Patent Application
20200382304
The present invention relates to the method of identity verification and login and more particularly, to a user identity verification method for secure transaction environment.
As the communication network develops, the blockchain is seen as an environment that provides secure transactions. Because the nodes linked to each other in the blockchain store the complete smart contract, when any node wants to trade, the node will broadcast the transaction to other nodes for the consensus calculation of all nodes. After that, the node that first completed the calculation records the verified transaction on the blockchain. A smart contract recorded on a blockchain cannot be modified and is considered a secure trading environment.
Blockchain transactions are conducted through a public key and a private key. The public key is used to verify the transaction data. The private key is used to encrypt the transaction data. The encrypted transaction data will be broadcast to each node, and each node uses the public key of the transaction data to perform consensus calculation to verify the authenticity of the transaction data. Consensus calculus is not able to get the private key in reverse.
At present, most users choose an online wallet (platform or system) to generate the user's public key and private key on the online wallet, and the user uses the public key and the private key to conduct transactions. The online wallet transaction process is encrypted and decrypted by the online wallet's blockchain server instead of the user's hardware device, so the user's public and private key security cannot be ensured.
In addition, there may be some camouflage entry systems in the online wallet, which are used to spoof the user's public and private keys.
Both the public key and the private key are strings of multiple digits. Because the strings are composed of many numbers, it is difficult for the user to remember the strings and is not convenient to use them.
The present invention has been accomplished under the circumstances in view. It is the main object of the present invention to provide a user identity verification method for secure transaction environment, which provides a convenient and secure access to the secure transaction environment through the familiar user communication code, and can avoid the online transaction environment to obtain the user's private key, ensuring the security of the transaction environment and the identity verification.
To achieve this and other objects of the present invention, a user identity verification method for secure transaction environment comprises the steps of: a user device submitting an attempt comprising a user communication code to a portal system; the portal system generating and transmitting a one-time verification information corresponding to the user communication code; the user device receiving the one-time verification information and generating a user public key and a user private key; the user device submitting a registration information comprising the user communication code and the user public key and an input information responding to the one-time verification information; and the portal system verifying the input information and then the portal system generating and transmitting a new user registration information comprising the registration information to a distributed ledger system when the input information satisfies the one-time verification information, and then, the distributed ledger system registering the registration information in a smart contract of the distributed ledger system to become a legitimate user and allowing the legitimate user to access the distributed ledger system.
Thus, the user public key and the user private key corresponding to the user communication code in the user identity verification method for secure transaction environment of the present invention are generated in the user device, so the user public key and the user private key will not be obtained in the portal system, distributed ledger system or network connection environment. Furthermore, after the registration is completed, the user only needs to use the familiar user communication code to verify the identity, and the user does not need to use the self-designed password, so the convenience of verifying the identity is better.
The detailed environment, device, system, use or operation mode of the user identity verification method for secure transaction environment provided by the present invention will be described in the detailed description of the subsequent embodiments. However, it should be understood by those of ordinary skill in the art that the detailed description and specific embodiments of the invention are intended to be illustrative of the invention but not to limit the scope of the patent application of the present invention.
Hereinafter, the steps of the user identity verification method for secure transaction environment of the present invention and the achievement of the efficacy will be described by way of examples with reference to the annexed drawings. The components, composition, and processes of the user identity verification method for the secure transaction environment in each of the drawings are only used to illustrate the technical features of the present invention and are not intended to limit the present invention.
The user device 110 can be a portable computing device or a stationary computing device. The portable computing device can be a smart phone 111, a smart watch, a tablet, or a notebook computer. The stationary computing device can be a desktop computer 112, or an on-board computer. The user device 110 is coupled to the portal system 130 through a communication network 120.
The communication network 120 can be a public network. Any network such as a cellular telephone network, a local area network, a global network, and the Internet can be coupled by a communication means.
The portal system 130 can be one or more servers or computing devices. The portal system 130 is coupled to the distributed ledger system 150 via an open network, a private network, or a hybrid network. The servers of the portal system 130 are coupled to each other through a network. The portal system manages the distributed ledger system. The portal system stores and executes various software or programs used for verification and trading and is used to generate one-time verification information. The one-time verification information may include numbers, text, images, photos, sounds, or any combination of information to provide users with one-time verification. The private network means that there is no open network, and no computing device can connect and access freely through the communication network.
The distributed ledger system 150 includes a plurality of blockchain servers 153 inter-linked 151 to perform blockchain technology operations. The link 151 is through a private network and can be connected by wire or wirelessly. The private network means that no one is free to access. It is managed by a specific organization, enterprise or organization. This management method is also called private chain.
The user communication code includes one of the user device's phone number, instant messaging account, and email address. In the phone number part, the portal system can send a one-time verification message corresponding to the newsletter or voice message to the user device through the phone number. In the instant messaging part, the portal system can provide private one-time verification information through the account corresponding to the instant messaging software such as LINE, WeChat, WhatsApp, SKYPE and FACEBOOK. In the email messaging part, the portal system provides one-time verification information via email address.
In this way, the user can establish the user communication code in the distributed ledger system through the portal system 130 according to the registration process 300 for future access. It should be noted that the user public key and the user private key are generated in the user device, and the user private key is not required in the attempt process. Therefore, the portal system and the distributed ledger system do not have the user private key of the user. Therefore, the user's private key will not be stored in the portal system or distributed ledger system, ensuring transaction security.
The generation of the one-time verification information in step 303 includes: the portal system transmits the attempt to the distributed ledger system (step 3031), and then the distributed ledger system determines whether the user communication code of the attempt exists in the distributed ledger system (step 3033), and then the distributed ledger system generates system verification information when it is confirmed that there is no distributed ledger system in the user communication code (step 3035), and then the portal system receives the system verification information and generates one-time verification information according to the system verification information (step 3037). In this way, the correctness of the portal system and the distributed ledger system is verified through steps 3031-3037 to prevent the camouflage server from entering the secure transaction environment.
The generation of the new user registration information in step 313 includes encrypting the system verification information and the registration information through the system private key of the portal system.
The registration step of step 315 includes the distributed ledger system verifying that the new user registration information satisfies the system public key of the portal system, and then writing the registration information to the smart contract. When the verification of step 315 is satisfied, it indicates that the registration information and the system verification information are correct, and therefore, the registration information can be established as a smart contract. Conversely, when the verification cannot be satisfied, it means that there is a camouflage server in the portal system or distributed ledger system, and the smart contract cannot be established. As such, the security of the secure transaction environment will be improved.
The registration is that the portal system submits the transaction to the distributed ledger system with the encrypted new user registration information, and then all the nodes in the distributed ledger system perform the consensus calculation through the user communication code. After that, the node that firstly completed the calculation will record the verified transaction on all nodes to complete the establishment of the smart contract.
Satisfaction refers to the logic or condition that the input information meets, corresponds to, or responds to one-time verification information. For example, the user needs to select a photo related to a specific item, text or color, or the result of the user's mathematical operation or other logical arrangements, such as the user to enter a specific arrangement of text or numbers.
In this embodiment, the user device can execute a mobile application (APP) to operate the registration process 300, and the mobile application can generate the user public key and the user private key according to the one-time verification information. The mobile application (APP) can be built into the user device or downloaded from the website, web interface and mobile application database.
The address that the user can access through the user communication code includes the user communication code, indicating that the user displays the user communication code when accessing the portal system or the distributed ledger system, so that the user or the transaction party can identify it.
As shown in
In this embodiment, the one-time verification information can be displayed elsewhere, and is not limited to the verification operation interface 1111. In other embodiments, the operation interface may be other configurations, and the interface may be switched to a plurality of configured interfaces. Therefore, the operation interface is not limited to the one depicted in
In other embodiments, the registration process 300 can be performed by an operation interface, a website, or a web interface hosted by the portal system. Therefore, it is not limited to the mobile application (APP), but the user public key and the user private key are still generated through the user device.
As shown in
In this embodiment, the confirmation mode of step 503 is that the portal system confirms by using the distributed ledger system. In other embodiments, the confirmation mode may also be a direct confirmation by the portal system to shorten the operation time. In other embodiments, step 503 can be omitted. After step 501, step 505 is directly executed, the question is proposed by the user communication code, and the user identity is verified through steps 505-509.
The answer limit time of the question in steps 505-509 is in nanoseconds. Therefore, if it is not a login request submitted by a legitimate user, it means that the user private key is not available to the legitimate user, and the login cannot answer the question within a limited answering time, so the user identity can be verified in a safer manner. In other embodiments, the answer limit time can also be shorter or longer unit time.
In step 511, verifying the answer mode is a calculation method known by the blockchain technique. However, if the answer cannot confirm the legality of the user public key, the portal system and the distributed ledger system do not allow any transaction activity. The notification service of step 515 includes various transaction activities regarding the legitimate account, and the portal system will actively notify the user through the user communication code corresponding to the legal account.
Finally, it is emphasized that the constituent elements disclosed in the foregoing embodiments are merely illustrative and are not intended to limit the scope of the present invention, and alternatives or variations of other equivalent elements should also be the scope of the claims of the present application.
| Number | Date | Country | Kind |
|---|---|---|---|
| 108118780 | May 2019 | TW | national |
