530230 五、發明說明Q) 【本發明之領域】 領域,尤指一種安全增 本發明係有關電子商務之技術 強式網路付款系統。 【本發明之背景】 隨著電腦的應用日益普遍,在商蚩 1 —咕人 了將原先傳统書面儲存的各種資气二w 。a a仃k示 、富τ寻、况曰 分禋貝讯處理電腦化外,也紛紛530230 V. Description of the invention Q) [Field of the invention] Field, especially a security enhancement. The invention relates to the technology of electronic commerce. Strong network payment system. [Background of the Invention] With the increasing popularity of computer applications, in Shangyang 1-Guren, various resources that had previously been stored in traditional writing were stored. a a 仃 k show, rich τ hunting, and suffice to say that in addition to computerized processing,
Internet/ Intranet網路架構來整合各項資料及提供 使料境。0此’在網際網路上各公司行號除了提 供各式資訊讓消費者能查詢外,也將傳統的銷售行為直接Internet / Intranet network architecture to integrate various data and provide information environment. 0 此 ’In addition to providing various types of information for consumers to query on the Internet, the company's account number also directs traditional sales behaviors.
移至網際網路上。而在網際網路上的銷售行為上,商家如 何決定消費者是合法的,並如何向消費者收費,並保障消 費者權益是非常重要的。 目岫常見之使用信用卡線上安全交易付款技術主要為 SET(SeCUre Electronic Transactions)及SSL(Secure Sockets Layer)。SET 為 VISA、Mas ter Card 等國際組織所Go to the Internet. In terms of sales on the Internet, it is very important for businesses to determine how consumers are legal, how to charge consumers, and to protect consumer rights. The most commonly used online credit card payment technology for secure transactions is SET (SeCUre Electronic Transactions) and SSL (Secure Sockets Layer). SET is registered by international organizations such as VISA, Master Card, etc.
制定’專為網際網路上信用卡付款所使用。SSL(Secure Sockets Layer)協定則是由Netscape公司所制定,以提供 一種和一般的信用卡郵購方式差不多的交易方式,亦即, 请費者只需經由瀏濩器,輸入其信用卡卡號及有效期限資 料’然後藉由劉纜器和特約商店網站伺服器軟體間的SSL 加密協定傳送給特約商店,特約商店收到後即可依此資料 向收單銀行授權請款。 在SET化用卡付款方面,因為SET是專為網際網路信用Designed 'for credit card payments on the Internet. The SSL (Secure Sockets Layer) protocol was developed by Netscape to provide a transaction method similar to the general credit card mail order method, that is, the customer only needs to enter his credit card number and expiration date information through a browser 'Then send it to the special store through the SSL encryption agreement between Liu Lanji and the special store website server software. After receiving the special store, the special store can authorize the acquirer to request payment based on this information. In terms of SET card payment, SET is designed for Internet credit
第4頁 530230 五、發明說明(2) 卡付款所設计’設計上要求較高的安全性,所以消費者使 ^上需要先女I電子錢包軟體,並上網取得電子數位憑證 資,等繁複手續後才能進行交易,•因此目前的使用普及率 不鬲,並且相關的電子憑證資料取得麻煩,收單銀行需與 憑焱伺服為進行憑證驗證,憑證伺服器是採計次收費方 式’收單銀行所需付出之成本較高。 而SSL信用卡付款方式則因較為簡易,其毋須驗證消 費者的數位憑證,對於消費者使用方便,但在安全性方面 卻存在下列之問題: (1) 劇漫器和約商店網站伺服器軟體之間的SSL加密協 定是否安全? (2) 如何確知輸入信用卡卡號資料者即為本人? (3) 特約商店可取得消費者信用卡卡號相關資料,是 否會有遭盜用的可能? 渤够ΐ貝際之應用上’目前所廣為使用的Netscape與1]£這 ^ /見為軟體所支援的SSL加密協定所用之加密鑰長度都過 ^ 並不足夠保護重要資料的傳輸安全性。且目前在網際 =路上已有出現信用卡卡號產生器相關軟體,可隨意產生 ;:,卡號資料,因此若碰巧讓不肖者找到使用中之信用 等資^即有被盜刷之可能。另特約商店只需以信用卡卡號 若,料不,消費者簽名即可向收單銀行授權請款,因此 遇上不肖商店或不肖内部員工,是有可能發生資料遭 太彳丧使用的情形。有鑑於此’前述習知之網路交易付款 式貫有予以改進之必要。Page 4 530230 V. Description of the invention (2) The design of the card payment requires higher security in design, so consumers need the first daughter I electronic wallet software, and get electronic digital vouchers online, etc. The transaction can only be performed after the formalities, so the current popularization rate is not high, and the related electronic voucher data is troublesome. The acquiring bank needs to verify the voucher with the voucher server. The voucher server is a charge-by-charge method. The cost to the bank is high. The SSL credit card payment method is relatively simple, it does not need to verify the digital certificate of the consumer, it is convenient for consumers, but it has the following problems in terms of security: (1) Is the SSL encryption protocol in use secure? (2) How do I know if I enter the credit card number information? (3) Special stores can obtain information about consumer credit card numbers. Is there any possibility of misappropriation? In the application of the Internet, the current widely used Netscape and 1] £ ^^ See that the key length used by the SSL encryption protocol supported by the software is too long ^ Not enough to protect the security of important data transmission . And at present, software related to the credit card number generator has appeared on the Internet =, and can generate;:, card number information at will, so if you happen to let unscrupulous people find the credit information in use, etc., it may be stolen. In addition, the special store only needs to use the credit card number. If it is not expected, the consumer can sign the authorization to the acquiring bank to request payment. Therefore, it may happen that the data is used too badly when it encounters the store or internal employees. In view of this, it is necessary to improve the conventional payment method of online transactions.
530230 五、發明說明(3) 之精神, 付款系統 亟思一種可 」,幾經研 、發明人爰因於此,本於積極發明 以,決上述問題之「安全增強式網路 究實驗終至完成此項新穎進步之發明 【本發明之概述】 網路付款系 並確認使用者 本發明之目的係在提供一種安全 統,以加強網路交易之加密協定的安全性 之身份。 王庄’ 為達前述之目的,本#明安八 :供:持卡者和一網款系統 卡者係向一發卡銀行申請卡上又才不人,該持 組金鑰資料,該持卡者且右=上卡銀行具有特定之一 2運算所得之憑證資料碼,該系統本 收來自该網路特約商店關於該 二二 加密之線上消螫咨社上 丁下有、、工以一公開金鑰 、、内並匕B有該持卡者之憑證資料碼,哕系絲爭且古 一驗證單元,其係依 馬忒糸、、先更具有 線上夺总、隹—上述忒收早伺服裔所解密之資料而對 金检次 二山證,該驗證單元儲存有該發卡銀行之該組 及驗證該持卡者身份時,可依該組金鍮資料 對4 3 ^片基本資料而運算出一驗證資料碼,俾以比 對该憑證資料碼之正確性。 由於本發明設計新穎,能提供產業上利用, 進功效 1,故依法申請專利。 為使貝審查委員能進_步暸解本發明之結構、特徵及其 530230530230 Fifth, the spirit of invention description (3), the payment system is desperately thinking about a kind of payment. "As a result of this, several inventors and inventors have actively researched and solved the above-mentioned" security-enhanced network research experiment. " This novel and progressive invention [Overview of the invention] Online payment and confirmation of the user The purpose of the invention is to provide a secure system to strengthen the identity of the encryption protocol of online transactions. For the aforementioned purposes, this # 明安 八: For: cardholders and an online payment system card applicants apply to a card-issuing bank and are no longer available, the key information of the group, the cardholder and the right = the card The bank has a specific certificate data code obtained from one of the two operations. The system originally received from the online special shop about the two or two encrypted online consumer consultants. It has a public key. D-B has the card holder's certificate data code, which is an authentic verification unit, which is based on Ma Yi, first has online winning, and the above-mentioned 忒 receives the information decrypted by the early server. The second inspection card for gold inspection When the verification unit stores the group of the card-issuing bank and verifies the identity of the cardholder, it can calculate a verification data code based on the group of gold card data to 4 3 ^ pieces of basic data, and compare it with the certificate data code. Correctness. Because the present invention is novel in design, can provide industrial use, and has an effect of 1, the patent is applied for in accordance with the law. In order to allow the Examiner to further understand the structure, characteristics and 530230 of the present invention
五、發明說明(4) 目的’兹附以圖式及較佳具體實施例之詳細說明如后V. Description of the invention (4) Purpose 'The detailed description of the drawings and preferred embodiments is attached as follows
L較佳具體貫 ._ ^ J 有關本發:之:全增強式網路付款系統之一較佳實施 請先參照苐:圖所示之系統架構 卡銀行11、驗證中心1 2、持卡去τ q ^ ^ ^ 要係、、二甶么 行1 5等之運作,俾以使持卡者丨3日二二店14及收單銀 金融卡等經由網際網路或鼓線女王地以信用卡或 於本較佳實施例中,係上網路付款交易。 用卡交易來進行安全増強式網路付’以基於SSL信L is better and more consistent. _ ^ J About this issue: of: One of the best implementation of the full enhanced online payment system, please refer to 苐: System architecture shown in the picture Card Bank 11, Verification Center 1, 2. Card Holder τ q ^ ^ ^ It is necessary to operate the system such as er, er, er, er, er, and so on, so that cardholders will be able to use credit cards via the Internet or drum line queen land on the 3rd, 2nd and 14th stores, 14 Or in the preferred embodiment, it is an online payment transaction. Use card transactions for secure stubborn Internet payments ’based on SSL
h該發卡銀行11係供核發信㈣金融卡)給 而母一發卡銀行11並具有特定之—組金鑰資 Ah The card-issuing bank 11 is for verification and issuance of letter (financial and financial cards) to the mother-card-issuing bank 11 and has a specific—group key asset A
Key —B),用以產生消費者作用牛 、、y-k, 組資料(Key_A,Key_B)並i;子料碼(C碼),該 之運算伺服器m〇P Server)亥驗…(驗證單元)12 進行5 : :1*:::取:t用卡與C碼資料於網際網路上 經由瀏覽器132連接網際網路而進< J =具軟體及 =_覽_連接驗證中心;;;站== 提軟 ^功能者13§己錄線h肖費資料、儲存基本資料及資料加密 特約 商店1 4於參與本系統 以進行線上交易時 需向該Key —B), used to generate consumer data, key data, (Key_A, Key_B) and i; sub-material code (C code), the operation server m0P Server) ... (verification unit ) 12 Perform 5:: 1 * ::: take: t card and C code data on the Internet to connect to the Internet via browser 132 and enter < J = with software and = _View_ Connection Verification Center; ; Station == software upgrade ^ function 13 13 already recorded line h Xiaofei data, storage of basic data and data encryption special stores 1 4 when participating in this system for online transactions
530230 五、發明說明(5) 收早銀订1/提出申請,並由收單銀Si 5處取得其交易所需 之電子心i等相關資料以接受線上交易,另需在其電子商 場網站需安裝SSL-販售伺服器141 (SSL —Merchant Server) 並提仏使用「SSL一網路安全付款應用函數」,其中, SSL_販售伺服器141的功能主要是負責處理一交易訊 息’接收來自電子錢包1 3 1與電子商場「SSL網路安全付款 應用函數」所傳來的指令訊息並連接至ssL_收單伺服器 1 7,,進行信用卡線上付款相關作業。 ^ 「SfL網路安全付款應用函數」的功用為讓網際網路 電子商場可藉由使用這些函數來發動相關的SSL作業處理 流程,例如授權/請款(Sale)、退款(Cred)、清算等,至 於電子商場使用「SSL網路安全付款應用函數」的介面與 相關柃機之流程則如第二圖所示,其中,應用函數 SSL 一 Sal e()係供網路特約商店於線上進行信用卡交易授權 與請款作業,其定義如下·· int SSL_Sale( iniDir, merlD, lidm, purchAmt, currency, amtExp, 〇d);當中,iniDir 為所安裝「SSL· 販售飼服器」組恶槽案(如s s 1 m e r c h a n七·丨n丨)路徑, mer ID為此交易商店於SSL一販售伺服器中之設定代碼(由電 子商場自行設定),1 i dm為此筆交易在此電子商場之訂單 編號’資料型態可為最長20個字元之文字串,purchAmt為 消費者此筆交易所購買商品欲授權總金額,C U j» r e n C y為交 易幣值代號,可為三碼的文字串型態,例如新台幣為 π 90 1",美金為n 840n ,amtExp為幣值指數,例如美金530230 V. Description of the invention (5) Early morning silver order 1 / Submit an application, and obtain the relevant information such as the electronic heart i required by the acquiring bank Si 5 to accept online transactions. Install SSL-Merchant Server 141 (SSL —Merchant Server) and use the "SSL-Internet secure payment application function". Among them, the function of SSL_Merchant Server 141 is mainly responsible for processing a transaction message. The electronic wallet 1 3 1 and the instruction message from the "SSL online secure payment application function" of the electronic mall are connected to the ssL_acquisition server 17 to perform online credit card related operations. ^ The function of "SfL online secure payment application function" is to enable Internet e-shopping malls to use these functions to initiate related SSL operation processing processes, such as authorization, payment (Sale), refund (Cred), clearing Wait, as for the interface of the electronic mall using the "SSL network secure payment application function" and the related process, as shown in the second figure, among them, the application function SSL-Sale () is for online special shops to carry out online Credit card transaction authorization and withdrawal operations are defined as follows: · int SSL_Sale (iniDir, merlD, lidm, purchAmt, currency, amtExp, 〇d); where iniDir is the evil slot of the "SSL · Selling Feeder" group installed (Such as ss 1 merchan 七 丨 丨) path, mer ID is the setting code of the transaction store in the SSL sales server (set by the electronic mall itself), 1 i dm is the transaction in this electronic mall The order number 'data type can be a text string with a maximum of 20 characters. PurchAmt is the total amount of goods the consumer wants to authorize on this transaction. CU j »ren C y is the currency code of the transaction, which can be a three-digit text. Type, for example, NT is π 90 1 ", dollars of n 840n, amtExp of currency exponent, dollars e.g.
第8頁 530230 五、發明說明(6) 1· 23元時,purchAmt為123而amtExp則為—2,〇d為此交易 中對消費者所購買商品的描述資料。 人 當持卡者在電子商場選購好所要購買商品之後,可選 擇以S S L h用卡線上付款機制來進行付款,則該電子商場、 處理程式必須依情況呼叫SSL 一 Sale()應用函數。此i琢 SSL一Sale()應用函數會負責啟動ml信用卡線上授權請款 處理程序。 ^ 應用函數SSL一CredO係供網路特約商店於線上進行信 用卡交易退款作業,其定義如下: int SSL_Cred(iniDir, merID, 1i dm, authCode, amount,currency,amtExp),當中,amount 為此期授權 之金額,authCode為銀行端對此筆交易的授權碼 (ApprovalCode) 〇 當電子商場欲對先前已進行完授權請款之交易,進行 退款處理作業時(例如收到使用者退貨要求時),可透過電 子商場之帳務管理系統程式呼叫S S L —C r e d ()應用函數。 此一SSL一CredO應用函數會負責發動SSL信用卡線上退款 處理程序作業。 應用函數SSL一BatchClose()係供網路特約商店於線上 進行信用卡交易清算作業,其定義如下: int SSL—BatchClose(iniDir, merlD, batchID),當中, batch ID為此次請款之批次編號。 當電子商場取得授權碼後,商場可用批次請款的方 式’產生批次編號後,呼叫SSL_BatchC 1 ose ()應用函Page 8 530230 V. Description of the invention (6) At 1.23 yuan, purchAmt is 123 and amtExp is -2. This is a description of the goods purchased by consumers in this transaction. After the cardholder purchases the goods to be purchased in the electronic mall, he can choose to use the online payment mechanism of the card to make the payment. The electronic mall and the processing program must call the SSL Sale () application function according to the situation. This SSL-Sale () application function is responsible for starting the ml credit card online authorization request processing program. ^ The SSL-CredO application function is used by online authorized stores to perform credit card transaction refund operations online. Its definition is as follows: int SSL_Cred (iniDir, merID, 1i dm, authCode, amount, currency, amtExp), where amount is the current period The authorized amount, authCode is the bank's authorization code (ApprovalCode) for the transaction. 〇 When the electronic mall wants to perform a refund processing for a transaction that has been authorized to request payment (for example, when a user returns a request) , You can call the SSL —C red () application function through the account management system program of the electronic mall. This SSL-CredO application function will be responsible for initiating the SSL credit card online refund processing program operation. The application function SSL_BatchClose () is for online special shops to perform credit card transaction clearing operations online, and its definition is as follows: int SSL—BatchClose (iniDir, merlD, batchID), where batch ID is the batch number of this request . After the electronic shopping mall obtains the authorization code, the shopping mall can use the batch payment method ’to generate a batch number, and then call the SSL_BatchC 1 ose () application letter
530230 五、發明說明(7) " '" ' 數、’,與收單銀行SSL—收單伺服器進行清算處理作業。 述之應用函數外,系統可視實際需要情況以及相關相 ^ ^用卡處理作業流程而增設新的功能,例如信用卡付款 授權(Auth)、信用卡付款授權調整或取消(AuthRev)、信 用卡付款請款(Cap)、信用卡付款請款取消(CapRev)、信 用卡付款退款(Cred)、及信用卡付款退款取消(CredRev 等功能。 味該收單銀行15與驗證中心12於系統中係可提供核發與 官理特約商店電子憑證之功能,其中,各收單銀行丨2對其 特,商店1 4之電子憑證管理作業,有兩種方式可以進行:530230 V. Description of the invention (7) " '"' Number, ', and the acquiring bank SSL-acquisition server for clearing processing operations. In addition to the application functions described above, the system can add new functions, such as credit card payment authorization (Auth), credit card payment authorization adjustment or cancellation (AuthRev), credit card payment request ( Cap), Credit Card Payment Cancellation (CapRev), Credit Card Payment Refund (Cred), and Credit Card Payment Refund Cancellation (CredRev, etc.) The receiving bank 15 and the verification center 12 can provide issuing and official functions in the system. The functions of the electronic voucher of the special store are as follows. Among them, each acquiring bank 丨 2 can manage the electronic voucher of the special store 1 14 in two ways:
一是各收單銀行1|可自行架設自己的SSL一憑證驗證伺服器 18 (SSL —CA Servgr),據以自行管理所屬特約商店14之電 子憑證資料;二是各收單銀行丨5可利用由驗證中心丨2設置 之SSL一憑證驗證伺服器丨8所提供之界面與功能來產生與管 理其所屬之特約商店14之電子憑證,而無需再另行架設 SSL—憑證驗證伺服器丨8。而特約商店丨4之電子憑證係由 SSL—憑證驗證伺服器ι8以離線(〇ff —iine)方式產生後,再 儲存於磁片上交付予特約商店丨4安裝於SSL一販售伺服器上 使用。First, each acquiring bank 1 | can set up its own SSL-certificate verification server 18 (SSL—CA Servgr) to manage the electronic certificate data of its own special store 14; second, each acquiring bank 5 can be used The interface and functions provided by the SSL-Certificate Verification Server 丨 8 set by the Verification Center 丨 2 are used to generate and manage the electronic credentials of the special store 14 to which it belongs, without the need to separately set up an SSL-Certificate Verification Server 丨 8. The special certificate of the special store 丨 4 is generated by the SSL-certificate verification server i8 offline (〇ff —iine), and then stored on the magnetic disk and delivered to the special store 丨 4 installed on the SSL-sale server .
該收單銀行1 5與驗證中心1 2於系統中並可提供特約商 店1 4連線進行線上信用卡交易處理作業之功能,其中,各 收早銀彳亍1 5可選擇自行架設專屬之s S L —收單伺服器1 了,如 第二圖所示,或者各收單銀丨5行可共同使用由驗證中心丄2 口又置之S S L —收單伺服器1 7,如第四圖所示。而$ $ [收單伺The acquiring bank 15 and the verification center 12 are in the system and can provide special shops 14 to connect online credit card transaction processing functions. Among them, each early receiving bank 15 can choose to set up its own s SL. —Acquisition server 1 is shown, as shown in the second figure, or each of the acquiring banks 丨 5 lines can be used in common by the verification center 丄 2 port and SSL — Acquiring server 17, as shown in the fourth figure . And $$ [acquirer
530230530230
五、發明說明(8) 服器1 7係和網路特約商店1 4所安裝之SSL_販售伺服器1 41 連線,用以提供線上信用卡處理相關作業。 的 又,該SSL—收單伺服器1 7將與驗證中心丨2現有之授權 處理糸統(V P 0 S)伺服為1 9連線以提供信用卡處理請款 (S a 1 e )、退#欠(C r e d )、清异作業功能。系統可視實際需要 情況可增設例如信用卡付款授權(Auth)、信用卡付權 調整或取消(AuthRev)、信用卡付款請款(Cap)、信用^付 款請款取消(CapRev)、信用卡付款退款(以6(1)、^信用卡 付款退款取消(CredRev)等功能。 ° 該收單銀行1 5與驗證中心1 2於系統中亦可提供註冊身 份驗證作業,主要係藉由SSL一憑證驗證伺服器丨8提供持卡 者初次註冊身份驗證、線上更新憑證資料、線上註冊身份 驗證作業等服務。 該驗證中心1 2另提供運算伺服器丨6以驗証持卡者輸入 之C媽資料’其中’驗證中心所架設之運算伺服器丨6係搭 配加解密設備以計算〇p公式值,此伺服器丨6可接受來自各 =同收單銀行1 2的SSL一收單伺服器丨7或%[一憑證驗證伺服 器1 8的請求以驗證持卡者丨3輸入之信用卡c碼資料是否正 確’該0P公式演算法係由發卡銀行與收單銀行共同訂定, 其一實際之範例為: 1·將卡號以Key —A加密得, 2.將A1以Key —B加密得A2, 3 ·將A 2以有效期限加密得a 3, 4·取A3的最後N位轉成十進位,取此十進位最後n個數V. Description of the invention (8) The server 17 is connected to the SSL_sales server 1 41 installed on the Internet special shop 14 to provide online credit card processing related operations. In addition, the SSL-acquisition server 17 will connect with the existing authorized processing system (VP 0 S) server of the verification center 丨 2 to provide credit card processing (S a 1 e), refund # C red, clear operation function. The system can add credit card payment authorization (Auth), credit card payment right adjustment or cancellation (AuthRev), credit card payment request (Cap), credit ^ payment request cancellation (CapRev), credit card payment refund (with 6 (1), ^ credit card payment refund and cancellation (CredRev) and other functions. ° The acquiring bank 15 and the verification center 12 can also provide registration authentication operations in the system, mainly through SSL-certificate verification server 丨8 Provides cardholders' initial registration identity verification, online renewal of credential information, online registration identity verification operations, etc. The verification center 1 2 also provides a computing server 丨 6 to verify the C card information entered by the cardholder 'Among them' Verification Center The computing server erected 6 is equipped with encryption and decryption equipment to calculate the value of oop formula. This server 丨 6 can accept SSL = acquiring server from each = same acquiring bank 1 2 丨 7 or% [a certificate Verify the request of the server 18 to verify whether the credit card c-code data entered by the cardholder 3 is correct. The 0P formula algorithm is jointly set by the card-issuing bank and the acquiring bank, and a practical example As follows: 1. Encrypt the card number with Key-A, 2. Encrypt A1 with Key-B to A2, 3. Encrypt A 2 with the expiration date to a 3, 4. Take the last N digits of A3 and convert to decimal. , Take the last n numbers of this decimal
530230 五、發明說明(9) 字為C碼, 其中加密演算法可為DES採用ECB加密模式。 而若發卡銀行11系統提供相關機制可加以配合讓持卡 者1 3可線上更改與查核C碼資料,則該運算伺服器1 6將會 透過銀行間網路(BankNet)將持卡者13驗證C碼與修改c碼 之相關請求訊息傳送至各發卡銀行11系統,由各發卡銀i i 行進行相關處理作業並取得結果回覆。 請先參照第五 使用者首先向 發卡銀行11審 ,發卡 以前述本發明之系統進行付款交易時 圖所示之信用卡及憑證碼申請流程示意圖 發卡銀行11申請信用卡(以箭號A 5 - 1表示) 核申請者資料,通過審核則核發信用卡(步驟S 5 - 1 銀行11並根據使用者卡號、有效期限及其 (Key—A,Key—B),產生認證資料C碼(步驟S5-2),然後,發 卡銀行11使用密函(如掛號)寄給申請者信用卡及認證資料 C碼(以箭號A5-2表示)。 前述之認證資料C碼之產生方式係依前述由發卡銀行 11與收單銀行1 5共同訂定之〇p公式演算法所得之,例如,530230 5. Description of the invention (9) The word is C code, and the encryption algorithm can be DES using ECB encryption mode. And if the card-issuing bank 11 system provides related mechanisms that can be used to allow cardholders 13 to change and check C code data online, the computing server 16 will verify cardholder 13 through the BankNet. The relevant request messages of the C code and the modification of the c code are transmitted to each card issuing bank 11 system, and each card issuing bank ii performs relevant processing operations and obtains a response. Please refer to the fifth user first to the credit card issuing bank 11 to review the application process of the credit card and voucher code shown in the diagram of the system of the present invention for payment transactions. Credit card issuing bank 11 applies for credit card (indicated by arrow A 5-1) ) Check the applicant's information, and issue the credit card after the review (Step S 5-1 Bank 11 and generate the C code of the authentication data based on the user's card number, expiration date and (Key-A, Key-B) (Step S5-2) Then, the card-issuing bank 11 sends the credit card and authentication information C code (indicated by arrow A5-2) to the applicant using a secret letter (such as a registered account). The aforementioned method of generating the C-code of the authentication information is issued by the card-issuing bank 11 and Acquired by the acquiring bank 15 together with the oop formula algorithm, for example,
當信用卡號為4579540010303305、有效期限為11981100, Key — Α 為 0 0 00 0 0 0 1,Key_B 為 00000 0 02,採用加密演算法 E 為D E S時且為E C B加密模式,N取為4,則:When the credit card number is 4579540010303305, the validity period is 11981100, Key — Α is 0 0 0 0 0 0 0 1, Key_B is 00000 0 02, when the encryption algorithm E is D E S and the E C B encryption mode, and N is 4, then:
Al=E(Card# , Key_A) =E(4579540010303305, 00000001) =2c9eaadc542d3d2a, A2 = E(A1,Key一B)Al = E (Card #, Key_A) = E (4579540010303305, 00000001) = 2c9eaadc542d3d2a, A2 = E (A1, Key_B)
第12頁 530230 五、發明說明(ίο) =E(2c9eaadc542d3d2a, 00000002) =810efIe086be3b83, A3 = E(A2,有效期限) 二E(810efIe0 8 6be3b83, 1 1 98 1 1 0 0 ) =cba24e23f66d9c69, A4 = 9c69(取A3的4位16進位),其十進位表示為 4 0 0 41,所以C碼為0 0 4 1。 而由於驗證中心1 2之運算伺服器1 6亦儲存有該組資 (Key_A,Key一B),因此,可於將來持卡者13於網際網路 上進行註冊身份驗證與購物付款時驗證其資料真假使用。 該持卡者13於取得信用卡與(:碼資料後,經註冊身份 驗證完成即可開始於網際網路上進行購物付款作業,初次 的註冊身份驗證流程係如如第六圖所示,首先,於步驟 S6-1持卡者13使用瀏覽器132軟體連結至驗證中心架設 之SSL一憑證驗證伺服器18之網頁,以點選進行一信用卡 身份驗證選項,經點選完後’SSL_憑證驗證伺服器18傳回 一WakeUp訊息,要求持卡者13之瀏覽器132自動開啟電子 錢包131軟體於持卡者端電腦(步驟S6_2),持卡者13輸入 Λ用H號(457954mQ3G33G5)、有效期限(1腕1〇(〇盘 C碼(0041 )後,經電子錢包131使用饥 的公開金鑰將此線上消#音祖4+ 4 ~ ^CCT ^ _ A 八丄肩賈貝枓封包加铪後用SSL協定傳回 給SSL_憑證驗證饲月g哭·] 又兄^服為18進行確認(步驟S6 —3),ssl馮 驗證伺服器1 8收到資枓尨你m ^ | 也 勺^P ^ ϋ 後使用其對映之私密金鑰解開加密 、十匕取付仏用卡卡號、有效期限與C石馬資料(步驟Page 12 530230 V. Description of the invention (ίο) = E (2c9eaadc542d3d2a, 00000002) = 810efIe086be3b83, A3 = E (A2, expiration date) Two E (810efIe0 8 6be3b83, 1 1 98 1 1 0 0) = cba24e23f66d9c69, A4 = 9c69 (take the 4-digit hexadecimal of A3), the decimal representation is 4 0 0 41, so the C code is 0 0 41. And because the computing server 16 of the verification center 12 also stores the group of funds (Key_A, Key-B), it can verify its data when the cardholder 13 performs registration identity verification and shopping payment on the Internet in the future. True and false use. After obtaining the credit card and (: code information), the cardholder 13 can start shopping on the Internet after the identity verification is completed. The initial registration verification process is shown in Figure 6. First, Step S6-1 The cardholder 13 uses the browser 132 software to connect to the webpage of the SSL-certificate verification server 18 set up by the verification center, and click to perform a credit card authentication option. After clicking the 'SSL_Certificate Verification Server' The device 18 returns a WakeUp message, requesting the browser 132 of the cardholder 13 to automatically open the electronic wallet 131 software on the cardholder's computer (step S6_2). The cardholder 13 enters the H number (457954mQ3G33G5) and the validity period ( 1 wrist 10 (0 disk C code (0041)), use the public key of the electronic wallet 131 to cancel this online # 音 祖 4+ 4 ~ ^ CCT ^ _ A Eight-shouldered Jabe 枓 package and add Using SSL protocol to return to SSL_Certificate verification month month cry]] Brother ^ server 18 for confirmation (step S6-3), ssl Feng authentication server 18 received the information you m ^ | Also spoon ^ P ^ ϋ later uses his mapped private key to unlock encryption Number, expiration date and Shima C data (step
第13頁 530230 五、發明說明(11) s6 —4),之後將上述資料傳給驗證中心之〇p伺服器丨6(步 驟S6-5),運算伺服器16憑持卡者資料取出資料庫裡有關 發卡銀行的keys = (Key —A,Key —B)為(00000001, 0 0 0 0 0 0 0 2),利用公式op(卡號Card#,有效期限expired date,keys)產生一驗證資料碼(κ碼)為〇〇41,因κ碼與 c碼相同所以確認使用者為合法。運算伺服器丨6將驗證成 f結果傳給SSL一憑證驗證伺服器丨8,SSL—憑證驗證伺服 器18以SSL協定加密(步驟S6-6)傳回此次身份驗證之 Approval Code值1給持卡者端電子錢包131軟體。持卡 者端電子錢包131收到APproval <:0(^值1,表示身份驗證 f =,則將此Approval Code與信用卡卡號、有效期限 等資料加後、後記錄至持卡者端的個人電腦中儲存以供將來 上網購物付款時使用(步驟S6-7),並提示已註冊成^可開 始進行線上購物的訊息告知持卡者13。在此範例中, Approval Code 值為 1,Reject c〇de 值為 〇。 第七圖係概略顯示持卡者丨3向驗證中心丨 料之流程,首先,持卡者13填好卡號 U改C碼貝 (45 79 540 0 1 03 03 30 5 )、有效期限⑴ 9811〇〇)、舊^馬 (〇〇4丨)及新的C碼(637 1 )等資料以SSL 一憑證驗證飼服器18 之公開金餘予以加密(步驟S7 — D,以傳送至驗證中心12 SSL 一憑證驗證伺服器18而進行線上c碼更改作業,憑 證驗證伺服器18則以其私密金鑰解開加密封包取料心 步驟S7-2),之後將上述資料傳給驗證中心12之運算伺服 器16,於步驟S7-3中,該運算伺服器16透過銀行間Page 13 530230 V. Description of the invention (11) s6 — 4), and then the above data is transmitted to the server oop 6 of the verification center (step S6-5), and the operation server 16 is taken out of the database based on the cardholder data The keys of the card-issuing bank = (Key —A, Key —B) is (00000001, 0 0 0 0 0 0 0 2). Use the formula op (Card number Card #, expired date, keys) to generate a verification data code ( κ code) is 〇41. Since the κ code is the same as the c code, it is confirmed that the user is legal. The calculation server 丨 6 sends the result of the verification f to the SSL-certificate verification server 丨 8, and the SSL-certificate verification server 18 uses the SSL protocol encryption (step S6-6) to return the Approval Code value of this identity verification to 1. Cardholder-side electronic wallet 131 software. The cardholder-side electronic wallet 131 receives APproval <: 0 (^ value of 1, indicating identity verification f =, then adds this Approval Code, credit card number, expiration date and other information to the cardholder's personal computer It is stored in the Internet for future online shopping and payment (step S6-7), and a message indicating that it has been registered to start online shopping is notified to the cardholder 13. In this example, the Approval Code value is 1, and Reject c〇 The value of de is 0. The seventh diagram shows the cardholder's 3-way verification center process. First, cardholder 13 fills in the card number U and changes the C code shell (45 79 540 0 1 03 03 30 5), Validity period ⑴ 9811〇〇), the old horse (〇〇 4 丨) and the new C code (637 1) and other information is encrypted with an SSL certificate to verify the open balance of the feeder 18 (steps S7-D, to Send it to the verification center 12 SSL-certificate verification server 18 and perform online c-code change operations. The certificate verification server 18 uses its private key to unlock the sealed package and take the core (step S7-2), and then transfer the above information to The calculation server 16 of the verification center 12 performs the calculation server 16 in step S7-3. Server 16 through the bank
530230 五、發明說明(12)530230 V. Description of the invention (12)
BankNet網路傳送更改c碼之作業請求給發卡銀行1 1進行◦ 】ic碼改無誤並齒等J寺回傳結果’發卡銀行11檢驗持卡者資料 下新c碼(^六貝料庫裡之c碼比對無誤(步驟S7 —4),則存 1 β 運曾祠服^並傳回更改結果成功訊號為1給運算伺服器 ^ 器1 6將結果傳給SSL—憑證驗證伺服器1 8,因The BankNet network sends a request to change the c code to the issuing bank 1 1】】 The ic code is correct and the results of J Temple will be returned. 'The issuing bank 11 checks the new c code under the cardholder's information. c code comparison is correct (step S7-4), then save 1 β Yun Zeng Temple service ^ and return the change result success signal is 1 to the calculation server ^ server 1 6 to send the result to SSL-certificate verification server 1 8 ,because
:士二奋功,SSL-憑證驗證伺服器將以SSL協定加密傳 : 太改C碼作業之Approval Code值1給持卡者端SSL ::錢包⑶軟體(步驟叫似_電子錢包 二,,提示已更改成功的訊息告知持卡者,並將卡號及 义』限’以此新c碼加密存在電腦裡(步驟S7_6)。 持卡者在完成了上述註冊身份驗證流程後,即可開於 ::網路上進行購物付款動作,其購物付款作業流程 綠^圖所示,首先,持卡者13使用瀏覽器軟體至提供SSL· A:,欠機制之網路特約商店“網站上進行購物(以箭號 ^〜表示),當選購完成所要購買之商品要進行付款時, J點選商店網頁SSL結帳選項。 丄、罔路特約商店丨4產生此次交易的交易編號(1丨如)、 乂易金額、交易明細等資料呼叫3^一“16()函數產生 訊息(^_6),將此訊息回傳給持卡者端電腦 y虎Α8-2表不),要求瀏覽器開啟SSL—電子錢包131軟 Ϊ蚀—電子錢包131隨後要求持卡者登入並選擇所欲付 τ人吏用之信用卡及輸入此信用卡c碼資料。 持卡者13輸入C碼資料之後,SSL—電子錢包131依此加 乂解密讀出持卡者註冊時所加密儲存於該個人電腦的信用: Shi Erfengong, SSL-certificate verification server will use SSL protocol to encrypt transmission: Approval Code value 1 of C code operation is given to cardholder's end SSL :: Wallet ⑶ software A message indicating that the change has been successfully notified to the cardholder, and the card number and meaning "Limited" are stored in the computer with this new c-code encrypted (step S7_6). After the cardholder has completed the registration verification process described above, he can open the card at :: The online payment process for making purchases and payments on the Internet, as shown in the green flow chart. First, cardholder 13 uses browser software to make purchases on the website of an online special shop that provides SSL · A: (Indicated by arrows ^ ~). When the purchase of the goods to be purchased is completed, J clicks the SSL checkout option on the store web page. 丄, 罔 路 特 商店 店 丨 4 generates the transaction number of the transaction (1 丨 as ), The transaction amount, transaction details and other data call 3 ^ -1 "16 () function to generate a message (^ _6), and return this message to the cardholder's computer y tiger Α8-2 (not shown), and ask the browser to open SSL—electronic wallet 131 soft erosion—electronic wallet 131 subsequently required Card sign in and select the desired credit card to pay τ officials who use it and enter this code c credit card information. After the cardholder 13 enters the C code information, the SSL-electronic wallet 131 then decrypts and reads out the credit stored in the personal computer encrypted by the cardholder during registration.
第15頁 530230 五、發明說明(13) 卡卡號與有效期限等資料,另外產生一CID代碼資料,隨 後SSL—電子錢包1 3 1使用收單銀行之公開金鍮,將信用 2 ί唬、有效期限、C碼、交易金額、交易編號與c 1 D等消 、資料封包加密’連同封包與交易編號以SSL協定傳送至 ^路特約商店14之SSL-販售伺服器(以箭號A8-3表示)。此 决1代碼資料可用”持卡人電腦之IP位址+交易處理時間” 口 口封包疋使用收單銀行的公開金餘加密產生的, f收單銀行1 5能夠解開,如此確保商家無法盜用持卡者 勺^用卡號、有效期限及C碼。 、、,十、f路特約商店1 4之SSL-販售伺服器於收到電子錢包所 达來貧料後,連同該特約商店14的電子憑證、 =額與從電子錢包所送來之封包,以SSL協定易加二 ΐ所申请之收單銀行15之SSL-收單伺服器17等待進行 杈權處理(以箭號A8_4表示)。 予传進仃 S,L—收單伺服器丨^於收到饥—販售伺服 “:料*:首先核對其中特約商店14電子憑; I 、’用收早銀行1 5之私密金鑰解開由電子錢包 c:、加 又易金頜、汀皁編號、CID等資料;之 信用卡相關資料送至驗證中心12之運算伺服: 曰人 用卡貧料是否正確的動作並比對句自士丄 易金額是否相同(以並骑C主一、 η… 孔息中交 檢杳,若θ Λ刖侧~5表不),以及對川資料進行 特㈣二Ilf料檢查發生錯誤則傳回錯誤碼給 叮J π y占14之SSL—販售伺服器。 530230Page 15 530230 V. Description of the invention (13) Card card number and expiration date and other information, and generate a CID code information, and then SSL-e-wallet 1 3 1 Use the public bank of the acquiring bank to credit 2 and make it valid. Term, C code, transaction amount, transaction number and c 1 D, etc., data packet encryption ', together with the packet and transaction number, are transmitted to the SSL-sales server of ^ Route Special Store 14 by SSL agreement (with arrow A8-3 Means). The code data of this decision can be generated by the “IP address of the cardholder's computer + transaction processing time”, which is generated by using the public balance of the acquirer ’s bank to encrypt the data. The acquirer ’s bank 15 can be unlocked, thus ensuring that the merchant cannot Cardholders use the card number, expiration date and C code. The SSL-sale server of the special store 14 on the road f, f, ten, and f. After receiving the data from the electronic wallet, together with the electronic certificate of the special store 14, the amount and the package sent from the electronic wallet , The SSL-acquisition server 17 of the acquiring bank 15 applied for by the SSL agreement Yijia Erji is waiting for the right processing (indicated by arrow A8_4). Yu Chuanjin 仃 S, L—Acquisition Server 丨 ^ Receiving Hungry—Sale Servo “: Material *: First check 14 of the special stores for the electronic voucher; I, 'Use the private key of the receiving bank 15 to solve Open the e-wallet c :, plus easy-to-finish jaw, Tingzao number, CID and other information; credit card related information is sent to the verification center 12's calculation server: whether the card used by the user is correct and compared with the sentence Whether the amount of exchange is the same (take C and C, one, η, etc., check it in the hole information, if θ Λ 刖 side ~ 5 does not indicate), and the special data on the Sichuan data to check if there is an error, then return an error Code for Ding J π y accounted for 14 SSL-sales server. 530230
如上述相關檢查結果益誤 俨用士士觫七外u ^ -收早伺服器1 7將會把 之於婼考裡金从^ 勿金頭貝科傳运給驗證中心1 2 又振处糸、、充伺服器19(以箭號A8-6表示),A 士斤避未 理系統伺服器1 9將相關資料細ώ☆ )由此技推處 銀行η取得此筆交易:;:=二網路轉送至所屬發卡 )。 技推、、Ό果(杈榷碼)(以箭號Α8-7表 回二權㈡統19取得各發卡銀行11之授權結果編 回給SSL—收早伺服器17(以箭號紉_8表示)。 ' SSL-收單伺服器1 7取得授權結果後,將此筆交易存7As the results of the above-mentioned related inspections are incorrect, use taxis and seven foreigners. ^-The early harvest server 17 will transfer it to Kaorijin from ^ Dojintobecco to the verification center. 、 Charging server 19 (indicated by arrow A8-6), A Shijin avoids the system server 19 to save the relevant information carefully ☆) From this technology to the bank to obtain this transaction:; == 2 Internet forwarding to their card issuer). Technical push, and fruit (forgotten code) (return to the second right with the arrow A8-7). The system 19 obtains the authorization results of the card-issuing banks 11 and compiles it back to SSL—Receiving early server 17 (with arrow th_8) Indicates). 'After the SSL-acquisition server 1 7 obtains the authorization result, the transaction is stored 7
石t)以/Λ場=欠結帳,並將此此筆交易之授權結果(授權 碼)告知特約商店14(以箭號A8_9表示)。 特:商店14於取得此筆交易之授權結果後,依結果做 必要之處理並將結果傳送回SSL—電子錢包131(以箭號 A8-10表示),而SSL—電子錢包131將提示持卡者此筆交易 之處理結果並加以記錄,持卡者! 3可隨時利用錢包查詢此 筆線上消費資料。Shi t) with / Λ field = unpaid checkout, and notify the authorized store 14 (indicated by arrow A8_9) of the authorization result (authorization code) of this transaction. Special: After obtaining the authorized result of this transaction, the store 14 will do necessary processing according to the result and send the result back to SSL-electronic wallet 131 (indicated by arrow A8-10), and SSL-electronic wallet 131 will prompt the card holder The transaction result of this transaction is recorded, cardholder! 3 You can use your wallet to check this online consumption information at any time.
第九圖係概略顯示持卡者1 3進行網際購物之實際範 例,圖中,持卡者13使用瀏覽器132連至網路特約商店14 之網頁91購物,並圈選所要的商品,如圖中是音樂⑶兩片 及烏龍茶一包,結算為1 0 0 0元台幣,持卡者確定購物結 算,經點選按鍵92進行結算。網路特約商店14產生此次的 交易編號(xid)為 0000 0 1 1 1 1 1 22222 333 330 0 0 0 1,交易金額 (purchAmt)為1 0 0 0元,交易幣值為臺幣,所以currency值 為901,幣值指數為〇,交易明細(od)為:音樂CD ΤΑβ 2The ninth picture is a rough example of the actual online shopping carried out by cardholders 13 and 3. In the figure, cardholder 13 uses browser 132 to connect to webpage 91 of special online shop 14 for shopping, and selects the desired product, as shown in the figure. There are two pieces of music CD and one bag of oolong tea. The settlement is NT $ 1,000. The cardholder determines the purchase settlement and clicks the button 92 to settle. The online special shop 14 generates the transaction ID (xid) of 0000 0 1 1 1 1 1 22 222 333 330 0 0 0 1, the transaction amount (purchAmt) is 1 0 0 0 yuan, and the transaction currency value is Taiwan dollar, so the currency The value is 901, the currency index is 0, and the transaction details (od) are: music CD ΤΑβ 2
530230 五、發明說明(15) TAB 30 0 CRTL 烏龍茶 TAB 1 TAB 40 0 CTRL,假設此商家 代碼為1 2 3 4 5 6 7 8 0 0 0 1,則S S L —M e r c h a n t伺服器呼叫 SSL — Sale()函數,產生WakeUp訊息,將訊息傳回給持卡者 端電腦,要求瀏覽器軟體自動開啟SSL一電子錢包131軟 體。 經啟動SSL—電子錢包131軟體,持卡者13選擇所欲付 款使用之信用卡及輸入此信用卡C碼資料( 637 1 ),SSL電 子錢包131以C碼解密讀出持卡者丨3註冊時所加密儲存於該 個人電腦的信用卡卡號(4579540 0 1 030 330 5 )與有效期限 (1 1 9 8 1 1 0 0 )等資料,另外產生一 c I D代碼資料,例如為 140· 96· 81· 169· 20 00· 04· 21。 SSL — E-Wallet軟體再以使用收單銀行15之公開金鑰, 將信用卡卡號( 4579540 0 1 03 03305 )、有效期限 "" (11981100)、C碼(6371)、交易金額(ι000)、交易編號 (0000011111222223333300001)與 〜 CID( 1 40. 96.8 1. 1 69.2000.04.21 )等資料加密封包為 envelopeA,將封包envei〇peA與交易編號 ( 00000 1 1 1 1 1 22222333330 000 1 ),以 SSL 協定傳送至網路特 約商店14之SSL〜販售伺服器(以箭號…-丨表示)。因封包是 使用收單銀行1 5的公開金鑰加密產生的有 能夠解開,如此確保商家無法盜用持卡者13的信;:;;1、5 有效期限及C碼。 儿 網路特約商店14之SSL一販售伺服器141則解開從電子 錢包1 31所送來資料,將該特約商店丨4的電子憑證、此次530230 5. Description of the invention (15) TAB 30 0 CRTL Oolong tea TAB 1 TAB 40 0 CTRL, assuming this merchant code is 1 2 3 4 5 6 7 8 0 0 0 1, then SSL — Merchant server calls SSL — Sale ( ) Function to generate a WakeUp message and send the message back to the cardholder's computer, asking the browser software to automatically open the SSL-electronic wallet 131 software. After activating the SSL-electronic wallet 131 software, the cardholder 13 selects the credit card to be used for payment and enters the C code data of this credit card (637 1). The SSL electronic wallet 131 decrypts and reads out the cardholder with the C code. 3 Encrypt the credit card number (4579540 0 1 030 330 5) and expiration date (1 1 9 8 1 1 0 0) stored in the personal computer, and generate a c ID code data, such as 140 · 96 · 81 · 169 · 20 00 · 04 · 21. SSL — The E-Wallet software uses the public key of the acquiring bank 15 to change the credit card number (4579540 0 1 03 03305), expiration date " " (11981100), C code (6371), transaction amount (ι000) , Transaction number (0000011111222223333300001) and ~ CID (1 40. 96.8 1. 1 69.2000.04.21) and other information plus a sealed packet as envelopeA, the packet envei〇peA and the transaction number (00000 1 1 1 1 1 22222333330 000 1), with SSL The agreement is transmitted to the SSL ~ sales server (indicated by the arrow ...- 丨) on the Internet special shop 14. Because the packet is encrypted using the public key of the acquirer's public key, it can be unlocked, so as to ensure that the merchant cannot steal the letter from the cardholder 13 ;; 1, 1, 5 expiration date and C code. The SSL-sale server 141 of the online special store 14 unlocks the data sent from the electronic wallet 1 31, and the electronic certificate of the special store 丨 4, this time
第18頁 530230 發明說明(16) 交易編號(0000011111222223333300001)、交易金額 ( 1 0 00 )與envel〇peA,以SSL協定加密傳送至收單銀行15之 SSL—收單伺服器17等待進行授權處理(以箭號人9 —2表示)。530230 Description of the invention on page 18 (16) The transaction number (0000011111222223333300001), the transaction amount (100 00) and envelopeA are encrypted and transmitted to the SSL-acquiring server 17 of the acquiring bank 15 using the SSL protocol and waiting for authorization processing ( (Represented by arrow man 9-2).
收單銀行1 5之SSL一收單伺服器1 7解開SSL一販售伺服器 1 4 1送來之資料後,首先核對其中特約商店1 4電子憑證的 合法身份,並用收單銀行1 5之私密金鑰解開封包 envelopeA ’取得持卡者信用卡卡號、有效期限、c碼、交 易金額、訂單編號、CID等資料;之後,SSL—收單伺服器 17比對持卡者1 3與商家的交易金額相同,檢查c丨D資料, 並將信用卡相關資料送至驗證中心丨2之運算伺服器丨6以進 行確認信用卡資料是否正確(以箭號八9 —3表示)。檢查結果 ,誤,收單伺服器17把信用卡卡號、有效期限與交易金額 貧料傳送給驗證中心1 2之授權處理系統伺服器丨9 (以箭號 A9-4表不),此授權處理系統伺服器丨9將相關資料經由銀 行二罔。路轉送至所屬發卡銀行丨丨取得此筆交易之授權結果 (才又權碼)(以前號A 9 - 5表示)。此例中授權碼為丨2 3 〇 〇 !。 〃 #又權處理系統伺服裔1 9取得發卡銀行11之授權結果後The SSL-acquisition server 1 7 of the acquiring bank 1 5 After unlocking the information sent by the SSL-sale server 1 4 1, first check the legal identity of the special store 14 electronic certificate and use the acquiring bank 1 5 Unlock the envelope with the private key of envelopeA 'to obtain the cardholder's credit card number, expiration date, c code, transaction amount, order number, CID and other information; after that, the SSL-acquisition server 17 compares the cardholder 1 3 with the merchant The transaction amount is the same, check c 丨 D data, and send the credit card related data to the verification server of the verification center 丨 2 to confirm whether the credit card information is correct (indicated by arrow 8-9-3). The check result is incorrect. The acquiring server 17 sends the credit card number, expiration date and transaction amount to the authorization processing server 12 of the verification center 12 (not shown by arrow A9-4). This authorization processing system The server 9 passes the relevant information through the bank. Transfer to the card-issuing bank to which it belongs 丨 丨 to obtain the authorization result of this transaction (only the code) (previously indicated by A 9-5). In this example, the authorization code is 丨 2 3 〇 〇!. 〃 #Youquan processing system server 19 After obtaining the authorization result of card issuing bank 11
將傳回給收單銀行之SSL_收單伺服器丨7(以箭號人9_6表 示)。SSL一收單伺服器17取得授權結果後,將此筆交易存 下來以待商場請款結帳,並將此筆交易之授權結果(授權 碼j 230^1)告知特約商店(以箭號“ —7表示)。特約商店於 此筆又易之授權結果後,依結果做必要之處理並將結 果傳回SSL—電子錢包131(以箭號A9-8表示)。8儿電子錢 包131將提示持卡者此筆交易之處理成功並加以記錄,持It will be returned to the acquiring bank's SSL_acquisition server 7 (indicated by arrow person 9_6). After the SSL one-acquisition server 17 obtains the authorization result, it saves this transaction for the store to request payment and checkout, and informs the authorized store (with the arrow " —7 ”). After this easy authorization result, the special store will perform necessary processing according to the result and return the result to SSL—electronic wallet 131 (indicated by arrow A9-8). 8E-electronic wallet 131 will prompt The cardholder successfully processed and recorded this transaction.
第19頁 530230 五、發明說明(17) 卡者可隨時利用錢包查詢此筆線上消費資料。 而當授權成功後,商家可以每日結帳清算,產生批次Page 19 530230 V. Description of the Invention (17) Cardholders can use the wallet to check this online consumption information at any time. When the authorization is successful, the merchant can checkout and clear daily to generate batches.
編號(batchID)例如為 0 0 0 0 0 0 1,呼叫 SSL —BatchCloseO 函數,與SSL一收單伺服器17進行清算處理作業。當商家出 貨後’使用者退貨,若電子商場已完成請款之交易,則得 進行退款處理作業,可呼叫SSL一Cred()應用函數,完成 SSL信用卡線上退款處理程序作業,其中在此例中am〇unt 金額為1 0 0 0,授權碼authCode為1 2 300 1。 由以上之說明可知,本發明之系統中加入持卡者之憑 證貧料可補足SSL加密協定安全不足的問題,並能確知輸 =信用卡卡號資料者即為本人,防止特約商店盜用消費"者 化用卡卡號相關資料之問題,如此達到無論是消費者、特 約商店、收單銀行、發卡銀行對於接受網際網路上的信用 卡父易都能彼此兼顧方便、安全的特性。 知上所陳’本發明無論就目的、手段及功效,在在 顯不$迥異於習知技術之特徵,為電子商務系統設計上之 一大突破,應符合發明專利之要件,懇請貴審查委員 察,早曰賜准專利,俾嘉惠社會,實感德便。 、The number (batchID) is, for example, 0 0 0 0 0 0 1. The SSL-BatchCloseO function is called to perform clearing processing operations with the SSL-acquiring server 17. When the merchant returns the goods, the user returns the goods. If the electronic shopping mall has completed the payment transaction, the refund processing operation can be performed. You can call the SSL-Cred () application function to complete the SSL credit card online refund processing program operation. In this example, the amount of am〇unt is 1 0 0 0, and the authorization code authCode is 1 2 300 1. From the above description, it can be known that adding the cardholder's certificate to the system of the present invention can make up for the lack of security of the SSL encryption protocol, and can confirm that the person who lost = credit card number data is himself, to prevent misappropriation of consumption by authorized stores. The problem of changing the relevant information of the card number, so that whether it is consumers, special stores, acquiring banks, card issuing banks, accepting credit cards on the Internet can be both convenient and secure. The knowledge of the present invention, regardless of the purpose, means and effect of the present invention, is significantly different from the characteristics of the conventional technology, is a major breakthrough in the design of e-commerce systems, and should meet the requirements of the invention patent. Observation, as early as the grant of quasi-patent, to benefit the society, I feel a sense of virtue. ,
530230 圖式簡單說明 【圖式簡單說明】 第一圖:係本發明之安全增強 圖0530230 Schematic illustration [Schematic description] The first picture: the security enhancement of the present invention. Fig. 0
式網路付款系統架構 第二圖:係概略顯示電子商揚灸 只丨弘丁冏%翏與本發的介 面與相關時機示意圖。 个七月之糸、、死 第二圖:係顯示各收單鈑并ώ > 々加祕同 早銀订自仃架設SSL—收單伺服器 之架構圖。 第四圖··係顯示各收單娘杆 單伺服器之架構圖。 丁 ”用一驗證中心之SSL—收 第五圖:係概略顯示使用 憑證資料碼。 用者向發卡銀行申請信用卡及 證 第六圖:係概略顯示持. 。 有向收單銀行註冊身份驗 第七圖:係概略顯示持卡者 向驗證中心更改憑證資料Architecture of online payment system Figure 2: This is a schematic diagram showing the interface and related timings of e-commerce and moxibustion. The second month of July, and the second month of death: Figure 2 shows the structure of each purchaser > 々 加密 同 and Zaoyin's custom-built SSL-acquisition server architecture diagram. The fourth picture shows the architecture of each server. D. Using SSL from a verification center—fifth picture: It shows the code of the voucher data. The user applies for a credit card and card from the card-issuing bank. The sixth picture: It shows the holding of the card. Figure 7: It shows the cardholder to change the voucher information to the verification center.
第八圖:係依據本發明之網 第九圖:係概略顯示持^路購物付款作業流程。 例。 、卞者網際購物付款之實際範 【圖號說明】 (11 )發卡銀行 (1 2 )驗證中心 (1 3 )持卡者 (131)電子錢包The eighth figure: the net according to the present invention. The ninth figure: outlines the flow of shopping on-line shopping. example. The actual range of payment for internet shopping by the customer [Illustration of drawing number] (11) Card issuing bank (1 2) Verification center (1 3) Card holder (131) Electronic wallet
$ 21頁$ 21 pages
530230 圖式簡單說明 (1 3 2 )瀏覽器 (1 4 )特約商店 (1 4 1)販售伺服器 (1 5 )收單銀行 (1 6 )運算伺服器 (1 7 )收單伺服器 (1 8 )憑證驗證伺服器 (1 9)授權處理系統伺服器 (9 1)網頁 (9 2 )按鍵530230 Schematic description (1 3 2) Browser (1 4) Special store (1 4 1) Sales server (1 5) Acquiring bank (1 6) Operation server (1 7) Acquiring server ( 1 8) Certificate verification server (1 9) Authorization processing system server (9 1) Web page (9 2) button
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW89116180ATW530230B (en) | 2000-08-11 | 2000-08-11 | Network transaction system with enhanced security |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW89116180ATW530230B (en) | 2000-08-11 | 2000-08-11 | Network transaction system with enhanced security |
| Publication Number | Publication Date |
|---|---|
| TW530230Btrue TW530230B (en) | 2003-05-01 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW89116180ATW530230B (en) | 2000-08-11 | 2000-08-11 | Network transaction system with enhanced security |
| Country | Link |
|---|---|
| TW (1) | TW530230B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8175938B2 (en) | 2004-04-13 | 2012-05-08 | Ebay Inc. | Method and system for facilitating merchant-initiated online payments |
| TWI566195B (en)* | 2009-12-04 | 2017-01-11 | A Method of Transferring Trust Elements to Credit Certification |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8175938B2 (en) | 2004-04-13 | 2012-05-08 | Ebay Inc. | Method and system for facilitating merchant-initiated online payments |
| US9317841B2 (en) | 2004-04-13 | 2016-04-19 | Paypal, Inc. | Method and system for facilitating online payments based on an established payment agreement |
| US9940622B2 (en) | 2004-04-13 | 2018-04-10 | Paypal, Inc. | Method and system for facilitating online payments based on an established payment agreement |
| US10796313B2 (en) | 2004-04-13 | 2020-10-06 | Paypal, Inc. | Method and system for facilitating online payments based on an established payment agreement |
| TWI566195B (en)* | 2009-12-04 | 2017-01-11 | A Method of Transferring Trust Elements to Credit Certification |
| Publication | Publication Date | Title |
|---|---|---|
| US20090327133A1 (en) | Secure mechanism and system for processing financial transactions | |
| US20030130955A1 (en) | Secure transaction systems | |
| US20010051902A1 (en) | Method for performing secure internet transactions | |
| US20150120536A1 (en) | Electronic payment and authentication system | |
| KR100841750B1 (en) | Electronic Funds Transfer-House Fund | |
| TW201241766A (en) | ATM/KIOSK cash acceptance | |
| JP2006504208A (en) | Loyalty / reward program integration system and method using payment authentication system | |
| TW200306483A (en) | System and method for secure credit and debit card transactions | |
| JP2008529146A (en) | Payment without fraud for internet purchases | |
| US10360547B2 (en) | Processing payment at a point of sale with limited information | |
| WO2014108916A1 (en) | A computer implemented system and method for cashless and cardless transactions | |
| CZ2007504A3 (en) | Method of making payment transaction by making use of mobile terminal | |
| WO2001022374A1 (en) | A method for the secure transfer of payments | |
| JP2003514316A (en) | Payment method and system for online commerce | |
| AU2006309231B2 (en) | Web terminal and bridge that support passing of authentication data to acquirer for payment processing | |
| AU2009203205B2 (en) | Payment System | |
| US20050015304A1 (en) | Secure purchasing over the internet | |
| JP2002099716A (en) | Electronic settlement system | |
| JP2004062771A (en) | Settlement system using account of internet bank | |
| US20030200162A1 (en) | Secure peer-to-peer money transfer | |
| JP2003168063A (en) | Payment approval method and system in card payment method | |
| JP2008243199A (en) | Internet business security method | |
| US8799089B1 (en) | Virtual payment system for the physical world | |
| JP2003534604A (en) | System and method for facilitating payment over the internet or similar communication medium | |
| US20020123935A1 (en) | Secure commerce system and method |
| Date | Code | Title | Description |
|---|---|---|---|
| GD4A | Issue of patent certificate for granted invention patent | ||
| MM4A | Annulment or lapse of patent due to non-payment of fees |