一种用户身份识别防盗系统及识别方法 技术领域 User identification identification anti-theft system and identification method
本发明涉及一种身份识别防盗系统及其识别方法, 特别是涉及一 种适用于使用信息载体进行被授权的操作的身份识别防盗系统及其 识别方法。 说 The present invention relates to an identity identification anti-theft system and an identification method thereof, and in particular to an identity identification anti-theft system and an identification method thereof which are suitable for using an information carrier for authorized operations. Say
背景技术 Background technique
现有的金融系统和电子商务系统对于使用信息载体的用户是采 用提供一个身份标识序列码和一组由用户输入的固定校验密码的方 式来进行用户身份识别的,身份标识序列码书记载在用户持有的信息载 体上, 信息载体包括信用卡、 消费卡、 购物卡、 提款卡、 网上支付卡 或其它类似的记载有用户的某种信息的载体。只要用户在进行系统操 作时提供正确的身份标识序列码和对应的固定校验密码, 即被确认为 合法用户, 可以对其名下的资金进行各种已被授权的操作。 为了保证 用户身份标识序列码和用户输入的固定校验密码在传输和存储时不 被泄密, 通常采用对其执行某种加密算法。 但这种方式现已难以有效 地防范新的智能犯罪, 如对于犯罪分子使用解码器解码、 或者利用先 进的设备截获传输过程中的有关信息、 或者黑客非法侵入网站、 或者 银行职员舞弊等途径盗取用户身份标识序列码和固定校验密码,复制 信息载体,从而盗用甚至长期盗用合法用户的资金的情况还没有更好 解决方法。 Existing financial systems and e-commerce systems use the information carrier to provide users with an identity identification serial code and a set of fixed verification passwords entered by the user to identify users. On the information carrier held by the user, the information carrier includes a credit card, a consumption card, a shopping card, a debit card, an online payment card, or other similar carriers that record certain information of the user. As long as the user provides the correct identification serial number and corresponding fixed verification password when performing system operations, it is confirmed as a legitimate user and can perform various authorized operations on the funds under his name. In order to ensure that the user identification serial number and the fixed verification password entered by the user are not leaked during transmission and storage, a certain encryption algorithm is usually implemented on it. However, it is difficult to effectively prevent new intelligent crimes in this way, such as using decoders for criminals to decode, or intercepting relevant information in the transmission process using advanced equipment, or hacking illegally into websites, or fraud by bank employees. There is no better solution to take the user's identity serial number and fixed verification password, and copy the information carrier, thereby stealing or even stealing the funds of legitimate users for a long time.
发明内容 Summary of the Invention
本发明的第一个目的就是提供一种身份识别防盗系统和识别方 法, 它能够在用户使用信息载体时发现异常, 从而避免用户身份被长 期盗用的情况。 A first object of the present invention is to provide an identity identification anti-theft system and identification method, which can detect an abnormality when a user uses an information carrier, thereby avoiding a situation where a user's identity is stolen for a long time.
本发明的第二个目的是进一歩提供一种能及时发现异常、 降低用
户身份被盗用的几率的身份识别防盜识别系统和识别方法。 The second object of the present invention is to further provide an abnormality that can be found in The identity identification anti-theft identification system and identification method for the probability of theft of household identity.
本发明的第一个目的中的用户身份识别防盜系统可以通过以下 的技术措施来实现: 它包括中央处理器、 外围输入、 输出装置、 用户 持用的信息载体和相应的系统软件, 其中, 中央处理器通过输出装置 为用户识别信息载体载入身份标识序列码,用户通过输入装置向中央 处理器输入的固定校验密码, 其特征是系统的外围输出、 输入装置中 还具有将中央处理器产生随机生成码载入信息载体和不断刷新写码 装置, 及将信息载体上的随机生成码输入中央处理器的读码器。 The user identification and anti-theft system in the first object of the present invention can be implemented by the following technical measures: It includes a central processing unit, peripheral input and output devices, an information carrier held by a user, and corresponding system software. The processor loads the identification serial number for the user identification information carrier through the output device, and the user enters the fixed verification password to the central processor through the input device, which is characterized by the peripheral output of the system and the input device also has the function of generating the central processor. The randomly generated code is loaded into the information carrier and the code writing device is constantly refreshed, and the randomly generated code on the information carrier is input to a code reader of the central processing unit.
本发明的第一个目的中的用户身份识别方法如下: The user identification method in the first object of the present invention is as follows:
1.用户办理取得信息载体的步骤: 包括用户身份识别防盗系统记 载用户信息、 提供用户身份标识序列码、 用户向系统输入固定校验密 码,将身份标识序列码和随机生成码写入提供给用户的信息载体中的 步骤。 1. Steps for the user to obtain the information carrier: Including the user identity identification and anti-theft system to record user information, provide the user identity identification serial code, the user enters a fixed verification password into the system, and writes the identity identification serial code and randomly generated code to the user Steps in the information carrier.
2.用户使用信息载体正常的步骤: (1)用户通过信息载体和输入装 置向用户身份识别防盗系统提供身份标识序列码,(2)系统据此査找并 调出该用户的信息窗口,(¾系统对用户的信息载体上的随机生成码和 用户输入的固定校验密码进行校验, 如校验无误, 可打开该用户的信 息档案, 进行被授权的操作, (4)系统产生新的随机生成码, 并刷新信 息载体上的随机生成码。 2. The normal steps for the user to use the information carrier: (1) the user provides the identification serial number to the user identification and anti-theft system through the information carrier and the input device; (2) the system finds and calls out the user's information window accordingly; (¾ The system verifies the randomly generated code on the user's information carrier and the fixed verification password entered by the user. If the verification is correct, the user's information file can be opened for authorized operations. (4) The system generates a new random Generate a code, and refresh the randomly generated code on the information carrier.
3.用户使用信息载体异常的步骤: (1)用户通过信息载体和输入装 置向用户身份识别防盗系统提供身份标识序列码,(2)系统据此査找并 调出该用户的信息窗口,(3)系统对用户的信息载体上的随机生成码和 用户输入的固定校验密码进行校验, 如两码中任何一个校验不符, 则 系统提示并拒绝下一步的操作, (4)如果是随机生成码校验不符, 系统 操作即止。
由于用户身份识别过程中多用了一组即时刷新随机生成码, 当用 户身份被盗用, 用户的信息载体被非法复制使用后, 用户身份识别防 盗系统中储存的对应该用户的即时刷新随机生成码会被更改, 导致真 正合法的用户在使用自己的信息载体时出现问题,使用户意识到身份 可能被盗用,可以及时进行处理,以避免用户身份长期被盗用的情况。 3. The abnormal steps of the user using the information carrier: (1) the user provides the identification serial number to the user identification and anti-theft system through the information carrier and the input device; (2) the system finds and calls out the user's information window according to this; (3) ) The system checks the randomly generated code on the user ’s information carrier and the fixed verification password entered by the user. If either of the two codes does not match, the system prompts and rejects the next operation. (4) If it is random The generated code does not match, and the system operation ends. Because a set of instant refresh random generated codes is used in the user identification process, when the user identity is stolen and the user's information carrier is illegally copied and used, the instant refresh random generated code corresponding to the user stored in the user identification anti-theft system will be The change has caused problems for truly legitimate users to use their own information carriers, making users aware that their identities may be stolen, and can be handled in a timely manner to avoid long-term theft of user identities.
本发明的第二个目的中的用户身份识别防盗系统可以在本发明 的第一个目的的技术实施方案的基础上实现: 即系统还包括信息发送 装置及用户预先指定的信息接收装置, 其中, 信息发送装置与中央处 理器联接; 用户指定的信息接收装置是通讯网络的能由用户操控的一 个终端, 如手机。 信息载体在每次的使用过程 ÷, 一经中央处理器核 查调出该用户信息窗口, 即通过信息发送装置向用户指定的信息接收 装置发送短信, 通知用户信息载体正在使用, 使合法用户可以实时掌 握信息载体使用的情况。 The user identification and anti-theft system in the second object of the present invention can be implemented on the basis of the technical implementation of the first object of the present invention: That is, the system further includes an information sending device and an information receiving device designated by the user in advance, wherein: The information sending device is connected to the central processing unit; the user-specified information receiving device is a terminal of the communication network that can be controlled by the user, such as a mobile phone. In each use process of the information carrier, once the central processor checks and calls up the user information window, that is, the information sending device sends a short message to the user-specified information receiving device to notify the user that the information carrier is in use, so that legitimate users can grasp it in real time. Information carrier use.
本发明还可以进一步在系统中设置用户反馈信息接收装置, 并使 其联通系统。 The present invention can further set a user feedback information receiving device in the system and connect it to the system.
本发明的第二个目的中的用户身份识别方法在本发明的第一个 目的的用户身份识别方法的基础上实现: The user identification method in the second object of the present invention is implemented on the basis of the user identification method in the first object of the present invention:
用户使用信息载体的步骤: (1)系统根据用户的信息载体的记载的 身份标识序列码查找并调出该用户的信息窗口,(¾通过信息发送装置 向用户指定的信息接收装置发送短信,(3)其后的步骤与本发明的第一 个目的的用户身份识别方法的相应步骤相同。 Steps for the user to use the information carrier: (1) The system searches and calls out the user's information window according to the identity serial number recorded in the user's information carrier, (¾ sends a short message to the user's designated information receiving device through the information sending device, ( 3) The subsequent steps are the same as the corresponding steps of the user identification method of the first object of the present invention.
本发明的第二个目的中的用户身份识别方法还可以在上述步骤 的基础上进行: 即当系统向用户指定的信息接收装置发送短信并校验 完随机生成码和用户输入的固定校验密码后,系统进一步等候用户信 息接收装置反馈的指令, 根据指令进行下一歩的操作; 如无反馈的用
户指令, 系统也不能打开用户信息档案作已被授权的操作。 The user identification method in the second object of the present invention may also be performed on the basis of the above steps: That is, when the system sends a short message to the information receiving device designated by the user and verifies the random generated code and the fixed verification password entered by the user After that, the system further waits for the instruction feedback from the user information receiving device, and performs the next operation according to the instruction. User instructions, the system can not open the user information file for authorized operations.
本发明所述的用户预先指定的信息接收装置可以是有线电话、移 动电话、 网络终端等, 所述的外围输入、 输出装置可以是键盘、 鼠标、 显示器、 具有读写功能的刷卡机、 取款机、 插卡电子锁等等。 The information receiving device designated in advance by the user in the present invention may be a wired phone, a mobile phone, a network terminal, etc., and the peripheral input and output devices may be a keyboard, a mouse, a display, a card reader with a read-write function, and a cash machine. , Card electronic lock and so on.
由于用户身份被盗用必然与用户自己的真实意思相违背, 因此, 将身份识别程序与真实合法的用户直接产生联系能使用户实时监视 信息载体的使用, 及时发现异常, 避免造成更大的损失, 如果在进一 步采用用户反馈指令操作, 将使系统的防盗性能更为加强。 Since the identity theft of a user is inevitably contrary to the user's true meaning, direct contact between the identification program and the real and legitimate user can enable the user to monitor the use of the information carrier in real time, detect anomalies in time, and avoid greater losses. If the user feedback instruction operation is further adopted, the anti-theft performance of the system will be further strengthened.
具体实施方式 detailed description
下面将结合附图所示的具体实施例对本发明作进一步地说明。 图 1 所示的用户身份识别防盗系统是本发明的一个实施例, 它包 括中央处理器 1、 外围输入、 输出装置 2、 用户持用的信息载体 3和 相应的系统软件, 其中, 中央处理器通过输出装置为用户识别信息载 体载入身份标识序列码,用户通过输入装置向中央处理器输入的固定 校验密码, 系统的外围输出、 输入装置中还具有将中央处理器产生随 机生成码载入信息载体和不断刷新写码装置及将信息载体上的随机 生成码输入中央处理器的读码器的外围信息读写装置 21 , 系统还设 置有可以向用户指定的信息接收装置发送短信及接收用户反馈指令 的信息收发装置 4, 另外, 还有用户预先指定的信息接收及发送指令 的信息接收发送装置 5。 中央处理器与外围输出、 输入装置和信息收 发装置 4连接,或接收来自外围设备的信息,或向外围设备发送指令, 实现身份识别、 幵启信息档案或电子锁件等。 The present invention will be further described below with reference to specific embodiments shown in the accompanying drawings. The user identification and anti-theft system shown in FIG. 1 is an embodiment of the present invention, which includes a central processing unit 1, peripheral input and output devices 2, an information carrier 3 held by a user, and corresponding system software. Among them, the central processing unit The identification device serial number is loaded into the user identification information carrier through the output device, and the user enters the fixed verification password to the central processor through the input device. The peripheral output and input device of the system also have a randomly generated code generated by the central processor for loading. The information carrier and the device for constantly refreshing the code writing device, and the peripheral information reading and writing device 21 for inputting the randomly generated code on the information carrier into the code reader of the central processing unit. The system is also provided with a means for sending short messages to the user-specified information receiving device and receiving users The information transmitting / receiving device 4 for the feedback instruction is also an information receiving / transmitting device 5 for an information receiving and transmitting instruction designated by the user in advance. The central processing unit is connected to the peripheral output, input device, and information transmitting / receiving device 4, or receives information from the peripheral device, or sends instructions to the peripheral device to realize identity recognition, unlock information files, or electronic locks.
实际使用如下: The actual use is as follows:
用户先要办理获取信息载体的手续: 将用户信息输入用户身份识 别防盗系统、系统对新的用户提供一个该用户专用的用户身份标识序
列码、 用户向系统输入自设的固定校验密码, 系统再将身份标识序列 码和随机生成码写入提供给用户的信息载体中。 The user must first go through the formalities of obtaining the information carrier: enter the user information into the user identification anti-theft system, and the system provides a new user with a user-specific identification sequence The column code, the user enters a self-defined fixed verification password into the system, and the system then writes the identification serial number and the randomly generated code into the information carrier provided to the user.
用户使用信息载体的过程: (1)用户通过信息载体 3和外围信息读 写装置 21 向用户身份识别防盗系统提供身份标识序列码和随机生成 码, (¾系统可先根据身份标识序列码査找并调出该用户的信息窗口, 也可以根据身份标识序列码和随机生成码两个码查找并调出该用户 的信息窗口,( 同时通过信息收发装置向用户指定的信息收发装置发 送短信,(4)系统对用户输入的固定校验密码或者还对用户的信息载体 上的随机生成码进行校验, 如校验无误, 则系统等待用户指定的信息 收发装置反馈的指令, (5)用户接收到所持的信息载体正在使用的短 信, 根据由中央处理器提供的选项, 选择并发出肯定的指令, 这时用 户的合法身份才被确认, (6)系统发出开启该用户信息档案的指令, 使 操作员可以进行被授权的操作, (7)系统产生新的随机生成码, 并刷新 信息载体上的随机生成码。 The process of the user using the information carrier: (1) The user provides the identification serial number and a randomly generated code to the user identification and anti-theft system through the information carrier 3 and the peripheral information reading and writing device 21, (¾ The system can first find and Call up the user's information window. You can also find and call out the user's information window based on the two codes of the identification serial number and the randomly generated code. (At the same time, send a short message to the user-specified information sending and receiving device through the information sending and receiving device. (4 ) The system verifies the fixed verification password entered by the user or the randomly generated code on the user's information carrier. If the verification is correct, the system waits for an instruction feedback from the user-designated information transceiver device. (5) The user receives The short message being used by the information carrier is based on the options provided by the central processor, and affirmative instructions are selected and issued. At this time, the user's legal identity is confirmed. (6) The system issues an instruction to open the user's information file to enable the operation. Can perform authorized operations, (7) the system generates a new randomly generated code, And refresh the randomly generated code on the information carrier.
3.用户使用信息载体异常的过程: (1)用户通过信息载体和输入装 置向用户身份识别防盗系统提供身份标识序列码和随机生成码,( 系 统根据身份标识序列码查'找并调出该用户的信息窗口,(3)同时通过信 息收发装置向用户指定的信息收发装置发送短信,(4)如果系统校验随 机生成码及固定校验码无误,则系统等待用户指定的信息收发装置反 馈的指令, (5)用户接收到自己的信息载体正在使用的短信, 如非自己 知道的使用, 会意识到身份可能被盗用, 则选择并发出否定的指令, 这时用户的身份被否定, 系统操作即止。 (6)如果适逢用户没能接收到 系统发来的通知短信, 或无法及时反馈指令的, 表明信息载体并非系 统记录的真正用户身份, 限时内无指令的, 系统终止操作。 (7)如果系 统校验用户信息载体上的随机生成码不符记录时, 即提示用户有问
题, 并终止系统的进一步操作。 3. The process of abnormal use of the information carrier by the user: (1) The user provides the identity identification serial code and a randomly generated code to the user identification and anti-theft system through the information carrier and the input device. The user's information window, (3) at the same time send a short message to the user-specified information sending and receiving device through the message sending and receiving device, (4) if the system checks the random generated code and the fixed check code are correct, the system waits for the user-specified information sending and receiving device (5) The user receives the short message being used by his information carrier. If he does not know the use, he will realize that his identity may be stolen. Then he selects and sends a negative instruction. At this time, the user ’s identity is denied. The system (6) If the user fails to receive the notification short message sent by the system, or fails to feedback the instruction in time, it indicates that the information carrier is not the true user identity recorded by the system. If there is no instruction within the time limit, the system terminates the operation. (7) If the code is randomly generated on the system verifies that the user information does not match the record carrier, i.e. tips Households have asked And terminate further operations of the system.
系统等待用户反馈的指令可能会增加用户的待机实践, 使操作时 间过长, 甚至会无法等到反馈的指令, 因此, 系统等待用户反馈指令 的操作作为选择项目,如金额在某个额度以上才使用该种操作由用户 自己选择。 The system waiting for the user's feedback instruction may increase the user's standby practice, making the operation time too long, or even unable to wait for the feedback instruction. Therefore, the system waits for the user's feedback instruction as a selection item, such as using the amount above a certain amount. This kind of operation is selected by the user.
本发明除了应用于银行信用卡、 消费卡、 借记卡、 提款卡等系统 服务外, 还可以应用于汽车、 家居、 商业防盗的电脑系统中, 只需将 上述使实施例中的系统发出的开启指令由汽车电子锁、 门锁、 保险柜 锁接收执行即可。 In addition to the system services such as bank credit cards, consumer cards, debit cards, and debit cards, the present invention can also be applied to computer systems for theft prevention in automobiles, homes, and businesses. The opening instruction can be received and executed by the car electronic lock, door lock, and safe lock.
本发明中的系统所涉及的各种装置均可采用现有技术制成.。
Various devices involved in the system of the present invention can be made using existing technologies.