so the subsequent service server will Receive the message that the user is not legal.

In step S46, the service server confirms the result of the two-stage authentication to the authentication server upon receiving the request connection, thereby allowing the service request submitted by the browser. In this step, the service server confirms the authentication result of the user to the authentication server again, and allows the browser to connect and execute the service request made by the authentication server after the completion of the two-stage authentication.

In addition, in the online authentication method, before the user sends a service request through the browser, the user may further set the authentication device for authentication in the authentication server via the browser, or set the browser to receive the authentication server. The push of the device. This is the pre-setting of the entire online authentication method. If the above settings are not available, the two-stage authentication cannot be performed.

Through the above steps, the certification process is suspended and the subsequent entry of the certification is transmitted in the trusted second channel, and combined with the authentication mechanism of the digital signature of the authentication device, the user can be effectively solved by the misconnection of the phishing website. The risk of authentication information being stolen, and the opportunity for middleman eavesdropping and tampering can be ruled out, greatly improving the security of user authentication and follow-up services.

Please refer to FIG. 5, which is a schematic diagram showing the architecture of the online authentication server of the present invention. As shown in the figure, the online authentication server 5 performs the identity authentication of the user when the user makes a service request to the service server 200 through the browser 100. The online authentication server 5 includes: a processing module 51, and a simple The code generation module 52, the dynamic password module 53, and the notification module 54.

The processing module 51 receives the authentication request from the service server 200 to obtain the authentication device 300 designated by the user from the pre-stored comparison table according to the authentication request. The service server 200 can be provided, for example, on a bank website or service. The website, through which the user sends a service request to the service server 200 of the service provider through the browser 100 of the electronic device, requires the connection to log in and execute the service.

In addition, the online authentication server 5 stores user-related data, such as a comparison table, and describes the relationship between the user and the authentication device. In addition, the browser and the authentication device use different channels for transmission.

The short code generation module 52 generates an authentication short code to transmit the authentication short code to the user end, so that the browser 100 reconnects to the specified webpage interface by the authentication short code, so that the user is required to perform the verification using the authentication apparatus 300. Two-stage certification. The authentication short code can be re-wired to the web interface specified by the online authentication server 5, which can interrupt the original connection. For those who have been authenticated by the phishing website, they can help them to be invisible in the phishing website. In the case of a follow-up procedure, the specified web interface informs the user that the second-stage certification will be performed.

There are two methods for authenticating the shortcode to the user. The first method is to transmit the authentication shortcode to the user's authentication device, so that the user can input the authentication shortcode to the browser's address bar to reconnect the browser. In addition, the second method is to transmit the authentication short code to the browser, for example, by pushing the video, so that the user can click the authentication short code to reconnect the browser.

As can be seen from the above, the short code generation module 52 pre-sets that the authentication short code is received by the authentication device 300 or received by the browser 100 through the push mode before the service server 200 makes a service request.

The dynamic cryptographic module 53 performs two-stage authentication, including transmitting a signature verification request to the authentication device 300, and receiving the return of the authentication device 300. A digital signature to check the digital signature. When performing the two-stage authentication, the dynamic password module 53 sends a signature verification request to the user's authentication device 300. If the user confirms that the authentication is correct, a digital signature can be returned, provided that the online authentication server 5 After checking that the digital signature is correct, the second-stage certification is completed. In other words, the user has passed the authentication, and vice versa, the authentication process is interrupted.

There are two ways for the authentication device 300 to return the digital signature. The first one is that the authentication device 300 directly returns the digital signature to the online authentication server 5, and the other is that the digital signature is returned and the service servo is also available. The device 200 is then transferred to the online authentication server 5.

The notification module 54 transmits the forwarding notification to the browser 100 to redirect the browser 100 to the service server 200 again, wherein the service server 200 allows the online authentication server 5 to confirm the authentication result of the digital signature. The service request made by the browser 100. When the digital signature is correct, the notification module 54 sends the forwarding notification to the user's browser 100, that is, the user's browser 100 sends a connection request to the service server 200. At this time, the service server 200 The authentication result of the user is confirmed again to the online authentication server 5, and the online authentication server 5 responds to the completion of the two-stage authentication, allowing the browser 100 to connect and execute its requested service request.

It can be seen from the above that the present invention proposes to use the method of authenticating the short code, so that the authentication process can be suspended and the subsequent entry of the authentication can be transmitted in the trusted second channel, and the authentication mechanism of the digital signature will effectively solve the user's misconnection. The risk of pirating authentication information caused by phishing websites and the opportunity to exclude middlemen from eavesdropping and tampering.

In order to further illustrate the online authentication method for the phishing process and the middleman eavesdropping proposed by the present invention, the following will be explained through the flow chart and the timing chart in conjunction with the actual operation. The method includes a user browser (B1), a second channel mobile device (M1), an authentication demand application server (R1), and an authentication service provider application server (P1), and the online authentication method includes the former In the operation phase and the certification process phase, the different aspects and the processing flow of each phase will be detailed below.

Please refer to FIG. 6, which is a flow chart showing the pre-stage of the first embodiment of the online authentication method of the present invention.

In the process S601, before the user performs the authentication, the user must first use the browser (B1) to connect to the authentication service provider application server (P1) to register a unique user account that can be identified.

In the process S602, the authentication service provider application server (P1) binds/initializes at least one set of second channel mobile devices (M1), wherein the second channel mobile device (M1) needs to comply with the authentication service provider. Authentication, and can store at least one set of private keys, which can be used for electronic signatures in the future. The second channel mobile device (M1) also needs to have communication capability to receive or send a message, such as a mobile phone.

In the process S603, the user needs to use the browser (B1) to pre-wire to the authentication demand application server (R1), and transfer to the authentication service provider application server via the authentication demand application server (R1). (P1), select at least one set of second-channel mobile devices (M1) that are suitable for verification in the future.

Through the above process, the pre-setting of the online authentication method can be completed, and the settings are for the subsequent authentication, and the user can be quickly identified. The authentication device, here the authentication device, is the second channel mobile device (M1).

Referring to FIG. 7, a flowchart of the authentication phase of the first embodiment of the online authentication method of the present invention is illustrated, that is, after passing through the foregoing pre-settings and the like, the user can then submit the authentication.

In the process S701, the user connects to the authentication request application servo (R1) using the browser (B1) to perform privileged operations, such as login, transfer, and the like.

In the process S702, after the authentication request end application server (R1) receives the request, the authentication service provider application server (P1) submits a user authentication request.

In the process S703, after the authentication service provider application server (P1) receives the authentication request, it determines the authentication device pre-bound by the user according to the parameter passed in, and generates a specific time for the current authentication. A unique authentication short code (hereinafter referred to as a short code), and the short code is transmitted to the second channel mobile device (M1) pre-bound by the user.

In the process S704, the user reads the short code received by the second channel mobile device (M1), and inputs the short code into the address bar of the browser (B1). This action will cause the browser (B1) to leave the original access. The page is wired to the web interface specified by the authentication service provider application server (P1). In addition, the designated web page prompts the user to use the second channel mobile device (M1) for two-stage verification, and starts to enter the countdown wait, waiting for the user to perform the next action. As shown in the flow of S704-1.

In the process S705, after the authentication service provider application server (P1) receives the request of the previous process, it sends the signature verification request to the second channel mobile device pre-bound by the user according to the information of the authentication phase. (M1), And prompting the user on the second channel mobile device (M1) whether to agree to the signature verification.

In the process S706, after the user views the message presented on the second channel mobile device (M1), if the user agrees to release the authentication, the user provides the authentication using the function provided on the second channel mobile device (M1). Challenge the signing of the information and return the digital signature to the authentication service provider application server (P1).

Alternatively, the digital signature may be transferred back to the authentication service provider application server (P1) via the authentication demand application server (R1), as shown in flow S706' in the figure. Of course, the process S706 and the process S706' can be selected.

Then, as shown in the process S704-2, the authentication service provider application server (P1) checks whether the signature is correct after receiving the signature of the authentication return. If it is correct, stop the waiting loop of S704-1, and send the forwarding notification to the user browser (B1), and forward the page to the authentication request application server (R1). Otherwise, if the signature is incorrect. , the authentication process is interrupted.

In the process S707, after the authentication request end application server (R1) receives the request of S704-2 sent by the user browser (B1), it then repeats the confirmation to the authentication service provider application server (P1). Whether the user has passed the certification. If it is correct, the access of S704-2 is allowed, and if it is wrong, the user is refused to connect.

It can be seen from the above that the authentication short code can be used to terminate the authentication process and pass the subsequent entry of the authentication in the trusted second channel. The authentication mechanism of the digital signature will effectively solve the authentication caused by the user misconnecting the phishing website. The risk of information theft and the opportunity to exclude middlemen from eavesdropping and tampering.

Please refer to FIG. 8 , which is a flow chart showing the authentication phase of the second embodiment of the online authentication method of the present invention. It should be noted that in this embodiment, before performing online authentication, the pre-setting is also completed, which is similar to the process described in FIG. 6, and is also for quickly identifying the authentication device corresponding to the user for subsequent authentication. (ie, the second channel mobile device (M1)), so it will not be described again. Next, the following directly explains the authentication process after the user makes the request.

In the process S801, the user uses the browser (B1) to connect to the authentication request application servo (R1) for privileged operations, such as login, transfer, and the like.

In the process S802, after the authentication request end application server (R1) receives the request, the authentication service provider application server (P1) submits a user authentication request.

In the process S803, after the authentication service provider application server (P1) receives the authentication request, it determines the authentication device pre-bound by the user according to the incoming parameter, and generates a specific time for the current authentication. The unique authentication short code (hereinafter referred to as short code), and the short code is transmitted to the user-preferred user browser (B1) by using push technology or related similar technology.

In the process S804, after the user browser (B1) receives the short code of the push, the user can click the link in the short code, and the action will cause the browser (B1) to leave the original visited page and connect. Go to the web interface specified by the authentication service provider application server (P1). In addition, the designated webpage prompts the user to use the second channel mobile device (M1) for two-stage verification, and starts to enter the countdown wait, waiting for the user to perform the next action, as shown in step S804-1.

In the process S805, the authentication service provider application server (P1) receives the solution. After the request of the previous process, the signature verification request is sent to the second channel mobile device (M1) pre-bound by the user according to the information of the authentication phase, and the second channel mobile device (M1) is prompted to use. Whether the person agrees to carry out the signature verification.

In the process S806, after the user views the message presented on the second channel mobile device (M1), if the user agrees to release the authentication, the user provides the authentication using the function provided on the second channel mobile device (M1). Challenge the signing of the information and return the digital signature to the authentication service provider application server (P1).

In addition, the digital signature can also be transferred back to the authentication service provider application server (P1) via the authentication demand application server (R1), as shown in the process S806', where the process S806 and the process S806 'You can choose one.

Then, as shown in the process S804-2, the authentication service provider application server (P1) checks whether the signature is correct after receiving the signature of the authentication return. If it is correct, stop the waiting loop of S804-1, and send the forwarding notification to the user browser (B1), and forward the page to the authentication request application server (R1). Otherwise, if the signature is incorrect. , interrupt the certification process.

In the process S807, after receiving the request of S804-2 sent by the user-side browser (B1), the authentication request-side application server (R1) then repeatedly confirms the use to the authentication service provider application server (P1). Whether the user has passed the authentication, if it is correct, the access of S804-2 is allowed, and if it is wrong, the user is refused to connect.

The above describes how the user authenticates when the user requests the service, and then the online authentication proposed by the present invention when the user accidentally connects to the phishing website. The flow of the method. Specifically, FIG. 9 and FIG. 10 can be respectively matched with FIG. 7 and FIG. 8 respectively, and the biggest difference lies in the flow S701 of FIG. 7 and the flow S801 of FIG. 8, that is, the browser of the user side (B1) is connected. When the line authentication demand side application server (R1) is intercepted by the imitation client simulation program of the phishing website and simulated as a real user, the phishing website will become an invisible middleman device, and if the user does not know, it may still The phishing website is certified to allow the phishing website to connect to the authentication demand application server (R1) instead of the real user to perform services such as transferring funds or tampering with the password.

Therefore, the process S701 of FIG. 7 can be regarded as S901 and S901' in FIG. 9 because the middle is intercepted by the phishing website, that is, the user-side browser (B1) transmits the login request S901 to the phishing website (the phishing website has been mistakenly connected) And the phishing website tampers with part of the content and goes to the authentication demand side application server (R1) to issue a login request S901'. Similarly, the process S801 of FIG. 8 can be regarded as S1001 and S1001' in FIG. 10, because the middle is also intercepted by the phishing website, that is, the user-side browser (B1) transmits the login request S1001 to the phishing website (the phishing website has been mistakenly connected) And the phishing website tampers with part of the content and goes to the authentication demand side application server (R1) to issue a login request S1001'.

As shown in Fig. 9, a timing chart of the first embodiment of the present invention under the misconnection phishing website is described. At the beginning of the process, the phishing website sends fraudulent letters, newsletters or social communication software to trick users into clicking fake links, which in turn allows users to accidentally connect to the highly simulated fake bank official website (ie phishing website) and prompt The message induces the user to log in for subsequent operations. At this time, the user failed to detect this as a phishing scam website, and sent a login request to the phishing client-specified client emulation program, as shown in the figure. In the process S901.

Through the mechanism of the present invention, the user should have understood that in any authentication step, it is not necessary to fill in key confidential authentication information, such as a password, but only need to provide simple and open identification information, such as a bank account number. Not only that, after entering the simple and open identification information, the initial certification process should be completed, and only the simple prompt information such as “You have submitted the authentication request” will be displayed on the webpage. At this time, the webpage is invalid. Normally, it is not. The user will be asked to continue any steps on the web page. If the phishing website wants to steal more information or induce users to follow up on the page, the user will detect the abnormality and then understand the intention of fraud. Therefore, even if this process is completed, the phishing website can only steal public information that is irrelevant.

In the process S901', the phishing website tampers with part of the content upon receiving the request, and pretends that it is the real user to the authentication request end application server (R1)/bank, and forwards the login request.

In the process S902, after the authentication request application server (R1) receives the authentication request, the authentication request is forwarded to the authentication service provider application server (P1) for the subsequent authentication process.

In the process S903, after receiving the authentication request, the authentication service provider application server (P1) determines the authentication device pre-bound by the user according to the incoming parameter, and generates a specific time for the current authentication. It is a unique shortcode and is transmitted to the second channel mobile device (M1) that the user pre-binds.

In the process S904, after the user obtains the authentication short code from the second channel mobile device (M1), the short code is input to the URL of the user browser (B1). Column and press to execute, the input mode can be keyboard input or use, for example, Bluetooth, NFC, etc., which will cause the user browser (B1) to browse the page currently interrupted (for example, when the current page is not blank), and open The new connection will browse the page to the exclusive authentication waiting page specified by the authentication service provider application server (P1) (this page is exclusive to the user within a single aging), as shown in the flow S904-1 in the figure, and if If necessary, you can also check whether the "check key" that can be read by the application server (P1) of the authentication service provider is buried in the browser during the registration service phase. If it does not match, the authentication process is interrupted.

During the waiting process of the process S904-1, the user-side browser (B1) will prompt the user to perform the authentication release on the second channel mobile device (M1), and the screen will continue to count down until the user is approved before releasing. The verification process is terminated by release verification or by the end of the countdown.

During the waiting process of the process S904-1 by the client browser (B1), the authentication service provider application server (P1) sends the signature request of the authentication to the second channel mobile device (M1), such as Flow S905 in the figure. After the second channel mobile device (M1) prompts the user, it is determined whether the release of the authentication is performed. If you agree to release the certification, use the function provided on the second channel mobile device (M1) to sign the certification challenge information and return the digital signature to the authentication service provider application server ( P1), as shown in the flow S906 in the figure.

After receiving the signature of this authentication return, the authentication service provider application server (P1) checks whether the signature is correct. If it is correct, stop the waiting loop of process S904-1, and send the forwarding notification to the user browser. (B1), the page is forwarded to the authentication demand side application server (R1)/bank, as shown in the flow S904-2. If the signature is incorrect, the certification process is interrupted.

After the authentication request end application server (R1)/bank receives the request of the process S904-2 sent by the user browser (B1), it then repeats to the authentication service provider application server (P1) to confirm whether the user is The user has passed the authentication, as shown in the process S907 in the figure. If it is correct, the access of the process S904-2 is allowed, and the authentication has been set, and the user has correctly completed the authentication. Otherwise, if the error occurs, the user is denied the connection.

In particular, the authentication short code transmitted in the process S903 will be transmitted to the second channel mobile device (M1) on a trusted channel or by means of encryption, unless the trusted second channel mobile device (M1) It is also held or cracked by a malicious person. Otherwise, except for the real user, when no one knows the authentication short code, in other words, the malicious person cannot easily know the action of the process S904.

Regressively, if a malicious person violently cracks or guesses a shortcode, through proper protection of the design, such as the aforementioned check buried in the browser, only the "check key" readable by the authentication service provider application server (P1) is The matching mechanism cannot be checked by the process in S904-1. In addition, since the process S904 is initiated by the user to initiate another phase of connection, that is, "self-connection" to the authentication service provider application server (P1), the connection phase can be encrypted using SSL or a similar encryption mechanism, so According to the method of the present invention, since the user is no longer connected to the phishing website, even if the phishing website is previously misconnected, the phishing scam process has been detached, and even the malicious person uses the network. The mechanism of eavesdropping, because it has been connected to the correct network The station and the connection are properly encrypted, so only the encrypted message can be hacked.

As shown in Fig. 10, a timing chart of the second embodiment of the present invention under the misconnection phishing website will be described. It should be noted that the second embodiment is similar to the majority of the steps in the first embodiment. The biggest difference between the two is that the authentication short code is obtained. The first embodiment (Fig. 9) transmits the short code to the second channel. The mobile device (M1), and the second embodiment (Fig. 10) pushes the short code to the user-side browser (B1), and then redirects the user-side browser (B1) through input or click. To the correct server, that is, the authentication service provider application server (P1), it can jump off the original connection, avoiding the risk of continuing on the phishing website. Therefore, the process of Figure 10 will not be detailed one by one.

In summary, the present invention provides an online authentication method and an online authentication server. Through the mechanism of the present invention, even if a user accidentally connects to a phishing website, the original authentication process does not require any password information to be input in the present invention. And the process will be interrupted, and people who are interested will not be able to steal any confidential information. Furthermore, since the authentication portal in the present invention is notified by the authentication service server through the pre-registered trusted second channel, and thereby re-initiating the authentication process, the original phishing website can be effectively interrupted/ridden, and Redirect the correct and authentic authentication portal to complete the original certification task. Therefore, the present invention can effectively solve the problem that the authentication information is side-recorded in the conventional authentication technology, or the privileged operation is performed after the identity is stolen or the user is falsified due to being mistakenly entered into the phishing website.

The above-described embodiments are merely illustrative of the principles of the invention and its effects, and are not intended to limit the invention. Anyone skilled in the art can modify and modify the above embodiments without departing from the spirit and scope of the present invention. change. Therefore, the scope of protection of the present invention should be as set forth in the scope of the claims described below.

S41~S46‧‧‧Steps

Claims (10)

An online authentication method includes the steps of: transmitting, by a user, a service request to a service server through a browser of a user terminal; transmitting an authentication request to the authentication server via the service server; and causing the authentication server to perform the authentication request according to the authentication request Acquiring the authentication device specified by the user, and transmitting the authentication short code to the user terminal, and the browser is reconnected to the webpage specified by the authentication server by the authentication short code to request the user Performing two-stage authentication using the authentication device; transmitting a signature verification request to the authentication device via the authentication server, and after the authentication server receives the digital signature returned by the authentication device, checking the digital signature and ending the Two-stage authentication; when the digital signature is correct, the authentication server sends a forwarding notification to the browser to redirect the browser to the service server and request connection, or the digital signature is If it is incorrect, the authentication process is interrupted; and the service server confirms the result of the two-stage authentication to the authentication server upon receiving the request connection. The service allows the submission of the browser request. The online authentication method of claim 1, wherein the authenticating device returns the digital signature, including the authenticating device directly transmitting the digital signature to the authentication server, or via the service server. Transfer to the authentication server. The online authentication method of claim 1, wherein the authentication short code is transmitted to the user end to transmit the authentication short code to the authentication device, and the user inputs the authentication short code to the browser The URL is listed to reconnect the browser. The online authentication method of claim 1, wherein the authentication short code is transmitted to the user end to transmit the authentication short code to the browser, so that the user clicks the authentication short code to make the The browser is reconnected. The online authentication method of claim 1, wherein the browser and the authentication device use different channels for transmission. The online authentication method of claim 1, wherein before the user transmits the service request to the service server through the browser, the authentication server further includes the authentication for the authentication. The device or setting the browser can receive the push of the authentication server. An online authentication server is configured to perform identity authentication of a user when a user requests a service from a browser of a user end, and the online authentication server includes: a processing module, which is received from a service server. The authentication request of the device is to obtain the authentication device specified by the user from the pre-stored comparison table according to the authentication request; the short code generation module generates an authentication short code to transmit the authentication short code to the user end, so that the authentication request The browser reconnects to the designated web interface by the authentication short code to request the user to perform the two-stage authentication using the authentication device; The dynamic cryptographic module performs two-stage authentication, including transmitting a signature verification request to the authentication device, and receiving a digital signature returned by the authentication device to check the digital signature; and notifying the module to transmit the forwarding notification To the browser to redirect the browser to the service server again, wherein after the service server confirms the authentication result of the digital signature to the authentication server, the service request submitted by the browser is allowed. The online authentication server of claim 7, wherein the authenticating device returns the digital signature, including the authenticating device directly transmitting the digital signature to the authentication server, or via the service server. The device is transferred to the authentication server. The online authentication server according to claim 7, wherein the authentication short code is transmitted to the user end to transmit the authentication short code to the authentication device, so that the user inputs the authentication short code to the The browser's address bar reconnects the browser or transmits the authentication shortcode to the browser for the user to click on the authentication shortcode to reconnect the browser. The online authentication server according to claim 7, wherein the short code generation module further presets that the authentication short code is received by the authentication device or is pushed through the service server before the service server makes the service request. The mode is received by the browser.