文化大學機構典藏 CCUR:Item 987654321/23903
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 46965/50831 (92%)
造訪人次 : 12783215      線上人數 : 194
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
    •  進階搜尋
    主頁登入上傳說明關於CCUR管理 到手機版


    請使用永久網址來引用或連結此文件: https://irlib.pccu.edu.tw/handle/987654321/23903


    題名: 手機銀行交易之安全驗證機制研究
    作者: 莊登傑
    貢獻者: 數位機電科技研究所
    關鍵詞: 手機銀行
    Mobile banking
    手機交易
    Mobile phone trading
    簡訊
    SMS
    個人生物資訊
    Personal of biological information
    日期: 2012
    上傳時間: 2012-12-06 11:20:33 (UTC+8)
    摘要: 近年來,隨著智慧型手機、平板電腦以及網際網路的蓬勃發展,因為手機交易具有便利與快速的特點,所以手機交易越來越盛行,但相對的,手機銀行交易密碼須經由網際網路傳送,具有較高的風險,故本研究對於手機銀行交易密碼基於網路銀行交易作修改,使之更具安全性與保密性並確保使用者的便利性。本論文使用簡訊傳送一次性通行密碼OTP(One-Time Password)與個人生物資訊之辨識作為手機交易的驗證,當使用者發送交易要求,銀行端產生一個OTP以簡訊傳送給使用者,使用者於獲得簡訊後,可藉由簡訊中的訊息確認網頁系統的真實性並讀取OTP,當使用者於銀行端伺服系統所規範之短暫有效登錄時間內輸入正確的OTP後,銀行系統端將主動擷取手機之系統資訊並要求使用者上傳個人生物資訊以利確認交易者確為使用者本人,以避免帳號、密碼與手機遭盜用,如此若當發生網路安全事件或產生糾紛時,可達銀行端與使用者端皆能維護各自權益之效。
    Due to the emerging development and application of scientific technology, e-commerce business transaction via smart phones, Tablet and Internet has become more popular. The utilization of mobile phone does provide the convenience of easy and fast. However, the operation process is not secured enough. As utilizing smart phone to perform e-commerce banking or business transaction, the login ID and password must be provided and send to the server side for verification via Internet. This kind of confidential information is easily to attract the interest of intelligentsia or hackers to intercept and crack it. Although there are a lot of threats appeared while using smart phone for M-banking, it is an avoidance trend to perform M-banking in the future. Therefore, developing a convenient and secure verification mechanism for M-banking and simultaneously remedy the current shortcoming of M-banking is a must.
    In this paper, using SMS to send a One-Time Password (OTP) and following the personal identification with biometric information for verification has been developed. As the client side presents his/her request for M-banking, the server side of the Bank will send an OTP SMS to the client side. After the client side received the OTP, he/she will check the validation of the OTP from the web page of server side.
    After then, the client must enter the right OTP in specified time to perform M-banking. In the following, the server side of Bank will ask the client side to capture the personal biometric information in real time and upload to the server side immediately for verification. As the server side finishes the verification process and make sure that the client is exactly the right user himself/herself, the client then can perform any authorized M-banking via smart phone. No matter the threatening generated from hackers are severely, the proposed verification mechanism not only provided secure M-banking, but also can reduce the arguments between user and Bank side. It can be applied to protect the rights of both client side and Banks while there is Internet hacking occurred.
    顯示於類別:[機械工程系暨機械工程學系數位機電研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML344檢視/開啟


    檢視Licence

    在CCUR中所有的資料項目都受到原著作權保護.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋