CN101447037A - Control system for establishing and using user account by user terminal and method thereof - Google Patents

Abstract

The invention provides a control method for confirming user account information by a user terminal, wherein, the method comprises the steps as follows: a. user account indication information is confirmed according to user information; and b. the indication information is sent to the user terminal. The indication information can be identification information associated with the user account, and the step a. comprises the step of confirming the identification information according to the user information and also comprises the step of setting the associated relation of the identification information and the user account. The invention also provides a control system for confirming the user account information by the user terminal, an auxiliary control method for disposing the user account by the user terminal, an auxiliary control system for using the user account by the user terminal and a control apparatus used for confirming the user account information in an assisting way and/or carrying out auxiliary disposal towards the user account in the user terminal. The invention can confirm the user account and dispose the user account in an assisting way by the user terminal, and has flexible form and enough safety.

Description

A kind of control system and method for creating and use user account by user terminal

Technical field

The present invention relates to the user account management system, especially create user account and provide the control system and the control corresponding method of this user account to the user by user terminal.

Background technology

At present, determine user account management processes such as user account information for customer requirements, for example open new user account, mainly the written application based on the user launches, for example bank's audit user's written application is also correspondingly opened a new user account, and perhaps the user comes to open the user account that this mechanism safeguards by online application way by the website of logining some mechanism.After application is by audit, bank or other mechanism will provide the medium of a carrying user account information, for example bank card or bankbook to the user.Such mode underaction, and inefficiency, for example bank audit user applies and provide the process of a bank card will be through the cycle more than 15 days, and the media such as member card that other mechanisms provided also need certain fabrication cycle.Simultaneously, such mode usually require when using these user accounts, to provide a certificate medium of this user account, for example member card or bank card etc., this has also caused certain inconvenience to the user, for example the user will carry this medium at least, and the more important thing is that in a single day this medium lose the loss that is easy to cause the user, because may perhaps only need simple verification modes such as authentication password without any need for the checking means by the account of this medium correspondence of this media processes.

In order to overcome above-mentioned defective, we are desirable to provide control system, control corresponding method that a kind of novel being used for determined user account information and used this user account.

Summary of the invention

At above-mentioned defective of the prior art, the purpose of this invention is to provide a kind of control method, control corresponding system and needed supplementary controlled system of determining user account information and process user account by user terminal.

According to an aspect of the present invention, providing a kind of determines the control method of user account information wherein, to comprise the steps: that b. determines the user account indication information according to user profile by user terminal; C. described indication information is sent to described user terminal, so that described user terminal can be determined the information of described user account.

Preferably, described indication information is an identification information that is associated with described user account, and wherein step b comprises step: b1. determines described identification information according to user profile; Described control method also comprises step: the incidence relation of setting described identification information and described user account.

According to another aspect of the present invention, provide the control system of determining user account information by user terminal, it is characterized in that comprising: first determines device, is used for determining the user account indication information according to user profile; And first dispensing device, be used for described indication information is sent to described user terminal so that described user terminal can be determined the information of described user account.

Preferably, described indication information is an identification information that is associated with described user account, and wherein said first determines that device comprises: second determines device, is used for determining described identification information according to user profile; Wherein said control system also comprises: first treating apparatus is used to set the incidence relation of described identification information and described user account.Preferably, described second determines that device also is used for determining described identification information according to the identification information of user profile and user terminal.

Another aspect of the present invention provides a kind of auxiliary control method by the user terminal processes user account, comprising the processing instruction of following steps: i. reception at described user account; Ii. described processing instruction is handled; It is characterized in that described processing instruction comprises the indication information of described user account, and described indication information is associated with a user terminal at least.

According to an aspect of the present invention, provide the supplementary controlled system that uses user account by user terminal, comprise the 5th receiving trap, be used to receive processing instruction; And the 3rd treating apparatus, be used for described processing instruction is handled; It is characterized in that described payment instruction comprises the indication information of described user account, and described indication information is associated with a user terminal at least.

According to a further aspect of the invention, a kind of auxiliary control device of determining user account information and/or user account being carried out auxiliary process that is used in user terminal also is provided, it is characterized in that, comprising: the 9th receiving trap is used to receive the checking solicited message that is used to verify user terminal; The 5th treating apparatus is used to handle described checking solicited message, and generation and the corresponding authorization information of described checking solicited message; And the 6th dispensing device, be used to send described authorization information.

Described user terminal can be any in the equipment such as mobile phone, PDA(Personal Digital Assistant), notebook, desk-top computer, set-top box, every household e equipment and blackberry, blueberry.The present invention determines user account information by user terminal, and preferably the indication information of this user account is sent in the user terminal, could be processed after making the indicated user account of this indication information to confirm by this user terminal.The method of determining user account information by user terminal both was provided, the method by this user account of user terminal auxiliary process also was provided.Use-pattern of the present invention flexibly, safe enough is arranged, be a kind of novel account's disposal route.

Description of drawings

By reading the detailed description of non-limiting example being done with reference to the following drawings, it is more obvious that other features, objects and advantages of the present invention will become:

Fig. 1 illustrates according to the first embodiment of the present invention, determines the process flow diagram of the control method of user account information by user terminal;

Fig. 2 illustrates according to a second embodiment of the present invention, determines the process flow diagram of the control method of user account information by user terminal;

Fig. 3 illustrates according to a second embodiment of the present invention, the process flow diagram of among the step S111 shown in Figure 2 the user terminal legitimacy being verified;

Fig. 4 illustrates according to a specific embodiment of the present invention, uses the user terminal of control method provided by the invention and the network topology synoptic diagram of control system;

Fig. 5 illustrates according to the first embodiment of the present invention, uses the process flow diagram of the auxiliary control method of user account by user terminal;

Fig. 6 illustrates according to a second embodiment of the present invention, uses the process flow diagram of the auxiliary control method of user account by user terminal;

Fig. 7 illustrates according to the first embodiment of the present invention, the control system 4 of determining user account information by user terminal with in user terminal, be used for the structural representation that auxiliary establishing user account and/or user account carry out the control device 3 of auxiliary process;

Fig. 8 illustrates according to the first embodiment of the present invention, the structural representation of second deriving means 412 in the control system 4 shown in Figure 7;

Fig. 9 illustrates according to the first embodiment of the present invention of the present invention, the structural representation of second demo plant 7 in second deriving means 412 shown in Figure 8;

Figure 10 illustrates according to the first embodiment of the present invention, uses the structural representation of the supplementary controlled system 8 of user account by user terminal;

Figure 11 illustrates according to the first embodiment of the present invention, the structural representation of the 4th demo plant 821 in the supplementary controlled system 8 shown in Figure 10; And

Figure 12 illustrates according to a second embodiment of the present invention, the 4th demo plant 821 in the supplementary controlled system 8 shown in Figure 10 ' structural representation.

Embodiment

Fig. 1 illustrates according to the first embodiment of the present invention, determine the process flow diagram of the control method of user account information by user terminal, wherein described to receive the request that the user determines user account information, and determine according to this user account process, realized the function of definite user account.Particularly, at first enter step S101, receive the solicited message of determining user account information from the request of user terminal.In the present embodiment, determine that the process of user account is initiatively initiated by the user, promptly the user is by a user terminal execution in step S101.Above-mentioned solicited message is entered step S102 by after (as shown in Figure 7) control system or the reception of other disposal systems, obtains user profile according to described request information.Because the user wishes to determine one or more user account informations, so should comprise a spot of or a large amount of user profile in the described request information.According to different embodiment, the included user profile of solicited message can be different.For example, in the present embodiment, only comprise this user's identification information in the described request message, be about to this user and other other information of user's phase region, for example numbering of identity document; Described control system can only be carried out subsequent treatment according to this user profile, further carries out subsequent treatment thereby also can obtain more needed user profile by this user profile, and is for example embodiment illustrated in fig. 4 such.And change in the example at one, described request message can comprise and be used for determining the needed whole user profile of user account that for example user totem information, name, contact method etc. do not repeat them here.Next execution in step S103 creates described user account according to user profile, enters step then and enters step S104, and described user account is sent to described user terminal.

With reference to step S103 shown in Figure 1, those skilled in the art understand, in the present embodiment, adopt the most direct method to determine user account information, promptly in step S103, directly create a new user account, and this user account information sent to the user, make the user determine user account information.This step S103 can be understood that the specific embodiment that step " is determined the user account indication information according to user profile ", wherein said user account indication information is a user account itself, and change in the example at other, such step can also be achieved by other modes, and for example Fig. 2 shows a variation example.Accordingly, in step S104, directly with user account information, promptly the user account indication information sends to user terminal.

Particularly, at step S103, the different user account (indication information) of the applied different system management of the present invention, different application systems can adopt different separately operation flows and mode to create user account, usually, different user accounts determine this constructive process.For example, in the present embodiment, described user account is member's account, and its process of creating user account (member's account) is very simple, adopts the mode of " serial number+passport numbering ", wherein, serial number is a serial number, for example adopts " 1008 " afterwards in " 1007 ", in such embodiments, just can create this user account according to the user profile of obtaining among the step S102 (passport numbering), and send to the user by step S104.In the present embodiment, described user account does not need user's information such as name.And change in the example at another, described user account is a bank account, create the process relative complex of user account, for example this user account can comprise the information such as credit line of Routing Number, BIN number, user identity card numbering, Account Type, user account, those skilled in the art can come performing step S103 with reference to common practise and according to the conventional procedure of each banking system establishment bank account, will not give unnecessary details.

Further, described step S101, S102 make the as a whole specific embodiment that can be understood that step " is obtained described user profile ", and this step can change example by difference and is achieved step S110 for example shown in Figure 2～S114.Change in the example at one, described user profile is not to obtain by user terminal, but directly the written application by the user obtains, and such embodiment can realize and not influence flesh and blood of the present invention, will not give unnecessary details.

In a variation example embodiment illustrated in fig. 1, for the sake of security, especially guarantee the information security of user account, also comprise the step of checking, for example user's identity being verified, is correct, legal users with the user who guarantees reception user account indication information.Those skilled in the art can realize described verification step with reference to prior art or embodiments of the invention, and for example the described embodiment of Fig. 2, Fig. 3 does not repeat them here.

Fig. 2 illustrates according to a second embodiment of the present invention, determines the process flow diagram of the control method of user account information by user terminal.Compare the outstanding at least control procedure of verifying of having described of present embodiment with embodiment illustrated in fig. 1.Particularly, at first execution in step S110 receives the solicited message of determining user account information from the request of user terminal, and this step can realize with reference to step S101 shown in Figure 1, not repeat them here.Enter step S111 then, the user terminal legitimacy is verified according to solicited message; Next execution in step S112 verifies applicant's identity legitimacy according to solicited message.It will be appreciated by those skilled in the art that, change in the example at one and can only adopt one among step S111, the S112 to verify, and in other variation examples, can also verify, do not repeat them here by other modes.Further, can realize described user terminal is carried out the process (step S111) of legitimate verification by different ways, for example embodiment illustrated in fig. 3; Equally, also can be accomplished in several ways step S112, for example embodiment illustrated in fig. 4, do not repeat them here.By two legitimate verifications that step is carried out shown in Figure 2, system guarantees that said process obtains safe enough, this security comprises the content of two aspects at least, the one, security of users, the legal identity that promptly guarantees the user can illegally not used by other people, and then guarantees that corresponding user account can be by unauthorized theft; The 2nd, the security of system by two checkings, has guaranteed that system can not destroyed by the invador of malice.

After proof procedure is finished, enter step S113, judge whether above-mentioned checking is passed through, if the judged result of this step negates to verify promptly and do not pass through that then this processing procedure end is no longer handled the request of determining user account; If the checking result of this step is sure, i.e. checking is passed through, and execution in step S114 then obtains described user's user profile according to described request information.It will be appreciated by those skilled in the art that above-mentioned steps S110～S114 can be used as the variation example of step S101 shown in Figure 1, S102, one of the step of " obtaining user profile " in other words conj.or perhaps changes example.In conjunction with elaboration to the described embodiment of Fig. 1, those skilled in the art understand, change in the example at other, described proof procedure (for example step S111, S112) can be omitted, especially under the less demanding situation of security of user account, for example at common member's account, especially at impersonal account.

Be similar to embodiment illustrated in fig. 1, obtain user profile by step S114 after, still realize the process of " determining the user account indication information " according to user profile.Particularly, present embodiment with embodiment illustrated in fig. 1 different is, described user account indication information is an identification information that is associated with described user account, therefore, in the step S115 that next is performed, determine described identification information (indication information) according to user profile, preferably, generate an identification information according to user profile, change in the example, also can from a database with a plurality of identification informations, select an identification information at one.Then, enter step S116, set the incidence relation of described identification information and described user account, promptly between described identification information and user account, set up relatedly, feasiblely can determine described user account uniquely by this identification information.Those skilled in the art understand, in described step S115, S116, although there is not a newly-built user account, but by determining described unique identification information, and this identification information is associated with a user account, in fact still can determine this user account, thereby realize purpose of the present invention.Further, it will be appreciated by those skilled in the art that described step S116 can be accomplished in several ways, for example by the related information of a data table record identification information and user account, preferably, described tables of data is safeguarded by above-mentioned control system.In the present embodiment, described identification information and described user account are one to one; And change in the example at one, a user account can correspond respectively to different identification informations, as long as above-mentioned control system allows such incidence relation, this does not influence flesh and blood of the present invention, will not give unnecessary details.

Next execution in step S117 is loaded on described indication information in the carrier, enters step S118 then, and the carrier that will comprise described indication information is sent to described user terminal.In the present embodiment, the indication information in this two step is exactly the identification information of determining among the above-mentioned steps S115, this identification information (indication information) is sent to user terminal after, user terminal just can be determined described user account by this identification information.Different with the described embodiment of Fig. 1 particularly is, before sending this indication information, by step S117 this indication information is loaded in the carrier, and preferably described carrier can be received by described user terminal.In the present embodiment, compare described carrier with identification information itself and have the better form of expression, for example it has decoration function or other essential meanings.Described carrier is passable, for example, it is a pictures, by step S117 described indication information is contained in this picture, it is a common picture on the surface, but can obtain the indication information that comprises wherein after this picture is read by described control system or other disposal systems, further can obtain the relevant information of the indicated user account of this indication information.Preferably, described picture can be the form of expression of a two-dimension code, changes in the example at one, and this picture also can be the form of expression of a three-dimensional sign indicating number; Change in the example at another, can generate a bar code according to described indication information, and this bar code is sent in the user terminal as described carrier; In another changed example, described indication information can also be directly sends to described user terminal in the mode of character (for example letter, Chinese character and/or numeral), and this does not influence flesh and blood of the present invention.Those skilled in the art can realize an indication information is loaded on process in the above-mentioned carrier in conjunction with prior art, will not give unnecessary details.

With reference to above-mentioned Fig. 1, Fig. 2, it will be appreciated by those skilled in the art that at one to change in the example that the step of described " obtaining user profile " can be omitted, promptly the described step S101 of Fig. 1, S102 and the described step S110 of Fig. 2～S114 can be omitted respectively.For example, in the time of in the Already in described control system of user profile, just there is no need to obtain this user profile again, and determine that user account indication information (for example described step S115 of Fig. 2, S116) gets final product after directly calling this user profile, do not repeat them here.

Further, it will be appreciated by those skilled in the art that described step S104 shown in Figure 1 and step S118 shown in Figure 2 can realize in several ways.Usually, the send mode that described indication information is sent to user terminal can change according to the receive mode of user terminal is different.For example, change in the example at one, described user terminal is the equipment that can receive short message and/or multimedia short message, and for example mobile phone can send this indication information by short message and/or multimedia short message at this moment; Change in the example at another, described user terminal is the equipment that can receive packet by network, for example, then can send a packet that comprises described indication information to user terminal by these networks by wireless network (for example China Mobile provide mobile phone wireless network) or cable network (for example the internet that provides of China Telecom or Oriental Cable Network Co., Ltd. provide cable TV network or an in-house Ethernet).In other words, the technological means that is used for sending message in the prior art can be used to above-mentioned steps, and those skilled in the art can realize in conjunction with prior art, will not give unnecessary details.

Further, also can realize at above-mentioned step S102 shown in Figure 1 and step S114 shown in Figure 2 by different modes.Preferably, directly obtain needed user profile by described request information; And change in the example at one, consider under the situation that can't comprise whole user profile in the solicited message, can further obtain user profile by the third party system, for example by solicited message obtain the user identification information and be that index obtains whole user profile by the third party system further with this identification information.Change in the example at one, described user terminal is a mobile phone, then the telephone number by this mobile phone correspondence can obtain this user's information such as name, home address from cellular provider, such process can realize by the mode of Query Database at least, for example inquires about third party database.

With reference to figure 1, Fig. 2, related to system and user's repeatedly information interaction in above-mentioned The whole control flow process, in order further to improve information security, change in the example at one, described interactive information is encrypted.For example the content that sends is encrypted, and correspondingly deciphering rule according to a preconcerted arrangement is decrypted it according to the encryption rule of described user terminal and control system agreement.Described encryption, deciphering rule can adopt the encryption technology of generally using in the prior art, and for example asymmetric cryptosystem also can adopt specific encryption technology according to concrete enforcement needs.

With reference to figure 1, Fig. 2, in a preferred embodiment, " user profile " among described step S103 of Fig. 1 and the step S115 shown in Figure 2 also comprises the identification information of user terminal at least, promptly also creates user account or identification information according to the identification information of user terminal.In such embodiments, described user account or identification information are associated with described user terminal, generally the identifying information of user terminal is unique, thereby makes that user account or the identification information created are unique, and corresponding one by one with user terminal.For example, when user terminal was mobile phone, then the identification information of this mobile phone can be the sequence number of the process chip (unique) of mobile phone itself; When user terminal was desk-top computer, (unique) sequence number that the identification information of this computing machine can its mainboard did not repeat them here.

One at Fig. 1 changes in the example, can before step S104 shown in Figure 1, increase a step: described user account information is loaded in the carrier, for example in the two-dimension code, correspondingly, described step S104 is changed to: described carrier is sent in the described user terminal.Those skilled in the art can realize such variation example in conjunction with the description to Fig. 2.

Fig. 3 illustrates according to a second embodiment of the present invention, and the process flow diagram of among the step S111 shown in Figure 2 the user terminal legitimacy being verified, present embodiment are the concrete refinements to this step.Particularly, in the present embodiment, described request information comprises the identifying information of the described user terminal that the user imports, and accordingly in step S121, sends the checking solicited message to the user terminal that identifying information identified of the user terminal of described user's input; Enter step S122 then, reception is from the authorization information at described checking solicited message of user terminal, wherein, described authorization information is generated and sent automatically by described user terminal, be not need the user to participate among the step S122, can avoid the user to operate like this and practise fraud or disturb proof procedure by it.Wherein, the identifying information that has comprised this user terminal in the described authorization information.Next execution in step S123, judge whether the user terminal identifying information that described authorization information comprises is consistent with the user terminal identifying information of described user's input, if the judged result of step S123 is sure, the identifying information that is identifying information and the described user terminal of described user input of described user terminal is consistent, then enter step S124, determine that described user terminal legitimate verification passes through; If the judged result of step S123 negates, the identifying information that is identification information and the described user of described user input of described user terminal is not consistent, then enter step S125, determine that described user terminal legitimate verification does not pass through, so far this proof procedure finishes.Further combined with Fig. 2, it will be appreciated by those skilled in the art that execution in step S124 after, in Fig. 2, continue to carry out described step S114, otherwise Fig. 2 processing procedure finishes.

In the present embodiment, the process of generation among the step S122 shown in Figure 3 and transmission checking message is finished automatically by user terminal.Preferably, can finish this step by the device (control device 3 for example shown in Figure 7) that sets in advance in described user terminal; Change in the example at one, also can finish this step by original device in the user terminal, for example when described user terminal is mobile phone, and described checking message sends by the mode of short message, then can with in this user terminal to automatically reply function open-minded, this moment, described user terminal can automatically reply, and did not repeat them here.

In the present embodiment, the process of transmitting of described step S122 is finished by the third party system, preferably, and should checking message by described third party's system forwards.Wherein, this third party system provides the identification information of described user terminal at least, for example this identification information is sent to described control system with described checking message.Because the third party system provides this identification information, make the user can't change this identification information, thereby can verify that message determines the correct identification information of described user terminal by this.When described user terminal is a mobile phone, and when described checking message sends with the short message form, in fact this short message sends by mobile service provider, and in this process, mobile service provider has determined user terminal identification information (telephone number) and this identification information has been sent out with short message; When described user terminal is the equipment of transmitting-receiving Email, and described checking message then needs when sending with the Email form, and Email service provider can determine to send address (Email address) too, and this Email address can be sent out together.Similarly, can realize above-mentioned proof procedure by corresponding third party system at different user terminals.

With reference to figure 3, similar with Fig. 2 again, described process of transmitting can realize by multiple transmission medium, and for example mobile phone mobile network or internet can adopt the mode of short message, multimedia short message, also can adopt the mode of HTTP or WAP or ICP/IP protocol; The information that is sent out also can be encrypted, thereby improve the security in the message transmitting procedure, will not give unnecessary details.

Above-mentioned step S121 shown in Figure 3, S122 are the embodiments that step " is obtained the authorization information relevant with described user terminal ", and in a variation example embodiment illustrated in fig. 3, can realize step S111 shown in Figure 2 by alternate manner, will not give unnecessary details.

Fig. 4 illustrates according to a specific embodiment of the present invention, uses the user terminal of control method provided by the invention and the network topology synoptic diagram of control system, and it is further summed up the described control flow of above-mentioned Fig. 1～Fig. 3.In the present embodiment, connect by network between user terminal 9 and the control system 4, and both can mutual communication, also connect by network between control system 4 and the third party system 6, and both also can mutual communication.Preferably, described control system 4 can comprise a database (not shown among Fig. 4), is used to store user account information.Be appreciated that in conjunction with above-mentioned Fig. 1～Fig. 3, in a preferred embodiment, user terminal 9 sends the solicited message of determining user account information to control system 4, control system 4 is obtained the user profile of needs according to described request information, and user terminal, applicant (user) identity information legitimacy are verified.In the embodiment shown in fig. 3, described control system 4 sends the checking solicited message to user terminal 9, and user terminal 9 correspondingly returns authorization information to described control system 4, thereby finishes the checking to the user terminal legitimacy.In this process, this authorization information can be passed through third party's system forwards, and this third party system can be a system shown in Figure 46, also can be different with this system, and this does not influence flesh and blood of the present invention.In the present embodiment, at applicant (user) identity information legitimate verification process, for example normally identity verification card or other perfect instrument information etc., described control system 4 is sent to third party system 6 with described applicant's identity information, and ask 6 pairs of described identity informations of described system to be verified, receive checking feedback information then, and determine that according to described checking feedback information whether described request information is by the checking of applicant's identity legitimacy from described third party system 6.This system 6 can determine checking result to this application people by inquiry interior data storehouse, and those skilled in the art can realize this process in conjunction with prior art, do not repeat them here.

Similarly, the network of above-mentioned connection control system respectively 4, user terminal 9 and third party system 6 can use multiple different network technology and should be used for realizing, for example internet, cell phone network etc., for example working as described control system is the bank account management system, and described third party system 6 is when being the credit investigation system of bank inside, the atm network that then to connect its both network can be bank inside does not repeat them here.In the present embodiment, network between user terminal 9 and the control system 4 and control system 4 can be identical with network between the third party system 6, change in the example at one, and two networks also can be different.For example, at mobile phone as user terminal 9 and when being applied to the bank account management system, realize by the mobile phone mobile communications network between user terminal 9 and the control system 4, and the network between control system 4 and the third party system 6 is realized by the atm network of bank inside.Change in the example at another, above-mentioned two networks also can be omitted, and for example control system 4 is carried out the immediate data exchange with user terminal 9, and does not finish said process by network.

More specifically, we describe the present invention by following flow process and are applied to process by mobile phone application bank account, specifically are divided into client-side program and two processes of application bank account of installing.Wherein, the user obtains this program by login control system 4 these client-side program of download or other modes in first process, then this program is mounted in its employed mobile phone.It will be appreciated by those skilled in the art that all functions of support software installation of present user terminals such as smart mobile phone, therefore, such installation process can be implemented.The process of applying for the registration of is as follows:

1) user sends the solicited message of application bank accounts in the mode of short message to described control system 4 by described client-side program, begins to apply for bank account.Comprise the various information that the user imports in the described request message, for example the type of phone number, address name, user identity card numbering, bank account, account's high credit etc.; Also comprise the information that described client-side program generates automatically, the factory number of the unique number of client-side program (for example sequence number) and this mobile phone (the perhaps hardware information that other can this mobile phone of unique identification) for example, these information can be read various (hardware) information acquisition of mobile phone by this client-side program.

2) after described control system 4 receives described short message, generate a pre-authentication information, and this information is sent to this mobile phone by short message according to relevant information.For example, the phone number that described pre-authentication information can be by comprising in the described short message, factory number, address name and the client-side program numbering of mobile phone, and information such as timestamp information generates.

3) after receiving described pre-authentication information, place the described client-side program in this mobile phone to generate an authorization information, and send to described control system 4 in the mode of short message once more.Wherein, can comprise above-mentioned pre-authentication information and authentication information in the described authorization information, wherein, described authentication information can generate based on information such as the factory number of this mobile phone, client-side program numberings, can also generate based on information such as timestamp informations under the part situation.Usually, described authentication information can adopt different algorithms to generate with pre-authentication information.

4) described control system 4 is after receiving above-mentioned authorization information, retrieve the solicited message corresponding according to described pre-authentication information with this pre-authentication information, and these information that comprise in the factory number of the phone number that comprises in the described authorization information, this mobile phone, client-side program numbering and the described request information are compared, if on all four, then confirm to pass through at the legitimate verification of this user terminal; Otherwise, then described checking fail by.Wherein, because the mode of described authorization information by short message be sent out, be attached in the described short message so send the system (for example system of China Mobile) that the telephone number of the mobile phone of this short message is forwarded this short message.Information such as the factory number that described control system 4 can be obtained above-mentioned mobile phone by the authentication information in the authorization information is decoded, client-side program numbering.

5) described control system 4 is carried out the checking of out of Memory, for example to the checking of information such as described address name, I.D. numbering.For example, can finish such checking by third party system 6.For example the system (for example system of China Mobile) by this mobile phone of management obtains above-mentioned information and finishes checking; For example finish checking again to these information by a credit investigation system.

6) if the checking of above-mentioned steps 4,5 is all passed through, then determine to provide to this user the information of a bank account.For example, at first the factory number according to this user profile and this mobile phone generates the identification information at this request, then this identification information and this user's a bank account is set up incidence relation, next this identification information is loaded in the user-selected fixed pictures (for example Liu Xiang take when the grand prix of Shanghai track and field gold photo), the picture that will load this identification information at last is sent in the described mobile phone by the mode of multimedia short message.It will be appreciated by those skilled in the art that described identification information can generate based on multiple algorithm, DES algorithm for example, and it shows as a string binary digit; Each binary coding can be added into the ad-hoc location in the described picture respectively, for example finish and add operation, perhaps take other modes to finish described loading procedure according to the position relation of interval 2N+1 (N=is added binary-coded sequence number).Processing procedure by mobile phone application bank account is done.

It will be appreciated by those skilled in the art that above-mentioned concrete processing procedure only is the processing mode under a kind of application scenarios, the present invention accordingly can also be applied to other scene, and this processing procedure also can be changed.For example change in the example, in above-mentioned steps 1, do not need user's input handset number, because can have the telephone number of this mobile phone in the short message by system of described China Mobile or other system forwarding at one.Again for example, above-mentioned steps 5 can be omitted, and promptly other information of user is not verified or the like, does not repeat them here.

Under the same application scenarios, can also realize above-mentioned proof procedure by the information transmission mode beyond the short message to user terminal at above-mentioned application bank account information, specific as follows:

1) user logins described control system 4 by described client-side program, begins to apply for bank account.At this moment, this mobile phone and described control system 4 connect by TCP/IP.

2) described client-side program is demonstrate,proved information such as numbering, bank account type, account's high credit with phone number, address name, the user identity of user's input, and information such as factory number of this mobile phone, client-side program numbering sends to described control system 4 as solicited message, and this process is finished by the packet based on ICP/IP protocol equally.

3) after described control system 4 receives above-mentioned solicited message, generate a pre-authentication information equally, detailed process can be with reference to the step 2 of a last processing procedure) realize.

4) after receiving described pre-authentication information, place the described client-side program in this mobile phone to dial to described control system 4.Similarly, the telephone number by system of China Mobile or this mobile phone of other system can be obtained by modes such as caller identifications, the phone number that comprises in the phone number that gets access to and the described request information can be compared then and finish checking.Simultaneously, send to described control system 4 such as other information (for example sequence number of the factory number of mobile phone, described terminal control mechanism 3) by the ICP/IP protocol packet.

5) step 5) that is similar to a processing procedure is verified out of Memory.

6) at first generate bank account, according to the two-dimension code algorithm this bank account information is generated a two-dimension code then and send in the described mobile phone according to the factory number of this user profile and this mobile phone.

Above-mentioned Fig. 1～Fig. 4 describes the process of determining user account information by user terminal in detail, finally in user terminal, obtained a user account indication information, correspondingly, Fig. 5 illustrates according to the first embodiment of the present invention, uses the process flow diagram of the auxiliary control method of this user account by user terminal.Particularly, execution in step S201 at first receives the processing instruction at described user account from user terminal, it will be appreciated by those skilled in the art that described processing instruction is meant that the user is for one or the instruction of multinomial processing operation that user account carried out.For example, in the present embodiment, described user account is a bank account, and described processing instruction can be the payment instruction that this bank account of requirement is paid.Preferably, this processing instruction is initiated by the user who this user account is had processing authority, and for example the payment according to the user requires to generate, and transfers to described control system in the mode of electronics by user terminal.It will be appreciated by those skilled in the art that described step S201 can be understood that the embodiment that step " receives the processing instruction at described user account ", and this step can suitably change variation example as shown in Figure 6.

Enter step S202 then, whether the indication information that comprises in the judgment processing instruction is complementary with the user terminal that sends this instruction.Because user account and the user terminal determined according to the present invention are closely related,, perhaps pass through the affirmation of suitable user terminal so the purpose of this step is to guarantee that this processing instruction is that suitable user terminal sends.For example, when this processing instruction is when being used for the payment instruction of a bank account, judge promptly whether bank account that comprises in the payment instruction and the user terminal that sends this payment instruction are complementary.In the present embodiment, the indication information of described user account (user account itself or the identification information related with user account) is created based on the identification information of user terminal or is selected, so this indication information is unique corresponding with this user terminal identification information in the present embodiment, promptly can obtain the identification information of its pairing user terminal, for example the CPU of a mobile phone according to this indication information.Correspondingly, can obtain the identification information of the user terminal that sends this instruction by described processing instruction, for example in the present embodiment, described processing instruction is sent out by short message, place (as shown in Figure 7) control device of this user terminal will obtain the identification information of this user terminal, for example the CPU of a mobile phone places described short message with certain special coding; Simultaneously, also comprise the indication information of described user account in this short message, also may comprise other information, contents such as for example concrete instruction or digital certificates.Then, described control system can extract identification information with this indication information corresponding user terminal according to the user account indication information that comprises in this processing instruction, and the user terminal identification information that directly comprises in the user terminal identification information that extracted and this processing instruction compared judgement, thereby performing step S202.

Change in the example at one, described processing instruction can be sent out by other modes, for example http protocol or wap protocol or ICP/IP protocol, in such variation example, similarly, described control device still can place described user terminal indication information packet or the signaling or the other guide of carrying processing instruction, still can realize above-mentioned steps S202 similarly.

If the judged result of step S202 is sure, be that indication information that comprises in the processing instruction and the user terminal that sends this processing instruction are complementary, then enter step S203, determine the checking that described processing instruction carries out is passed through, further carry out described processing instruction; Otherwise, if the judged result of step S202 negates, be that indication information that comprises in the processing instruction and the user terminal that sends this instruction do not match, execution in step S204 then, do not carry out processing instruction, to the information of user terminal feedback authentication failed, the process of feedback can be undertaken by different transmission mediums, specifically can be with reference to elaborating Fig. 1～Fig. 4.

Change in the example at one, " to the information of user terminal feedback authentication failed " among the described step S204 can be omitted, and perhaps replaces with other feedback informations, and this does not influence flesh and blood of the present invention.Further, the process that it will be appreciated by those skilled in the art that the execution processing instruction among the step S203 changes because of the different user Account Type.For example, in the present embodiment, described user account is a bank account, then described processing instruction can specify fund to finish to other accounts by deduction from the bank account of described indication information correspondence, pair valency that for example pay public-works spending, pay the expense of supplementing with money, the payment shopping online need be paid.Such process, usually having finished a transaction operation with the user is prerequisite, for example the user has finished the operation (for example scanning the bar code of electricity charge list etc.) of the payment electricity charge except that payment by user terminal, comes payment in the last payment stage by process shown in Figure 5.And change in the example at one, described user account is member account, described processing instruction this member account that requests timeout is then as long as freeze this member account in the membership management system; Change in the example at another, described user account can be social security account etc., does not repeat them here.

We are that example is described possible application scenarios with the electronic business transaction, for example by user terminal processes user account, i.e. process of paying by described user account.The user has determined user account by user terminal, and for example behind bank account information, by user terminal, for example mobile phone, set-top box, desk-top computer etc. are browsed commodity and will be selected commodity and put into shopping cart; The user sends tally order by user terminal then, and purchase system shows the payment for goods total value to the user; Next, the user imports payment for goods total value (or automatically filled in by purchase system), and send payment instruction, because bank account indication information (for example binary coding that comprises in above-mentioned Liu Xiang's the picture) has placed this user terminal, this indication information to be contained in this payment instruction and has sent to described control system.Described then control system adopts flow process shown in Figure 5 that this payment instruction is handled, and payment instruction is carried out in indication information that promptly comprises in payment instruction and relevant user terminals coupling back.Change in the example at one, can also verify that whether this payment instruction is through described user terminal mandate according to the described process that user terminal is verified of above-mentioned Fig. 4, this process can be based on the bank account indication information that comprises at least in the described instruction, Mobile Directory Number, mobile phone factory number, place the information such as numbering of the client-side program of mobile phone to finish, and this changes the means that example is compared with flow process shown in Figure 5 has increased checking.It will be appreciated by those skilled in the art that this payment instruction can also comprise shopping informations such as O/No. in concrete the application.Control method provided by the invention can also be applied to other occasion, for example when every household e equipment during as user terminal, after this every household e appliance case input public-works spending premium notice list numbering, submit payment instruction to after importing the amount of money of paying the fees, similarly, described control system can be handled according to above-mentioned flow process shown in Figure 5 again, does not repeat them here.

Fig. 6 illustrates according to a second embodiment of the present invention, use the process flow diagram of the auxiliary control method of user account by user terminal, in this flow process, after receiving user's processing instruction, described user instruction is verified to guarantee the legitimacy of user terminal.Particularly, at first enter step S211, receive the processing instruction at described user account, different with step S201 shown in Figure 5 is that described processing instruction causes subsequent step and embodiment illustrated in fig. 5 there are differences from the carrier beyond the user terminal.Next execution in step S212 obtains the identification information of the user terminal that is associated with the indication information that comprises in this processing instruction according to described user's processing instruction.In the present embodiment, described user account indication information is loaded in the two-dimension code, correspondingly, in above-mentioned processing instruction, comprised this two-dimension code, so described control system at first reads this two-dimension code from processing instruction, further obtain the user account indication information that is contained in wherein by two-dimension code decoding rule, for example perhaps there is related identification information in this user account itself with this user account; Judge then whether this indication information is complementary with described user terminal, and this process and step S202 shown in Figure 5 are similar, will not give unnecessary details.

In the present embodiment, the user can export to described user account indication information in other media from described user terminal, for example be stored in the movable storage device, perhaps directly print on the paper, send above-mentioned processing instruction by described other media then.For example equally in above-mentioned electronic business transaction, when needs are paid, read the described indication information that is stored in other medium by particular device (for example two-dimension code reading device), thereby send described instruction.

Enter step S213 then, to the user terminal that identification information the identified transmission checking solicited message of described user terminal, common this checking solicited message is sent the identical mode of described processing instruction and is sent out with user terminal, do not repeat them here.Execution in step S214 receives the authorization information from user terminal then, and preferably, the authorization information of described user terminal is generated and sent by user terminal.Next enter step S215, judge according to described authorization information whether described checking is passed through, if the judged result of this step is sure, promptly the authorization information of user terminal is by the checking of system, then enter step S216, determine the checking that described processing instruction carries out is passed through; If the judged result of step S215 negates that promptly the authorization information of user terminal by checking, does not enter step S217, determines the checking of described processing instruction is not passed through.It will be appreciated by those skilled in the art that after step S216, also need to carry out described processing instruction, specifically can be with reference to elaboration embodiment illustrated in fig. 5; Behind step S217, then can also notify the described processing instruction of user not to be performed, not repeat them here.

With reference to figure 5, Fig. 6, it will be appreciated by those skilled in the art that in order to improve security of system, can in the process of above-mentioned transmission information, adopt encryption measures, do not repeat them here.And change in the example at one, can also itself verify at described indication information, for example when described indication information is loaded in the two-dimension code, can additionally carries out the checking procedure of two-dimension code itself is carried out with the safety that guarantees matching process.

With reference to figure 5,6, change in the example at one, can also verify described processing instruction by other modes.For example, also comprise digital certificates in described processing instruction, these digital certificates are provided in advance to user terminal, preferably, these digital certificates can be unique corresponding with described user terminal, then can be verified user terminal according to described digital certificates by described control system.Again for example, after control system receives described processing instruction, can require the user to import an authentication password, and judge further whether this authentication password is complementary with the preset user authentication password, further strengthen proof procedure by the step of input password.Those skilled in the art can not repeat them here in conjunction with the such variation example of existing techniques in realizing.

By Fig. 5 or control flow shown in Figure 6, make and determine that a user account information need obtain the mandate of a user terminal, and must could handle this user account that this process is normally finished automatically through mandate, the permission of same user terminal.Also provide safe enough in the user friendly while.All significant when this control method is applied to multiple industry, especially require the higher industry of security, for example financial sector, club, social security sector etc.

Fig. 7 illustrates according to the first embodiment of the present invention, the control system 4 of determining user account information by user terminal with in user terminal, be used for the auxiliary structural representation of determining user account information and/or user account being carried out the control device 3 of auxiliary process.In the present embodiment, described control system 4 comprises first deriving means, 41, first definite device 42, first dispensing device 43, database 44 and the 4th receiving trap 45, second treating apparatus 46.Wherein, device 41,42,43 can realize determining the function of user account information, and device 45,46 realizes opening the function of this user account.Particularly, described first deriving means 41 is used to obtain described user profile, because the user wishes to determine one or more user account informations, so should comprise a small amount of or sufficient user profile in the described request information, for example can include only this user's identity document numbering, also can comprise information such as address name, user account type.Described first determines that device 42 is used for determining the user account indication information according to user profile, can determine different indication informations according to different needs; Described first dispensing device 43 is used for described indication information is sent to described user terminal, so that described user terminal can be determined described user account information.Described indication information can send by short message and/or multimedia short message, also can be by HTTP or WAP or ICP/IP protocol transmission.Described database 44 is used to store user account for information about, preferably also stores the user account indication information.Described the 4th receiving trap 45 is used to receive the affirmation information from user terminal, and for example the mode that sends SMS message by user terminal of user confirms that its requirement opens and the corresponding user account of this user terminal; And described second treating apparatus 46 is used for opening described user account according to described confirmation.One changes in the example, system 4 also comprises a demo plant (Fig. 7 is not shown), whether the indication information indicated user terminal corresponding with user account is complementary to be used to verify this confirmation, and such device can will not be given unnecessary details with reference to figure 9 shown devices 7 at least.

Particularly, in the present embodiment, described first deriving means 41 comprises the first receiving device 411 and second deriving means 412.Wherein, described first receiving device 411 is used to receive the solicited message of determining user account information from the request of user terminal; Described second deriving means 412 is used for obtaining user profile according to described request information.Those skilled in the art can will not give unnecessary details in conjunction with these two devices of existing techniques in realizing.And change in the example at one, described first deriving means 41 can be omitted, and for example, described user profile is stored in the described control system 4 in advance, then there is no need additionally to obtain again.

Particularly, in the present embodiment, first determines that device 42 comprises that second determines device 421, and it is used for determining described identification information according to user profile.Correspondingly, described control system 4 also comprises first treating apparatus (not shown among Fig. 7), and it is used to set the incidence relation of described identification information and described user account.In the present embodiment, first determines that device 42 handled user account indication informations are identification informations that are associated with user account, accordingly, described second determines that device 421 can generate an identification information according to user profile, also can select an identification information from a database with a plurality of identification informations; Then, set the incidence relation of this identification information and user account, so that can determine described user account uniquely by this identification information by described first treating apparatus.Described identification information and described user account are one to one, also can be that a user account corresponds respectively to different identification informations.And change in the example at one, described first determines that device 42 comprises that the 3rd determines to be used for device (not shown among Fig. 7) creating described user account according to described user profile.In such variation example, adopt the most direct method to determine user account information, promptly directly create a new user account.For example, described user account can be member's account, and adopts the mode of " serial number+passport numbering " to create this number of the account; Again for example, described user account can be a bank account.Change in the example at another, also comprise the identification information of user terminal at least, thereby make that user account or the identification information created are unique as the described user profile of the foundation of creating identification information or user account, and corresponding one by one with user terminal.For example, when user terminal was mobile phone, then the identification information of this mobile phone can be the sequence number of the process chip (unique) of mobile phone itself.

Particularly, in the present embodiment, described first dispensing device 43 comprises merging device 431, and it is used for described indication information is loaded on a carrier, and wherein said carrier can be received by described user terminal; And second dispensing device 432, it is used for the described carrier that comprises described indication information is sent to described user terminal.In the present embodiment, compare with identification information itself, described carrier has the better form of expression.Described carrier can be a pictures, or in the two-dimension code, three-dimensional sign indicating number, bar code, character any, and described indication information is contained in wherein, obtain the represented information of two-dimension code after for example reading two-dimension code by the two-dimension code fetch equipment, be indication information, thereby further can obtain the relevant information of the indicated user account of this indication information.

Change in the example at one of Fig. 7, described device 45,46 can be omitted, and does not promptly need user account opened to confirm that it is open-minded for example to handle back acquiescence accounts by device 43.

Match with described control system 4, control device 3 shown in Figure 7 is used for being used for auxiliary definite user account information and/or using the process of user account to carry out auxiliary process at user terminal.In the present embodiment, described control device 3 comprises the 9th receiving trap 31, the 5th treating apparatus 32, the 6th dispensing device 33, the 7th dispensing device 34 and the 9th dispensing device 35.Wherein, device 31,32,33 is used to finish the processing of described user terminal being carried out legitimate verification, and particularly, described the 9th receiving trap 31 is used to receive the checking solicited message that is used to verify user terminal; Described the 5th treating apparatus 32 is used to handle described checking solicited message, and generation and the corresponding authorization information of described checking solicited message; Described the 6th dispensing device 33 is used to send described authorization information.Device 34,35 is used to send solicited message or instruction, and particularly, described the 7th dispensing device 34 is used for sending the solicited message that user account is created in application to described control system; Described the 9th dispensing device 35 is used to send the instruction that a user account is opened in affirmation.Change in the example at one, described control device 3 also comprises the 8th dispensing device, is used to send processing instruction.When described authorization information sent by short message, described the 5th treating apparatus 32 can comprise the 6th treating apparatus (not shown among Fig. 7), and it is used to generate a short message or multimedia short message.

Fig. 8 illustrates according to the first embodiment of the present invention, the structural representation of second deriving means 412 in the control system 4 shown in Figure 7.In the present embodiment, described second deriving means 412 comprises first demo plant 4121, first judgment means 4122 and the 3rd deriving means 4123.Wherein, described first demo plant 4121 is used for the solicited message of described definite user account information is verified; Described first judgment means 4122 is used to judge whether above-mentioned checking is passed through; Described the 3rd deriving means 4123 be used for when above-mentioned checking by the time obtain described user's user profile according to described request information.Particularly, described device 4121 also comprises second demo plant 7, and it is used for according to described request information the user terminal legitimacy being verified; And the 3rd demo plant, it is used for according to described request information applicant's identity legitimacy being verified.It will be appreciated by those skilled in the art that at one to change in the example that described device 4121 can include only in above-mentioned second demo plant 7, the 3rd demo plant; Change in the example at another, described device 4121 can comprise other demo plants.

Preferably, described the 3rd demo plant comprises the 5th deriving means (not shown among Fig. 9), and it is used for obtaining according to described request information described applicant's identity information; The 4th dispensing device (not shown among Fig. 9), it is used for described identity information is sent to the third party system, and asks described third party system that described identity information is verified; And the 3rd receiving trap (not shown among Fig. 9), it is used to receive the checking feedback information from described third party system, and determine described request information whether by the checking of applicant's identity legitimacy according to described checking feedback information, for example it can determine checking result to this application people by inquiry interior data storehouse (third party database) at least.

Fig. 9 illustrates according to the first embodiment of the present invention of the present invention, the structural representation of second demo plant 7 in second deriving means 412 shown in Figure 8.Particularly, described second demo plant 7 comprises the 4th deriving means 71, second judgment means 72 and the 4th definite device 73.Wherein, described the 4th deriving means 71 is used to obtain the authorization information relevant with described user terminal, and described authorization information comprises the identifying information of described user terminal; Described second judgment means 72 is used to judge whether the user terminal identifying information that described authorization information comprises is consistent with the user terminal identifying information of described user's input; The described the 4th determines device 73, is used for user terminal identifying information that the user terminal identifying information that comprises when described authorization information and described user import and determines that described user terminal legitimate verification passes through when consistent.Particularly, described the 4th deriving means 71 comprises the 3rd dispensing device 711, its user terminal that is used for being identified to the user terminal identifying information that described user imports sends the checking solicited message, and preferably, described request information comprises the identifying information of the described user terminal that the user imports; And, second receiving trap 712, it is used to receive the authorization information at described checking solicited message from described user terminal, wherein, described authorization information is generated and sent automatically by described user terminal, it does not need the user to participate in, and can avoid the user to operate by it like this and practise fraud or disturb proof procedure.Preferably, device 712 is finished the process that sends checking message by the third party system, and wherein this third party system provides the identification information of described user terminal at least.Because the third party system provides this identification information, makes the user can't change this identification information.For example working as described user terminal is mobile phone, and when described checking message sends with the short message form, in fact this short message sends by mobile service provider, and in this process, mobile service provider has determined user terminal identification information (telephone number) and this identification information has been sent out with short message.

Figure 10 illustrates the structural representation that uses the supplementary controlled system 8 of user account according to first embodiment of the invention by user terminal.In the present embodiment, described supplementary controlled system 8 comprises the 5th receiving trap 81 and the 3rd treating apparatus 82, and wherein said the 5th receiving trap 81 is used to receive processing instruction; Described the 3rd treating apparatus 82 is used for described processing instruction is handled, and wherein said payment instruction comprises the indication information of described user account, and described indication information is associated with a user terminal at least.Described particularly the 3rd treating apparatus 82 also comprises the 4th demo plant 821, and it is used for described processing instruction is verified; The 3rd judgment means 822, it is used to judge whether the checking that described processing instruction is carried out is passed through; And manage device 823 everywhere, its be used for the checking carried out when described processing instruction by the time carry out this processing instruction.

Particularly, Figure 11 illustrates according to the first embodiment of the present invention, the structural representation of the 4th demo plant 821 in the supplementary controlled system 8 shown in Figure 10.Wherein, described device 821 comprises the 4th judgment means 8211, and it is used for judging that whether described processing instruction authorized by the pairing user terminal of indication information that comprises with this processing instruction; And the 5th determine device 8212, and it is used for when described processing instruction is authorized by the pairing user terminal of indication information that comprises with this processing instruction definite checking that described processing instruction is carried out and passes through.Particularly, described device 8211 comprises the 5th judgment means 82111, and it is used for judging whether the indication information that described processing instruction comprises is complementary with the user terminal that sends this processing instruction; Correspondingly, the described the 5th determines that device 82121 comprises that the 6th determines device, determines the checking that described processing instruction carries out is passed through when its indication information that is used for comprising when described processing instruction is complementary with the user terminal that sends this processing instruction.In such embodiments, described processing instruction directly sends by described user terminal, for example be sent out by short message and this short message in comprise the identification information of this user terminal, in a preferred embodiment, this identification information obtains and places this short message by for example control device shown in Figure 7.Correspondingly, because the user account indication information is unique corresponding with this user terminal identification information, also can extract the corresponding user terminal identification information by the indication information that comprises in this short message, described device 82111 is compared the user terminal identification information that comprises in the user terminal identification information that extracted and this processing instruction can determine whether both mate.

Figure 12 illustrates according to a second embodiment of the present invention, the 4th demo plant 821 in the supplementary controlled system 8 shown in Figure 10 ' structural representation.With embodiment illustrated in fig. 11 different, described processing instruction is from the carrier beyond the user terminal, accordingly, described the 4th judgment means 8211 ' comprise the 6th deriving means 82112, it is used for the identification information of the user terminal that is associated according to the indication information that described processing instruction obtains with this processing instruction comprises; The 5th dispensing device 82113, it is used for sending the checking solicited message to the user terminal that identification information identified of described user terminal, and whether this checking solicited message is used to ask described processing instruction by described user terminal mandate; The 7th receiving trap 82114, it is used to receive the authorization information from described user terminal; And the 6th judgment means 82115, it is used to judge whether described authorization information comprises definite results.Correspondingly, the described the 5th definite device 8212 ' comprise that the 7th determines device 82122, it is used for determining the checking that described processing instruction carries out is passed through when described authorization information comprises definite results.

With embodiment illustrated in fig. 11 different be, described the 6th deriving means 82112 devices such as grade are used to handle the situation of processing instruction from the medium beyond the user terminal, for example the user account indication information is exported on other media (for example movable storage device), preferably, described user account indication information is loaded in a two-dimension code and is printed on the paper, and read this two-dimension code by the two-dimension code reading device and initiate described processing instruction, device 82112 reads this two-dimension code from processing instruction, further obtain the user account indication information that is contained in wherein by two-dimension code decoding rule, owing to comprised the identification information of this user terminal in the described indication information, therefore, can extract the user terminal identification information that wherein comprises according to the indication information create-rule.

With reference to above-mentioned Figure 11,12, change in the example at one, described the 4th judgment means can also be used for by digital certificates described processing instruction being verified.Particularly, described the 4th judgment means can also comprise the 5th demo plant (not shown among Figure 11 or 12), and it is used for the digital certificates that described processing instruction comprises are verified; The 7th judgment means, it is used to judge that whether described digital certificates are by checking; And the 8th determine device (not shown among Figure 11 or 12), its be used for when described digital certificates during by checking definite checking that described processing payment instruction is carried out pass through.Change in the example at another, described the 4th judgment means can also be used for by authentication password described processing instruction being verified.Particularly, described the 4th judgment means can also comprise the 8th receiving trap (not shown among Figure 11 or 12), and it is used for the Receipt Validation password; The 7th judgment means (not shown among Figure 11 or 12), it is used to judge whether described authentication password is complementary with the preset user authentication password; And the 9th determine device (not shown among Figure 11 or 12), and it is used for when described authentication password and preset user authentication password are complementary definite checking that described processing instruction is carried out and passes through.

By the present invention, determine user account information and use the process of user account must obtain the user terminal mandate that this kind processing mode has strengthened definite user account information greatly and/or used the security of user account.Preferably, the user account that the present invention determines does not need common needed medium, reduced medium and lost damnous risk to the user, in case and user terminal be changed, then also can not finish above-mentioned mandate by the terminal after changing.

More than specific embodiments of the invention are described.It will be appreciated that the present invention is not limited to above-mentioned specific implementations, those skilled in the art can make various distortion or modification within the scope of the claims, and this does not influence flesh and blood of the present invention.

Claims (51)

1. determine wherein, to comprise the steps: the control method of user account information by user terminal for one kind

B. determine the user account indication information according to user profile;

C. described indication information is sent to described user terminal, so that described user terminal can be determined the information of described user account.

2. method according to claim 1, wherein, described indication information is an identification information that is associated with described user account, wherein, described step b comprises the steps:

B1. determine described identification information according to user profile;

Wherein, described method also comprises step:

The incidence relation of described identification information of-setting and described user account.

3. method according to claim 1, wherein, described indication information is a described user account itself, wherein, described step b comprises the steps:

B1 '. create described user account according to described user profile.

4. according to each described method in the claim 1 to 3, wherein, also comprise the steps:

A. obtain described user profile.

5. method according to claim 4, wherein, described step a comprises the steps:

A1. receive the solicited message of determining user account information from the request of user terminal;

A2. obtain user profile according to described request information.

6. according to each described method in the claim 1 to 5, wherein, described step c comprises the steps:

C1. described indication information is loaded in the carrier, wherein said carrier can be received by described user terminal;

The carrier that c2. will comprise described indication information is sent to described user terminal.

7. according to claim 5 or 6 described methods, wherein, described step a2 comprises the steps:

A21. described request information is verified;

A22. judge whether above-mentioned checking is passed through;

A23. if above-mentioned checking is passed through, then obtain described user's user profile according to described request information.

8. method according to claim 7, wherein, any during described step a21 comprises the steps at least or appoint a plurality of:

-according to described request information the user terminal legitimacy is verified; And

-according to described request information applicant's identity legitimacy is verified.

9. method according to claim 8, wherein, described request information comprises the identifying information of the described user terminal that the user imports, the described step that the user terminal legitimacy is verified comprises the steps:

-obtain the authorization information relevant with described user terminal, described authorization information comprises the identifying information of described user terminal;

-judge whether the user terminal identifying information that described authorization information comprises is consistent with the user terminal identifying information of described user's input;

The user terminal identifying information that the described authorization information of-Ruo comprises is consistent with the user terminal identifying information of described user's input, and then described user terminal legitimate verification passes through.

10. method according to claim 9, wherein, the described step of obtaining the authorization information relevant with described user terminal comprises the steps:

-the user terminal that identified to the user terminal identifying information of described user input sends the checking solicited message;

-receive authorization information at described checking solicited message from described user terminal, wherein, described authorization information is generated and sent automatically by described user terminal.

11. each described method in 10 according to Claim 8, wherein, the described step of applicant's identity legitimacy being verified according to described request information comprises the steps:

-obtain described applicant's identity information according to described request information;

-described identity information is sent to the third party system, and ask described third party system that described identity information is verified;

-receive checking feedback information from described third party system, and determine that according to described checking feedback information whether described request information is by the checking of applicant's identity legitimacy.

12. determine to it is characterized in that the control system of user account information by user terminal for one kind, comprising:

First determines device, is used for determining the user account indication information according to user profile; And

First dispensing device is used for described indication information is sent to described user terminal, so that described user terminal can be determined the information of described user account.

13. control system according to claim 12, wherein, described indication information is an identification information that is associated with described user account, and wherein, described first determines that device comprises:

Second determines device, is used for determining described identification information according to user profile;

Wherein, described control system also comprises: first treating apparatus is used to set the incidence relation of described identification information and described user account.

14. control system according to claim 12, wherein, described indication information is a described user account itself, and wherein, described first determines that device comprises:

The 3rd determines device, is used for creating described user account according to described user profile.

15., wherein, also comprise according to each described control system in the claim 12 to 14:

First deriving means is used to obtain described user profile.

16. control system according to claim 15, wherein, described first deriving means comprises:

First receiving device is used to receive the solicited message of determining user account information from the request of user terminal; And

Second deriving means is used for obtaining user profile according to described request information.

17. according to each described control system in the claim 12 to 16, wherein, described first dispensing device comprises:

Merge device, be used for described indication information is loaded on a carrier, wherein said carrier can be received by described user terminal; And

Second dispensing device is used for the described carrier that comprises described indication information is sent to described user terminal.

18. according to claim 16 or 17 described control system, wherein, described second deriving means comprises:

First demo plant is used for described request information is verified;

First judgment means is used to judge whether above-mentioned checking is passed through; And

The 3rd deriving means, be used for when above-mentioned checking by the time obtain described user's user profile according to described request information.

19. control system according to claim 18, wherein, described first demo plant comprise at least as in the lower device any or appoint a plurality of:

Second demo plant is used for according to described request information the user terminal legitimacy being verified; And

The 3rd demo plant is used for according to described request information applicant's identity legitimacy being verified.

20. control system according to claim 19, wherein, described request information comprises the identifying information of the described user terminal that the user imports, and described second demo plant comprises:

The 4th deriving means is used to obtain the authorization information relevant with described user terminal, and described authorization information comprises the identifying information of described user terminal;

Second judgment means is used to judge whether the user terminal identifying information that described authorization information comprises is consistent with the user terminal identifying information of described user's input; And

The 4th determines device, is used for user terminal identifying information that the user terminal identifying information that comprises when described authorization information and described user import and determines that described user terminal legitimate verification passes through when consistent.

21. control system according to claim 20, wherein, described the 4th deriving means comprises:

The 3rd dispensing device, the user terminal that is used for being identified to the user terminal identifying information that described user imports sends the checking solicited message; And

Second receiving trap is used to receive the authorization information at described checking solicited message from described user terminal, and wherein, described authorization information is generated and sent automatically by described user terminal.

22. according to each described control system in the claim 19 to 21, wherein, described the 3rd demo plant comprises:

The 5th deriving means is used for obtaining according to described request information described applicant's identity information;

The 4th dispensing device is used for described identity information is sent to the third party system, and asks described third party system that described identity information is verified; And

The 3rd receiving trap is used to receive the checking feedback information from described third party system, and determines that according to described checking feedback information whether described request information is by the checking of applicant's identity legitimacy.

23., wherein, also comprise according to each described control system in the claim 12 to 22:

The 4th receiving trap is used to receive the affirmation information from user terminal; And

Second treating apparatus is used for opening described user account according to described confirmation.

24. according to claim 2 or 3 described methods and/or claim 13 or 14 described control system, wherein, described user profile also comprises the identification information of described user terminal at least.

25. according to each described control system in each described method and/or the claim 18 to 24 in the claim 7 to 11, wherein, described authorization information is via third party's system forwards, and described third party system provides the identification information of described user terminal at least.

26. method according to claim 25 or control system, wherein, described checking solicited message and/or authorization information are sent out in the mode of short message and/or multimedia short message.

27. according to each described control system in each described method and/or 15 to 26 in the claim 4 to 11, wherein, described carrier comprises any in the following content:

-two-dimension code;

-three-dimensional sign indicating number;

-bar code;

-picture; Perhaps

-character.

28. according to each described control system in each described method and/or the claim 14 to 27 in the claim 3 to 11, wherein, described request information comprises any in the following content at least or appoints a plurality of:

The type of-the user account of applying for;

The credit line of-the user account of applying for; And

-authentication password.

29. root is according to each described control system in each described method and/or the claim 14 to 28 in the claim 3 to 11, wherein, described request information also comprises any in the following content at least or appoints a plurality of:

-address name; And

-user identification information may.

30. the auxiliary control method by the user terminal processes user account wherein, comprises the steps:

I. receive processing instruction at described user account;

Ii. described processing instruction is handled;

It is characterized in that described processing instruction comprises the indication information of described user account, and described indication information is associated with a user terminal at least.

31. method according to claim 30, wherein said step I i comprises the steps:

Ii1. described processing instruction is verified;

Ii2. judge whether the checking that described processing instruction is carried out is passed through;

Ii3. if the checking that described processing instruction carries out is passed through, then carry out described processing instruction.

32. method according to claim 31, wherein, described step I i1 comprises the steps:

A. judge described processing instruction whether by with this processing instruction in the pairing user terminal of indication information that comprises authorize;

B. if described processing instruction by with this processing instruction in the pairing user terminal of indication information that comprises authorize, then determine the checking that described processing instruction carries out is passed through.

33. according to each described method in the claim 30 to 32, wherein, described step I comprises the steps:

-reception is from the processing instruction at described user account of user terminal.

34. method according to claim 33, wherein, described steps A comprises the steps:

-judge whether the indication information that comprises in the described processing instruction is complementary with the user terminal that sends this processing instruction;

Wherein, described step B comprises the steps:

The indication information that the described processing instruction of-Ruo comprises is complementary with the user terminal that sends this processing instruction, then determines the checking that described processing instruction carries out is passed through.

35. method according to claim 32, wherein, described processing instruction is from the carrier beyond the user terminal, and wherein, described steps A comprises the steps:

-obtain the identification information of the user terminal that is associated with the indication information that comprises in this processing instruction according to described processing instruction;

-send the checking solicited message to the user terminal that identification information identified of described user terminal, whether this checking solicited message is used to ask described processing instruction by described user terminal mandate;

-reception is from the authorization information of described user terminal;

-judge whether described authorization information comprises definite results;

Wherein, described step B comprises the steps:

The described authorization information of-Ruo comprises definite results, then determines the checking that described processing instruction carries out is passed through.

36. according to each described method in the claim 31 to 35, wherein, described step I i1 also comprises the steps:

-digital certificates that comprise in the described processing instruction are verified;

-judge that whether described digital certificates are by checking;

The described digital certificates of-Ruo are then determined the checking that described processing payment instruction is carried out is passed through by checking.

37. according to each described method in the claim 31 to 36, wherein, described step I i1 also comprises the steps:

-Receipt Validation password;

-judge whether described authentication password is complementary with the preset user authentication password;

Described authentication password of-Ruo and preset user authentication password are complementary, and then determine the checking that described processing instruction carries out is passed through.

38. the supplementary controlled system by user terminal use user account wherein, comprising:

The 5th receiving trap is used to receive processing instruction; And

The 3rd treating apparatus is used for described processing instruction is handled;

It is characterized in that described payment instruction comprises the indication information of described user account, and described indication information is associated with a user terminal at least.

39. according to the described supplementary controlled system of claim 38, wherein said the 3rd treating apparatus comprises:

The 4th demo plant is used for described processing instruction is verified;

The 3rd judgment means is used to judge whether the checking that described processing instruction is carried out is passed through; And

Manages device everywhere, be used for the checking carried out when described processing instruction by the time carry out described processing instruction.

40. according to the described supplementary controlled system of claim 39, wherein, described the 4th demo plant comprises:

The 4th judgment means is used for judging that whether described processing instruction authorized by the pairing user terminal of indication information that comprises with this processing instruction; And

The 5th determines device, is used for when described processing instruction is authorized by the pairing user terminal of indication information that comprises with this processing instruction definite checking that described processing instruction is carried out and passes through.

41. according to each described supplementary controlled system in the claim 38 to 40, wherein, described the 5th receiving trap comprises:

The 6th receiving trap is used to receive the processing instruction at described user account from user terminal.

42. according to the described supplementary controlled system of claim 41, wherein, described the 4th judgment means comprises:

The 5th judgment means is used for judging whether the indication information that described processing instruction comprises is complementary with the user terminal that sends this processing instruction;

Wherein, the described the 5th determines that device comprises:

The 6th determines device, determines the checking that described processing instruction carries out is passed through when the indication information that is used for comprising when described processing instruction is complementary with the user terminal that sends this processing instruction.

43. according to the described supplementary controlled system of claim 41, wherein, described processing instruction is from the carrier beyond the user terminal, wherein, described the 4th judgment means comprises the steps:

The 6th deriving means is used for the identification information of the user terminal that is associated according to the indication information that described processing instruction obtains with this processing instruction comprises;

The 5th dispensing device is used for sending the checking solicited message to the user terminal that identification information identified of described user terminal, and whether this checking solicited message is used to ask described processing instruction by described user terminal mandate;

The 7th receiving trap is used to receive the authorization information from described user terminal; And

The 6th judgment means is used to judge whether described authorization information comprises definite results;

Wherein, the described the 5th determines that device comprises:

The 7th determines device, is used for determining the checking that described processing instruction carries out is passed through when described authorization information comprises definite results.

44. according to each described supplementary controlled system in the claim 40 to 43, wherein, described the 4th judgment means also comprises:

The 5th demo plant is used for the digital certificates that described processing instruction comprises are verified;

The 7th judgment means is used to judge that whether described digital certificates are by checking; And

The 8th determines device, be used for when described digital certificates during by checking definite checking that described processing payment instruction is carried out pass through.

45. according to each described supplementary controlled system in the claim 40 to 44, wherein, described the 4th judgment means also comprises:

The 8th receiving trap is used for the Receipt Validation password;

The 7th judgment means is used to judge whether described authentication password is complementary with the preset user authentication password; And

The 9th determines device, is used for when described authentication password and preset user authentication password are complementary definite checking that described processing instruction is carried out and passes through.

46. according to each described supplementary controlled system in each described auxiliary control method and/or the claim 38 to 45 in the claim 30 to 37, wherein, described user account comprises bank account, and wherein, described processing instruction is used for indicating any that pay following expense at least:

-public-works spending;

-supplement expense with money; Perhaps

Pair valency that-shopping online need be paid.

47. require described claim according to aforesaid right, wherein, described user account also comprises any among the following account:

-account of stored value;

-member account; And

-social security account.

48. one kind is used for auxiliary determine user account information and/or user account being carried out the control device of auxiliary process in user terminal, it is characterized in that, comprising:

The 9th receiving trap is used to receive the checking solicited message that is used to verify user terminal;

The 5th treating apparatus is used to handle described checking solicited message, and generation and the corresponding authorization information of described checking solicited message, and wherein, this authorization information comprises the identification information of described user terminal;

The 6th dispensing device is used to send described authorization information.

49. according to the described control device of claim 48, wherein, described authorization information comprises short message or multimedia short message, wherein, described the 5th treating apparatus comprises:

The 6th treating apparatus is used to generate a short message or multimedia short message.

50. according to claim 48 or 49 described control device, wherein, also comprise as in the lower device any or appoint a plurality of:

The 7th dispensing device is used for sending the solicited message that user account information is determined in request to described control system;

The 8th dispensing device is used to send processing instruction; And

The 9th dispensing device is used to send the instruction that a user account is opened in affirmation.

51. require described claim according to aforesaid right, wherein, described user terminal comprises at least as in the lower device any:

-mobile phone;

-PDA；

-notebook;

-desk-top computer;

-set-top box;

-every household e equipment; Perhaps

-blackberry, blueberry.

Images