[go: up one dir, main page]

CN102480706B - Short message authentication method - Google Patents

Short message authentication method Download PDF

Info

Publication number
CN102480706B
CN102480706B CN201010566832.1A CN201010566832A CN102480706B CN 102480706 B CN102480706 B CN 102480706B CN 201010566832 A CN201010566832 A CN 201010566832A CN 102480706 B CN102480706 B CN 102480706B
Authority
CN
China
Prior art keywords
authentication
user
code
authentication code
service provider
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201010566832.1A
Other languages
Chinese (zh)
Other versions
CN102480706A (en
Inventor
黄渠发
江瑞民
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chunghwa Telecom Co Ltd
Original Assignee
Chunghwa Telecom Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chunghwa Telecom Co Ltd filed Critical Chunghwa Telecom Co Ltd
Priority to CN201010566832.1A priority Critical patent/CN102480706B/en
Publication of CN102480706A publication Critical patent/CN102480706A/en
Application granted granted Critical
Publication of CN102480706B publication Critical patent/CN102480706B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Computer And Data Communications (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A short message authentication method is to disassemble the authentication information into different kinds of authentication codes and/or recheck codes, and to transmit the authentication codes and/or recheck codes to the authentication demand end and the user in different forms, and then to provide the authentication code inputted by the user and the previously received authentication code from the authentication service provider end to the authentication service provider end for authentication through the authentication demand end, and further to provide the user to actively judge whether the authentication flow is correct according to the recheck codes. Therefore, the problem that whether the user is the real user or not can not be ensured because the authentication short message is recorded in the transmission process, or the authentication information in the authentication short message is stolen by others, or the door number sent to a telecommunication company by the user is stolen or forged can be effectively solved.

Description

Short message authentication method
Technical field
The present invention relates to a kind of information authentication method, specifically, relate to a kind of method utilizing note to carry out authentification of message.
Background technology
Along with the universalness of internet and network information apparatus, the service kenel that can be provided by network is more and more variation also, and user by as personal computer, notebook, smart mobile phone, can obtain diversified information service by network.For example, user can utilize computer by web download software, directly auction at online play multimedia file, online or do shopping, carry out transferring accounts in the Internet bank or Stock Trading etc.
Obtained by network and utilize diversified service no doubt convenient and efficient, but easily allow the relevant information of user be exposed to illegally to be intercepted, copy, destroy, distort and even usurp, user also worries that the network information apparatus such as used computer can be subject to the attack of virus or other rogue program.Relative to user, in fact, even if be the supplier of network service, as the dealer such as ISP, ICP, entry network site, online transaction website, can worry that website is subjected to aforesaid rogue attacks equally, and then cause the infringement that cannot expect.
For avoiding the generation of aforementioned infringement as far as possible, most Internet Service Providers user for use or download it and provide service time, can require that user carries out authentication procedure, wherein again using chartered account and password the most general as identification authentication data.
But, be easy to stolen due to account and password or crack, therefore have dealer to propose the ID authentication mechanism of assisting, or even replaced by the authentication mode of existing account number cipher, these identification authentication mode comprise dynamic password, short message certification, electronic mail reply certification etc.
Refer to Fig. 1, it is the existing flow chart utilizing the method for short message certification.As shown in the figure, in step S101, the network service that user logins needs short message certification to serve provides website.In step s 102, network service provides website to send short message certification demand to short message certification service system.In step s 103, note containing authentication information is sent by short message certification service system by telecommunications company.In step S104, after user receives this note, the authentication information in this note is inputed to network service and provides website, this authentication information can be made up of single or multiple word and/or symbol.In step S105, network service provides website that the received authentication information inputted by this user is sent to this short message certification service system, thus judges that whether the authentication information that network service provides website to send is correct by short message certification service system.In step s 106, short message certification service system, by by certification or do not provide website by the information back of certification to network service, provides website to determine the network service whether user has the right to use it to provide according to this for network service.The shortcoming of this kind of prior art is to be logged in transmitting procedure when described certification note, is namely likely usurped authentication information wherein by other people.
Refer to Fig. 2, it is another existing flow chart utilizing the method for short message certification.As shown in the figure, in step s 201, user logins the network service needing short message certification to serve and provides website.In step S202, network service provides website to send short message certification demand to short message certification service system.In step S203, short message certification service system provides website to provide authentication information to network service, described authentication information can pass through application program system interface (Application Program Interface, API) mode is supplied to network service to provide website.In step S204, provide website that this authentication information is supplied to user by network service.In step S205, the note with authentication information is sent to telecommunications company by user, and described telecommunications company can set an appointment door number, transmits authentication information note for user.In step S206, received certification note is sent to short message certification service system by telecommunications company.In step S207, short message certification service system judges whether certification note that telecommunications company transmits meets previously passed network service and provide website to send to the authentication information of user, and sends judged result to network service and provide website.In step S208, the judged result that network service provides website to transmit according to short message certification service system, judges the network service whether user has the right to use it to provide.If the shortcoming of this kind of prior art be user be sent to the door of telecommunications company number stolen or forge time, namely cannot guarantee whether user is real user.
Because these prior aries described above all exist the problem that cannot overcome, how a kind of short message certification technology that can overcome these problems described is provided, therefore seems very important.
Summary of the invention
For solving the shortcoming of aforementioned prior art, the invention provides a kind of short message authentication method, be applied in the framework at least comprising certification demand end, authentication service providing end, communication common carrier and information processor, this short message authentication method comprises following steps: when certification demand termination receives the service request that user sent by this information processor, user's data and authentication request are sent to this authentication service providing end by this certification demand end; When this authentication service providing end receives the certification demand that this certification demand end sends, certification note is calculated according to described user's data, and this certification note is disassembled at least two authentication codes, wherein these at least two authentication codes comprise at least one network service authentication code, at least one user's authentication code; This authentication service providing end sends this network service authentication code to this certification demand end respectively; Send this user's authentication code to this communication service end; This communication service end sends this user's authentication code to this information processor; User's authentication code that this communication service end transmits is supplied to this certification demand end by this information processor by user; This user's authentication code that this information processor provides by this certification demand end and this network service authentication code provided by this authentication service providing end send this authentication service providing end to; Compare according to this user's authentication code received and this network service authentication code in this authentication service providing end, with this user's data match be confirmed whether with previously disassembled into this user's authentication code and this network service authentication code according to this, thus judge that whether user is by certification according to this, and authentication result is sent to this certification demand end; And the authentication result that this certification demand end provides according to this authentication service providing end, judge whether user has the authority using service by certification.
The present invention also provides a kind of short message authentication method, comprise following steps: when certification demand termination receives the service request that user sent by this information processor, user's data and authentication request are sent to this authentication service providing end by this certification demand end; When this authentication service providing end receives the certification demand that this certification demand end sends, certification note is calculated according to described user's data, and this certification note is disassembled at least two authentication codes and at least one user checks code, wherein these at least two authentication codes comprise at least one network service authentication code, at least one user's authentication code; This authentication service providing end sends this network service authentication code to this certification demand end respectively; This user's authentication code and this user are checked code and sends this communication service end to; This user's authentication code and this user are checked code and are sent this information processor to by this communication service end; User's authentication code that this communication service end transmits is supplied to this certification demand end by this information processor by user; This user's authentication code that this information processor provides by this certification demand end and this network service authentication code provided by this authentication service providing end send this authentication service providing end to; Compare according to this user's authentication code received and this network service authentication code in this authentication service providing end, with this user's data match be confirmed whether with previously disassembled into this user's authentication code and this network service authentication code according to this, thus judge user according to this whether by certification, and authentication result and this user are checked code and send this certification demand end to; And this certification demand termination receives after this authentication result that this authentication service providing end provides and this user check code, received this user transmitted by this authentication service providing end is checked code, be supplied to user by this information processor, thus check code for this user that this user being received from this communication service end is checked code and this certification demand end and provides by user and compare.
Compared to prior art, short message authentication method of the present invention is by disassembling into different types of authentication code and/or checking code by authentication information, and by different forms by authentication code and/or check code and send certification demand end and user to, authentication code user inputted by certification demand end again and previous institute's authentication code received from authentication service providing end are supplied to the certification of authentication service providing end, and user's active foundation can be provided further to check code judge that whether identifying procedure is correct.Therefore effectively can solve existing authentication techniques certification note to be logged in transmitting procedure, or usurped authentication information wherein by other people, or user to be sent to the door of telecommunications company number stolen or forge, and cannot guarantee that whether user is the problem of real user.
Accompanying drawing explanation
Fig. 1 is the existing flow chart utilizing the method for short message certification;
Fig. 2 is another existing flow chart utilizing the method for short message certification;
Fig. 3 is the flow chart of the first execution mode of short message authentication method of the present invention; And
Fig. 4 is the flow chart of the second execution mode of short message authentication method of the present invention.
[primary clustering symbol description]
S101 ~ S106 step S201 ~ S208 step
S301 ~ S308 step S401 ~ S408 step.
Embodiment
Below by way of specific embodiment, embodiments of the present invention are described, those skilled in the art can understand other advantage of the present invention and effect easily by content disclosed in the present specification.The present invention is also implemented by other different embodiment or is applied.
First execution mode:
Refer to Fig. 3, it is the flow chart of the first execution mode of short message authentication method of the present invention.Short message authentication method of the present invention is applied in the framework at least comprising certification demand end, authentication service providing end, communication common carrier and information processor.Described certification demand end, authentication service providing end, communication service end and/or information processor can be incorporated in single system architecture, as single network system dealer, are even integrated into single server.
Information processor can be that mobile phone, notebook, personal computer etc. are fixing or portable has the device being carried out transfer of data and process by wired and/or wireless.Certification demand end can for providing the platform of the multimedias such as user's Online Music of information processor and/or film, or provide the platform of software download, game on line, online auction or shopping, Internet banking.Authentication service providing end then can for providing the platform of single or multiple described certification demand end authentication service.Communication service end then in order to provide the transferring service of certification note, as telecommunications company, network carrier the transferring service of certification note that provides.Described certification note transferring service the attribute of corresponding informance processing unit can transmit certification note, as information processing apparatus is set to mobile phone, then the form such as directly to broadcast by note, voice mail, voice and transmit certification note, if information processing apparatus is set to computer or tool mobile Internet phone, then also transmit certification note by forms such as Emails.
As shown in Figure 3, in step S301, when certification demand termination receives the service request that user sent by information processor, user's data and authentication request are sent to authentication service providing end by certification demand end.Described service request can be such as that user is by information processor request login authentication demand end, described user's data then comprise the account that user registers in certification demand end, in addition, also the personal data such as password, identification card number, birthdate, address, phone and/or name can be comprised.In present embodiment, between certification demand end and authentication service providing end, carry out transfer of data by the mode of application program system interface (hereinafter referred to as api interface), but not as limit, other suitable data transfer mode also can use.Then step S302 is proceeded to.
In step s 302, when authentication service providing end receives the certification demand that certification demand end sends, certification note is calculated according to described user's data, and this certification note is disassembled at least two authentication codes, comprising at least one network service authentication code and at least one user's authentication code.Specifically, described network service authentication code sets up authentication request when talking with (session) between the end of certification demand each time and authentication service providing end, the network service authentication code that authentication service providing end is produced as calculated and/or user's authentication code all not identical, use when preventing described user's authentication code from being recorded by improper side or obtaining, do not have the risk of the certification note being deduced original (complete).Described network service authentication code and/or user's authentication code can be processed into much information transmission form by authentication service providing end, the form that the api interface carrying out transfer of data as be suitable between certification demand end transmits, or being suitable for note, the form such as Email and/or voice mail of carrying out transfer of data with communication service end, present embodiment is explained for note form.Moreover user's authentication code also can disassemble into multiple part further, and these parts described transfer to communication service end respectively by different transmission meanss.User's authentication code is supposed to disassemble into three parts, then Part I sends communication service end to by short message mode, Part II sends communication service end to by E-mail mode, and Part III then sends communication service end to by voice mail mode.Then step S303 is proceeded to.
In step S303, authentication service providing end sends network service authentication code to certification demand end respectively; Send described user's authentication code to communication service end.In present embodiment, authentication service providing end sends network service authentication code to certification demand end by described api interface mode, and sends described user's authentication code to communication service end according to aforesaid mode.Certainly, as previously mentioned user's authentication code can also be disassembled into multiple part further, and send respectively this part after disassembling to communication service end with identical or different transmission means, use the risk effectively reducing authentication information and be logged or usurp.Then step S304 is proceeded to.
In step s 304, communication service end sends described user's authentication code to information processor.Described in brought forward, user's authentication code is sent to the form of communication service end by communication service end according to described authentication service providing end, send user's authentication code to information processor, as then sent information processor to by note form for note form, as then sent information processor to by E-mail form for E-mail form.In addition, communication service end can also be different from the form that user's authentication code is sent to communication service end by described authentication service providing end, send user's authentication code to information processor, as authentication service providing end sends user's authentication code to communication service end with note form, then communication service end can send information processor to by the mode of Email and/or voice mail.Identical, check code in user's authentication code and/or this user and be disassembled in the execution mode of multiple part, the user's authentication code through disassembling into multiple part also can be provided and information processor with identical or different transmission means by communication service end.Then step S305 is proceeded to.
In step S305, user is supplied to certification demand end by user's authentication code that communication service end transmits by information processor.Described in brought forward, then proceed to step S306.
In step S306, user's authentication code that described information processor provides by certification demand end and the described network service authentication code provided by authentication service providing end send authentication service providing end to.Then step S307 is proceeded to.
In step S307, compare according to the user's authentication code received and network service authentication code in authentication service providing end, with the user's data match be confirmed whether with previously disassembled into user's authentication code and network service authentication code according to this, thus judge that whether user is by certification according to this, and authentication result is sent to certification demand end.In present embodiment, compare according to the user's authentication code received and network service authentication code in described authentication service providing end, to be confirmed whether and previously to disassemble into outside user's data match of user's authentication code and network service authentication code according to this, can also optionally further according to the user's authentication code preset and/or the effective life of network service authentication code; And/or for reusing (if such as reuse, then will not by certification) whether user's authentication code and/or network service authentication code, as judging user whether by the standard of certification.Then step S308 is proceeded to.
In step S308, the authentication result that certification demand end provides according to authentication service providing end, judges whether user has the authority using service by certification.
Second execution mode:
Refer to Fig. 4, it is the flow chart of short message authentication method second execution mode of the present invention.Must illustrate, application architecture and the environment of present embodiment and foregoing first embodiment are same or similar, non-lay special stress on and the first execution mode difference in present embodiment, namely represent same or similar with the step content of the first execution mode.
As shown in the figure, in step S401, when certification demand termination receives the service request that user sent by information processor, user's data and authentication request are sent to authentication service providing end by certification demand end.Then step S402 is proceeded to.
In step S402, when authentication service providing end receives the certification demand that certification demand end sends, certification note is calculated according to described user's data, and this certification note is disassembled at least two authentication codes and at least one user checks code, wherein these at least two authentication codes comprise at least one network service authentication code, at least one user's authentication code.Specifically person, described network service authentication code sets up authentication request when talking with between the end of certification demand each time and authentication service providing end, and it is all not identical that the network service authentication code that authentication service providing end is produced as calculated, user's authentication code and/or user check code.Described network service authentication code, user's authentication code and/or user check code can be processed into much information transmission form by authentication service providing end, the form that the api interface carrying out transfer of data as be suitable between certification demand end transmits, or being suitable for note, the form such as Email and/or voice mail of carrying out transfer of data with communication service end, present embodiment is explained for note form.Moreover user's authentication code and/or user check code also as aforesaid first execution mode, can disassemble into multiple part further, and these parts described transfer to communication service end respectively by different transmission meanss.Then step S403 is proceeded to.
In step S403, authentication service providing end sends network service authentication code to certification demand end respectively; Described user's authentication code and user are checked code and sends communication service end to.In present embodiment, authentication service providing end sends network service authentication code to certification demand end by described api interface mode, and according to aforesaid mode, described user's authentication code and user is checked code and send communication service end to.Certainly, foregoing user's authentication code and/or user can also be checked code, disassemble into multiple part further, and the user's authentication code after disassembling and/or user are checked respectively this part of code, send communication service end to identical or different transmission means, use the risk effectively reducing authentication information and be logged or usurp.Then step S404 is proceeded to.
In step s 404, described user's authentication code and user are checked code and are sent information processor to by communication service end.In present embodiment, this user's authentication code and/or this user can be checked the form that code sends this communication service end to according to being same or different from this authentication service providing end by this communication service end, transmit this user's authentication code and/or this user and check code to this information processor.Identical, check code in user's authentication code and/or this user and be disassembled in the execution mode of multiple part, the user's authentication code through disassembling into multiple part also can be provided and information processor with identical or different transmission means by communication service end.Then step S405 is proceeded to.
In step S405, user is supplied to certification demand end by user's authentication code that communication service end transmits by information processor.Then step S406 is proceeded to.
In step S406, user's authentication code that described information processor provides by certification demand end and the described network service authentication code provided by authentication service providing end send authentication service providing end to.Then step S407 is proceeded to.
In step S 407, compare according to the user's authentication code received and network service authentication code in authentication service providing end, with the user's data match be confirmed whether with previously disassembled into user's authentication code and network service authentication code according to this, thus judge whether user passes through certification according to this, and authentication result and user are checked code and send certification demand end to, certification demand end is supplied to because user checks code beginning after certification completes, if therefore make a mistake in aforesaid identifying procedure or other unusual condition, namely authentication service providing end can not provide user to check code to certification demand end, therefore can further prevent or reduce the risk that authentication information is logged or usurps.Described user checks code optionally when by certification, just can send certification demand end to authentication result in the lump.In addition, compare according to the user's authentication code received and network service authentication code in described authentication service providing end, to be confirmed whether and previously to disassemble into outside user's data match of user's authentication code and network service authentication code according to this, can also optionally further according to the user's authentication code preset and/or the effective life of network service authentication code; And/or for reusing (if such as reuse, then will not by certification) whether user's authentication code and/or network service authentication code, as judging user whether by the standard of certification.Then step S408 is proceeded to.
In step S408, certification demand termination receives after authentication result that authentication service providing end provides and user check code, the received user transmitted by authentication service providing end is checked code, user is supplied to by information processor, thus check code for the user that the user being received from communication service end is checked code and certification demand end and provides by user and compare, use and judge that whether aforesaid identifying procedure is correct, and the user that whether will complete certification demand end logins program.
By the explanation of aforementioned two kinds of execution modes, known short message authentication method of the present invention is by disassembling into different types of authentication code and/or checking code by authentication information, and by different forms by authentication code and/or check code and send certification demand end and user to, authentication code user inputted by certification demand end again and previous institute's authentication code received from authentication service providing end are supplied to the certification of authentication service providing end, and user's active foundation can be provided further to check code judge that whether identifying procedure is correct.Therefore effectively can solve existing authentication techniques certification note to be logged in transmitting procedure, or usurped authentication information wherein by other people, or user to be sent to the door of telecommunications company number stolen or forge, and cannot guarantee that whether user is the problem of real user.
The respective embodiments described above are illustrative principle of the present invention and effect thereof only, but not for limiting the present invention.Any those skilled in the art all without prejudice under spirit of the present invention and category, can carry out modifying to above-mentioned execution mode and change.Therefore, the scope of the present invention, should listed by claims.

Claims (14)

1.一种短信认证方法,应用于至少包括认证需求端、认证服务提供端、通信公司以及信息处理装置的架构中,其特征在于,该短信认证方法包含以下步骤:1. A short message authentication method, applied to at least the framework comprising an authentication demand end, an authentication service provider, a communication company and an information processing device, characterized in that, the short message authentication method comprises the following steps: 1)当认证需求端接收到使用者通过该信息处理装置所发出的服务请求时,该认证需求端将使用者数据与认证请求传送至该认证服务提供端;1) When the authentication demander receives the service request sent by the user through the information processing device, the authentication demander transmits the user data and the authentication request to the authentication service provider; 2)该认证服务提供端接收到该认证需求端所发出的认证需求时,依据所述的使用者数据计算认证短信,并将该认证短信拆解成至少两个认证码,其中该至少两个认证码包括至少一网络服务认证码、至少一使用者认证码;2) When the authentication service provider receives the authentication request sent by the authentication requester, it calculates the authentication message according to the user data, and disassembles the authentication message into at least two authentication codes, wherein the at least two The authentication code includes at least one network service authentication code and at least one user authentication code; 3)该认证服务提供端分别将该网络服务认证码传送给该认证需求端;将该使用者认证码传送给该通信服务端;3) The authentication service provider transmits the network service authentication code to the authentication demander; transmits the user authentication code to the communication server; 4)该通信服务端将该使用者认证码传送给该信息处理装置;4) The communication server sends the user authentication code to the information processing device; 5)使用者通过该信息处理装置将该通信服务端所传送的使用者认证码提供给该认证需求端;5) The user provides the user authentication code transmitted by the communication service end to the authentication demand end through the information processing device; 6)该认证需求端将该信息处理装置所提供的该使用者认证码以及由该认证服务提供端所提供的该网络服务认证码传送给该认证服务提供端;6) The authentication requester sends the user authentication code provided by the information processing device and the network service authentication code provided by the authentication service provider to the authentication service provider; 7)该认证服务提供端依据所接收的该使用者认证码及该网络服务认证码进行比对,以确认是否与先前据以拆解成该使用者认证码及该网络服务认证码的该使用者数据相匹配,从而据以判断使用者是否通过认证,并将认证结果传送给该认证需求端;以及7) The authentication service provider compares the received user authentication code and the network service authentication code to confirm whether it is the same as the previously disassembled user authentication code and the network service authentication code. match the user data, so as to judge whether the user has passed the authentication, and send the authentication result to the authentication demand side; and 8)该认证需求端依据该认证服务提供端所提供的认证结果,判断使用者是否通过认证而有使用服务的权限。8) The authentication requester judges whether the user has passed the authentication and has the right to use the service according to the authentication result provided by the authentication service provider. 2.根据权利要求1所述的短信认证方法,其特征在于,在步骤2)中,该网络服务认证码在每一次该认证需求端与该认证服务提供端之间建立认证请求对话时,该认证服务提供端经计算所产生的网络服务认证码及/或该使用者认证码均不相同。2. The short message authentication method according to claim 1, characterized in that, in step 2), when the network service authentication code sets up an authentication request dialogue between the authentication demand end and the authentication service provider each time, the The network service authentication code and/or the user authentication code generated by the authentication service provider are different. 3.根据权利要求1所述的短信认证方法,其特征在于,该网络服务认证码及/或该使用者认证码是由该认证服务提供端处理成短信、电子邮件及/或语音信箱的信息传输形式。3. The short message authentication method according to claim 1, wherein the network service authentication code and/or the user authentication code are processed by the authentication service provider into short messages, emails, and/or voicemail messages transmission form. 4.根据权利要求1所述的短信认证方法,其特征在于,在步骤4)中,该通信服务端依据该认证服务提供端将该使用者认证码传送给该通信服务端的形式,传送该使用者认证码给该信息处理装置。4. The short message authentication method according to claim 1, characterized in that, in step 4), the communication service end transmits the user authentication code to the communication service end according to the form of the authentication service provider, and transmits the use The user authentication code is given to the information processing device. 5.根据权利要求1所述的短信认证方法,其特征在于,在步骤4)中,该通信服务端依据不同于该认证服务提供端将该使用者认证码传送给该通信服务端的形式,传送该使用者认证码给该信息处理装置。5. The short message authentication method according to claim 1, characterized in that, in step 4), the communication service end transmits the user authentication code to the communication service end according to a form different from that of the authentication service provider. The user authentication code is given to the information processing device. 6.根据权利要求1所述的短信认证方法,其特征在于,在步骤7)中,该认证服务提供端还能选择性地依据预设的使用者认证码及/或网络服务认证码的有效使用期限;及/或使用者认证码及/或网络服务认证码是否为重复使用,判断使用者是否通过认证。6. The short message authentication method according to claim 1, characterized in that, in step 7), the authentication service provider can also selectively rely on the validity of the preset user authentication code and/or network service authentication code. Expiry date; and/or whether the user authentication code and/or network service authentication code is reused to determine whether the user has passed the authentication. 7.根据权利要求1、4、5或6其中一项所述的短信认证方法,其特征在于,在步骤3)中,该认证服务提供端将该使用者认证码拆解成多个部分,并将拆解后的各该部分以相同或不同的传输方式传送给该通信服务端。7. according to one of claim 1,4,5 or 6 described short message authentication method, it is characterized in that, in step 3) in, this authentication service provider dismantles this user authentication code into a plurality of parts, and transmit the disassembled parts to the communication server in the same or different transmission modes. 8.一种短信认证方法,应用于至少包括认证需求端、认证服务提供端、通信公司以及信息处理装置的架构中,其特征在于,该短信认证方法包含以下步骤:8. A short message authentication method, applied to at least the architecture comprising an authentication demand end, an authentication service provider, a communication company and an information processing device, characterized in that, the short message authentication method comprises the following steps: 1)当认证需求端接收到使用者通过该信息处理装置所发出的服务请求时,该认证需求端将使用者数据与认证请求传送至该认证服务提供端;1) When the authentication demander receives the service request sent by the user through the information processing device, the authentication demander transmits the user data and the authentication request to the authentication service provider; 2)该认证服务提供端接收到该认证需求端所发出的认证需求时,依据所述的使用者数据计算认证短信,并将该认证短信拆解成至少两个认证码及至少一使用者复核码,其中该至少两个认证码包括至少一网络服务认证码、至少一使用者认证码;2) When the authentication service provider receives the authentication request from the authentication requester, it calculates the authentication message based on the user data, and disassembles the authentication message into at least two authentication codes and at least one user review code, wherein the at least two authentication codes include at least one network service authentication code and at least one user authentication code; 3)该认证服务提供端分别将该网络服务认证码传送给该认证需求端;将该使用者认证码及该使用者复核码传送给该通信服务端;3) The authentication service provider sends the network service authentication code to the authentication requester; sends the user authentication code and the user verification code to the communication server; 4)该通信服务端将该使用者认证码及该使用者复核码传送给该信息处理装置;4) The communication server sends the user authentication code and the user recheck code to the information processing device; 5)使用者通过该信息处理装置将该通信服务端所传送的使用者认证码提供给该认证需求端;5) The user provides the user authentication code transmitted by the communication service end to the authentication demand end through the information processing device; 6)该认证需求端将该信息处理装置所提供的该使用者认证码以及由该认证服务提供端所提供的该网络服务认证码传送给该认证服务提供端;6) The authentication requester sends the user authentication code provided by the information processing device and the network service authentication code provided by the authentication service provider to the authentication service provider; 7)该认证服务提供端依据所接收的该使用者认证码及该网络服务认证码进行比对,以确认是否与先前据以拆解成该使用者认证码及该网络服务认证码的该使用者数据相匹配,从而据以判断使用者是否通过认证,并将认证结果及该使用者复核码传送给该认证需求端;以及7) The authentication service provider compares the received user authentication code and the network service authentication code to confirm whether it is the same as the previously disassembled user authentication code and the network service authentication code. match the user data, so as to determine whether the user has passed the authentication, and send the authentication result and the user's recheck code to the authentication demand side; and 8)该认证需求端接收到该认证服务提供端所提供的该认证结果及该使用者复核码后,将所接收到由该认证服务提供端所传送的该使用者复核码,通过该信息处理装置提供给使用者,从而供使用者将接收自该通信服务端的该使用者复核码与该认证需求端所提供的该使用者复核码进行比对。8) After receiving the authentication result and the user recheck code provided by the authentication service provider, the authentication requester processes the received user recheck code sent by the authentication service provider through the information The device is provided to the user, so that the user compares the user recheck code received from the communication server with the user recheck code provided by the authentication requester. 9.根据权利要求8所述的短信认证方法,其特征在于,在步骤2)中,该网络服务认证码在每一次该认证需求端与该认证服务提供端之间建立认证请求对话时,该认证服务提供端经计算所产生的网络服务认证码及/或该使用者认证码均不相同。9. The short message authentication method according to claim 8, wherein, in step 2), the network service authentication code sets up an authentication request dialogue between the authentication demand end and the authentication service provider each time, the The network service authentication code and/or the user authentication code generated by the authentication service provider are different. 10.根据权利要求8所述的短信认证方法,其特征在于,该网络服务认证码、该使用者认证码及/或该使用者复核码是由该认证服务提供端处理成短信、电子邮件及/或语音信箱的信息传输形式。10. The short message authentication method according to claim 8, characterized in that, the network service authentication code, the user authentication code and/or the user recheck code are processed by the authentication service provider into short messages, emails and and/or voicemail as a form of message transmission. 11.根据权利要求8所述的短信认证方法,其特征在于,在步骤4)中,该通信服务端依据该认证服务提供端将该使用者认证码及/或该使用者复核码传送给该通信服务端的形式,传送该使用者认证码及/或该使用者复核码给该信息处理装置。11. The short message authentication method according to claim 8, characterized in that, in step 4), the communication server sends the user authentication code and/or the user verification code to the user according to the authentication service provider. In the form of the communication server, the user authentication code and/or the user verification code are sent to the information processing device. 12.根据权利要求8所述的短信认证方法,其特征在于,在步骤4)中,该通信服务端依据不同于该认证服务提供端将该使用者认证码及/或该使用者复核码传送给该通信服务端的形式,传送该使用者认证码及/或该使用者复核码给该信息处理装置。12. The short message authentication method according to claim 8, characterized in that, in step 4), the communication server transmits the user authentication code and/or the user verification code according to a method different from that of the authentication service provider. In the form of the communication server, sending the user authentication code and/or the user verification code to the information processing device. 13.根据权利要求8所述的短信认证方法,其特征在于,在步骤7)中,该认证服务提供端还能选择性地依据预设的使用者认证码及/或网络服务认证码的有效使用期限;及/或使用者认证码及/或网络服务认证码是否为重复使用,判断使用者是否通过认证。13. The short message authentication method according to claim 8, characterized in that, in step 7), the authentication service provider can also selectively rely on the validity of the preset user authentication code and/or network service authentication code. Expiry date; and/or whether the user authentication code and/or network service authentication code is reused to determine whether the user has passed the authentication. 14.根据权利要求8、11、12或13其中一项所述的短信认证方法,其特征在于,在步骤3)中,该认证服务提供端将该使用者认证码及/或该使用者复核码拆解成多个部分,并将拆解后的各该部分以相同或不同的传输方式传送给该通信服务端。14. The short message authentication method according to claim 8, 11, 12 or 13, wherein in step 3), the authentication service provider checks the user authentication code and/or the user The code is disassembled into multiple parts, and the disassembled parts are transmitted to the communication server in the same or different transmission modes.
CN201010566832.1A 2010-11-26 2010-11-26 Short message authentication method Expired - Fee Related CN102480706B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201010566832.1A CN102480706B (en) 2010-11-26 2010-11-26 Short message authentication method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010566832.1A CN102480706B (en) 2010-11-26 2010-11-26 Short message authentication method

Publications (2)

Publication Number Publication Date
CN102480706A CN102480706A (en) 2012-05-30
CN102480706B true CN102480706B (en) 2015-01-21

Family

ID=46093153

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010566832.1A Expired - Fee Related CN102480706B (en) 2010-11-26 2010-11-26 Short message authentication method

Country Status (1)

Country Link
CN (1) CN102480706B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105072082A (en) * 2015-06-30 2015-11-18 小米科技有限责任公司 Method and device for transmitting verification code
TWI690869B (en) * 2019-03-12 2020-04-11 中華電信股份有限公司 Message-based payment authentication method and authentication server

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1635525A (en) * 2003-12-31 2005-07-06 中国银联股份有限公司 A secure online payment system and a secure online payment authentication method
CN101102324A (en) * 2007-08-17 2008-01-09 北京移数通电讯有限公司 Authentication system and authentication method
TW200908660A (en) * 2007-08-09 2009-02-16 Chunghwa Telecom Co Ltd Assembly and disassembly method for electronic key

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1635525A (en) * 2003-12-31 2005-07-06 中国银联股份有限公司 A secure online payment system and a secure online payment authentication method
TW200908660A (en) * 2007-08-09 2009-02-16 Chunghwa Telecom Co Ltd Assembly and disassembly method for electronic key
CN101102324A (en) * 2007-08-17 2008-01-09 北京移数通电讯有限公司 Authentication system and authentication method

Also Published As

Publication number Publication date
CN102480706A (en) 2012-05-30

Similar Documents

Publication Publication Date Title
US11373181B2 (en) System and method for verifying identity information using a social networking application
CN101331788B (en) Authentication for service server in wireless internet and settlement using the same
EP2213044B1 (en) Method of providing assured transactions using secure transaction appliance and watermark verification
TWI446774B (en) Sms authentication method
CN101620705A (en) Safety certificate method and system for Internet banking
JP2010165231A (en) Server authentication method and client terminal
US11403633B2 (en) Method for sending digital information
JP2015099470A (en) System, method, and server for authentication, and program
JP2009118110A (en) Metadata provision method for authentication system, system, program thereof, and recording medium
WO2023021572A1 (en) Data processing system, data processing method, and data processing device
CN102480706B (en) Short message authentication method
TWI618008B (en) Transaction fee negotiation for currency remittance
CN107491967B (en) Method and system for inputting password through network payment
KR20160109582A (en) User authentication system and user authentication method of Cell phone messaging service and CHATCHA bases
KR20140125299A (en) Method for providing direct debit service through electronic signature authentication based by mobile messaging
US20100005515A1 (en) Systems and methods for associate to associate authentication
KR20220066842A (en) Blockchain-based Smishing Prevention method and apparatus thereof
CN102752265A (en) Security information interaction system and method based on Internet
TW201419820A (en) Network security authentication method using proximity to verify identity
US11089010B2 (en) Method for transmitting digital information
JP6875481B2 (en) Authentication methods, authentication systems, and programs
JP5044784B2 (en) Method and server for authenticating a user
TWI536299B (en) Online system and method of registration and certification
HK1166667A (en) Sms authentication method
TWI436289B (en) One-time password authentication method capable of confirming users' transactions

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1166667

Country of ref document: HK

C14 Grant of patent or utility model
GR01 Patent grant
REG Reference to a national code

Ref country code: HK

Ref legal event code: WD

Ref document number: 1166667

Country of ref document: HK

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20150121

Termination date: 20181126