文化大學機構典藏 CCUR:Item 987654321/23903
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 46965/50831 (92%)
Visitors : 12781620      Online Users : 428
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/23903


    Title: 手機銀行交易之安全驗證機制研究
    Authors: 莊登傑
    Contributors: 數位機電科技研究所
    Keywords: 手機銀行
    Mobile banking
    手機交易
    Mobile phone trading
    簡訊
    SMS
    個人生物資訊
    Personal of biological information
    Date: 2012
    Issue Date: 2012-12-06 11:20:33 (UTC+8)
    Abstract: 近年來,隨著智慧型手機、平板電腦以及網際網路的蓬勃發展,因為手機交易具有便利與快速的特點,所以手機交易越來越盛行,但相對的,手機銀行交易密碼須經由網際網路傳送,具有較高的風險,故本研究對於手機銀行交易密碼基於網路銀行交易作修改,使之更具安全性與保密性並確保使用者的便利性。本論文使用簡訊傳送一次性通行密碼OTP(One-Time Password)與個人生物資訊之辨識作為手機交易的驗證,當使用者發送交易要求,銀行端產生一個OTP以簡訊傳送給使用者,使用者於獲得簡訊後,可藉由簡訊中的訊息確認網頁系統的真實性並讀取OTP,當使用者於銀行端伺服系統所規範之短暫有效登錄時間內輸入正確的OTP後,銀行系統端將主動擷取手機之系統資訊並要求使用者上傳個人生物資訊以利確認交易者確為使用者本人,以避免帳號、密碼與手機遭盜用,如此若當發生網路安全事件或產生糾紛時,可達銀行端與使用者端皆能維護各自權益之效。
    Due to the emerging development and application of scientific technology, e-commerce business transaction via smart phones, Tablet and Internet has become more popular. The utilization of mobile phone does provide the convenience of easy and fast. However, the operation process is not secured enough. As utilizing smart phone to perform e-commerce banking or business transaction, the login ID and password must be provided and send to the server side for verification via Internet. This kind of confidential information is easily to attract the interest of intelligentsia or hackers to intercept and crack it. Although there are a lot of threats appeared while using smart phone for M-banking, it is an avoidance trend to perform M-banking in the future. Therefore, developing a convenient and secure verification mechanism for M-banking and simultaneously remedy the current shortcoming of M-banking is a must.
    In this paper, using SMS to send a One-Time Password (OTP) and following the personal identification with biometric information for verification has been developed. As the client side presents his/her request for M-banking, the server side of the Bank will send an OTP SMS to the client side. After the client side received the OTP, he/she will check the validation of the OTP from the web page of server side.
    After then, the client must enter the right OTP in specified time to perform M-banking. In the following, the server side of Bank will ask the client side to capture the personal biometric information in real time and upload to the server side immediately for verification. As the server side finishes the verification process and make sure that the client is exactly the right user himself/herself, the client then can perform any authorized M-banking via smart phone. No matter the threatening generated from hackers are severely, the proposed verification mechanism not only provided secure M-banking, but also can reduce the arguments between user and Bank side. It can be applied to protect the rights of both client side and Banks while there is Internet hacking occurred.
    Appears in Collections:[Department of Mechanical Engineering ] thesis

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML340View/Open


    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback