[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

TWI623897B - Mobile device remote one-time verification payment method - Google Patents

Mobile device remote one-time verification payment method Download PDF

Info

Publication number
TWI623897B
TWI623897B TW106103366A TW106103366A TWI623897B TW I623897 B TWI623897 B TW I623897B TW 106103366 A TW106103366 A TW 106103366A TW 106103366 A TW106103366 A TW 106103366A TW I623897 B TWI623897 B TW I623897B
Authority
TW
Taiwan
Prior art keywords
card
mobile device
payment
information
verification
Prior art date
Application number
TW106103366A
Other languages
Chinese (zh)
Other versions
TW201828182A (en
Inventor
Tong-Yong Pan
yu-chen He
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed filed Critical
Priority to TW106103366A priority Critical patent/TWI623897B/en
Application granted granted Critical
Publication of TWI623897B publication Critical patent/TWI623897B/en
Publication of TW201828182A publication Critical patent/TW201828182A/en

Links

Landscapes

  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

本發明提供一種行動裝置遠端一次性驗證之支付方法,一使用者利用一客戶端裝置瀏覽一網路商店,並於網路商店之一結帳網頁中選擇一行動支付選項,網路商店之一收單機構將一訂單資訊傳送給一仲介機構,仲介機構再將訂單資訊傳送給使用者之一行動裝置;行動裝置接收訂單資訊後,驅動行動裝置中的一支付應用程式自動開啟,並呈現一智慧卡列表,從中點選欲用來支付的一智慧卡,並將智慧卡之卡片資訊傳送給仲介機構;仲介機構在卡片資訊中增加一驗證碼後回傳給收單機構,收單機構再將卡片資訊及訂單資訊傳送給一發卡銀行;發卡銀行將卡片資訊傳送給仲介機構進行驗證碼的驗證,仲介機構再將卡片資訊傳送回發卡銀行;以及發卡銀行依據卡片資訊及訂單資訊判斷是否授權該筆付款交易請求。The invention provides a mobile device remote one-time verification payment method, in which a user browses an online store by using a client device, and selects a mobile payment option in one of the online store checkout web pages, the online store An acquiring institution transmits an order information to an intermediary agency, and the intermediary agency transmits the order information to one of the user's mobile devices; after the mobile device receives the order information, a payment application in the mobile device is automatically turned on and presented. A smart card list, from which a smart card to be used for payment is selected, and the card information of the smart card is transmitted to the intermediary institution; the intermediary agency adds a verification code to the card information and returns it to the acquiring institution, the acquiring institution The card information and order information are transmitted to a card issuing bank; the card issuing bank transmits the card information to the intermediary agency for verification of the verification code, and the intermediary agency transmits the card information back to the issuing bank; and the issuing bank determines whether the card information and the order information are based on the card information and the order information. Authorize the payment transaction request.

Description

行動裝置遠端一次性驗證之支付方法Mobile device remote one-time verification payment method

本發明係有關一種金融交易管理技術,特別是指一種行動裝置遠端一次性驗證之支付方法。The invention relates to a financial transaction management technology, in particular to a payment method for remote one-time verification of a mobile device.

按,電腦及網路技術發展迅速,普及率提升,將實體虛擬化可減少資源浪費,更增加便利性,諸如電子帳單、電子郵件廣告、網路商店等,不但可減少紙張的消耗,還可省下店租的成本,人們也可以不用出門在家購物,或是線上繳款等,相當便利,而隨著加密演算法演進,在網路交易安全性足夠的前提下,進一步將網路交易擴大到金融交易。According to the rapid development of computer and network technology, the penetration rate will increase, and the virtualization of entities can reduce waste of resources and increase convenience. For example, electronic bills, email advertisements, online stores, etc., can not only reduce paper consumption, but also reduce paper consumption. It can save the cost of shop rent, people can also go shopping at home, or pay online, which is quite convenient, and with the evolution of encryption algorithm, under the premise of sufficient security of online transactions, further online transactions Expanded to financial transactions.

目前網路購物的付款方式包括ATM轉帳、超商付款、貨到付款、信用卡等選項,若選擇信用卡付款,則如第1圖所示,使用者在電腦10上瀏覽網路商店12並結帳後,選擇信用卡付款,接著網路商店12會跳到結帳頁面,使用者輸入信用卡資訊(包括信用卡卡號、效期及背面的三碼檢核碼)及持卡人資料(包括持卡人姓名、地址),之後此訂單資訊會經由收單機構14直接傳送給發卡銀行16,在此過程中,僅能確保訂單資訊的封包不會被攔截,但發卡銀行16不會知道使用該信用卡的是否為持卡人本人,因此若使用者不小心將電腦設定為儲存密碼,或是被他人看到檢核碼,則任何人都可能使用該信用卡在網路商店購物。Currently, online shopping payment methods include ATM transfer, super-payment, cash on delivery, credit card and other options. If you choose credit card payment, as shown in Figure 1, the user browses the online store 12 on the computer 10 and checks out the account. After that, select the credit card payment, then the online store 12 will jump to the checkout page, the user enters the credit card information (including the credit card number, the validity period and the back of the three-code check code) and the cardholder information (including the cardholder's name) , address), then the order information will be directly transmitted to the issuing bank 16 via the acquiring institution 14, in the process, only the package information of the order information will not be intercepted, but the issuing bank 16 will not know whether the credit card is used. It is the card holder, so if the user accidentally sets the computer to store the password or is seen by others, anyone can use the credit card to shop at the online store.

因此,本發明即提出一種行動裝置遠端一次性驗證之支付方法,有效解決上述該等問題,具體架構及其實施方式將詳述於下:Therefore, the present invention proposes a payment method for remote verification of a mobile device at one time, which effectively solves the above problems, and the specific architecture and implementation manner thereof will be described in detail below:

本發明之主要目的在提供一種行動裝置遠端一次性驗證之支付方法,其係針對以行動裝置中之智慧卡進行網路購物付款,當收單機構接收到網路商店傳送來的結帳訊息時並不包含卡片資訊亦不會立刻轉送到發卡銀行請款,而是先傳送到一仲介機構,由仲介機構向行動裝置要求卡片資訊,在卡片資訊中增加驗證碼後再回傳給收單機構,收單機構再傳送至發卡銀行請款,以確認刷卡者為持卡者本人。The main object of the present invention is to provide a mobile device remote payment verification method for a mobile device, which is for a smart card in a mobile device, and receives an account payment message sent by an online store. When the card information is not included, it will not be immediately transferred to the issuing bank for payment. Instead, it will be sent to an intermediary agency. The intermediary agency will request the card information from the mobile device, add the verification code to the card information and then return it to the receipt. The institution, the acquiring institution, then sends the card to the issuing bank to confirm that the cardholder is the cardholder.

本發明之另一目的在提供一種行動裝置遠端一次性驗證之支付方法,其中行動裝置送出的卡號資訊為智慧卡的虛擬卡號,因此當發卡銀行從收單機構處取得卡片資訊後,還需傳送給仲介機構驗證並轉換成實體卡號,再憑此資訊判斷授權付款交易請求,如此即使資訊傳送過程中被盜取、破解,盜取者仍無法得知智慧卡的實體卡號為何,大幅提高網路交易的安全性。Another object of the present invention is to provide a method for payment of a one-time remote verification of a mobile device, wherein the card number information sent by the mobile device is a virtual card number of the smart card, so when the card issuing bank obtains the card information from the acquiring institution, It is transmitted to the agency for verification and converted into a physical card number, and then the information is used to determine the authorization payment transaction request. Therefore, even if the information is transmitted and decrypted, the pirate cannot know the physical card number of the smart card, and the network is greatly improved. Road transaction security.

為達上述目的,本發明提供一種行動裝置遠端一次性驗證之支付方法,包括下列步驟:一使用者利用一客戶端裝置瀏覽一網路商店,並於網路商店之一結帳網頁中選擇一行動支付選項;網路商店之一收單機構將一訂單資訊傳送給一仲介機構,仲介機構再將訂單資訊傳送給使用者之行動裝置;行動裝置接收訂單資訊後,驅動行動裝置中的一支付應用程式自動開啟,並呈現一智慧卡列表,從智慧卡列表中點選欲用來支付的一智慧卡,將智慧卡之一卡片資訊傳送給仲介機構;仲介機構在卡片資訊中增加一驗證碼,傳送給收單機構,收單機構再將卡片資訊及訂單資訊傳送給一發卡銀行;發卡銀行將卡片資訊傳送給仲介機構,仲介機構校驗驗證碼後傳送回發卡銀行;以及發卡銀行依據卡片資訊及訂單資訊判斷是否授權付款給該網路商店。To achieve the above objective, the present invention provides a mobile device remote one-time verification payment method, including the following steps: a user browses an online store by using a client device, and selects one of the online store checkout pages. An action payment option; one of the online store acquires an order information to an intermediary agency, and the intermediary device transmits the order information to the user's mobile device; the mobile device receives the order information and drives one of the mobile devices The payment application is automatically opened, and a smart card list is presented, and a smart card to be paid is selected from the smart card list, and one card information of the smart card is transmitted to the intermediary institution; the intermediary institution adds a verification to the card information. The code is transmitted to the acquiring institution, and the acquiring institution transmits the card information and the order information to a card issuing bank; the issuing bank transmits the card information to the intermediary institution, and the intermediary institution verifies the verification code and transmits it back to the issuing bank; and the issuing bank basis The card information and order information determine whether the payment is authorized to the online store.

其中,行動裝置所提供之該卡片資訊包括一虛擬卡號及效期。The card information provided by the mobile device includes a virtual card number and an expiration date.

承上,當發卡銀行將包含虛擬卡號的卡片資訊傳送給該仲介機構進行校驗時,該仲介機構確認驗證碼無誤後會將該虛擬卡號替換成該智慧卡之一實體卡號,再回傳給該發卡銀行。In the case, when the card issuing bank transmits the card information including the virtual card number to the intermediary for verification, the intermediary device confirms that the verification code is correct, and replaces the virtual card number with the physical card number of the smart card, and then sends back the card number to the smart card. The issuing bank.

網路商店為與該仲介機構約定可使用該支付應用程式進行交易之特約商店,該使用者係透過一電腦或該行動裝置等客戶端裝置瀏覽該網路商店之網頁。The online store is a special store that is engaged with the intermediary to conduct transactions using the payment application, and the user browses the webpage of the online store through a client device such as a computer or the mobile device.

本發明更包括該行動裝置先偵測是否有網路訊號存在,若網路訊號存在則登入該支付應用程式,若無網路訊號則顯示一無網路訊號錯誤訊息。The invention further includes the mobile device first detecting whether a network signal exists, and if the network signal exists, logging in to the payment application, and if there is no network signal, displaying a no network signal error message.

承上,當行動裝置偵測到網路訊號後,進行該支付應用程式之登入程序,若登入失敗則顯示一登入失敗錯誤訊息。In the case that the mobile device detects the network signal, the login program of the payment application is executed, and if the login fails, a login failure error message is displayed.

當智慧卡選擇後,更包括判斷該行動裝置中是否有至少一交易金鑰,若沒有任何交易金鑰,則顯示一卡片驗證失敗訊息。When the smart card is selected, it further includes determining whether there is at least one transaction key in the mobile device, and if there is no transaction key, displaying a card verification failure message.

驗證碼為利用該等訂單資訊演算出來的一組代碼,從該代碼中取出複數字元做為該驗證碼,並附加在該卡片資訊的一資料欄位中。The verification code is a set of codes calculated by using the order information, and the complex digital element is taken out from the code as the verification code, and is added to a data field of the card information.

訂單資訊包括交易時間、商店代碼、交易金額等。Order information includes trading hours, store codes, transaction amounts, and more.

智慧卡為信用卡、金融卡、悠遊卡或其他具支付功能之電子卡片。The smart card is a credit card, a financial card, a leisure card or other electronic card with payment function.

行動裝置為智慧型手機、平板電腦或智慧手錶。The mobile device is a smart phone, tablet or smart watch.

本發明提供一種行動裝置遠端一次性驗證之支付方法,用於網路購物遠端支付時使用行動裝置中的智慧卡進行付款,不需使用者在電腦中輸入卡片資訊,且傳送到發卡銀行的資訊為需驗證的虛擬卡號,發卡銀行需將卡片資訊傳送到仲介機構驗證並轉換成實體卡號,才能依據實體卡號對網路商店付款,提升網路交易的安全性。The invention provides a mobile device remote one-time verification payment method, which is used for payment by using a smart card in a mobile device for online shopping remote payment, without requiring the user to input card information in the computer and transmit to the card issuing bank. The information is the virtual card number to be verified. The card issuing bank needs to transmit the card information to the intermediary to verify and convert it into a physical card number, in order to pay the online store according to the physical card number, and improve the security of the network transaction.

請參考第2圖,其為本發明之行動裝置遠端一次性驗證之支付方法之方塊圖,本發明中包括一客戶端裝置20、一網路商店22、一收單機構24、一仲介機構26、一行動裝置28及至少一發卡銀行30,該客戶端裝置20為桌上型電腦、筆記型電腦、平板電腦、智慧型手機等可瀏覽網頁之電子裝置,使用者在客戶端裝置20上瀏覽網路商店22的網頁、選購商品、結帳付款;行動裝置28為智慧型手機、平板電腦或智慧手錶,其中安裝有一支付應用程式282,其為主機板模擬(Host Card Emulation, HCE)的應用,智慧卡係下載至支付應用程式282中,且可將不同發卡銀行30的不同種類智慧卡皆安裝在支付應用程式282中,利用支付應用程式282中的電子式智慧卡進行付款;網路商店22為獨立的購物網站或是在大型購物網站下的其中一個店家,進一步而言,網路商店22為與仲介機構26約定可使用支付應用程式進行交易之特約商店,收單機構24為與網路商店22合作的機構,可能是一間銀行,也可能是聯合信用卡中心、VISA中心之類的金融機構,使用者係透過一電腦或行動裝置瀏覽網路商店22之網頁;仲介機構26為一個金融共構平台,整合多家收單機構24及發卡銀行30等金融機構,提供安全的資訊傳輸(包括發卡銀行送出之帳款轉出訊息及送給收單機構之帳款轉入訊息),可達到跨行業務之特性,並保證資料傳輸之完整性及安全性;發卡銀行30為使用者在行動裝置28中選擇用來付款的該張智慧卡的發卡銀行30。Please refer to FIG. 2, which is a block diagram of a method for payment of a one-time remote verification of a mobile device according to the present invention. The present invention includes a client device 20, an online store 22, an acquirer 24, and an intermediary. 26. A mobile device 28 and at least one card issuing bank 30. The client device 20 is an electronic device such as a desktop computer, a notebook computer, a tablet computer, a smart phone, or the like, and the user is on the client device 20. The webpage of the online store 22, the purchase of goods, and the checkout payment; the mobile device 28 is a smart phone, a tablet or a smart watch, and a payment application 282 is installed, which is a Host Card Emulation (HCE). The smart card is downloaded into the payment application 282, and different types of smart cards of different issuing banks 30 can be installed in the payment application 282 to make payment by using the electronic smart card in the payment application 282; The road store 22 is an independent shopping website or one of the stores under a large shopping website. Further, the online store 22 is agreed with the agency 26 A special store where the payment application is to be traded. The acquirer 24 is an organization that cooperates with the online store 22. It may be a bank, or a financial institution such as a joint credit card center or a VISA center. The user is through a computer. Or the mobile device browses the webpage of the online store 22; the intermediary agency 26 is a financial co-construction platform, which integrates a plurality of financial institutions such as the acquiring institution 24 and the issuing bank 30 to provide secure information transmission (including the payment by the issuing bank) The message and the account transfer information sent to the acquirer can achieve the characteristics of the interbank business and ensure the integrity and security of the data transmission; the card issuing bank 30 selects the payment device for the user in the mobile device 28. The card issuing bank of the smart card 30.

支付應用程式為實名登錄之應用程式,由收單機構24、仲介機構26或發卡銀行30提供下載安裝,當支付應用程式安裝完成後,開啟支付應用程式,行動裝置28便可下載智慧卡到支付應用程式中。本發明中,智慧卡可為信用卡、金融卡、悠遊卡或其他具支付功能之電子卡片。The payment application is a real-name login application provided by the acquirer 24, the intermediary agency 26 or the issuing bank 30. After the payment application is installed, the payment application is started, and the mobile device 28 can download the smart card to pay. In the app. In the present invention, the smart card can be a credit card, a financial card, a leisure card or other electronic card with a payment function.

第3圖為本發明行動裝置遠端一次性驗證之支付方法之流程圖。當使用者欲利用智慧卡於一網路商店中付款時,首先,步驟S10使用者利用一客戶端裝置瀏覽一網路商店,並於網路商店之一結帳網頁中選擇一行動支付選項,此時,更包括使用者在一實施例中需操作自身之行動裝置以取得網路交易驗證碼,並將此網路交易驗證碼與其之手機號碼輸入結帳網頁,之後收單機構將付款通知傳送至一仲介機構,並由仲介機構比對網路交易驗證碼與手機號碼是否正確,若比對成功,在步驟S12中,網路商店之收單機構便會將結帳的一訂單資訊透過仲介機構傳送給使用者的行動裝置。故使用者在網路商店中確認結帳後可將訂單資訊傳送到使用者的行動裝置,此步驟是為了確認結帳的人就是使用者本人(亦即持卡人),同時向行動裝置的支付應用程式要求智慧卡的卡片資訊;步驟S14中,行動裝置接收訂單資訊後,驅動行動裝置中的一支付應用程式自動開啟,並呈現一智慧卡列表,並從智慧卡列表中點選欲用來支付的一智慧卡,將包含卡號、效期、甚至卡片背面檢核碼之卡片資訊傳送給仲介機構;接著步驟S16中,仲介機構在卡片資訊中增加一驗證碼,傳送給收單機構,收單機構再將卡片資訊及訂單資訊傳送給一發卡銀行;步驟S18發卡銀行接收到卡片資訊及訂單資訊後,需先將卡片資訊傳送給仲介機構,由仲介機構負責校驗卡片資訊中的驗證碼是否正確,以確認卡片資訊是否有被竄改,驗證後再將卡片資訊傳送回發卡銀行;最後步驟S20中,發卡銀行依據卡片資訊及訂單資訊判斷是否授權付款給網路商店,如果通過授權,就會透過收單機構付款給網路商店。FIG. 3 is a flow chart of a method for payment of a one-time remote verification of a mobile device according to the present invention. When the user wants to use the smart card to pay in an online store, first, in step S10, the user browses an online store by using a client device, and selects a mobile payment option in one of the online store checkout pages. At this time, the user further needs to operate his own mobile device in an embodiment to obtain the online transaction verification code, and input the online transaction verification code and the mobile phone number into the checkout webpage, and then the acquiring institution will notify the payment. Transferred to an intermediary agency, and the intermediary company compares the online transaction verification code and the mobile phone number. If the comparison is successful, in step S12, the online store's acquirer will pass the checkout order information through The mobile device that the intermediary sends to the user. Therefore, after the user confirms the checkout in the online store, the order information can be transmitted to the user's mobile device. This step is to confirm that the checkout person is the user (ie, the cardholder) and simultaneously to the mobile device. The payment application requires the card information of the smart card; in step S14, after the mobile device receives the order information, a payment application in the mobile device is automatically turned on, and a smart card list is presented, and the smart card list is selected from the smart card list. To send a smart card, the card information including the card number, the expiration date, and even the card back check code is transmitted to the intermediary institution; then, in step S16, the agency adds a verification code to the card information and transmits it to the acquiring institution. The acquiring institution then transmits the card information and the order information to a card issuing bank; in step S18, after the card issuing bank receives the card information and the order information, the card information is first transmitted to the intermediary institution, and the intermediary agency is responsible for verifying the verification in the card information. Is the code correct to confirm whether the card information has been tampered with, and then send the card information back to the issuing bank after verification; S20, according to the card issuing bank information and order information to determine whether to authorize payment to the online store, if, through the payment will be authorized by the acquirer to the online store.

特別的是,本發明中支付應用程式中所下載的智慧卡卡號為虛擬卡號,由仲介機構給予,發卡銀行知道智慧卡的虛擬卡號,因此將虛擬卡號轉換成實體卡號的步驟必然在仲介機構中進行。In particular, the smart card number downloaded in the payment application of the present invention is a virtual card number, which is given by the intermediary agency, and the card issuing bank knows the virtual card number of the smart card, so the step of converting the virtual card number into the physical card number must be in the intermediary institution. get on.

步驟S20中,若智慧卡為金融卡,則發卡銀行直接從金融卡的帳戶中扣款付給網路商店,若智慧卡為信用卡,則發卡銀行先代為支付帳款給網路商店,待使用者繳交信用卡費後還款給發卡銀行。In step S20, if the smart card is a financial card, the issuing bank directly deducts the payment from the account of the financial card to the online store. If the smart card is a credit card, the issuing bank first pays the account to the online store for use. After paying the credit card fee, the person will pay the card to the issuing bank.

第4圖為本發明行動裝置遠端一次性驗證之支付方法之細部流程圖。當使用者在電腦上瀏覽網路商店(如奇摩購物中心)並結帳時,付款方式包括ATM轉帳、超商付款、貨到付款、信用卡、行動支付等可選擇,於步驟S30中使用者在網路商店的結帳網頁中選擇行動支付選項,接著在步驟S32中,收單機構便會將結帳的訂單資訊傳送給仲介機構,仲介機構再將訂單資訊傳送給使用者的行動裝置,此步驟是為了確認結帳的人就是持卡人,同時向行動裝置的支付應用程式要求智慧卡的卡片資訊;步驟S34中,行動裝置中的支付應用程式會自動跳出視窗(可為推播方式自動彈窗),使用者點選開啟支付應用程式後,呈現一智慧卡列表,從中選擇一張欲用來付款的智慧卡,接著如步驟S36所述,行動裝置將包含智慧卡之虛擬卡號、效期、甚至卡片背面檢核碼之卡片資訊傳送給仲介機構;步驟S38中,仲介機構在卡片資訊中新增一驗證碼後,傳送給收單機構,收單機構再將增加了驗證碼的卡片資訊傳送給發卡銀行;步驟S40發卡銀行接收到卡片資訊後,將卡片資訊傳送給仲介機構進行校驗;步驟S42中,仲介機構先檢查驗證碼,確認卡片資訊的完整性,判斷其是否有被修改過,再將卡片資訊中的虛擬卡號替換成實體卡號,傳送回發卡銀行;最後步驟S44中,發卡銀行依據卡片資訊及訂單資訊判斷是否授權付款給網路商店,如果授權則透過收單機構付款給網路商店。4 is a detailed flow chart of a method for payment of a one-time remote verification of a mobile device according to the present invention. When the user browses the online store (such as the Chimo shopping center) on the computer and checks out the payment, the payment method includes ATM transfer, super payment, cash on delivery, credit card, mobile payment, etc., and the user is in step S30. The action payment option is selected in the checkout webpage of the online store, and then in step S32, the acquirer transmits the checkout order information to the intermediary agency, and the intermediary information transmits the order information to the user's mobile device. The step is to confirm that the checkout person is the cardholder, and at the same time, the payment application of the mobile device requests the card information of the smart card; in step S34, the payment application in the mobile device automatically pops up the window (can be automatically pushed by the push mode) Pop-up window), after the user clicks on the payment application, a smart card list is presented, and a smart card to be used for payment is selected, and then, as described in step S36, the mobile device includes the virtual card number of the smart card. The card information of the period and even the card check code is transmitted to the agency; in step S38, the agency adds a verification code to the card information. The information is transmitted to the acquiring institution, and the acquiring institution transmits the card information with the verification code to the issuing bank. Step S40, after receiving the card information, the issuing bank transmits the card information to the intermediary for verification; in step S42, the intermediary institution First check the verification code, confirm the integrity of the card information, determine whether it has been modified, and then replace the virtual card number in the card information with the physical card number, and send it back to the issuing bank; finally, in step S44, the issuing bank relies on the card information and the order. The information determines whether the payment is authorized to the online store, and if authorized, the payment is made to the online store through the acquirer.

此外,要確保支付應用程式可使用還需一些細部判斷的步驟,如第5圖,其為本發明中登入支付應用程式前之細部流程圖,在第3圖的步驟S34中,當支付應用程式自動開啟後,行動裝置還會如步驟S341所述先偵測是否有網路訊號存在,以避免行動裝置在接收不到網路訊號的地方,根本無法使用支付應用程式進行付款,若無網路訊號,則顯示一無網路訊號錯誤訊息,如步驟S342;當偵測到網路訊號後,步驟S343中行動裝置進行支付應用程式之登入程序,若成功登入支付應用程式則如步驟S344,反之,若登入失敗,則如步驟S345所示顯示一登入失敗錯誤訊息,可能是使用者輸入會員帳號密碼時有錯,可重新嘗試登入,若成功登入支付應用程式,則步驟S346中呈現智慧卡列表,以供使用者選擇要用來付款的一張智慧卡。In addition, to ensure that the payment application can use some steps that require some detailed judgment, such as Figure 5, which is a detailed flow chart before the login payment application in the present invention. In step S34 of Figure 3, when the payment application is used. After being automatically turned on, the mobile device first detects whether a network signal exists as described in step S341, so that the mobile device cannot use the payment application to make payment without receiving the network signal. The signal indicates that there is no network signal error message, such as step S342; when the network signal is detected, the mobile device performs the login procedure of the payment application in step S343, and if the login application is successfully registered, the process proceeds to step S344; If the login fails, a login failure error message is displayed as shown in step S345. The user may enter the member account password incorrectly, and may re-attempt the login. If the login application is successfully entered, the smart card list is presented in step S346. For the user to select a smart card to be used for payment.

第6圖為接續第5圖中智慧卡選擇後之細部流程圖。當第5圖步驟S346從智慧卡列表中選擇一張智慧卡之後,步驟S347判斷行動裝置中是否有至少一交易金鑰,此交易金鑰事先就儲存在行動裝置中,每次利用支付應用程式進行交易時皆須消耗一把交易金鑰將交易內容進行加密,因此,若行動裝置中還有交易金鑰可用,才能進入步驟S336,若已無交易金鑰,則在步驟S194中行動裝置會顯示一卡片驗證失敗訊息;最後,進入步驟S36,行動裝置將選擇的智慧卡的卡片資訊傳送給仲介機構,此卡片資訊中包含的卡號為虛擬卡號。Figure 6 is a detailed flow chart of the selection of the smart card in Figure 5. After step S346 selects a smart card from the smart card list in step 5, step S347 determines whether there is at least one transaction key in the mobile device, and the transaction key is stored in the mobile device in advance, each time using the payment application. At the time of transaction, a transaction key is required to encrypt the transaction content. Therefore, if there is a transaction key available in the mobile device, the process proceeds to step S336. If there is no transaction key, the mobile device displays in step S194. A card verification failure message; finally, proceeding to step S36, the mobile device transmits the card information of the selected smart card to the intermediary, and the card number included in the card information is a virtual card number.

因此,使用者利用電腦、平板電腦、智慧型手機等客戶端裝置在網路上購物時,於網路商店上多了行動支付的選項,使用者不需要在客戶端裝置上輸入智慧卡的卡號、效期、檢核碼等資訊,本發明中仲介機構會與網路商店簽約成為可用行動支付的特約商店,當選擇行動支付時,收單銀行就會將訂單資訊透過仲介機構傳給行動裝置,要求行動裝置的支付應用程式提供欲付款的智慧卡的虛擬卡號、效期、檢核碼等資訊給仲介機構,且支付應用程式是將智慧卡下載、儲存、啟用,故直接選擇卡片就送出卡片資訊,而非使用者每次交易都要在支付應用程式中重新輸入一次,不但可確認使用智慧卡線上付款的是持卡者本人,更免去每次交易輸入卡號的流程;此外,行動裝置提供的卡片資訊所包含的卡號為虛擬卡號,需由發卡銀行傳送到仲介機構才能取得實體卡號,與目前直接在網路商店上輸入信用卡卡號的付款方式相較之下,顯然除了仲介機構及發卡銀行之間的資料傳輸外,其他部分的資料若有含卡號則皆為虛擬卡號,可避免實體卡號外流的風險;更甚者,行動裝置提供卡片資訊後,仲介機構還會將加上一次性驗證的驗證碼,以確保傳送到收單機構及收單機構傳送到發卡銀行的這段網路傳輸中,訂單資訊是否被竄改。Therefore, when a user uses a client device such as a computer, a tablet computer, or a smart phone to make a purchase on the Internet, the user has more options for mobile payment on the online store, and the user does not need to input the smart card number on the client device. In the invention, the intermediary agency will sign a contract with the online store to become a special store for the action payment. When the action payment is selected, the acquiring bank will transmit the order information to the mobile device through the intermediary. The payment application of the mobile device is required to provide the virtual card number, the expiration date, the verification code and the like of the smart card to be paid to the intermediary institution, and the payment application downloads, stores, and enables the smart card, so the card is directly selected and the card is sent. Information, not the user must re-enter the payment application once per transaction, not only can confirm that the cardholder is using the smart card online payment, but also the process of inputting the card number for each transaction; in addition, the mobile device The card information provided is the virtual card number, which needs to be transmitted by the issuing bank to the agency to obtain the entity. No. Compared with the payment method currently inputting the credit card number directly in the online store, it is obvious that except for the data transmission between the intermediary agency and the issuing bank, if other parts of the information contain the card number, they are all virtual card numbers. Avoid the risk of outflow of the physical card number; even worse, after the mobile device provides the card information, the agency will also add a one-time verification code to ensure the transmission to the acquiring institution and the acquiring institution to the card issuing bank. Whether the order information has been tampered with during network transmission.

綜上所述,本發明提供的行動裝置遠端一次性驗證之支付方法結合了虛擬卡號轉實體卡號、及將虛擬卡號進行一次性驗證的金鑰加密處理,如此一來,即使資料在網路傳輸的過程中被盜取,首先便極難破解金鑰獲得卡片資訊;其次,即使僥倖破解金鑰、取得卡片資訊,也只會得到虛擬卡號,不會知道智慧卡的實體卡號為何,仍然無法使用,因此,本發明具有虛擬卡號傳輸及一次性驗證之雙重保險,大幅提高金融交易的安全性,避免智慧卡被盜刷。In summary, the mobile device remote one-time verification payment method provided by the present invention combines the virtual card number to the physical card number and the key verification of the virtual card number for one-time verification, so that even if the data is in the network In the process of transmission, it is very difficult to crack the key to obtain card information. Secondly, even if you are lucky enough to crack the key and get the card information, you will only get the virtual card number. You will not know the physical card number of the smart card. Therefore, the present invention has dual insurance for virtual card number transmission and one-time verification, which greatly improves the security of financial transactions and prevents smart cards from being stolen.

唯以上所述者,僅為本發明之較佳實施例而已,並非用來限定本發明實施之範圍。故即凡依本發明申請範圍所述之特徵及精神所為之均等變化或修飾,均應包括於本發明之申請專利範圍內。The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention. Therefore, any changes or modifications of the features and spirits of the present invention should be included in the scope of the present invention.

10‧‧‧電腦
12‧‧‧網路商店
14‧‧‧收單機構
16‧‧‧發卡銀行
20‧‧‧客戶端裝置
22‧‧‧網路商店
24‧‧‧收單機構
26‧‧‧仲介機構
28‧‧‧行動裝置
282‧‧‧支付應用程式
30‧‧‧發卡銀行
10‧‧‧ computer
12‧‧‧Internet store
14‧‧ ‧ acquiring institution
16‧‧‧ Issuing Bank
20‧‧‧Client device
22‧‧‧Internet store
24‧‧ ‧ acquiring institution
26‧‧‧Intermediary agencies
28‧‧‧Mobile devices
282‧‧‧Payment application
30‧‧‧ Issuing Bank

第1圖為先前技術中網路購物以信用卡付款之方塊圖。 第2圖為本發明行動裝置遠端一次性驗證之支付方法之方塊圖。 第3圖為本發明行動裝置遠端一次性驗證之支付方法之流程圖。 第4圖為本發明行動裝置遠端一次性驗證之支付方法之細部流程圖。 第5圖為本發明中行動裝置中跨平台支付之方法中登入支付應用程式前之細部流程圖。 第6圖為本發明中行動裝置中跨平台支付之方法中智慧卡選擇後之細部流程圖。Figure 1 is a block diagram of a prior art online shopping payment by credit card. 2 is a block diagram of a payment method for remote one-time verification of the mobile device of the present invention. FIG. 3 is a flow chart of a method for payment of a one-time remote verification of a mobile device according to the present invention. 4 is a detailed flow chart of a method for payment of a one-time remote verification of a mobile device according to the present invention. Figure 5 is a detailed flow chart of the method before the login payment application in the method of cross-platform payment in the mobile device of the present invention. Figure 6 is a detailed flow chart of the selection of the smart card in the method of cross-platform payment in the mobile device of the present invention.

Claims (12)

一種行動裝置遠端一次性驗證之支付方法,包括下列步驟: 一使用者利用一客戶端裝置瀏覽一網路商店,並於該網路商店之一結帳網頁中選擇一行動支付選項; 該網路商店之一收單機構將一訂單資訊傳送給一仲介機構,由該仲介機構將該訂單資訊傳送給該使用者之一行動裝置; 該行動裝置接收該訂單資訊後,驅動該行動裝置中的一支付應用程式自動開啟,並呈現一智慧卡列表,從該智慧卡列表中點選欲用來支付的一智慧卡,將該智慧卡之至少一卡片資訊傳送給該仲介機構; 該仲介機構在該卡片資訊中增加一驗證碼後回傳給該收單機構,該收單機構再將該卡片資訊及該訂單資訊傳送給一發卡銀行; 該發卡銀行將該卡片資訊傳送給該仲介機構以對該驗證碼進行校驗,該仲介機構校驗後將該卡片資訊傳送回該發卡銀行;以及 該發卡銀行依據該卡片資訊及該訂單資訊判斷是否授權付款給該網路商店。A mobile device remote one-time verification payment method includes the following steps: a user browsing a network store by using a client device, and selecting a mobile payment option in a checkout webpage of the online store; One of the road stores receives an order information to an intermediary agency, and the intermediary information is transmitted to the mobile device of the user; the mobile device receives the order information and drives the mobile device a payment application is automatically opened, and a smart card list is presented, and a smart card to be used for payment is selected from the smart card list, and at least one card information of the smart card is transmitted to the intermediary institution; the intermediary institution is The card information is added to the acquiring institution and sent back to the acquiring institution, and the acquiring institution transmits the card information and the order information to a card issuing bank; the card issuing bank transmits the card information to the intermediary institution to The verification code is verified, and the intermediary information is transmitted to the card issuing bank after verification; and the card issuing bank is based on the card capital And the order information to determine whether to authorize payment to the online store. 如請求項1所述之行動裝置遠端一次性驗證之支付方法,其中該行動裝置所提供之該卡片資訊包括一虛擬卡號及一效期。The mobile device remote one-time verification payment method as claimed in claim 1, wherein the card information provided by the mobile device includes a virtual card number and a validity period. 如請求項2所述之行動裝置遠端一次性驗證之支付方法,其中該發卡銀行將包含該虛擬卡號之該卡片資訊傳送給該仲介機構進行校驗時,該仲介機構確認該驗證碼無誤後,將該虛擬卡號替換成該智慧卡之一實體卡號,再回傳給該發卡銀行。The mobile device remote one-time verification payment method according to claim 2, wherein the card issuing bank transmits the card information including the virtual card number to the intermediary for verification, the intermediary confirms that the verification code is correct The virtual card number is replaced with one of the smart card card numbers, and then transmitted back to the card issuing bank. 如請求項1所述之行動裝置遠端一次性驗證之支付方法,其中該網路商店為與該仲介機構約定可使用該支付應用程式進行交易之特約商店。The mobile device remote one-time verification payment method according to claim 1, wherein the online store is a special store that agrees with the intermediary to use the payment application to conduct a transaction. 如請求項1所述之行動裝置遠端一次性驗證之支付方法,其中該客戶端裝置為一電腦或該行動裝置。The mobile device remote one-time verification payment method according to claim 1, wherein the client device is a computer or the mobile device. 如請求項1所述之行動裝置遠端一次性驗證之支付方法,更包括該行動裝置先偵測是否有網路訊號存在,若網路訊號存在則登入該支付應用程式,若無網路訊號則顯示一無網路訊號錯誤訊息。The mobile device remotely authenticates the payment method according to claim 1, further comprising detecting, by the mobile device, whether a network signal exists, and if the network signal exists, logging in to the payment application, if there is no network signal A message with no network signal error is displayed. 如請求項6所述之行動裝置遠端一次性驗證之支付方法,更包括該行動裝置偵測到網路訊號後,進行該支付應用程式之登入程序,若登入失敗則顯示一登入失敗錯誤訊息。The method for payment of the remote authentication of the mobile device according to claim 6 further includes the login procedure of the payment application after the mobile device detects the network signal, and displays a login failure error message if the login fails. . 如請求項1所述之行動裝置遠端一次性驗證之支付方法,其中該智慧卡選擇後,更包括判斷該行動裝置中是否有至少一交易金鑰,若沒有任何交易金鑰,則顯示一卡片驗證失敗訊息。The mobile device remote one-time verification payment method according to claim 1, wherein the smart card is selected, further comprising determining whether the mobile device has at least one transaction key, and if there is no transaction key, displaying one Card verification failure message. 如請求項1所述之行動裝置遠端一次性驗證之支付方法,其中該驗證碼為利用該等訂單資訊演算出來的一組代碼,從該代碼中取出複數字元做為該驗證碼,並附加在該卡片資訊的一資料欄位中。The mobile device remote one-time verification payment method according to claim 1, wherein the verification code is a set of codes calculated by using the order information, and the complex digital element is taken from the code as the verification code, and Attached to a data field of the card information. 如請求項1所述之行動裝置遠端一次性驗證之支付方法,其中該等訂單資訊包括交易時間、商店代碼、交易金額等。The mobile device remote one-time verification payment method as claimed in claim 1, wherein the order information includes a transaction time, a store code, a transaction amount, and the like. 如請求項1所述之行動裝置遠端一次性驗證之支付方法,其中該智慧卡為信用卡、金融卡、悠遊卡或其他具支付功能之電子卡片。The mobile device remotely authenticates the payment method according to claim 1, wherein the smart card is a credit card, a financial card, a leisure card or another electronic card with a payment function. 如請求項1所述之行動裝置遠端一次性驗證之支付方法,其中該行動裝置為智慧型手機、平板電腦或智慧手錶。The method for payment of a one-time remote verification of the mobile device according to claim 1, wherein the mobile device is a smart phone, a tablet or a smart watch.
TW106103366A 2017-01-26 2017-01-26 Mobile device remote one-time verification payment method TWI623897B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW106103366A TWI623897B (en) 2017-01-26 2017-01-26 Mobile device remote one-time verification payment method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW106103366A TWI623897B (en) 2017-01-26 2017-01-26 Mobile device remote one-time verification payment method

Publications (2)

Publication Number Publication Date
TWI623897B true TWI623897B (en) 2018-05-11
TW201828182A TW201828182A (en) 2018-08-01

Family

ID=62951444

Family Applications (1)

Application Number Title Priority Date Filing Date
TW106103366A TWI623897B (en) 2017-01-26 2017-01-26 Mobile device remote one-time verification payment method

Country Status (1)

Country Link
TW (1) TWI623897B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI791905B (en) * 2019-10-08 2023-02-11 中華電信股份有限公司 Authentication access system and method based on tokenization technology
TWI795690B (en) * 2020-11-11 2023-03-11 財金資訊股份有限公司 Method and system for integrating financial payment platform

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW511364B (en) * 2000-03-24 2002-11-21 Mobipay Internat S A System and process for remote payments and transactions in real time by mobile telephone
CN103038789A (en) * 2010-07-02 2013-04-10 高通股份有限公司 System and method for managing transactions with a portable computing device
US20130166332A1 (en) * 2011-11-18 2013-06-27 Ayman Hammad Mobile wallet store and service injection platform apparatuses, methods and systems
US20140136417A1 (en) * 2010-03-02 2014-05-15 Digital Life Technologies, Llc Portable e-wallet and universal card
US20160125386A1 (en) * 2007-10-31 2016-05-05 Mastercard Mobile Transactions Solutions, Inc. Multi-tiered secure mobile transactions enabling platform
US20170011396A1 (en) * 2005-10-06 2017-01-12 Mastercard Mobile Transactions Solutions, Inc. Configuring a plurality of security isolated wallet containers on a single mobile device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW511364B (en) * 2000-03-24 2002-11-21 Mobipay Internat S A System and process for remote payments and transactions in real time by mobile telephone
US20170011396A1 (en) * 2005-10-06 2017-01-12 Mastercard Mobile Transactions Solutions, Inc. Configuring a plurality of security isolated wallet containers on a single mobile device
US20160125386A1 (en) * 2007-10-31 2016-05-05 Mastercard Mobile Transactions Solutions, Inc. Multi-tiered secure mobile transactions enabling platform
US20140136417A1 (en) * 2010-03-02 2014-05-15 Digital Life Technologies, Llc Portable e-wallet and universal card
CN103038789A (en) * 2010-07-02 2013-04-10 高通股份有限公司 System and method for managing transactions with a portable computing device
US20130166332A1 (en) * 2011-11-18 2013-06-27 Ayman Hammad Mobile wallet store and service injection platform apparatuses, methods and systems

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI791905B (en) * 2019-10-08 2023-02-11 中華電信股份有限公司 Authentication access system and method based on tokenization technology
TWI795690B (en) * 2020-11-11 2023-03-11 財金資訊股份有限公司 Method and system for integrating financial payment platform

Also Published As

Publication number Publication date
TW201828182A (en) 2018-08-01

Similar Documents

Publication Publication Date Title
US10748147B2 (en) Adaptive authentication options
US11164166B2 (en) Securely modifying exchange items in an exchange item marketplace network
US11062366B2 (en) Securely processing exchange items in a data communication system
US11164228B2 (en) Method and medium for determining exchange item compliance in an exchange item marketplace network
US11461783B2 (en) Merchant verification in an exchange item marketplace network
US20210241266A1 (en) Enhancing 3d secure user authentication for online transactions
US20110087591A1 (en) Personalization Data Creation or Modification Systems and Methods
US20230010281A1 (en) Securely processing exchange items in a data communication system
JP2008305392A (en) Method for providing card settlement service, system for providing card settlement service, and computer program for causing computer system to execute card settlement service providing process
EP3616111B1 (en) System and method for generating access credentials
US12008527B2 (en) Systems, methods, and computer program products providing an identity-storing browser
TWI623897B (en) Mobile device remote one-time verification payment method
US20050160298A1 (en) Nonredirected authentication
TWI653588B (en) Method of cross-platform payment in mobile devices
TWM542815U (en) Payment system of remote one-time verification on mobile device
CN112686662A (en) Mobile trading counter realized by real-name mobile phone and trading method thereof
WO2019162879A2 (en) System, apparatus, and method for inhibiting payment frauds
TW201833833A (en) System for establishing electronic cards capable of encrypting the card information to effectively improve the security of data usage
TWM542813U (en) Mobile device payment system
HK1152438A (en) Transaction server configured to authorize payment transactions using mobile telephone devices
HK1152439A (en) Ghosting payment account data in a mobile telephone payment transaction system
HK1152405A (en) Mobile telephone transaction systems and methods
KR20090020963A (en) Automated equipment equipped with the possibility of issuing a gift card and a program recording medium therefor