Movatterモバイル変換

[0]ホーム
URL:

CN1691026A - Electronic identification system having anti-theft and security functions - Google Patents

Electronic identification system having anti-theft and security functionsDownload PDF

Info

Publication number
CN1691026A
CN1691026ACN 200410034120CN200410034120ACN1691026ACN 1691026 ACN1691026 ACN 1691026ACN 200410034120CN200410034120CN 200410034120CN 200410034120 ACN200410034120 ACN 200410034120ACN 1691026 ACN1691026 ACN 1691026A
Authority
CN
China
Prior art keywords
certificate
transaction
holder
credit
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN 200410034120
Other languages
Chinese (zh)
Inventor
姚崇宇
李继泽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by IndividualfiledCriticalIndividual
Priority to CN 200410034120priorityCriticalpatent/CN1691026A/en
Publication of CN1691026ApublicationCriticalpatent/CN1691026A/en
Pendinglegal-statusCriticalCurrent

Links

Images

Landscapes

Abstract

The present invention relates to e-identification system with theft protection and safety protection, which is newest safe clear text exchange flow with two stage identification (comprised accrediting credence accept stage and identification stage) and material matching. It begins that, credence holder, such as consumer, exchanges with predetermined acceptance objective, such as shop; lead the credence material by exchange platform of identification center to belonged accrediting department, such as bank, and take first identification; meantime, the center produces real-time golden accredit cipher and sends it to true accrediting people and his/her belonged accrediting department, such as bank; true accrediting people will receive golden accredit cipher, next, input and return by exchange platform the second stage identification compared identity by computer from belonged accrediting department, such as bank; thereby, it comes to the theft protection and safety protection for e-identification exchange.

Description

Electronic authentication system with anti-theft security
Technical Field
The present invention relates to electronic transaction systems, and more particularly, to an electronic authentication system with anti-theft security, which can greatly improve the security and the serviceability of transaction contents.
Background
The currently known regional signature card system, which was issued by four banks in the united states since decades ago, related to credit card transaction mechanism, is not suitable for global use in the explosive age of information technology. In recent years, the security problem of credit cards is endless, and especially in the part of electronic commerce, the security cannot be widely promoted, and in recent years, after the internet is prevalent and the international telecommunication is free, the concept of electronic commerce is promoted to the highest point.
Each family has a set of solutions for logistics, cash flow and information flow in electronic commerce, but a simple, easy-to-use and safe scheme cannot be provided for the security authentication part of cash flow all the time. The first-stage shopping mode used by the concept of the old signature card causes the problems of illegal card swiping, stealing collar, loss born by shops or card issuers, incapability of safely shopping at any place by cardholders, safe remote transaction on the internet, incapability of safely transacting actions, and the like, and most of the errors are caused by errors in the card swiping process, and the reasons for the errors are in the international card issuing organization: the formulator of international credit card swiping procedures, however, let the errors be borne by the consumer and the store.
Two major financial accounting systems in the world today: one is financial system and the other is telecommunication system; in the current e-commerce environment, logistics and information flow are generally mature, but in the money flow section, most resources are still held in the banking system. Therefore, in recent years, most of the cash flow solutions that want to replace banks cannot be realized, and the main reason is that a single company cannot replace the financial system of banks.
Most cash flow solutions utilize "transmission encryption" or "website ethics" on the internet as a guarantee for the security of the customer's transaction.
In view of the above, the present inventors have continuously studied on various bottlenecks and defects of the financial electronic transaction system of the current stage shopping method to improve the security, the universality and the broader service of the electronic transaction mechanism, and finally have generated the present invention with high utility value.
Disclosure of Invention
The invention aims to provide an electronic authentication system with anti-theft security, which adopts a two-stage process to authenticate the certificate holder as the true certificate, the transaction can be completed independently only by the true certificate in the system without being limited to a cash flow transaction mechanism, and the wider and safe application of a remote transaction system is realized.
Another objective of the present invention is to provide an electronic authentication system with anti-theft security, which is located in the throat of the world cash flow when executing the financial transaction mechanism, and is connected in series by the middle bank end in a long distance during the transnational transit, so as to quickly become another international card-engaging organization.
Another objective of the present invention is to provide an electronic authentication system with anti-theft security, which is applied in financial transaction mechanism, focuses on the best effort and the requirement of each system in bank, telecommunication and system, and uses cooperation integration as the main operation mode, so as to not only not lose the existing benefits, but also create new profitable goods.
The invention provides an electronic authentication system with anti-theft security, which is composed of a certificate holder (such as a consumer), a certificate receiving object (such as a shop), an independent authentication center and a credit authority (such as a bank) to which the real person of the certificate holder belongs; wherein,
the real person of the certificate holder 1 agrees at least one group of password parameters with the credit authorization unit or the authentication center to which the real person belongs in advance;
the authentication center also provides a trading platform for internet transmission, the trading platform is provided with an acquiring terminal machine interface which is automatically led into the credit granting unit to which the certificate holder belongs so as to provide direct lead-in of the trading content of the certificate holder and ensure that the client data of the credit granting unit to which the certificate belongs does not flow out;
the authentication center needs to establish an electronic database with a protection device so as to provide three-party contact service for a certificate holder, a certificate receiving object and a credit granting unit to which the real person of the certificate holder belongs, the database is also provided with a system program for processing independent operation by a computer, a group of unique certificate authorization passwords are generated by real-time random number compilation of the program and are synchronously transmitted to the real person of the certificate holder and the credit granting unit to which the real person belongs so as to match predetermined transactions;
the real person of the certificate holder and the certificate receiving object are respectively provided with a communication device for transmitting and receiving messages, and the communication device can be connected with the authentication center to transmit transaction data through the Internet (or wired and wireless routes);
the system is characterized in that a certificate holder performs a predetermined transaction initiation to a certificate accepting object, and the transaction data is automatically guided to be transmitted to the affiliated credit granting unit through a transaction platform of an authentication center for a first stage confirmation;
meanwhile, the authentication center generates a group of unique cash authorization passwords in real time and synchronously transmits the unique cash authorization passwords to the real person of the certificate holder and the credit authorization unit belonging to the certificate holder;
the certificate holder receives the money certificate authorization code from the authentication center and then forms a complete authorization authentication code together with the held and agreed code parameters by oneself, and the complete authorization authentication code is input and transmitted back to a matching computer of the belonged credit granting unit through the transaction platform to carry out second-stage confirmation of identity comparison, when the second-stage authentication is completed, the credit granting unit can confirm and complete the transaction content in an agreed manner, and therefore the anti-theft and security-guaranteed electronic security authentication transaction is achieved.
The main theories of the electronic authentication system with anti-theft security of the invention are as follows: the idea of authenticating the certificate holder as the real certificate is that when the transaction mechanism of the cash flow credit card is implemented, the existing ecology of card swiping can be completely changed due to the derivation of the brand-new safe clear code transaction concept of two-stage payment and data matching, so that the card issuing business can grow, and the order receiving business can be simpler and more convenient.
The electronic authentication system with anti-theft security of the invention has the following characteristics:
1. the development cost is low, the existing system is not required to be changed, and the system is not required to be rebuilt.
2. It can replace the complete and partial functions for the auxiliary tool of financial bank service.
3. Integrates the telecommunication, financial and internet systems, and results in three-win.
4. Can realize unlimited COPY to the whole world and can be connected across countries.
5. Security is the highest among today's gold flow authentication schemes.
6. For users, the system is convenient to use and does not need to learn.
7. It can be used in general shops, commercial websites and vending machines.
8. Can replace most of the online service functions of the bank.
9. The user has remote on-line safe operation capability.
Drawings
Fig. 1 is a schematic block diagram of an electronic authentication system with anti-theft security according to the present invention.
FIG. 2 is an operational illustration of the transaction platform automated guided operations of the present invention.
FIG. 3 is a diagram illustrating the operation of the combination of the present invention.
FIG. 4 is a diagram illustrating operation of the credit bank acquiring system according to the present invention.
FIG. 5 is a flowchart of the multi-function cryptographic combination operating system of the present invention.
FIG. 6 is a flow chart illustrating the remote mail order operation and return processing according to the present invention.
Reference symbols of the drawings
Certificate holder 1 communication device 1A certificate receiving object 2
Communication device 2A authentication center 3 trust unit 4
Acquiring system 4A transaction platform 5 leading web page 5A
Electronic database 6 golden certificate authorization password 6A functional password 6B
Logistics Co 7
Detailed Description
To provide a more complete understanding of the objects, features and functional advantages of the present invention, reference is now made to the following description of the preferred embodiments taken in conjunction with the accompanying drawings, in which:
the invention relates to an electronic transaction system with anti-theft security, which has the following main theories: the system is a brand-new safe clear code transaction process with two-stage verification (including a credit certificate receipt stage and an authentication stage) and data matching, and is more widely applicable to various remote or on-site transactions (including various cash flow payment transaction forms or transaction forms such as goods, information messages, documents … … and the like which are not cash flow payment). When the method is used in a transaction form of cash flow payment, credit cards, cash cards, debit cards, deposit accounts, virtual accounts and the like can be used in a range without reestablishing a user group.
To facilitate a thorough understanding of the present system, the following embodiments are described in detail with respect to a credit card swiping mechanism in the form of cash flow payment transactions.
Please refer to fig. 1, the electronic authentication system with anti-theft security of the present invention is mainly composed of a certificate holder 1 (such as a consumer), a certificate accepting object 2 (such as a shop), an independent authentication center 3 and a crediting unit 4 (such as a bank) to which the real person of the certificate holder belongs, wherein,
the real person of the certificate holder 1 needs to agree with the credit authority 4 or the authentication center 3 in advance with at least one group of password parameters;
the authentication center 3 must provide a transaction platform 5 for transmitting data or analog signals (Internet, PSTN …), the transaction platform 5 needs to be equipped with an acquiring system 4A terminal network interface automatically leading into the credit bank 4 to which the consumer 1 (payer) belongs, so as to provide direct leading-in of the transaction information of the certificate holder 1 (such as consumer), so as to ensure that the client data of the credit unit 4 (such as bank) to which the real person of the certificate holder 1 belongs does not flow out;
the authentication center 3 needs to build an electronic database 6 with a protection device to provide three-party contact services between the real person of the certificate holder 1 (such as a consumer) and the certificate receiving object 2 (such as a shop) and the credit authority 4 (such as a bank) to which the real person of the certificate holder 1 belongs; the database 6 is provided with a system program for processing independent operation by a computer, generates a group of unique certificate of receipt authorization passwords 6A by real-time random number compilation of the program, and synchronously transmits the unique certificate of receipt authorization passwords to two aspects of a certificate holder 1 (such as a consumer) real person and a credit authorization unit 4 (such as a bank) belonging to the certificate holder so as to match predetermined transactions; the length of the certificate authority code 6A is not limited, and 8 to 16 bits are preferable.
The certificate holder 1 (such as consumer) real person and the certificate receiving object 2 (such as shop) need to be equipped with at least one communication device 1A (2A) for receiving and transmitting digital or analog signal, the communication device 1A (2A) can transmit transaction data with the authentication center 3 through digital or analog network; the communication device 1A (2A) may be a PDA (wireless or wired environment), a mobile phone (wireless or wired environment), a computer (wireless or wired environment), or any device capable of transmitting data or analog signals;
the present system operation is initiated by a credential holder 1 (e.g., consumer) consuming to a credential recipient object 2 (e.g., store), such as: suppose that a certificate holder 1 (e.g., a consumer) 1 holds a credit card of a Dorkang Bank and wants to purchase a computer (amount 25000 RMB) from a certificate acceptance object 2 (e.g., a shop):
as shown in fig. 2, the certificate holder 1 (e.g. consumer) is connected to the front guiding web page 5A of the transaction platform 5 provided by the present invention through the internet network at the communication device 2A (computer terminal) of the certificate receiving object 2 (e.g. shop), after the cardholder inputs the amount of the transaction item as one part of the computer (amount is 25000 yuan) and the credit card number, the system judges the card number as the tagbank (C Bank) through the system of the transaction platform 5, the system detects the card number through the system of the transaction platform 5 in the information authorized by the certificate holder 1, and judges the authorization unit 4 of the certificate (credit card) and then the front guiding web page 5A automatically guides the receiving system 4A of the individual website of the authorization banner Bank (C Bank) to which the card belongs to perform the first stage confirmation (whether the credit card is valid and the amount and the transaction amount confirmation);
then, the original leading web page 5A of the communication device 2A of the certificate receiving object 2 (such as a shop) is immediately and automatically switched to the web page of the receipt system 4A of the above-mentioned national treasury Bank (C Bank), as shown in fig. 3, the receipt system 4A web page of the credit authority 4(C Bank) to which the certificate belongs will have a request for inputting "please input the authentication code", so as to continue the second stage of confirmation operation;
as mentioned above, at the same time, the authentication center 3 generates a set of unique certificate authority password 6A in real time, and then transmits the same to the communication device 1A of the real person of the certificate holder 1 in a short message manner, and the content of the received short message is displayed as "540X-123X-90 XX"; and the password parameter of the certificate holder 1 is assumed as "8383" to be combined and input into the acquiring system 4A webpage of the bank (CBank) for transaction;
on the other hand, the authentication center 3 transmits the gold certificate authorization code 6A of the same short message content "540X-123X-90 XX" to the credit authority 4(C Bank) of the real certificate identity in a private line synchronously, and prepares to wait for matching authentication in cooperation with the code data agreed by the cardholder in the database of the Bank (C Bank), as shown in fig. 1; in other words, the certificate holder 1 receives both the true principal and the credit authority 4(C Bank) at the same time;
please refer to FIG. 3, when the message device 1A of the certificate holder 1 actually receives the short message content "540X-123X-90 XX", the certificate holder 1 must fill in the blank insertion position X with the password parameter "8383", as shown in FIG. 3, if the certificate holder 1 actually knows to fill in the blank insertion position X with the password parameter "8383" to be complete "5408-1233-9083”The true authorized authentication code;
when the credential holder 1 combines the insertion and the null into a complete authorization authentication code 5408-1233-9083”The authorization authentication code of the second stage password parameter combination is confirmed (the certificate holder 1 is confirmed to be the true person) by filling in a collection webpage of the Bank (C Bank) collection system 4A and transmitting back to a collection computer (not shown) of the credit Bank 4(C Bank) for identity comparison;
as mentioned above, please continue to refer to FIG. 4, when the complete combination of the authentication codes "5408-; when the computer of the credit authority 4(C Bank) checks and confirms that the transaction is correct, and the web page displays an "OK" transaction completion message, the credit authority 4(C Bank) will issue a payment to the account appointed by the certificate acceptance object 2 (e.g. shop) and complete the transaction.
In other words, if the credential holder 1 (e.g. the consumer) is not the real person of the credential (credit card), it is naturally unable to receive the real-time random number from the authentication center 3 to compile a unique set of the certificate authorization code 6A because there is no communication device 1A that owns the real person of the credential holder 1, and naturally unable to complete the next stage of authentication operation on the premise of lacking the certificate authorization code 6A, so that the system refuses the transaction to automatically prevent the credit card from being stolen;
as mentioned above, if the token holder 1 is accidentally in the hand of a person other than the real person of the token holder 1 (i.e. the thief hand), the thief can obtain the gold certificate authorization code 6A transmitted from the authentication center 3, but cannot know in advance the "password parameter 8383" agreed in advance between the real person of the token holder 1 and the credit authority 4(C Bank) because the thief hand is not obtained by the real person of the token holder 1, and cannot perform the operation of inserting and combining the complete authorization authentication code according to the agreed password of the captured gold certificate authorization code 6A; on the premise of lacking the inserting combination password parameters of the real person of the certificate holder 1, the system can not effectively confirm that the transaction is from the real person of the certificate holder 1, therefore, the system can also judge that the transaction fails (as shown in fig. 5), and if the system is a embezzler, the system can not perform the subsequent transaction process, namely, the transaction can not be completed, thereby preventing the embezzlement.
It is worth mentioning here that: because the real person of the certificate holder 1 and the credit authority 4 (such as a bank) are directly connected, the real personal data of the certificate holder 1 does not flow out to the outside of the bank, and the communication device 1A (mobile phone) of the real person of the certificate holder 1 receives a new short message of the authentication code every time the card is swiped, the positions of the 'number' and the 'space' of the authentication code transmitted every time are different, the cracking probability is about two million and one eight billion (12 times of 11), and therefore, the transaction process is quite safe.
Therefore, the system adopts two-stage double confirmation transaction mode, which can effectively prevent the disadvantage of stealing the money because the transaction password is not fixed (computer random number coding) every time, and the final transaction process can be carried out and completed only after the true identity of the user is confirmed, thus ensuring the absolute safety of the whole transaction mechanism.
In addition, because the operation of the system has extremely high compatibility with the existing system of the bank, the credit granting unit 4 (such as the bank) only needs to be provided with a matching computer, the existing system does not need to be updated, the system does not spend much money and invest in the system like the past common chip card, and the system can be used only by slightly changing the flow of the existing system;
meanwhile, the system does not need the process operation which is required to pass through the united credit card center like the past common user, and because the system does not need to pass through the united credit card center, the credit granting unit 4 (such as a bank) can independently pay the card (2.5% -20%), does not need to be handed back to the united center and the international card issuing organization, does not need to be separated from an acquirer, and can fully implement the relativity between payment (card issuing business) and profit;
moreover, the customer swipes the card and is controlled and managed and authenticated by the card issuing and credit granting unit 4 (bank), so that the unreasonable situation that the conventional user agrees to pay money by the joint center and goes out problems but the credit granting unit 4 (bank) bears risks can be avoided, and meanwhile, the anti-theft and security-guaranteed electronic safe transaction can be achieved; in other words, the credit unit 4 (bank) account is the account of the order-receiving store, and money is left in the card-issuing credit unit 4 (bank) even if the transaction parties buy and sell, so that the transaction fees can be earned through data exchange between the parties.
In the "order receiving store" section, the credit institution 4 (bank) relatively finds out the money because the system can authenticate the idea that the card reader is the real person of the certificate holder 1; therefore, the certificate acceptance object 2 (shop) does not spend much time checking the client qualification, and does not burden the risk of card swiping. As a result, the customer of the small-amount receipt voucher receiving object 2 (store) can apply for and verify the qualification for the voucher receiving object on the network (free), and the credit authority 4 (bank) does not pay much administrative cost on the receipt customer, so that the estimated business expense of the customer at the receipt store 2 can be reduced by at least 80%.
Furthermore, as shown in fig. 6, if the aforementioned transaction is performed through the so-called "long distance shopping method", since the certificate holder 1 (for example, the consumer) can not check the authenticity of the object to be purchased on site as the shop of the in-person certificate receiver 2 (shop), in order to ensure the consumer's rights and prevent the consumer from not really obtaining the purchased object after paying, the authentication code input part should automatically determine to keep the predetermined position parameter temporarily not to input until the real person of the certificate holder 1 really receives the confirmation from the certificate receiver 2 (shop) to entrust the exclusive logistics company 7 to the real person of the certificate holder 1, and at the same time, after the confirmation of the purchase "no goods inspection right", the real person of the certificate holder 1 (goods receiver) finally "inputs the complete authentication code" to the affiliated credit authority 4 (bank) to make the final confirmation of the transaction transfer Affirming to complete the transaction; after confirmation, the affiliated credit authority 4 (bank) immediately dials money to the collection account designated by the certificate receiving object 2 (shop);
on the contrary, as mentioned above, if the real person (goods receiver) of the certificate holder 1 is not satisfied (including the error of the goods or the defect of the quality) with respect to the shopping delivered by the exclusive logistics company 7, as shown in fig. 6, that is, when the consumer "the goods inspection has the error defect", the real person (goods receiver) of the certificate holder 1 can choose the "return order" process and refuse to input the complete cash authorization code 6A; therefore, the credit authority 4 (bank) also provides the transaction final confirmation of the complete cash authorization authentication code for the real person of the certificate holder 1 due to the shortage, so that the credit authority 4 (bank) only agrees to dial the freight of the secondary exclusive logistics company 7 to the certificate receiving object 2 (store), and simultaneously deducts the freight of the secondary certificate receiving object 2 (store) from the real person account of the certificate holder 1; thus, the certificate holder 1 has only a unique loss of the true person, i.e. only a small transportation fee, and the certificate receiving object 2 (shop) can ensure that the goods are not fraudulently lost, so that the certificate receiving object 2 (shop) and the certificate holder 1 can surely provide a fair security transaction mechanism of the true person. Of course, if the item of shopping itself is wrong or the quality of the order itself is defective, the system can additionally agree to order the receipt object 2 (store) to pay the shipping fee.
In the transaction flow system, since the personal privacy data such as the credit data of the real person of the certificate holder 1 is still present in the credit institution 4 (bank) to which the real person of the certificate holder 1 belongs basically, the authentication center 3 is only an interface for connecting the terminals of the credit institution 4 (bank), and the credit institution 4 (bank) does not need to change the original security device, and the authentication center 3 can operate as long as the authentication center 3 provides the credit institution 4 (bank) to match the computer; therefore, in the case of the cooperative trust authority 4 (bank), the trust authority 4 (bank) completely manages all the client data, the client data is not obtained by other banks or other unrelated units, and there is no fear of client data outflow; therefore, the risk of security control and management of the customer data in the bank is greatly reduced, even if the customer card number accidentally flows out, the real person of the certificate holder 1 can not use the card, because the system can complete the authentication code of the final authorization by matching with the password parameter combination after the short message is received by the communication device 1A such as the mobile phone of the real person of the certificate holder 1.
As for the system deployment, because the card can be swiped on the web page applied for the network, the global order-receiving store system can be deployed in a short time, thereby achieving the effect of rapid deployment of the international order-receiving store; the same payment mechanism can be safely applied to common storefronts and electronic commerce and automated unmanned stores, and can be safely used no matter physical stores and remote transactions.
As for the true person of the certificate holder 1, the only communication device 1A such as personal mobile phone for contact which is kept in the authentication center 3, so as to receive the certificate authority code 6A transmitted by the authentication center 3 during transaction, which is not liable to lose personal data and be stolen.
It should be noted here that: on the other hand, when the system is in the process of setting up authentication, under the system agreement, the authentication center 3 or the trust authority 4 (bank) to which the real person of the certificate holder 1 belongs is required to set up and verify the password parameters of the real person of the certificate holder 1 in advance, and a functional password 6B with a plurality of groups of functional services is designed and verified for standby, as shown in fig. 5; therefore, in the transaction process operation of the system, the following operation modes with higher security and multitask services can be selected according to the actual needs of the certificate holder 1, and the detailed description of the process in conjunction with fig. 5 is as follows:
the operation of the system is also a transaction flow by the two-stage authentication method, the flow is also that the certificate holder 1 (such as a consumer) consumes to start the transaction to the certificate accepting object 2 (such as a shop), the certificate accepting object 2 firstly transmits the authorization data and the amount to be transacted of the certificate holder 1 to the authentication center 3 through the internet (or wired and wireless routes), the card number and the transaction amount are input through the entrance of the transaction platform 5 provided by the authentication center 3, and the transaction platform 5 interface is quickly connected to the acquiring system 4A of the authorization unit 4 (bank) to which the real person of the certificate holder 1 belongs, so as to carry out the first stage confirmation (whether the credit card is valid and the amount and the transaction amount are confirmed);
the receiving system 4A web page of the credit granting unit 4 to which the certificate belongs will have a request for inputting the authentication code, so as to continue the second stage of confirmation operation;
as mentioned above, at the same time, the authentication center 3 generates a set of unique gold card authorization codes 6A in real time, and then transmits them to the communication device 1A of the real person of the certificate holder 1 in short message manner, and when it is assumed that the short message content received by the certificate holder 1 (e.g. the consumer) is still "540X-123X-90 XX", under normal transaction, the consumer 1 (payer) of the real person must match the previous code parameter "8383" according to the X of the empty insertion position, and sequentially fills and combines the complete authentication code "5408-; however, the difference is that this time the credential holder 1 encounters an emergency situation, such as: the certificate holder 1 is under the external force of robber to carry out involuntary transaction, or the certificate holder 1 is just in the sudden state of insufficient credit card amount for buying ticket, etc.; at this time, the real person of the certificate holder 1 only needs to give up the insertion and blank input of the originally filled password parameter "8383", and the certificate holder takes out the preset functional password 6B by himself, and performs insertion and blank combination by matching with the received simplified message "540X-123X-90 XX" of the golden certificate authorization password 6A;
more specifically, when the certificate holder 1 is actually subjected to the external robber to carry out involuntary consumption, the certificate holder 1 determines that the preset '0911' rescue password parameter is matched with the golden certificate authorization password 6A of the received short message '540X-123X-90 XX' to complete the following complete authorization authentication code '540X-123X-90 XX', while the short message content is still '540X-123X-90 XX' and the robber cannot be predicted in advance0-1239-9011"; when the' 5400-;
for another example, when the certificate holder 1 needs to raise the credit line urgently when the real person of the certificate holder 1 wants to take a transportation vehicle, shop, and the like, and the temporary payment is insufficient, the certificate holder 1 can automatically determine the functional password parameter of raising the credit line urgently of "0105" set by the system in advance when the content of the received short message is still "540X-123X-90 XX", and the functional password parameter is inserted and blank-combined together with the short message "540X-123X-90 XX" of the received gold certificate authorization password 6A, thereby completing a complete authorization authentication code "5400-1231-9005"; when the' 5400-.
Therefore, the system can effectively prevent the disadvantage of stealing the amount of money, except for adopting the double-confirmation transaction mode of the same two stages, because the passwords for each transaction are not fixed (all are compiled by random numbers of a computer program), and simultaneously, the final composite authorization authentication code is completely compiled, and the real person 1 of the certificate holder 1 has the matching and selection of the functional passwords 6B, so the main control right related to the authorization passwords completely grasps the real person of the certificate holder 1, and the final transaction process is completed only after the certificate holder is confirmed as the intention of the real person of the certificate, so the situation of stealing is absolutely avoided, and the absolute safety of the whole transaction mechanism can be really ensured.
Here, it is to be stated that: the authentication system of the present invention can be widely applied to other authentication, such as identity authentication, contract authentication, document authentication …, etc., besides the above-mentioned embodiments for general cash flow transaction authentication, wherein the credit unit coverage includes courts, diplomatic departments, government bodies, etc., all of which can be compared with the above-mentioned password parameter design examples and two-stage authentication processes, and the design allowed in the spirit and function of the present invention can be changed in terms of its service parameters, instructions, system merging or subdividing, and various operation modes and process simplification or complication, and these possible equivalent changes also belong to the design principle options of the present invention; or a service center established according to the spirit of the method of the present invention, are all included in the scope of the present invention.
To sum up, the present invention provides an electronic authentication system with anti-theft security, which constitutes an innovative authentication mechanism and operation process, and can break through the bottleneck of the conventional transaction mechanism, wherein the certificate to be authenticated by the certificate holder is not limited to the transaction behavior of cash flow, such as: the non-cash flow transaction forms such as goods, information messages, documents …, etc. are also applicable; when the cash flow is transacted, the authentication credential is wider, such as: credit card number, financial card number, identity card number, passport card number and the like can be traded by providing authentication numbers for an authentication center, and the electronic authentication system with anti-theft security of the invention which is doubtful can exert extremely wide space; the authentication system does not need to change the original system, so that the long distance, cross-platform and cross-system can be really realized. The method can be used for the authentication of the cash flow, the identity authentication, the document authentication, the contract authentication and the contract authentication, and is not limited to the consumption behavior of the credit card; moreover, the invention adopts a two-stage authentication mode, and adopts random combination of irreplaceable cash passwords to confirm and complete the transaction twice, so that the most safe consumption cash flow mechanism can be achieved; in addition, the invention combines the combined type cash-evidence password of the combined function parameters to realize the maximum guarantee function of three-win between the shop owner, the credit bank and the consumer in the cash flow market, and has the invention patent which accords with the high utilization value in the industry.

Claims (10)

CN 2004100341202004-04-222004-04-22Electronic identification system having anti-theft and security functionsPendingCN1691026A (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
CN 200410034120CN1691026A (en)2004-04-222004-04-22Electronic identification system having anti-theft and security functions

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
CN 200410034120CN1691026A (en)2004-04-222004-04-22Electronic identification system having anti-theft and security functions

Publications (1)

Publication NumberPublication Date
CN1691026Atrue CN1691026A (en)2005-11-02

Family

ID=35346465

Family Applications (1)

Application NumberTitlePriority DateFiling Date
CN 200410034120PendingCN1691026A (en)2004-04-222004-04-22Electronic identification system having anti-theft and security functions

Country Status (1)

CountryLink
CN (1)CN1691026A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN106991339A (en)*2017-05-052017-07-28国信嘉宁数据技术有限公司A kind of financial transaction data security method, server, client and system
CN107169364A (en)*2017-05-052017-09-15国信嘉宁数据技术有限公司A kind of data security method and related system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN106991339A (en)*2017-05-052017-07-28国信嘉宁数据技术有限公司A kind of financial transaction data security method, server, client and system
CN107169364A (en)*2017-05-052017-09-15国信嘉宁数据技术有限公司A kind of data security method and related system

Similar Documents

PublicationPublication DateTitle
US7292996B2 (en)Method and apparatus for performing a credit based transaction between a user of a wireless communications device and a provider of a product or service
RU2686003C2 (en)Electronic payment system
US7600676B1 (en)Two factor authentications for financial transactions
US8229855B2 (en)Method and system for facilitating payment transactions using access devices
CN108090761A (en)Block chain token method of payment based on credible two-dimension code
TW200306483A (en)System and method for secure credit and debit card transactions
JP2002245243A (en)Private and secure financial transaction system and method
CN103886449A (en)Visible-code-based payment method and system with multiple security combination mechanisms
CN103765861A (en)Payment selection and authorization by a mobile device
CA2417530A1 (en)A payee account payment system
AU2017290263B2 (en)Method and system for transit processing
US20130268439A1 (en)Vtex3 fraud protection system mobile verification protocol (mvp)
CN103198405A (en)Intelligent payment method and system based on camera scanning verification
US20050149439A1 (en)Transaction Method and System Using an Issued Transaction Number for Verification of a Transaction
US20140244507A1 (en)Offline transaction
CN111937023B (en)Security authentication system and method
JP2008243199A (en)Internet business security method
US20200097968A1 (en)System and logic to convert an existing online bank transfer transaction
US8296242B1 (en)Method and apparatus for coordinating and tracking delivery of a benefit
US20050015345A1 (en)One kind of fund flow authentication security trade system
CN103577981A (en)Mobile payment system and method using two-dimensional bar codes
WO2011058376A1 (en)Payment authentication system and processing method
CN1691026A (en)Electronic identification system having anti-theft and security functions
CN108475374B (en) Payment devices with multiple modes for conducting financial transactions
KR20080079714A (en) User Authentication System and Method of Credit Card Payment Using Mobile Communication Terminal

Legal Events

DateCodeTitleDescription
C06Publication
PB01Publication
C10Entry into substantive examination
SE01Entry into force of request for substantive examination
C02Deemed withdrawal of patent application after publication (patent law 2001)
WD01Invention patent application deemed withdrawn after publication

Open date:20051102
[8]ページ先頭
©2009-2025 Movatter.jp