CN104778384A - Authorization server, authorization method and computer program product - Google Patents
Authorization server, authorization method and computer program product Download PDFInfo
- Publication number
- CN104778384A CN104778384A CN201410013977.7A CN201410013977A CN104778384A CN 104778384 A CN104778384 A CN 104778384A CN 201410013977 A CN201410013977 A CN 201410013977A CN 104778384 A CN104778384 A CN 104778384A
- Authority
- CN
- China
- Prior art keywords
- authorization
- code
- server
- remote validation
- initial
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention discloses an authorization server, an authorization method and a computer program product. The authorization server is arranged between an electronic device and intermediate equipment in a signal connection way. The authorization server comprises a transmission receiver and a processor, wherein the transmission receiver receives a request message generated by the electronic device; the processor responds to the request message to provide an initial authorization code and generates a server side authorization code according to the initial authorization code, wherein the transmission receiver is used for receiving a remote authorization code obtained according to the initial authorization code after the initial authorization code is transmitted; and the processor authorizes a processing program when a preset condition is true.
Description
Technical field
The invention relates to a kind of authorization server, authorization method and computer program, and relate to authorization server that a kind of electronic installation of arranging in pairs or groups uses, authorization method and computer program especially.
Background technology
In today of network prosperity, many automation services are also accompanied.For example, financial transaction system is through network, provides user the example of convenient service.For financial institution, automation services can not only save many operation costs, also can bring the service that user is quicker and polynary.
Typical financial transaction system, provides the financial service of robotization through the Internet bank or ATM (Automatic Teller Machine).No matter user is utilize the Internet bank or ATM (Automatic Teller Machine) to carry out automated transaction, and fiscard all plays the part of a considerable role.Financial transaction system must be transmitted through the use of fiscard, confirms the status of user, and then provides financial service according to the account information of user.In brief, while financial transaction system provides automated transaction, the still security of notably customer identification.
But there are some problems in this kind of trade mode.Such as, not each bank client has the trading function of calculating punch and the Internet bank, user not necessarily can carry with fiscard, and bank's ATM (Automatic Teller Machine) quantity that can arrange is also limited etc.In other words, the automation services that the financial transaction system commonly used provides is still convenient not.
Hold, financial transaction system must carry out customer identification to depositor, and user can be allowed to use automation services.But existing financial transaction system must be transmitted through fiscard and carries out customer identification to depositor, user is caused still to feel inconvenience.
Except financial sector, many authoring systems also often run into similar problem.That is, convenience when user carries out automation mechanized operation is needed to take into account, with safety issue when carrying out authorization service.
Summary of the invention
The invention relates to a kind of authorization server, authorization method and computer program, this kind of authorization server, authorization method and computer program take into account the consideration of convenience and security.
According to a first aspect of the invention, propose a kind of authorization server, comprise: one transmits receiver, and it is that message is asked in reception one; And, one processor, respond this request message and an initial authorization code is provided, and produce a server-side identifying code according to this initial authorization code, wherein this transmission receiver is after this initial authorization code of transmission, receive the remote validation code obtained according to this initial authorization code, and this processor is when judgement one pre-conditioned establishment, authorizes and carry out a handling procedure.
According to a second aspect of the invention, propose a kind of authorization method, be applied to an authorization server, this authorization method comprises following steps: response one is asked message and provides an initial authorization code; A server-side identifying code is produced according to this initial authorization code; Receive the remote validation code obtained according to this initial authorization code; And, this remote validation code and this server-side identifying code meet one pre-conditioned time, authorize carry out a handling procedure.
According to a third aspect of the invention we, propose a kind of authorization method, be applied to an electronic installation, this authorization method comprises following steps: transmit a request message; The initial authorization code that reception responds this request message and produces; A remote validation code is produced according to this initial authorization code; And, this remote validation code is sent to an authorization server through via a middle device, wherein and this authorization server judges a pre-conditioned establishment according to this remote validation code time, authorize carry out a handling procedure.
According to a forth aspect of the invention, a kind of computer program is proposed, it stores a software program, will an electronic installation with a controller be made to carry out an authorization method when this software program performs, this authorization method comprises the following steps: that message is asked in transmission one; The initial authorization code that reception responds this request message and produces; A remote validation code is produced according to this initial authorization code; And, this remote validation code is sent to an authorization server through a middle device, wherein, when this authorization server judges a pre-conditioned establishment according to this remote validation code, authorizes and carry out a handling procedure.
In order to have better understanding to above-mentioned and other aspect of the present invention, preferred embodiment cited below particularly, and coordinating institute's accompanying drawings, being described in detail below:
Accompanying drawing explanation
Fig. 1, it is the schematic diagram of the authoring system of first embodiment of the invention.
Fig. 2 A, Fig. 2 B, it is the schematic diagram of the authoring system of first embodiment of the invention.
Fig. 3, it is the schematic diagram that electronic installation provides Mobile Banking function choosing-item.
Fig. 4 A, it is that user utilizes electronic installation to choose the schematic diagram of drawing account.
Fig. 4 B, it is that user utilizes electronic installation to input the schematic diagram of Withdrawal Amount.
Fig. 5, it is that authorization server transmits the schematic diagram of initial authorization code to electronic installation through news in brief.
Fig. 6, it is the schematic diagram that electronic installation provides without Card Withdrawals function choosing-item.
Fig. 7 A, it is the schematic diagram that user's selection obtains the function choosing-item of remote validation code.
Fig. 7 B, it is the schematic diagram that user inputs initial authorization code.
Fig. 7 C, it is the schematic diagram of electronic installation display remote validation code.
Fig. 8 A, it is the schematic diagram of user via ATM (Automatic Teller Machine) input initial authorization code.
Fig. 8 B, it is the schematic diagram of user via ATM (Automatic Teller Machine) input remote validation code.
Fig. 9, it is the schematic diagram utilizing intelligent chip collocation mobile phone.
Figure 10, it is the schematic diagram of the authoring system of second embodiment of the invention.
Figure 11, it is the schematic diagram of authoring system of the present invention.
Figure 12, it is the process flow diagram of authorization method of the present invention.
[symbol description]
Electronic installation 21 middle device 25
Authorization server 23,43 internal network 29
Communication network 27 SIM card 81
Intelligent paster 83 mobile phone 85
First mobile phone 41 second mobile phone 45
Communication network 47,49 processor 131
Transmit receiver 133
Embodiment
For ease of illustrating, below with the citing of financial transaction system as authoring system.Illustrate that user can, when not using fiscard, utilize electronic installation to carry out program of withdrawing the money herein.But authorization method of the present invention also can be widely used in the financial transaction procedure of other type, and, various types of authoring system.As previously mentioned, authoring system must consider security and convenience.For this reason, authorization server of the present invention, the electronic installation (such as: mobile phone) allowing user utilize to be convenient for carrying, verifies the status of user more easily.In addition, the present invention is through after producing identifying code respectively by authorization server and electronic installation, then the mode of comparing, therefore can maintain the security of authorization server.
According to the first embodiment of the present invention, user can arrange in pairs or groups and use ATM (Automatic Teller Machine) and mobile phone to carry out withdrawal procedures.In this embodiment, financial transaction system (authoring system) comprises: ATM (Automatic Teller Machine) (middle device) and financial platform (authorization server).Financial transaction system through the mobile phone (electronic installation) of user, the status of authentication of users and authority.Authorization method of the present invention can in more convenient mode, the status of authentication of user.
Refer to Fig. 1, it is the schematic diagram of the present invention using financial transaction system as the first embodiment.Wherein, between electronic installation 21 and authorization server 23, through communication network, signal connects; Authorize between servo 23 device and middle device 25, through internal network 29, signal connects.Between electronic installation 21 and middle device 25, short range transmission can be utilized and signal connects.Or, by the user holding electronic installation 21, manually the input interface of middle device 25 is operated.About the detailed step between authoring system and electronic installation, can referring to the explanation of Fig. 2 A, Fig. 2 B.
Refer to Fig. 2 A, Fig. 2 B, it is the schematic diagram of the authoring system of first embodiment of the invention.Fig. 2 A, Fig. 2 B represent electronic installation 21, middle device 25, authorization server 23 action on a timeline with three longitudinal axis respectively.If when the action carried out relates to two devices, then represent with the direction of arrow.
For ease of illustrating, this sentences based on the framework of Fig. 1, the flow process of key diagram 2A, Fig. 2 B.Further, arrange in pairs or groups when flow process is described, Fig. 3, Fig. 4 A, Fig. 4 B, Fig. 5, Fig. 6, Fig. 7 A, Fig. 7 B, Fig. 7 C, Fig. 8 A, Fig. 8 B illustrates the execution page of electronic installation 21 and middle device 25.
First, user chooses Mobile Banking function choosing-item (step S211, Fig. 3) through application software.Then, Fig. 4 A represent user select to withdraw deposit from electronic money bag.Fig. 4 B then suppose user input for withdraw deposit the amount of money be 100 yuan.Herein, these operations user carried out, are converted to a request message further.In other words, request message is equivalent to the transaction content that user's needs carry out.Such as: user A selects to claim 100 yuan from electronic money bag.Electronic installation 21 is according to the operation of user, and correspondence produces the request message (step S212) of withdrawing deposit.Based on the consideration of security, after electronic installation 21 can be encrypted (step S213) to request message, then the request message after encryption is sent to authorization server 23 (step S214) via communication network 27.
After the request message (step S231) of authorization server 23 after receiving encryption, deciphering draws the content (step S232) of request message.Such as, after authorization server 23 is decrypted request message, judge that request message is spread out of by user A, and user A wishes drawing 100 yuan.
Then, authorization server 23 will judge whether the account of user A exists, and, the account balance of user A, whether be enough to pay this debit transactions the amount of money for claiming.That is.Authorization server 23 will judge the user of transfer request message, and whether its account exists in authorization database.Further, whether authorization server 23, by judging the content of request message, meets the authority corresponding to user's account.
If authorization server 23 judges that user's account does not exist, or although user's account exists, but user when exceeding the authority of user for the operation carried out, authorization server 23 can pass through short message service (Short message service, referred to as SMS) and transmits the mobile phone of a miscue message to user A.For this situation, authorization flow can directly stop.If authorization server 23 judges that user's account exists, and user when meeting the authority of user for the operation carried out, authorization server 23 produces an initial authorization code.Therefore, step S233 is, authorization server 23 optionally provides initial authorization code.
The initial authorization code produced by authorization server 23, can pass through SMS and is sent to electronic installation 21 (step S2344).Based on the consideration of security, when authorization server 23 transmits initial authorization code, limit one further and preset period.User, after receiving initial authorization code, must complete follow-up authorization flow within default period.That is, user must during giving tacit consent in, the remote validation code produced by electronic installation 21, is sent to authorization server 23 through middle device 25.Preset the length of period, do not need to be defined, such as: can suppose that presetting period is 5 minutes or 30 minutes etc.
Such as, Fig. 5 represents authorization server and notifies user through SMS, and initial authorization code is 874243.In addition, user is also notified before the time point of 2013/5/1813: 28, need utilize electronic installation 21 to produce remote validation code, completes and transmit remote validation code.
As shown in Figure 6, suppose that user is after receiving SMS, select to carry out without Card Withdrawals.Now, electronic installation 21 based on initial authorization code, will carry out disposal password generating routine, and then produce remote validation code (step S215).Fig. 7 A represents the function choosing-item that user selects to carry out obtaining remote validation code; Fig. 7 B is that after electronic installation 21 shows the picture of input initial authorization code, user inputs the initial authorization code of 874243; And, Fig. 7 C be electronic installation 21 according to the initial authorization code of 874243, carry out disposal password generating routine and the remote validation code 193141 produced.
During practical application, each step of foregoing schemes also can realize in different ways.Such as, SMS is no doubt the one transmission medium that the messages such as miscue code, initial authorization code are reached electronic installation 21 by authorization server 23.But the load mode of other types, also can as a kind of medium of citation mode as transmitted (On the air, referred to as OTA), instant messaging software (such as: WhatsApp, Line etc.), Email etc. in the air.
Moreover the disposal password generating routine that electronic installation 21 provides, can automatically perform after reception initial authorization code through application software.Or electronic installation 21 provides operation pages, user is allowed manually to input initial authorization code, and after choosing confirmation, then produce remote validation code further.Must notice, the implementation of application software and storing media do not need to be defined, and can be replaced voluntarily by this case person of ordinary skill in the field.
After producing remote validation code via mobile phone, initial authorization code and remote validation code are inputed to middle device (step S216, step S217) by user.Fig. 8 A is the prompting message of the screen display of ATM (Automatic Teller Machine), allows user through the input interface such as physical button, Touch Screen, manually input initial authorization code.User inputs 874243 and after pressing confirmation, and the screen of ATM (Automatic Teller Machine) will the hint image of display Fig. 8 B.User according to the remote validation code of mobile phone screen display, manually inputs to ATM (Automatic Teller Machine) again.
Except utilizing manual input mode, also may adopt short range transmission between mobile phone and ATM (Automatic Teller Machine) and carry out transmission and the reception of initial authorization code and remote validation code.Short range transmission can be: the modes such as wireless network, near-field communication (Near Field Communication, referred to as NFC).
Initial authorization code and remote validation code, after reception initial authorization code and remote validation code, are sent to authorization server (step S252) by ATM (Automatic Teller Machine).Authorization server 23 judges pre-conditioned whether establishment (step S236) further.
Whether pre-conditionedly comprise two judgements, one is, be less than and preset period during producing initial authorization code and receiving remote validation code; It two is whether the server-side identifying code that remote validation code and authorization server self produce meets.When these two judged results are certainly, be just considered as pre-conditioned establishment.Wherein, when first result judged is as negative, represents authorization server 23 and receive remote validation code too late.Now, authorization server 23 will interrupt the withdrawal procedures of user, and object is the loss preventing initial authorization code.Moreover, carry out the security that second judges more can guarantee further withdrawal procedures.
In order to promote the security of data transmission, the authorization server 23 of this case according to disposal password (One Time Password, referred to as OTP) generating routine, after carrying out computing, produces remote validation code with electronic installation 21 to initial authorization code.Disposal password generating routine belongs to the practice dynamically producing password, and the corresponding result of calculation produced is uncertain.Because authorization server 23 and electronic installation 21 are according to identical initial authorization code, carry out disposal password generating routine separately.Therefore, both server-side identifying codes of producing respectively and remote validation code should be consistent with each other.If the server-side identifying code that authorization server 23 produces, inconsistent each other with received remote validation code, be interfered when may be the transmission of remote validation code, then authorization flow will be interrupted.
When pre-conditioned be judged as establishment time, authorization server 23 just authorised user wishes the withdrawal procedures that carries out.Afterwards, mandate is carried out handling procedure (step S237) by middle device 25 by authorization server 23, and, provide the handling procedure needed for electronic installation 21 (step S253) by middle device 25.Wherein, handling procedure is, the request message that response electronic installation 21 produces and the service content that provides.Such as: cash 100 yuan is provided.
Further, if when user wishes to carry out many financial transactions, similar flow process will be carried out repeatedly.Suppose that user wishes to carry out three financial transactions, then, electronic installation 21 will produce three corresponding request messages for these three financial transactions.Authorization server 23 will provide three initial authorization codes for these three request messages.These three initial authorization codes produce three server-side identifying codes by authorization server 23 through disposal password generating routine; And, produce three remote validation codes by electronic installation 21.After authorization server 23 receives these three remote validation codes through middle device 25, judge whether the reception of these three remote validation codes meets pre-conditioned respectively.
Because these three financial transactions all have corresponding initial authorization code, even if the time point that these three financial transactions produce is quite close, authorization server 23 still obviously can distinguish these three financial transactions.Moreover, because these three financial transactions are independent separately, therefore, may produce and only have a financial transaction smoothly by authorizing; Three financial transactions are all by authorizing; Or three financial transactions are not all by situations such as mandates.
During practical application, the application software (such as: Mobile Banking) used by electronic installation 21, can operate on general embedded OS (such as: Android) and use.Or application software also may be that the assembly of relative bottom provided by electronic installation.Such as: in SIM card or Micro SIM card store applications.In addition, application software also can pass through a kind of intelligent paster (smart film) 83 provides.Intelligent paster 83 is that a kind of size and client identification module (Subscriber IdentityModule, referred to as SIM) block quite, but a kind of circuit of very thin thickness.Intelligent paster can provide the application software needed for authorization flow.
Refer to Fig. 9, it is the schematic diagram utilizing intelligent chip collocation mobile phone.With regard to outward appearance, intelligent paster 83 is a thin slice, and the joint configuration mode on its surface is consistent with the joint configuration mode of SIM card 81.
In addition, the contact C1 ~ C8 of intelligent paster 83 can its upper and lower both sides of conducting.Intelligent paster 83 is used to be attached between the contact of SIM card and slot, and can be compatible with the circuit of SIM card.
As everyone knows, mobile phone 85 SIM card 81 of must arranging in pairs or groups just can provide various telecommunications service, and therefore, all mobile phones 85 all have SIM card slot.When providing Mobile Banking function by intelligent paster 83, not needing to consider Telecom operators, the pattern of communication device or the pattern of SIM card, is one implementation quite easily.
Moreover the second embodiment of the present invention is then propose for the still not universal area of the setting of ATM (Automatic Teller Machine).In these areas, financial institution can set up cooperative relationship with private or other dealers (hereinafter referred to as, commission merchant), when general individual wishes to carry out financial transaction, can seek these agential assistance.
Refer to Figure 10, it is the schematic diagram of the authoring system of second embodiment of the invention.User is still supposed only to hold mobile phone (the first mobile phone 41) herein and without fiscard.On the other hand, suppose that commission merchant provides commission merchant's equipment (the second mobile phone 45).In such cases, the role of middle device played the part of by the second mobile phone 45.
Second mobile phone 45 can pass through the mode such as contact panel or button and provides input interface.By input interface, user or commission merchant can carry out input operation.Accordingly, the second mobile phone 45 can obtain initial authorization code and remote validation code.In addition, the second mobile phone also comprises delivery module, for initial authorization code and remote validation code are sent to authorization server 43.
Same, in this embodiment, the second mobile phone 45 also can be arranged in pairs or groups through SIM card the mode of intelligent paster, within be built in the application software of intelligent paster, allow middle device participate in authorization flow.Certainly, the second mobile phone 45 participates in the application software that authorization flow adopts, and also may operate on the built-in embedded OS of mobile phone, or the bottom software provided by SIM card performs.The practice of this part can analogize aforementioned explanation, no longer describes in detail herein.
In this embodiment example, the first mobile phone 41 has the first intelligent paster 41a, and through communication network 47, signal is connected to authorization server 43 to the first mobile phone 41.Second mobile phone 45 has the 45a of the second intelligent paster, and through communication network 49, signal is connected to authorization server 43 to middle device 45.In this embodiment, the interaction between the first mobile phone 41, second mobile phone 45, authorization server 43 is roughly similar to the first embodiment, repeats no more herein.
But in a second embodiment, user also can pass through vival voice, informs commission merchant, input initial authorization code and remote validation code by commission merchant at the second mobile phone 45.Thereafter, initial authorization code and remote validation code are sent to authorization server 43 by the second mobile phone 45 again.Compare with the first embodiment, in a second embodiment, the second mobile phone 45 obtains the mode more elasticity of initial authorization code and remote validation code.
In this embodiment, when authorization server 43 judge pre-conditioned as meeting time, authorization server 43 can transmit news in brief to the second mobile phone 45, and notification agent business can carry out the business tine that user asks.In addition, authorization server 43 also can transmit news in brief first mobile phone 41 simultaneously, uses and notifies that this transaction content of user is obtained the authorization.Because user also can receive news in brief, commission merchant thus can be avoided to make a mistake when acting on behalf of and performing financial business.
In this embodiment, the mobile phone of user and service provider, all uses existing communication network.Even, user does not need to hurry back and forth and is to and from financial institution or looks for ATM (Automatic Teller Machine), can complete many financial transactions.For financial institution, do not need the cost spending installing ATM (Automatic Teller Machine), commission merchant can be allowed to carry out the business tine of financial transactions such as withholding, pay out.
Subsidiary one carries, and in a second embodiment, is not carry out exchanges data through internal network between the second mobile phone 45 and authorization server 43.Therefore, initial authorization code and remote validation code are sent to the mode of authorization server 43 by the second mobile phone 45; And the mode of authorization server 43 notification agent business, is not limited with news in brief.Such as, the load mode of other types, as transmitted (Onthe air, referred to as OTA), instant messaging software (such as: WhatsApp, Line etc.), Email etc. in the air, also can be used.
Refer to Figure 11, it is the schematic diagram of authorization server of the present invention and electronic installation, middle device.Authorization server 13 of the present invention is connected with electronic installation 11, middle device 15 signal, and authorization server 13 comprises processor 131 and transmits receiver 133.Wherein, transmit receiver 133 signal and be connected to electronic installation 11 and middle device 15.
Transmit the request message that receiver 133 transmits for receiving electronic installation 11.Processor 131 response request message and initial authorization code is provided, and produce server-side identifying code according to initial authorization code.Wherein transmitting receiver 133 is after transmission initial authorization code, receives the remote validation code obtained according to initial authorization code.Thereafter, processor 131 is in time judging pre-conditioned establishment, authorizes and performs handling procedure by middle device 15.Need notice, though the electronic installation 11 described in aforesaid two embodiments is for mobile phone, the electronic installation 11 of other type also can be arranged in pairs or groups use.
In fig. 11, authorization server 13 and electronic installation 11 through communication network (not painting formula) each other signal be connected.According to the difference of application, middle device 13 may signal be connected to authorization server 13 through communication network (not painting formula) or internal network (not painting formula).According to previous embodiment, Figure 11, with the numbering of step, represents at middle device 15, between authorization server 13 and electronic installation 11, the sequencing of action, and represents the interaction between each device with the direction of arrow.About this graphic arrow and corresponding step, please in the lump referring to the explanation of Figure 12.
Refer to Figure 12, it is the process flow diagram of authorization method of the present invention.First, electronic installation 11 produces request message (step S501), and request message is sent to authorization server (step S502).According to request message, selectivity provides initial authorization code (step S503) to authorization server 13.
Step S503 can comprise two sub-steps further: authorization server 13 utilizes processor 131, draws user account and handling procedure (step S503a) according to request message; And processor 131 judges whether the content of handling procedure meets the authority (S503b) corresponding to user account.If when user's account that step S503a draws does not exist the database of authorization server 13, authorization server 13 can't provide initial authorization code.Or if step S503b judges, when the content that user wishes to carry out handling procedure does not meet the authority corresponding to user account, authorization server 13 can't provide initial authorization code.
Thereafter, authorization server 13 utilizes transmission receiver 133 that initial authorization code is sent to electronic installation 11 (S5034).The processor 131 of authorization server 13 produces server-side identifying code (step S505) according to initial authorization code, and electronic installation 11 produces remote validation code (step S506) according to initial authorization code.Wherein, step S505 and step S506 successively needn't limit.Or both also can carry out simultaneously.
After electronic installation 11 produces remote validation code, transmission initial authorization code and remote validation code are to middle device 15 (step S507).Afterwards, remote validation code is sent to authorization server 13 (step S508) by middle device 15 again.Authorization server 13 will judge pre-conditioned whether establishment (step S509).
If the judged result of step S509 is negative, authorization server 13 terminates this authorization flow.Now, authorization server 13 can pass through middle device 15 and shows error messages.If the judged result of step S509 is affirmative, mandate middle device 15 is carried out handling procedure (step S510) by authorization server 13.
Although aforesaid embodiment hypothesis electronic installation is mobile phone, during practical application, be not limited with mobile phone.And in the authorization method that electronic installation performs, its implementation can pass through the modes such as SIM card, intelligent paster, application software.Hold, authorization method of the present invention, can pass through software program and be stored in various types of computer program.Such as there is the electronic installation of controller, controller all can be utilized to perform the software program realizing authorization method of the present invention.That is, in software program, transfer request message is carried out; Receive response request message and produce initial authorization code; Remote validation code is produced according to initial authorization code; And, remote validation code is sent to the step of authorization server through middle device.Wherein, when authorization server judges pre-conditioned establishment according to remote validation code, perform handling procedure.
When adopting authorization method of the present invention, electronic installation of only need arranging in pairs or groups carries out status checking to user, just can use the financial transaction of various robotization.Even, ATM (Automatic Teller Machine) of can also arranging in pairs or groups, when without fiscard, directly claims cash.This kind of authorization method can save user and must carry the inconvenience that fiscard just can carry out financial transaction, can also arrange not universal area, provide financial transaction by the authorised distributor of financial institution in ATM (Automatic Teller Machine).Moreover the present invention arranges in pairs or groups the practice of disposal password generating routine, also can guarantee that financial transaction system carries out the security of account user identification.
Need notice, only manage aforesaid explanation system for financial transaction system, but the application of authoring system of the present invention not be as limit.Such as variously the authoring system carrying out user's customer identification is needed, such as: archives download system, kinds of goods marketing system, ticket sale system etc., all can adopt conception of the present invention.
In sum, although the present invention with preferred embodiment disclose as above, so itself and be not used to limit the present invention.Persond having ordinary knowledge in the technical field of the present invention, without departing from the spirit and scope of the present invention, when being used for a variety of modifications and variations.Therefore, protection scope of the present invention is when being as the criterion of defining depending on the right of enclosing.
Claims (30)
1. an authorization server, comprises:
One transmits receiver, and it is that message is asked in reception one; And
One processor, respond this request message and an initial authorization code is provided, and produce a server-side identifying code according to this initial authorization code, wherein this transmission receiver is after this initial authorization code of transmission, receive the remote validation code obtained according to this initial authorization code, and this processor is when judgement one pre-conditioned establishment, authorizes and carry out a handling procedure.
2. authorization server system according to claim 1, wherein this implied terms refers to, this authorization server is preset in period one and received this remote validation code, and this remote validation code symbol closes this server-side identifying code.
3. authorization server system according to claim 1, wherein this transmission receiver signal is connected to an electronic installation, and this electronic installation produces this request message, and produce this remote validation code according to this initial authorization code.
4. authorization server according to claim 3, wherein this electronic installation is through a communication network and signal is connected to this transmission receiver.
5. authorization server system according to claim 3, wherein this processor produces this server-side identifying code according to a disposal password generating routine, and this electronic installation produces this remote validation code according to this disposal password generating routine.
6. authorization server according to claim 3, wherein this electronic installation is one first mobile phone, and this first mobile phone is through an application software and produces this request message, produces this remote validation code according to this initial authorization code.
7. authorization server according to claim 6, wherein these first-hand facility have one first client identification module (Subscriber Identity Module, SIM) block, and this application software provides by with one first intelligent paster of this first client identification module compatibility, this first client identification module card.
8. authorization server according to claim 6, wherein these first-hand facility have an embedded OS, and this application software operates on this embedded OS.
9. authorization server according to claim 1, wherein this transmission receiver signal is connected to a middle device, and this middle device is after obtaining this remote validation code, and this remote validation code is sent to this authorization server.
10. authorization server according to claim 9, wherein this middle device is through an internal network or a communication network and signal is connected to this transmission receiver.
11. authorization servers according to claim 9, wherein this middle device is to provide the input interface for inputting this remote validation code.
12. authorization servers according to claim 9, wherein this middle device and this electronic installation are through a short range transmission and signal is connected to an electronic installation, and this remote validation code is sent to this middle device by this electronic installation through this short range transmission.
13. authorization servers according to claim 12, wherein this short range transmission is a wireless network, a near-field communication (Near Field Communication, referred to as NFC).
14. authorization servers according to claim 9, wherein this middle device is a cash machine or commission merchant's equipment.
15. authorization servers according to claim 14, wherein this commission merchant's equipment is one second mobile phone, and this second mobile phone comprises:
One input interface, it obtains this initial authorization code and this remote validation code according to an input operation; And,
One delivery module, it transmits this initial authorization code and this remote validation code to this authorization server.
16. authorization servers according to claim 15, wherein these second-hand's facility have one second client identification module (Subscriber Identity Module, SIM) block, and the application software controlling this input interface provides by with one second intelligent paster of this second client identification module compatibility, this second client identification module card.
17. authorization servers according to claim 16, wherein these second-hand's facility have an embedded OS, and this application software operates on this embedded OS.
18. authorization servers according to claim 1, wherein this authorization server is a financial platform, and this request message is a financial transaction procedure.
19. 1 kinds of authorization methods, are applied to an authorization server, and this authorization method comprises following steps:
Response one is asked message and provides an initial authorization code;
A server-side identifying code is produced according to this initial authorization code;
Receive the remote validation code obtained according to this initial authorization code; And,
This remote validation code and this server-side identifying code meet one pre-conditioned time, authorize carry out a handling procedure.
20. authorization methods according to claim 19, wherein this pre-conditionedly refers to:
This authorization server is preset in period one and is received this remote validation code; And,
This remote validation code symbol closes this server-side identifying code.
21. authorization methods according to claim 19, the step wherein producing this server-side identifying code according to this initial authorization code refers to:
This authorization server produces this server-side identifying code according to this initial authorization code and a disposal password generating routine.
22. authorization methods according to claim 19, wherein more comprise following steps:
Transmit this initial authorization code to electronic installation.
23. authorization methods according to claim 22, wherein this electronic installation produces this remote validation code according to this initial authorization code and a disposal password generating routine.
24. authorization methods according to claim 22, wherein this authorization server signal is connected to a middle device, and this middle device transmits this remote validation code to this authorization server.
25. authorization methods according to claim 24, wherein this middle device has an input interface, and this middle device obtains by this input interface this remote validation code inputted by a user.
26. 1 kinds of authorization methods, are applied to an electronic installation, and this authorization method comprises following steps:
Transmit a request message;
The initial authorization code that reception responds this request message and produces;
A remote validation code is produced according to this initial authorization code; And,
Will, wherein this remote validation code is through via a middle device and is sent to an authorization server, wherein and this authorization server judges pre-conditioned establishments according to this remote validation code time, mandate carry out a handling procedure.
27. authorization methods according to claim 26, the step wherein producing a remote validation code according to this initial authorization code refers to: produce a remote validation code according to this initial authorization code and disposal password generating routine.
28. authorization methods according to claim 26, the input interface that wherein this electronic installation is through a short range transmission, this middle device provides and make this middle device obtain this remote validation code.
29. 1 kinds of computer programs, it store a software program, and will an electronic installation with a controller be made to carry out an authorization method when this software program performs, this authorization method comprises the following steps:
Transmit a request message;
The initial authorization code that reception responds this request message and produces;
A remote validation code is produced according to this initial authorization code; And,
This remote validation code is sent to an authorization server through a middle device, wherein, when this authorization server judges a pre-conditioned establishment according to this remote validation code, authorizes and carry out a handling procedure.
30. authorization methods according to claim 29, the step wherein producing a remote validation code according to this initial authorization code refers to: produce a remote validation code according to this initial authorization code and disposal password generating routine.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410013977.7A CN104778384A (en) | 2014-01-13 | 2014-01-13 | Authorization server, authorization method and computer program product |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410013977.7A CN104778384A (en) | 2014-01-13 | 2014-01-13 | Authorization server, authorization method and computer program product |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104778384A true CN104778384A (en) | 2015-07-15 |
Family
ID=53619843
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410013977.7A Pending CN104778384A (en) | 2014-01-13 | 2014-01-13 | Authorization server, authorization method and computer program product |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104778384A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108230116A (en) * | 2018-01-22 | 2018-06-29 | 深圳怡化电脑股份有限公司 | A kind of image method for customizing, device, equipment and storage medium |
| CN109104242A (en) * | 2017-06-21 | 2018-12-28 | 沃尔沃汽车公司 | Method for authorized user |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5978483A (en) * | 1997-04-07 | 1999-11-02 | Inkel Corporation | Securely encrypted remote keyless entry system |
| CN1560801A (en) * | 2004-03-09 | 2005-01-05 | 欧阳世杰 | Disposable cipher protection careless electronic transaction payment method |
| US20060028431A1 (en) * | 2004-06-29 | 2006-02-09 | Hou-Tin Leong | Remote control system |
| CN101667915A (en) * | 2008-09-05 | 2010-03-10 | 拓讯资讯股份有限公司 | Method for generating dynamic password to execute remote security authentication and mobile communication device thereof |
| CN101958024A (en) * | 2009-07-16 | 2011-01-26 | 全宏科技股份有限公司 | Financial transaction system, automated teller machine and method for operating automated teller machine |
| US20110270744A1 (en) * | 2010-04-30 | 2011-11-03 | Ginger Baker | Mobile tangible value banking system |
-
2014
- 2014-01-13 CN CN201410013977.7A patent/CN104778384A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5978483A (en) * | 1997-04-07 | 1999-11-02 | Inkel Corporation | Securely encrypted remote keyless entry system |
| CN1560801A (en) * | 2004-03-09 | 2005-01-05 | 欧阳世杰 | Disposable cipher protection careless electronic transaction payment method |
| US20060028431A1 (en) * | 2004-06-29 | 2006-02-09 | Hou-Tin Leong | Remote control system |
| CN101667915A (en) * | 2008-09-05 | 2010-03-10 | 拓讯资讯股份有限公司 | Method for generating dynamic password to execute remote security authentication and mobile communication device thereof |
| CN101958024A (en) * | 2009-07-16 | 2011-01-26 | 全宏科技股份有限公司 | Financial transaction system, automated teller machine and method for operating automated teller machine |
| US20110270744A1 (en) * | 2010-04-30 | 2011-11-03 | Ginger Baker | Mobile tangible value banking system |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109104242A (en) * | 2017-06-21 | 2018-12-28 | 沃尔沃汽车公司 | Method for authorized user |
| US11171947B2 (en) | 2017-06-21 | 2021-11-09 | Volvo Car Corporation | Method for authenticating a user |
| CN109104242B (en) * | 2017-06-21 | 2022-01-21 | 沃尔沃汽车公司 | Method for authorizing a user |
| CN108230116A (en) * | 2018-01-22 | 2018-06-29 | 深圳怡化电脑股份有限公司 | A kind of image method for customizing, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11429947B2 (en) | Systems and methods for transaction pre-authentication | |
| TWI599970B (en) | Mobile checkout systems and methods | |
| US20170116598A1 (en) | Secure account provisioning | |
| US11057390B2 (en) | Systems for providing electronic items having customizable locking mechanism | |
| CN112805735A (en) | System and method for password authentication of contactless cards | |
| US20120290468A1 (en) | Method and apparatus for secure payment using a network-connectable device | |
| KR20160015375A (en) | Authorizing transactions using mobile device based rules | |
| AU2015219278A1 (en) | Mobile checkout systems and methods | |
| CN112889046A (en) | System and method for password authentication of contactless cards | |
| CN113590930A (en) | System and method for data access control using short-range transceivers | |
| EP2843898A1 (en) | Access control systems | |
| US20210258320A1 (en) | Systems and methods for providing electronic items | |
| TWI590172B (en) | Authorizing server,authorizing method and computer program product | |
| JP2023508051A (en) | Issuing cards with restricted virtual numbers | |
| US20160132873A1 (en) | Secure data entry and display for a communication device | |
| KR20230133318A (en) | System and method for authenticated peer-to-peer data transfer using resource locator | |
| US20150244694A1 (en) | Authorizing server, authorizing method and computer program product | |
| WO2018118248A1 (en) | Method and system for purchase precheck | |
| EP2779069A1 (en) | Method and system for managing a transaction | |
| KR20230137326A (en) | System and method for short-distance non-contact card communication and encryption authentication | |
| CN104778384A (en) | Authorization server, authorization method and computer program product | |
| US20160283927A1 (en) | Authentication for mobile transactions | |
| CN116057892A (en) | System and method for authenticated messaging via short-range transceiver | |
| CN116134856A (en) | System and method for controlling secure data transmission via URL | |
| KR102394694B1 (en) | Payment server, payment system and card registration method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150715 |