WO2004010344A1 - User identify identifying anti-theft system and its identifying method - Google Patents

User identify identifying anti-theft system and its identifying method Download PDF

Info

Publication number
WO2004010344A1
WO2004010344A1 PCT/CN2003/000493 CN0300493W WO2004010344A1 WO 2004010344 A1 WO2004010344 A1 WO 2004010344A1 CN 0300493 W CN0300493 W CN 0300493W WO 2004010344 A1 WO2004010344 A1 WO 2004010344A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
information
identification
information carrier
generated code
Prior art date
Application number
PCT/CN2003/000493
Other languages
French (fr)
Chinese (zh)
Inventor
Shengwu Ye
Original Assignee
Shengwu Ye
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shengwu Ye filed Critical Shengwu Ye
Priority to AU2003255066A priority Critical patent/AU2003255066A1/en
Publication of WO2004010344A1 publication Critical patent/WO2004010344A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code

Definitions

  • the present invention relates to an identity identification anti-theft system and an identification method thereof, and in particular to an identity identification anti-theft system and an identification method thereof which are suitable for using an information carrier for authorized operations.
  • the information carrier uses the information carrier to provide users with an identity identification serial code and a set of fixed verification passwords entered by the user to identify users.
  • the information carrier includes a credit card, a consumption card, a shopping card, a debit card, an online payment card, or other similar carriers that record certain information of the user.
  • the user provides the correct identification serial number and corresponding fixed verification password when performing system operations, it is confirmed as a legitimate user and can perform various authorized operations on the funds under his name.
  • a certain encryption algorithm is usually implemented on it.
  • a first object of the present invention is to provide an identity identification anti-theft system and identification method, which can detect an abnormality when a user uses an information carrier, thereby avoiding a situation where a user's identity is stolen for a long time.
  • the second object of the present invention is to further provide an abnormality that can be found in The identity identification anti-theft identification system and identification method for the probability of theft of household identity.
  • the user identification and anti-theft system in the first object of the present invention can be implemented by the following technical measures: It includes a central processing unit, peripheral input and output devices, an information carrier held by a user, and corresponding system software.
  • the processor loads the identification serial number for the user identification information carrier through the output device, and the user enters the fixed verification password to the central processor through the input device, which is characterized by the peripheral output of the system and the input device also has the function of generating the central processor.
  • the randomly generated code is loaded into the information carrier and the code writing device is constantly refreshed, and the randomly generated code on the information carrier is input to a code reader of the central processing unit.
  • the user identification method in the first object of the present invention is as follows:
  • Steps for the user to obtain the information carrier Including the user identity identification and anti-theft system to record user information, provide the user identity identification serial code, the user enters a fixed verification password into the system, and writes the identity identification serial code and randomly generated code to the user Steps in the information carrier.
  • the normal steps for the user to use the information carrier (1) the user provides the identification serial number to the user identification and anti-theft system through the information carrier and the input device; (2) the system finds and calls out the user's information window accordingly; (3 ⁇ 4 The system verifies the randomly generated code on the user's information carrier and the fixed verification password entered by the user. If the verification is correct, the user's information file can be opened for authorized operations. (4) The system generates a new random Generate a code, and refresh the randomly generated code on the information carrier.
  • the abnormal steps of the user using the information carrier (1) the user provides the identification serial number to the user identification and anti-theft system through the information carrier and the input device; (2) the system finds and calls out the user's information window according to this; (3) ) The system checks the randomly generated code on the user ’s information carrier and the fixed verification password entered by the user. If either of the two codes does not match, the system prompts and rejects the next operation. (4) If it is random The generated code does not match, and the system operation ends.
  • the user identification and anti-theft system in the second object of the present invention can be implemented on the basis of the technical implementation of the first object of the present invention: That is, the system further includes an information sending device and an information receiving device designated by the user in advance, wherein: The information sending device is connected to the central processing unit; the user-specified information receiving device is a terminal of the communication network that can be controlled by the user, such as a mobile phone.
  • the central processor checks and calls up the user information window, that is, the information sending device sends a short message to the user-specified information receiving device to notify the user that the information carrier is in use, so that legitimate users can grasp it in real time. Information carrier use.
  • the present invention can further set a user feedback information receiving device in the system and connect it to the system.
  • the user identification method in the second object of the present invention is implemented on the basis of the user identification method in the first object of the present invention:
  • Steps for the user to use the information carrier (1) The system searches and calls out the user's information window according to the identity serial number recorded in the user's information carrier, (3 ⁇ 4 sends a short message to the user's designated information receiving device through the information sending device, ( 3) The subsequent steps are the same as the corresponding steps of the user identification method of the first object of the present invention.
  • the user identification method in the second object of the present invention may also be performed on the basis of the above steps: That is, when the system sends a short message to the information receiving device designated by the user and verifies the random generated code and the fixed verification password entered by the user After that, the system further waits for the instruction feedback from the user information receiving device, and performs the next operation according to the instruction. User instructions, the system can not open the user information file for authorized operations.
  • the information receiving device designated in advance by the user in the present invention may be a wired phone, a mobile phone, a network terminal, etc.
  • the peripheral input and output devices may be a keyboard, a mouse, a display, a card reader with a read-write function, and a cash machine. , Card electronic lock and so on.
  • the user identification and anti-theft system shown in FIG. 1 is an embodiment of the present invention, which includes a central processing unit 1, peripheral input and output devices 2, an information carrier 3 held by a user, and corresponding system software.
  • the central processing unit The identification device serial number is loaded into the user identification information carrier through the output device, and the user enters the fixed verification password to the central processor through the input device.
  • the peripheral output and input device of the system also have a randomly generated code generated by the central processor for loading.
  • the information carrier and the device for constantly refreshing the code writing device, and the peripheral information reading and writing device 21 for inputting the randomly generated code on the information carrier into the code reader of the central processing unit.
  • the system is also provided with a means for sending short messages to the user-specified information receiving device and receiving users
  • the information transmitting / receiving device 4 for the feedback instruction is also an information receiving / transmitting device 5 for an information receiving and transmitting instruction designated by the user in advance.
  • the central processing unit is connected to the peripheral output, input device, and information transmitting / receiving device 4, or receives information from the peripheral device, or sends instructions to the peripheral device to realize identity recognition, unlock information files, or electronic locks.
  • the user must first go through the formalities of obtaining the information carrier: enter the user information into the user identification anti-theft system, and the system provides a new user with a user-specific identification sequence
  • the column code the user enters a self-defined fixed verification password into the system, and the system then writes the identification serial number and the randomly generated code into the information carrier provided to the user.
  • the process of the user using the information carrier (1) The user provides the identification serial number and a randomly generated code to the user identification and anti-theft system through the information carrier 3 and the peripheral information reading and writing device 21, (3 ⁇ 4 The system can first find and Call up the user's information window. You can also find and call out the user's information window based on the two codes of the identification serial number and the randomly generated code. (At the same time, send a short message to the user-specified information sending and receiving device through the information sending and receiving device. (4 ) The system verifies the fixed verification password entered by the user or the randomly generated code on the user's information carrier. If the verification is correct, the system waits for an instruction feedback from the user-designated information transceiver device.
  • the user receives The short message being used by the information carrier is based on the options provided by the central processor, and affirmative instructions are selected and issued. At this time, the user's legal identity is confirmed.
  • the system issues an instruction to open the user's information file to enable the operation. Can perform authorized operations, (7) the system generates a new randomly generated code, And refresh the randomly generated code on the information carrier.
  • the process of abnormal use of the information carrier by the user (1) The user provides the identity identification serial code and a randomly generated code to the user identification and anti-theft system through the information carrier and the input device. The user's information window, (3) at the same time send a short message to the user-specified information sending and receiving device through the message sending and receiving device, (4) if the system checks the random generated code and the fixed check code are correct, the system waits for the user-specified information sending and receiving device (5) The user receives the short message being used by his information carrier. If he does not know the use, he will realize that his identity may be stolen. Then he selects and sends a negative instruction. At this time, the user ’s identity is denied.
  • the system (6) If the user fails to receive the notification short message sent by the system, or fails to feedback the instruction in time, it indicates that the information carrier is not the true user identity recorded by the system. If there is no instruction within the time limit, the system terminates the operation. (7) If the code is randomly generated on the system verifies that the user information does not match the record carrier, i.e. tips Households have asked And terminate further operations of the system.
  • the system waiting for the user's feedback instruction may increase the user's standby practice, making the operation time too long, or even unable to wait for the feedback instruction. Therefore, the system waits for the user's feedback instruction as a selection item, such as using the amount above a certain amount. This kind of operation is selected by the user.
  • the present invention can also be applied to computer systems for theft prevention in automobiles, homes, and businesses.
  • the opening instruction can be received and executed by the car electronic lock, door lock, and safe lock.

Abstract

The invention relates to user identify identifying anti-theft system and its identifying method. It includes CPU, peripheral device, the information carrier for specific user and relevant system software.The peripheral includes writing device for loading and renewing random code generated by CPU to the information carrier and reading device for transferring random code from the carrier to CPU. Accordingly, the system verifies sequence code of the user's identification the fixed check cipher and random code, then, generates new random code and renew the random code in the information carrier. When user identify is counterfeited and user information carrier is copied illegally, the random code will be renewed. It makes real legal user find out the abnormal and deal with it in time so that user identify isn't counterfeited for a long time.

Description

一种用户身份识别防盗系统及识别方法 技术领域  User identification identification anti-theft system and identification method
本发明涉及一种身份识别防盗系统及其识别方法, 特别是涉及一 种适用于使用信息载体进行被授权的操作的身份识别防盗系统及其 识别方法。 说  The present invention relates to an identity identification anti-theft system and an identification method thereof, and in particular to an identity identification anti-theft system and an identification method thereof which are suitable for using an information carrier for authorized operations. Say
背景技术 Background technique
现有的金融系统和电子商务系统对于使用信息载体的用户是采 用提供一个身份标识序列码和一组由用户输入的固定校验密码的方 式来进行用户身份识别的,身份标识序列码书记载在用户持有的信息载 体上, 信息载体包括信用卡、 消费卡、 购物卡、 提款卡、 网上支付卡 或其它类似的记载有用户的某种信息的载体。只要用户在进行系统操 作时提供正确的身份标识序列码和对应的固定校验密码, 即被确认为 合法用户, 可以对其名下的资金进行各种已被授权的操作。 为了保证 用户身份标识序列码和用户输入的固定校验密码在传输和存储时不 被泄密, 通常采用对其执行某种加密算法。 但这种方式现已难以有效 地防范新的智能犯罪, 如对于犯罪分子使用解码器解码、 或者利用先 进的设备截获传输过程中的有关信息、 或者黑客非法侵入网站、 或者 银行职员舞弊等途径盗取用户身份标识序列码和固定校验密码,复制 信息载体,从而盗用甚至长期盗用合法用户的资金的情况还没有更好 解决方法。  Existing financial systems and e-commerce systems use the information carrier to provide users with an identity identification serial code and a set of fixed verification passwords entered by the user to identify users. On the information carrier held by the user, the information carrier includes a credit card, a consumption card, a shopping card, a debit card, an online payment card, or other similar carriers that record certain information of the user. As long as the user provides the correct identification serial number and corresponding fixed verification password when performing system operations, it is confirmed as a legitimate user and can perform various authorized operations on the funds under his name. In order to ensure that the user identification serial number and the fixed verification password entered by the user are not leaked during transmission and storage, a certain encryption algorithm is usually implemented on it. However, it is difficult to effectively prevent new intelligent crimes in this way, such as using decoders for criminals to decode, or intercepting relevant information in the transmission process using advanced equipment, or hacking illegally into websites, or fraud by bank employees. There is no better solution to take the user's identity serial number and fixed verification password, and copy the information carrier, thereby stealing or even stealing the funds of legitimate users for a long time.
发明内容 Summary of the Invention
本发明的第一个目的就是提供一种身份识别防盗系统和识别方 法, 它能够在用户使用信息载体时发现异常, 从而避免用户身份被长 期盗用的情况。  A first object of the present invention is to provide an identity identification anti-theft system and identification method, which can detect an abnormality when a user uses an information carrier, thereby avoiding a situation where a user's identity is stolen for a long time.
本发明的第二个目的是进一歩提供一种能及时发现异常、 降低用 户身份被盗用的几率的身份识别防盜识别系统和识别方法。 The second object of the present invention is to further provide an abnormality that can be found in The identity identification anti-theft identification system and identification method for the probability of theft of household identity.
本发明的第一个目的中的用户身份识别防盜系统可以通过以下 的技术措施来实现: 它包括中央处理器、 外围输入、 输出装置、 用户 持用的信息载体和相应的系统软件, 其中, 中央处理器通过输出装置 为用户识别信息载体载入身份标识序列码,用户通过输入装置向中央 处理器输入的固定校验密码, 其特征是系统的外围输出、 输入装置中 还具有将中央处理器产生随机生成码载入信息载体和不断刷新写码 装置, 及将信息载体上的随机生成码输入中央处理器的读码器。  The user identification and anti-theft system in the first object of the present invention can be implemented by the following technical measures: It includes a central processing unit, peripheral input and output devices, an information carrier held by a user, and corresponding system software. The processor loads the identification serial number for the user identification information carrier through the output device, and the user enters the fixed verification password to the central processor through the input device, which is characterized by the peripheral output of the system and the input device also has the function of generating the central processor. The randomly generated code is loaded into the information carrier and the code writing device is constantly refreshed, and the randomly generated code on the information carrier is input to a code reader of the central processing unit.
本发明的第一个目的中的用户身份识别方法如下:  The user identification method in the first object of the present invention is as follows:
1.用户办理取得信息载体的步骤: 包括用户身份识别防盗系统记 载用户信息、 提供用户身份标识序列码、 用户向系统输入固定校验密 码,将身份标识序列码和随机生成码写入提供给用户的信息载体中的 步骤。  1. Steps for the user to obtain the information carrier: Including the user identity identification and anti-theft system to record user information, provide the user identity identification serial code, the user enters a fixed verification password into the system, and writes the identity identification serial code and randomly generated code to the user Steps in the information carrier.
2.用户使用信息载体正常的步骤: (1)用户通过信息载体和输入装 置向用户身份识别防盗系统提供身份标识序列码,(2)系统据此査找并 调出该用户的信息窗口,(¾系统对用户的信息载体上的随机生成码和 用户输入的固定校验密码进行校验, 如校验无误, 可打开该用户的信 息档案, 进行被授权的操作, (4)系统产生新的随机生成码, 并刷新信 息载体上的随机生成码。  2. The normal steps for the user to use the information carrier: (1) the user provides the identification serial number to the user identification and anti-theft system through the information carrier and the input device; (2) the system finds and calls out the user's information window accordingly; (¾ The system verifies the randomly generated code on the user's information carrier and the fixed verification password entered by the user. If the verification is correct, the user's information file can be opened for authorized operations. (4) The system generates a new random Generate a code, and refresh the randomly generated code on the information carrier.
3.用户使用信息载体异常的步骤: (1)用户通过信息载体和输入装 置向用户身份识别防盗系统提供身份标识序列码,(2)系统据此査找并 调出该用户的信息窗口,(3)系统对用户的信息载体上的随机生成码和 用户输入的固定校验密码进行校验, 如两码中任何一个校验不符, 则 系统提示并拒绝下一步的操作, (4)如果是随机生成码校验不符, 系统 操作即止。 由于用户身份识别过程中多用了一组即时刷新随机生成码, 当用 户身份被盗用, 用户的信息载体被非法复制使用后, 用户身份识别防 盗系统中储存的对应该用户的即时刷新随机生成码会被更改, 导致真 正合法的用户在使用自己的信息载体时出现问题,使用户意识到身份 可能被盗用,可以及时进行处理,以避免用户身份长期被盗用的情况。 3. The abnormal steps of the user using the information carrier: (1) the user provides the identification serial number to the user identification and anti-theft system through the information carrier and the input device; (2) the system finds and calls out the user's information window according to this; (3) ) The system checks the randomly generated code on the user ’s information carrier and the fixed verification password entered by the user. If either of the two codes does not match, the system prompts and rejects the next operation. (4) If it is random The generated code does not match, and the system operation ends. Because a set of instant refresh random generated codes is used in the user identification process, when the user identity is stolen and the user's information carrier is illegally copied and used, the instant refresh random generated code corresponding to the user stored in the user identification anti-theft system will be The change has caused problems for truly legitimate users to use their own information carriers, making users aware that their identities may be stolen, and can be handled in a timely manner to avoid long-term theft of user identities.
本发明的第二个目的中的用户身份识别防盗系统可以在本发明 的第一个目的的技术实施方案的基础上实现: 即系统还包括信息发送 装置及用户预先指定的信息接收装置, 其中, 信息发送装置与中央处 理器联接; 用户指定的信息接收装置是通讯网络的能由用户操控的一 个终端, 如手机。 信息载体在每次的使用过程 ÷, 一经中央处理器核 查调出该用户信息窗口, 即通过信息发送装置向用户指定的信息接收 装置发送短信, 通知用户信息载体正在使用, 使合法用户可以实时掌 握信息载体使用的情况。  The user identification and anti-theft system in the second object of the present invention can be implemented on the basis of the technical implementation of the first object of the present invention: That is, the system further includes an information sending device and an information receiving device designated by the user in advance, wherein: The information sending device is connected to the central processing unit; the user-specified information receiving device is a terminal of the communication network that can be controlled by the user, such as a mobile phone. In each use process of the information carrier, once the central processor checks and calls up the user information window, that is, the information sending device sends a short message to the user-specified information receiving device to notify the user that the information carrier is in use, so that legitimate users can grasp it in real time. Information carrier use.
本发明还可以进一步在系统中设置用户反馈信息接收装置, 并使 其联通系统。  The present invention can further set a user feedback information receiving device in the system and connect it to the system.
本发明的第二个目的中的用户身份识别方法在本发明的第一个 目的的用户身份识别方法的基础上实现:  The user identification method in the second object of the present invention is implemented on the basis of the user identification method in the first object of the present invention:
用户使用信息载体的步骤: (1)系统根据用户的信息载体的记载的 身份标识序列码查找并调出该用户的信息窗口,(¾通过信息发送装置 向用户指定的信息接收装置发送短信,(3)其后的步骤与本发明的第一 个目的的用户身份识别方法的相应步骤相同。  Steps for the user to use the information carrier: (1) The system searches and calls out the user's information window according to the identity serial number recorded in the user's information carrier, (¾ sends a short message to the user's designated information receiving device through the information sending device, ( 3) The subsequent steps are the same as the corresponding steps of the user identification method of the first object of the present invention.
本发明的第二个目的中的用户身份识别方法还可以在上述步骤 的基础上进行: 即当系统向用户指定的信息接收装置发送短信并校验 完随机生成码和用户输入的固定校验密码后,系统进一步等候用户信 息接收装置反馈的指令, 根据指令进行下一歩的操作; 如无反馈的用 户指令, 系统也不能打开用户信息档案作已被授权的操作。 The user identification method in the second object of the present invention may also be performed on the basis of the above steps: That is, when the system sends a short message to the information receiving device designated by the user and verifies the random generated code and the fixed verification password entered by the user After that, the system further waits for the instruction feedback from the user information receiving device, and performs the next operation according to the instruction. User instructions, the system can not open the user information file for authorized operations.
本发明所述的用户预先指定的信息接收装置可以是有线电话、移 动电话、 网络终端等, 所述的外围输入、 输出装置可以是键盘、 鼠标、 显示器、 具有读写功能的刷卡机、 取款机、 插卡电子锁等等。  The information receiving device designated in advance by the user in the present invention may be a wired phone, a mobile phone, a network terminal, etc., and the peripheral input and output devices may be a keyboard, a mouse, a display, a card reader with a read-write function, and a cash machine. , Card electronic lock and so on.
由于用户身份被盗用必然与用户自己的真实意思相违背, 因此, 将身份识别程序与真实合法的用户直接产生联系能使用户实时监视 信息载体的使用, 及时发现异常, 避免造成更大的损失, 如果在进一 步采用用户反馈指令操作, 将使系统的防盗性能更为加强。  Since the identity theft of a user is inevitably contrary to the user's true meaning, direct contact between the identification program and the real and legitimate user can enable the user to monitor the use of the information carrier in real time, detect anomalies in time, and avoid greater losses. If the user feedback instruction operation is further adopted, the anti-theft performance of the system will be further strengthened.
具体实施方式 detailed description
下面将结合附图所示的具体实施例对本发明作进一步地说明。 图 1 所示的用户身份识别防盗系统是本发明的一个实施例, 它包 括中央处理器 1、 外围输入、 输出装置 2、 用户持用的信息载体 3和 相应的系统软件, 其中, 中央处理器通过输出装置为用户识别信息载 体载入身份标识序列码,用户通过输入装置向中央处理器输入的固定 校验密码, 系统的外围输出、 输入装置中还具有将中央处理器产生随 机生成码载入信息载体和不断刷新写码装置及将信息载体上的随机 生成码输入中央处理器的读码器的外围信息读写装置 21 , 系统还设 置有可以向用户指定的信息接收装置发送短信及接收用户反馈指令 的信息收发装置 4, 另外, 还有用户预先指定的信息接收及发送指令 的信息接收发送装置 5。 中央处理器与外围输出、 输入装置和信息收 发装置 4连接,或接收来自外围设备的信息,或向外围设备发送指令, 实现身份识别、 幵启信息档案或电子锁件等。  The present invention will be further described below with reference to specific embodiments shown in the accompanying drawings. The user identification and anti-theft system shown in FIG. 1 is an embodiment of the present invention, which includes a central processing unit 1, peripheral input and output devices 2, an information carrier 3 held by a user, and corresponding system software. Among them, the central processing unit The identification device serial number is loaded into the user identification information carrier through the output device, and the user enters the fixed verification password to the central processor through the input device. The peripheral output and input device of the system also have a randomly generated code generated by the central processor for loading. The information carrier and the device for constantly refreshing the code writing device, and the peripheral information reading and writing device 21 for inputting the randomly generated code on the information carrier into the code reader of the central processing unit. The system is also provided with a means for sending short messages to the user-specified information receiving device and receiving users The information transmitting / receiving device 4 for the feedback instruction is also an information receiving / transmitting device 5 for an information receiving and transmitting instruction designated by the user in advance. The central processing unit is connected to the peripheral output, input device, and information transmitting / receiving device 4, or receives information from the peripheral device, or sends instructions to the peripheral device to realize identity recognition, unlock information files, or electronic locks.
实际使用如下:  The actual use is as follows:
用户先要办理获取信息载体的手续: 将用户信息输入用户身份识 别防盗系统、系统对新的用户提供一个该用户专用的用户身份标识序 列码、 用户向系统输入自设的固定校验密码, 系统再将身份标识序列 码和随机生成码写入提供给用户的信息载体中。 The user must first go through the formalities of obtaining the information carrier: enter the user information into the user identification anti-theft system, and the system provides a new user with a user-specific identification sequence The column code, the user enters a self-defined fixed verification password into the system, and the system then writes the identification serial number and the randomly generated code into the information carrier provided to the user.
用户使用信息载体的过程: (1)用户通过信息载体 3和外围信息读 写装置 21 向用户身份识别防盗系统提供身份标识序列码和随机生成 码, (¾系统可先根据身份标识序列码査找并调出该用户的信息窗口, 也可以根据身份标识序列码和随机生成码两个码查找并调出该用户 的信息窗口,( 同时通过信息收发装置向用户指定的信息收发装置发 送短信,(4)系统对用户输入的固定校验密码或者还对用户的信息载体 上的随机生成码进行校验, 如校验无误, 则系统等待用户指定的信息 收发装置反馈的指令, (5)用户接收到所持的信息载体正在使用的短 信, 根据由中央处理器提供的选项, 选择并发出肯定的指令, 这时用 户的合法身份才被确认, (6)系统发出开启该用户信息档案的指令, 使 操作员可以进行被授权的操作, (7)系统产生新的随机生成码, 并刷新 信息载体上的随机生成码。  The process of the user using the information carrier: (1) The user provides the identification serial number and a randomly generated code to the user identification and anti-theft system through the information carrier 3 and the peripheral information reading and writing device 21, (¾ The system can first find and Call up the user's information window. You can also find and call out the user's information window based on the two codes of the identification serial number and the randomly generated code. (At the same time, send a short message to the user-specified information sending and receiving device through the information sending and receiving device. (4 ) The system verifies the fixed verification password entered by the user or the randomly generated code on the user's information carrier. If the verification is correct, the system waits for an instruction feedback from the user-designated information transceiver device. (5) The user receives The short message being used by the information carrier is based on the options provided by the central processor, and affirmative instructions are selected and issued. At this time, the user's legal identity is confirmed. (6) The system issues an instruction to open the user's information file to enable the operation. Can perform authorized operations, (7) the system generates a new randomly generated code, And refresh the randomly generated code on the information carrier.
3.用户使用信息载体异常的过程: (1)用户通过信息载体和输入装 置向用户身份识别防盗系统提供身份标识序列码和随机生成码,( 系 统根据身份标识序列码查'找并调出该用户的信息窗口,(3)同时通过信 息收发装置向用户指定的信息收发装置发送短信,(4)如果系统校验随 机生成码及固定校验码无误,则系统等待用户指定的信息收发装置反 馈的指令, (5)用户接收到自己的信息载体正在使用的短信, 如非自己 知道的使用, 会意识到身份可能被盗用, 则选择并发出否定的指令, 这时用户的身份被否定, 系统操作即止。 (6)如果适逢用户没能接收到 系统发来的通知短信, 或无法及时反馈指令的, 表明信息载体并非系 统记录的真正用户身份, 限时内无指令的, 系统终止操作。 (7)如果系 统校验用户信息载体上的随机生成码不符记录时, 即提示用户有问 题, 并终止系统的进一步操作。 3. The process of abnormal use of the information carrier by the user: (1) The user provides the identity identification serial code and a randomly generated code to the user identification and anti-theft system through the information carrier and the input device. The user's information window, (3) at the same time send a short message to the user-specified information sending and receiving device through the message sending and receiving device, (4) if the system checks the random generated code and the fixed check code are correct, the system waits for the user-specified information sending and receiving device (5) The user receives the short message being used by his information carrier. If he does not know the use, he will realize that his identity may be stolen. Then he selects and sends a negative instruction. At this time, the user ’s identity is denied. The system (6) If the user fails to receive the notification short message sent by the system, or fails to feedback the instruction in time, it indicates that the information carrier is not the true user identity recorded by the system. If there is no instruction within the time limit, the system terminates the operation. (7) If the code is randomly generated on the system verifies that the user information does not match the record carrier, i.e. tips Households have asked And terminate further operations of the system.
系统等待用户反馈的指令可能会增加用户的待机实践, 使操作时 间过长, 甚至会无法等到反馈的指令, 因此, 系统等待用户反馈指令 的操作作为选择项目,如金额在某个额度以上才使用该种操作由用户 自己选择。  The system waiting for the user's feedback instruction may increase the user's standby practice, making the operation time too long, or even unable to wait for the feedback instruction. Therefore, the system waits for the user's feedback instruction as a selection item, such as using the amount above a certain amount. This kind of operation is selected by the user.
本发明除了应用于银行信用卡、 消费卡、 借记卡、 提款卡等系统 服务外, 还可以应用于汽车、 家居、 商业防盗的电脑系统中, 只需将 上述使实施例中的系统发出的开启指令由汽车电子锁、 门锁、 保险柜 锁接收执行即可。  In addition to the system services such as bank credit cards, consumer cards, debit cards, and debit cards, the present invention can also be applied to computer systems for theft prevention in automobiles, homes, and businesses. The opening instruction can be received and executed by the car electronic lock, door lock, and safe lock.
本发明中的系统所涉及的各种装置均可采用现有技术制成.。  Various devices involved in the system of the present invention can be made using existing technologies.

Claims

权 利 要 求 Rights request
1 -一种用户身份识别防盗系统, 它包括中央处理器、 外围输 入、 输出装置、 用户持用的信息载体和相应的系统软件, 其中, 中央处理器通过输出装置为用户识别信息载体载入身份标识序 列码, 用户通过输入装置向中央处理器输入的固定校验密码, 其 特征是系统的外围输出、输入装置中还具有将中央处理器产生随 机生成码载入信息载体和不断刷新写码装置, 及将信息载体上的 随机生成码输入中央处理器的读码器。  1-A user identification identification anti-theft system, which includes a central processor, peripheral input and output devices, an information carrier held by a user, and corresponding system software, wherein the central processor loads an identity for the user identification information carrier through an output device The identification serial code is a fixed verification password input by the user to the central processing unit through the input device, which is characterized in that the system's peripheral output and the input device also have a randomly generated code generated by the central processing unit loaded into the information carrier and the code writing device is constantly refreshed. , And input the randomly generated code on the information carrier into the code reader of the central processing unit.
2.根据权利要求 1所述的用户身份识别防盗系统,其特征在 于系统还包括信息发送装置及用户预先指定的信息接收装置,其 中, 信息发送装置与中央处理器联接; 用户指定的信息接收装置 是通讯网络的能由用户操控的一个终端。  2. The user identification and anti-theft system according to claim 1, further comprising an information sending device and an information receiving device designated by the user in advance, wherein the information sending device is connected to a central processor; and the information receiving device designated by the user A terminal of a communication network that can be controlled by a user.
3.根据权利要求 2所述的用户身份识别防盗系统,其特征在 于在系统中设置用户反馈信息接收装置, 并使其联通系统。  The user identification and anti-theft system according to claim 2, characterized in that a user feedback information receiving device is provided in the system and connected to the system.
4.一种用户身份识别方法, 其特征是- (1)用户办理取得信息载体的步骤: 包括用户身份识别防盗 系统记载用户信息、 提供用户身份标识序列码、 用户向系统输 入固定校验密码, 将身份标识序列码和随机生成码写入提供给 用户的信息载体中的步骤。  4. A method for user identification, characterized in that-(1) the steps for a user to obtain an information carrier include: recording user information by a user identification anti-theft system, providing a user identification serial number, and entering a fixed verification password into the system, A step of writing an identification sequence code and a randomly generated code into an information carrier provided to a user.
(2)用户使用信息载体正常的步骤: ①用户通过信息载体和 输入装置向用户身份识别防盗系统提供身份标识序列码, ②系 统据此查找并调出该用户的信息窗口, ③系统对用户的信息载 体上的随机生成码和用户输入的固定校验密码进行校验, 如校 验无误, 可打开该用户的信息档案, 进行被授权的操作, ④系 统产生新的随机生成码, 并刷新信息载体上的随机生成码。  (2) The normal steps for the user to use the information carrier: ① The user provides the identification serial number to the user identification and anti-theft system through the information carrier and the input device; ② The system finds and calls out the user's information window according to this; The random generated code on the information carrier and the fixed verification password entered by the user are used for verification. If the verification is correct, the user's information file can be opened for authorized operations. ④ The system generates a new randomly generated code and refreshes the information. Randomly generated code on the carrier.
(3)用户使用信息载体异常的步骤: ①用户通过信息载体和 输入装置向用户身份识别防盗系统提供身份标识序列码, ②系 统据此查找并调出该用户的信息窗口, ③系统对用户的信息载 体上的随机生成码和用户输入的固定校验密码进行校验, 如两 码中任何一个校验不符, 则系统提示并拒绝下一步的操作, ④ 如果是随机生成码校验不符, 系统操作即止。 (3) The steps for the user to use the information carrier abnormally: ① The user provides the identification serial number to the user identification and anti-theft system through the information carrier and the input device; ② The system finds and calls out the user's information window according to this; The randomly generated code on the information carrier is verified with the fixed verification password entered by the user. If any of the two codes does not match, the system prompts and rejects the next operation. ④ If the randomly generated code does not match, the system Operation ceases.
5. 一种用户身份识别方法, 其特征是-5. A method for user identification, characterized by-
(1)用户办理取得信息载体的步骤: 包括用户身份识别防盗 系统记载用户信息、 提供用户身份标识序列码、 用户向系统输 入固定校验密码, 将身份标识序列码和随机生成码写入提供给 用户的信息载体中的步骤。 (1) Steps for the user to obtain the information carrier: Including the user identity identification and anti-theft system to record user information, provide the user identity identification serial number, the user enters a fixed verification password into the system, and writes the identity identification serial number and randomly generated code to the Steps in the user's information carrier.
( 用户使用信息载体正常的步骤: ①用户通过信息载体和 输入装置向用户身份识别防盗系统提供身份标识序列码和随机 生成码, ②系统据此査找并调出该用户的信息窗口, ③系统对 用户的信息载体上的用户输入的固定校验密码进行校验, 如校 验无误, 可打开该用户的信息档案, 进行被授权的操作, ④系 统产生新的随机生成码, 并刷新信息载体上的随机生成码。  (The normal steps for the user to use the information carrier: ① The user provides the identification serial number and a randomly generated code to the user identification and anti-theft system through the information carrier and the input device. ② The system finds and calls out the user's information window accordingly. The user enters a fixed verification password on the user's information carrier for verification. If the verification is correct, the user's information file can be opened for authorized operations. ④ The system generates a new randomly generated code and refreshes the information carrier. Randomly generated code.
(3)用户使用信息载体异常的步骤: ①用户通过信息载体和 输入装置向用户身份识别防盗系统提供身份标识序列码和随机 生成码, ②如随机生成码不符, 则系统提示并拒绝下一步的操 作, ③如身份标识序列码和随机生成码正确, 系统据此査找并 调出该用户的信息窗口, ④系统对用户输入的固定校验密码进 行校验, 如校验不符, 则系统提示并拒绝下一步的操作。  (3) Steps for abnormal use of the information carrier by the user: ① The user provides the identification serial number and the randomly generated code to the user identification and anti-theft system through the information carrier and the input device. ② If the randomly generated code does not match, the system prompts and rejects the next step. Operation: ③ If the identification serial number and random generated code are correct, the system searches and calls the user ’s information window accordingly. ④ The system checks the fixed verification password entered by the user. If the verification does not match, the system prompts and Reject the next operation.
6.根据权利要求 4或 5所述的用户身份识别方法, 其特征 是在系统根据用户信息载体记载的身份标识序列码査找并调出 该用户的信息窗口的后通过信息发送装置向用户指定的信息接 收装置发送短信。  The user identification method according to claim 4 or 5, characterized in that after the system finds and calls up the user's information window according to the identification serial number recorded in the user information carrier, the system specifies the information to the user through an information sending device. The information receiving device sends a short message.
7.根据权利要求 6 所述的用户身份识别方法, 其特征是当 系统向用户指定的信息接收装置发送短信并校验完随机生成码 和用户输入的固定校验密码后, 系统进一步等候用户信息接收 装置反馈的指令, 根据指令进行下一步的操作; 如无反馈的用 户指令, 系统也不能打开用户信息档案作已被授权的操作。  The user identification method according to claim 6, wherein the system further waits for user information after the system sends a short message to the information receiving device designated by the user and verifies the random generated code and the fixed verification password entered by the user. Receive the feedback from the device and proceed to the next operation according to the instruction. If there is no feedback from the user, the system cannot open the user information file for an authorized operation.
8.根据权利要求 1或 2或 3或 4或 5或 6或 7所述的用户 身份识别防盗系统, 其特征是所述的用户预先指定的信息接收 装置是移动电话。  The user identification anti-theft system according to claim 1 or 2 or 3 or 4 or 5 or 6 or 7, characterized in that the information receiving device designated in advance by the user is a mobile phone.
9.根据权利要求 1或 2或 3或 4或 5或.6或 7所述的用户 身份识别防盗系统, 其特征是所述的外围输入、 输出装置是具 有读写功能的刷卡机。 9. The user identification anti-theft system according to claim 1 or 2 or 3 or 4 or 5 or .6 or 7, characterized in that the peripheral input and output devices are provided with Card reader with read and write functions.
10.根据权利要求 1 或 2或 3或 4或 5或 6或 7所述的用户 身份识别防盗系统, 其特征是所述的外围输入、 输出装置是插 卡电子锁。  10. The user identification anti-theft system according to claim 1 or 2 or 3 or 4 or 5 or 6 or 7, characterized in that the peripheral input and output devices are electronic locks for card insertion.
PCT/CN2003/000493 2002-07-19 2003-06-26 User identify identifying anti-theft system and its identifying method WO2004010344A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2003255066A AU2003255066A1 (en) 2002-07-19 2003-06-26 User identify identifying anti-theft system and its identifying method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN02134406.X 2002-07-19
CN 02134406 CN1405718A (en) 2002-07-19 2002-07-19 User's identity identifying anti-theft system and identifying method

Publications (1)

Publication Number Publication Date
WO2004010344A1 true WO2004010344A1 (en) 2004-01-29

Family

ID=4747732

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2003/000493 WO2004010344A1 (en) 2002-07-19 2003-06-26 User identify identifying anti-theft system and its identifying method

Country Status (3)

Country Link
CN (1) CN1405718A (en)
AU (1) AU2003255066A1 (en)
WO (1) WO2004010344A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100639343B1 (en) * 2004-10-06 2006-10-30 엘지전자 주식회사 mobile communication terminal having a copy prevention function and controlling method therefore
CN101504715B (en) * 2009-03-04 2011-11-16 深圳市众合联科技有限公司 Product identity digital identification apparatus, inspection apparatus, product and anti-fake inspection method
CN108156146B (en) * 2017-12-19 2021-07-30 北京盖娅互娱网络科技股份有限公司 Method and device for identifying abnormal user operation

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4471216A (en) * 1979-11-09 1984-09-11 Compagnie Internationale Pour L'informatique Cii-Honeywell Bull (Societe Anonyme System and process for identification of persons requesting access to particular facilities
CN1228666A (en) * 1998-03-06 1999-09-15 黄金富 Credit cards check posting mobile telephone safety system
WO2002042972A1 (en) * 2000-11-27 2002-05-30 Kee Oh Park A credit card payment method for electronic commerce
CN1380627A (en) * 2002-03-25 2002-11-20 周凌云 Credit card illegal use resisting system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4471216A (en) * 1979-11-09 1984-09-11 Compagnie Internationale Pour L'informatique Cii-Honeywell Bull (Societe Anonyme System and process for identification of persons requesting access to particular facilities
CN1228666A (en) * 1998-03-06 1999-09-15 黄金富 Credit cards check posting mobile telephone safety system
WO2002042972A1 (en) * 2000-11-27 2002-05-30 Kee Oh Park A credit card payment method for electronic commerce
CN1380627A (en) * 2002-03-25 2002-11-20 周凌云 Credit card illegal use resisting system

Also Published As

Publication number Publication date
AU2003255066A1 (en) 2004-02-09
CN1405718A (en) 2003-03-26

Similar Documents

Publication Publication Date Title
US10102524B2 (en) Access control and mobile security app
US11436887B2 (en) Contextual tapping engine
CN101751629B (en) Method and system for authenticating multifactor with changing unique values
CN112639857A (en) System and method for password authentication of contactless cards
US20220309488A1 (en) Systems and methods for providing online and hybridcard interactions
CN100533459C (en) Data safety reading method and safety storage apparatus thereof
KR20220120543A (en) Barcode creation using encryption technology
JP2022553463A (en) Secure authentication based on identity data stored on contactless cards
JP2023526822A (en) Enabling communication between applications on mobile operating systems
US20230252451A1 (en) Contactless card with multiple rotating security keys
JP2023526925A (en) Application-based Point of Sale Management System in Mobile Operating System
CN114080619A (en) Limiting transaction capabilities of contactless cards
US20080126811A1 (en) Method for authorized-user verification and related apparatus
CN113491141A (en) Techniques for call authentication
WO2004010344A1 (en) User identify identifying anti-theft system and its identifying method
Reno Multifactor authentication: Its time has come
CN117795505A (en) System and method for contactless card communication and multiple device key pair encryption authentication
CN116848833A (en) Secure generation of one-time passwords using contactless cards
JP2023507619A (en) Secure authentication based on passport data stored on contactless cards
JP2022501861A (en) Systems and methods for cryptographic authentication of non-contact cards
US20230169596A1 (en) Systems and techniques for authenticating insurance claims
JP2002032691A (en) Transaction processing method and card utilization managing method
KR20240021850A (en) System and method for contactless card communication and key pair cryptographic authentication using distributed storage
CA3204036A1 (en) Techniques to process transactions with a contactless card based on one or more configurations of the contactless card

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP