[go: up one dir, main page]

TWM615259U - Cryptographic processing system - Google Patents

Cryptographic processing system Download PDF

Info

Publication number
TWM615259U
TWM615259U TW110204768U TW110204768U TWM615259U TW M615259 U TWM615259 U TW M615259U TW 110204768 U TW110204768 U TW 110204768U TW 110204768 U TW110204768 U TW 110204768U TW M615259 U TWM615259 U TW M615259U
Authority
TW
Taiwan
Prior art keywords
password
voice
processing system
client
voice communication
Prior art date
Application number
TW110204768U
Other languages
Chinese (zh)
Inventor
李哲
陳昱齊
陳照元
賴葦庭
俞子悠
李岳庭
Original Assignee
玉山商業銀行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 玉山商業銀行股份有限公司 filed Critical 玉山商業銀行股份有限公司
Priority to TW110204768U priority Critical patent/TWM615259U/en
Publication of TWM615259U publication Critical patent/TWM615259U/en

Links

Images

Landscapes

  • Telephonic Communication Services (AREA)

Abstract

一種密碼處理系統包含一驗證單元及一電連接該驗證單元的語音通訊單元。該語音通訊單元用於在該驗證單元接收到一密碼提供請求後,在與一客戶方通話裝置進行一語音通訊的情況下將一密碼提供語音透過該語音通訊向該客戶方通話裝置輸出。該密碼提供語音包含一關鍵部分,且該關鍵部分包括一指示出一個一次性密碼的密碼音訊,以及一與該密碼音訊重疊的噪音音訊。A cryptographic processing system includes a verification unit and a voice communication unit electrically connected to the verification unit. The voice communication unit is used for outputting a password-provided voice to the client-side communication device through the voice communication in the case of a voice communication with a client-side communication device after the verification unit receives a password-providing request. The password provided voice includes a key part, and the key part includes a password message indicating a one-time password, and a noise message overlapping the password message.

Description

密碼處理系統Password Processing System

本新型是有關於一種密碼處理系統,特別是指一種涉及語音通訊的密碼處理系統。This new model relates to a cryptographic processing system, in particular to a cryptographic processing system involving voice communication.

在網路普及的現代社會中,許多行業的業者皆會建置網路平台來向客戶提供網路服務。以金融機構(例如銀行)舉例來說,金融機構所提供的網路服務例如包含了開戶申請、貸款申請及個人基本資料的修改等,如此一來,使用者便能在網路上完成各種業務的申辦,而無需特地前往金融機構進行臨櫃辦理,故能有效節省時間。In the modern society where the Internet is popular, businesses in many industries will build Internet platforms to provide Internet services to customers. Take financial institutions (such as banks) for example. The online services provided by financial institutions include account opening applications, loan applications, and the modification of basic personal information. In this way, users can complete various businesses on the Internet. You do not need to go to a financial institution to handle the application at the counter, so it can effectively save time.

網路服務固然方便,但也較容易被有心人士冒名利用,因此,現有技術中常會利用一次性密碼(one-time password,簡稱OTP)的機制來對網路服務的申請進行驗證。然而,現有技術通常是將一次性密碼透過簡訊或電子郵件傳送,而仍存在被有心人士從遠端盜用的風險,因此,如何進一步提升一次性密碼驗證機制的安全性,便成為一個值得探討的議題。Although network services are convenient, they are also easier to be used by people who intend to use false names. Therefore, in the prior art, a one-time password (OTP) mechanism is often used to verify applications for network services. However, the existing technology usually transmits the one-time password via SMS or email, and there is still the risk of being stolen from the remote by intentional persons. Therefore, how to further improve the security of the one-time password authentication mechanism becomes a worthy discussion issue.

本新型之目的,在於提供一種有助於提升資訊安全性的密碼處理系統。The purpose of the present invention is to provide a password processing system that helps to improve information security.

本新型密碼處理系統包含一驗證單元及一電連接該驗證單元的語音通訊單元。該語音通訊單元用於在該驗證單元接收到一密碼提供請求後,在與一客戶方通話裝置進行一語音通訊的情況下將一密碼提供語音透過該語音通訊向該客戶方通話裝置輸出。其中,該密碼提供語音包含一關鍵部分,且該關鍵部分包括一指示出一個一次性密碼的密碼音訊,以及一與該密碼音訊重疊的噪音音訊。The new cryptographic processing system includes a verification unit and a voice communication unit electrically connected to the verification unit. The voice communication unit is used for outputting a password-provided voice to the client-side communication device through the voice communication in the case of a voice communication with a client-side communication device after the verification unit receives a password-providing request. Wherein, the password provided voice includes a key part, and the key part includes a password message indicating a one-time password, and a noise message overlapping the password message.

在本新型密碼處理系統的一些實施態樣中,該噪音音訊為白噪音。In some implementation aspects of the new cryptographic processing system, the noise audio is white noise.

在本新型密碼處理系統的一些實施態樣中,該密碼提供語音中除了該關鍵部分以外的其他部分不包括該噪音音訊。In some implementation aspects of the new cryptographic processing system, other parts of the cryptographic provided voice except the key part do not include the noise audio.

在本新型密碼處理系統的一些實施態樣中,在該密碼處理系統與該客戶方通話裝置之間的該語音通訊建立的情況下,該密碼處理系統還根據一來自於該客戶方通話裝置的聲音輸入判斷該語音通訊是否被轉接至一對應該客戶方通話裝置的語音信箱,並且,該密碼處理系統於判斷出該語音通訊被轉接至該語音信箱時結束該語音通訊。In some implementation aspects of the new cryptographic processing system, in the case that the voice communication between the cryptographic processing system and the client-side communication device is established, the cryptographic processing system is also based on a message from the client-side communication device The voice input determines whether the voice communication is transferred to the voice mailbox corresponding to the client's call device, and the password processing system ends the voice communication when it determines that the voice communication is transferred to the voice mailbox.

在本新型密碼處理系統的一些實施態樣中,該密碼處理系統儲存有多筆客戶識別資料,且該密碼提供請求是對應於該等客戶識別資料中的其中一筆目標客戶識別資料,並且,在該密碼處理系統接收到該密碼提供請求後,該密碼處理系統還先判斷該目標客戶識別資料是否符合一請求次數規範條件,並且在判斷結果為是時產生該密碼提供語音,其中,該請求次數規範條件代表該密碼處理系統在一段歷史期間內所接收到之對應該目標客戶識別資料之密碼提供請求的總數量小於等於一預定門檻值。In some implementations of the new cryptographic processing system, the cryptographic processing system stores multiple customer identification data, and the password provision request corresponds to one of the customer identification data of the target customer identification data, and After the password processing system receives the password provision request, the password processing system first determines whether the target customer identification data meets a request frequency specification condition, and generates the password provision voice when the judgment result is yes, where the number of requests The standard condition means that the total number of password providing requests corresponding to the target customer identification data received by the password processing system during a historical period is less than or equal to a predetermined threshold.

本新型之功效在於:該密碼處理系統能透過語音通訊來提供一次性密碼給使用者,而不會如簡訊或電子郵件一般地在客戶方通戶裝置中留下紀錄,並且,藉由該密碼提供語音中包括有該噪音音訊的關鍵部分,該密碼處理系統還能防止該一次性密碼在該密碼提供語音的輸出過程中被竊聽軟體所竊聽,有助於提升一次性密碼之提供過程的資訊安全性,故確實能對一次性密碼驗證機制的安全性作出改善。The effect of the present invention is that the password processing system can provide a one-time password to the user through voice communication, instead of leaving a record in the client's account device like a text message or email, and by using the password The key part of the noise audio is included in the provided voice. The password processing system can also prevent the one-time password from being eavesdropped by eavesdropping software during the output process of the password providing voice, which helps to improve the information of the one-time password provision process Security, it can indeed improve the security of the one-time password verification mechanism.

在本新型被詳細描述之前應當注意:若未特別定義,則本專利說明書中所述的「電連接」是泛指多個電子設備/裝置/元件之間透過導電材料彼此相連而實現的「有線電連接」,以及透過無線通訊技術進行單/雙向無線信號傳輸的「無線電連接」。並且,若未特別定義,則本專利說明書中所述的「電連接」亦泛指多個電子設備/裝置/元件之間彼此直接相連而形成的「直接電連接」,以及多個電子設備/裝置/元件之間還透過其他電子設備/裝置/元件彼此間接相連而形成的「間接電連接」。Before the new model is described in detail, it should be noted that if there is no special definition, the "electrical connection" in this patent specification generally refers to the "wired connection" between multiple electronic devices/devices/components connected to each other through conductive materials. "Electrical connection" and "radio connection" for single/two-way wireless signal transmission through wireless communication technology. Moreover, if not specifically defined, the "electrical connection" in this patent specification also refers to the "direct electrical connection" formed by multiple electronic devices/devices/elements directly connected to each other, and multiple electronic devices/ Devices/components are also indirectly connected to each other through "indirect electrical connections".

參閱圖1與圖2,本新型密碼處理系統1之一實施例例如是由一金融機構(例如一銀行)所管理,而且,該密碼處理系統1例如適用於透過網際網路與多個客戶端2電連接(圖1僅示出其中一者),但並不以此為限。其中,每一個客戶端2可例如是由一使用者所持有且具有網路連線功能的電子裝置,更明確地說,每一使用者例如是該金融機構的一客戶,且每一客戶端2可例如為對應之使用者的一台手機、平板電腦、筆記型電腦或者桌上型電腦。1 and 2, an embodiment of the new cryptographic processing system 1 is, for example, managed by a financial institution (such as a bank), and the cryptographic processing system 1 is suitable for use with multiple clients via the Internet, for example 2 Electrical connection (Figure 1 only shows one of them), but not limited to this. Among them, each client 2 can be, for example, an electronic device possessed by a user and having a network connection function. More specifically, each user is, for example, a client of the financial institution, and each client The terminal 2 can be, for example, a mobile phone, a tablet computer, a notebook computer, or a desktop computer of the corresponding user.

為了便於理解,以下的描述中僅以圖1所示出的該客戶端2對本實施例進行說明,並且,圖1所示的該客戶端2例如還具有撥打及接聽電話的語音通訊功能,而同時也被作為本實施例之應用中的一客戶方通話裝置3。For ease of understanding, the following description only uses the client terminal 2 shown in FIG. 1 to describe this embodiment, and the client terminal 2 shown in FIG. 1 also has, for example, voice communication functions for making and answering calls. At the same time, it is also used as a client-side communication device 3 in the application of this embodiment.

補充說明的是,在實際應用中,該密碼處理系統1亦可例如被應用於經營社群媒體、購物平台等各種網路服務的營運機構,而並不限於本實施例所舉例的金融機構。It is supplemented that in practical applications, the password processing system 1 can also be applied to operating organizations operating various network services such as social media and shopping platforms, and is not limited to the financial institutions exemplified in this embodiment.

在本實施例中,該密碼處理系統1例如包含一驗證單元11,以及一電連接該驗證單元11的語音通訊單元12,其中,該驗證單元11可例如被實施為一台伺服設備,而該語音通訊單元12則可例如被實施為一獨立於該驗證單元11的電話銀行服務系統。進一步地,該驗證單元11例如儲存有多筆具有唯一性的客戶識別資料,且每一客戶識別資料例如是對應於該金融機構的一位客戶,更明確地舉例來說,每一客戶識別資料可例如被實施為對應之客戶的身分證字號或者客戶編號,但並不以此為限。另一方面,該語音通訊單元12例如儲存有一利用自然語言處理技術所實現的語音處理模型,且該語音通訊單元12例如能藉由運行該語音處理模型而對聲音輸入進行語音辨識及語意分析。然而,在其他實施例中,該語音處理模型亦可例如是用於供該語音通訊單元12根據一或多個預先設定好的關鍵字(例如「忙線」、「轉接」及「語音信箱」等,但不以此為限)而對聲音輸入進行關鍵字偵測,因此,該語音處理模型的實施態樣並不以本實施例為限。In this embodiment, the cryptographic processing system 1 includes, for example, a verification unit 11 and a voice communication unit 12 electrically connected to the verification unit 11. The verification unit 11 can be implemented as a servo device, for example, and the The voice communication unit 12 can be implemented as a telephone banking service system independent of the verification unit 11, for example. Further, the verification unit 11, for example, stores multiple pieces of unique customer identification data, and each customer identification data corresponds to, for example, a customer of the financial institution. More specifically, for example, each customer identification data For example, it can be implemented as the ID number or customer number of the corresponding customer, but it is not limited to this. On the other hand, the voice communication unit 12 stores, for example, a voice processing model implemented by natural language processing technology, and the voice communication unit 12 can perform voice recognition and semantic analysis on voice input, for example, by running the voice processing model. However, in other embodiments, the voice processing model can also be used, for example, for the voice communication unit 12 according to one or more preset keywords (such as "busy", "forwarding" and "voice mailbox". ”Etc., but not limited to this) to perform keyword detection on voice input. Therefore, the implementation of the voice processing model is not limited to this embodiment.

補充說明的是,在其他的實施例中,該驗證單元11亦可例如是包括多台彼此電連接的伺服設備,而該語音通訊單元12亦可例如是被整合於該驗證單元11內,因此,該驗證單元11及該語音通訊單元12在本實施例中的實施方式僅為示例性的態樣,而並非用於限制本新型的實施範圍。It is supplemented that in other embodiments, the verification unit 11 may also include multiple servo devices electrically connected to each other, and the voice communication unit 12 may also be integrated in the verification unit 11, for example. The implementation of the verification unit 11 and the voice communication unit 12 in this embodiment is only an exemplary aspect, and is not intended to limit the scope of implementation of the present invention.

同時參閱圖1及圖2,以下以圖1所示的該客戶端2為例地說明本實施例的該密碼處理系統1如何實施一密碼處理方法。Referring to FIGS. 1 and 2 at the same time, the following takes the client 2 shown in FIG. 1 as an example to illustrate how the cryptographic processing system 1 of this embodiment implements a cryptographic processing method.

首先,在步驟S1中,當該驗證單元11接收到一來自於該客戶端2且包含一客戶識別碼的密碼提供請求時,該驗證單元11例如根據該密碼提供請求的客戶識別碼,而從該等客戶識別資料中選出其中一筆對應於該密碼提供請求的目標客戶識別資料。更詳細地說,該密碼提供請求可例如是由該客戶端2根據一使用者的操作所產生並傳送,且該密碼提供請求例如是用於供該使用者透過該客戶端2向該密碼處理系統1索取用來進行驗證的一次性密碼(即OTP)。進一步地,該密碼提供請求的客戶識別碼可例如是該使用者的身分證字號,或者是其他用於指示出該使用者之身分的資料,藉此,該驗證單元11便能在該客戶識別碼為有效的前提下根據該客戶識別碼辨識出該密碼提供請求是對應於哪一位客戶。First, in step S1, when the verification unit 11 receives a password provision request from the client 2 that includes a client identification code, the verification unit 11 provides the requested client identification code, for example, according to the password, and from Among the customer identification data, one of the target customer identification data corresponding to the password provision request is selected. In more detail, the password provision request may be, for example, generated and transmitted by the client 2 according to a user's operation, and the password provision request is, for example, used for the user to process the password through the client 2 System 1 asks for a one-time password (that is, OTP) for verification. Further, the client identification code of the password provision request may be, for example, the user's ID number, or other data used to indicate the user's identity, so that the verification unit 11 can identify the client On the premise that the code is valid, the customer identification code is used to identify which customer the password provision request corresponds to.

在該驗證單元11選出對應於該密碼提供請求的該目標客戶識別資料後,流程進行至步驟S2。After the verification unit 11 selects the target customer identification data corresponding to the password provision request, the flow proceeds to step S2.

在步驟S2中,該驗證單元11判斷該目標客戶識別資料是否符合一請求次數規範條件,並且,在本實施例中,該請求次數規範條件例如是代表該驗證單元11在一段歷史期間內(例如當日之內,但不以此為限)所接收到之對應該目標客戶識別資料的所有密碼提供請求的總數量小於等於一預定門檻值(例如「5」,但不以此為限)。換句話說,在本實施例中,該請求次數規範條件例如是代表該驗證單元11在該段歷史期間之內所接收到的所有密碼提供請求中,所有對應於該目標客戶識別資料之密碼提供請求的總數量並未超過該預定門檻值。In step S2, the verification unit 11 determines whether the target customer identification data meets a request frequency specification condition, and in this embodiment, the request frequency specification condition represents, for example, that the verification unit 11 has been in a historical period (for example, Within the same day, but not limited to this) The total number of all password provision requests corresponding to the target customer identification data received is less than or equal to a predetermined threshold (such as "5", but not limited to this). In other words, in this embodiment, the specification condition for the number of requests, for example, represents that of all the password provision requests received by the verification unit 11 during the historical period, all password provision corresponding to the target customer identification data The total number of requests does not exceed the predetermined threshold.

若該驗證單元11判斷的結果為否,流程進行至步驟S3。另一方面,若該驗證單元11判斷的結果為是,流程則進行至步驟S4。If the result of the verification by the verification unit 11 is no, the flow proceeds to step S3. On the other hand, if the result of the verification by the verification unit 11 is yes, the flow proceeds to step S4.

在接續於步驟S2之後的步驟S3中,一旦該驗證單元11判斷出該目標客戶識別資料並未符合該請求次數規範條件,該驗證單元11例如拒絕該密碼提供請求地產生並傳送一請求次數超標通知至該客戶端2,且本實施例的密碼處理方法結束。藉此,本實施例的該密碼處理系統1能夠針對每一客戶在一段期間內(例如每一日內)索取一次性密碼的次數進行控管,以避免網路服務受到濫用。In step S3 following step S2, once the verification unit 11 determines that the target customer identification data does not meet the request frequency specification condition, the verification unit 11, for example, rejects the password provision request to generate and transmit a request number exceeding the standard The client 2 is notified, and the password processing method of this embodiment ends. In this way, the password processing system 1 of this embodiment can control the number of times that each customer requests a one-time password within a period of time (for example, each day), so as to avoid abuse of network services.

在接續於步驟S2之後的步驟S4中,一旦該驗證單元11判斷出該目標客戶識別資料符合該請求次數規範條件,該驗證單元11決定出一個對應於該密碼提供請求的一次性密碼,並將該一次性密碼提供至該語音通訊單元12。其中,該驗證單元11可例如是以隨機的方式來決定出該一次性密碼,然而,該驗證單元11亦可例如是以其他任何現有的方式來決定出該一次性密碼,而並不以本實施例為限。In step S4 following step S2, once the verification unit 11 determines that the target customer identification data meets the request frequency specification condition, the verification unit 11 determines a one-time password corresponding to the password provision request, and The one-time password is provided to the voice communication unit 12. Wherein, the verification unit 11 may determine the one-time password in a random manner, for example, however, the verification unit 11 may also determine the one-time password in any other existing manner, instead of the original one. The embodiment is limited.

在該驗證單元11將該一次性密碼提供至該語音通訊單元12後,流程進行至步驟S5。After the verification unit 11 provides the one-time password to the voice communication unit 12, the flow proceeds to step S5.

在步驟S5中,該語音通訊單元12在接收到由該驗證單元11所提供的該一次性密碼時,根據該一次性密碼產生一密碼提供語音。In step S5, when the voice communication unit 12 receives the one-time password provided by the verification unit 11, it generates a password to provide voice according to the one-time password.

值得注意的是,在本實施例中,該密碼提供語音包含一關鍵部分,且該關鍵部分包括一以電腦語音指示出該一次性密碼的密碼音訊,以及一與該密碼音訊重疊的噪音音訊,而且,在本實施例中,該噪音音訊例如為白噪音(White noise),但並不以此為限。進一步地,在本實施例中,該密碼提供語音中除了該關鍵部分以外的其他部分例如並不包括該噪音音訊,但並不以此為限。It is worth noting that, in this embodiment, the password providing voice includes a key part, and the key part includes a password message indicating the one-time password by computer voice, and a noise message overlapping the password message. Moreover, in this embodiment, the noise audio is, for example, white noise, but it is not limited to this. Further, in this embodiment, other parts of the password provided by the voice except the key part do not include the noise audio, for example, but it is not limited to this.

舉一例來說,該密碼提供語音可例如被實施為「您的驗證密碼為ABC123,請於三分鐘內進行驗證」,並且,其中的「ABC123」例如是包括噪音音訊的該關鍵部分,而除了「ABC123」以外的其他部分則例如並不包括噪音音訊。For example, the password providing voice can be implemented as "Your verification password is ABC123, please verify within three minutes", and the "ABC123" includes the key part of the noise audio, for example, except The parts other than "ABC123" do not include noise audio, for example.

舉另一例來說,該密碼提供語音亦可例如被實施為「您的驗證密碼為大寫字母ABC及阿拉伯數字123,請於三分鐘內進行驗證」,並且,其中的「ABC」及「123」例如是共同被作為包括噪音音訊的該關鍵部分,而除了「ABC」與「123」以外的其他部分則例如並不包括噪音音訊。For another example, the password providing voice can also be implemented as "Your verification password is capital letters ABC and Arabic numerals 123, please verify within three minutes", and "ABC" and "123" For example, it is collectively regarded as the key part including noise audio, and other parts except "ABC" and "123" do not include noise audio, for example.

進一步地說,在本實施例中,該語音通訊單元12例如儲存有一包含一或多個噪音音源的噪音音訊庫,並且,在該語音通訊單元12接收到該一次性密碼後,該語音通訊單元12可例如是先從該等噪音音源選出其中一者來作為該噪音音訊,或者是從其中一個噪音音源中擷取出其中一部分來作為該噪音音訊,接著,該語音通訊單元12再根據該一次性密碼及該噪音音訊來產生該密碼提供語音。更詳細地說,在產生該密碼提供語音的過程中,該語音通訊單元12可例如是先根據該一次性密碼產生以電腦語音指示出該一次性密碼的該密碼音訊,接著再將該噪音音訊以疊加的方式與該密碼音訊混合。換句話說,在本實施例中,該密碼提供語音的關鍵部分相當於是該語音通訊單元12將該噪音音訊與該密碼音訊混合的結果,但並不以此為限。Furthermore, in this embodiment, the voice communication unit 12 stores, for example, a noise audio library containing one or more noise sources, and after the voice communication unit 12 receives the one-time password, the voice communication unit 12 12 can, for example, first select one of the noise sources as the noise audio, or extract a part from one of the noise sources as the noise audio, and then, the voice communication unit 12 according to the one-time The password and the noise audio are used to generate the password to provide the voice. In more detail, in the process of generating the password to provide voice, the voice communication unit 12 may, for example, first generate the password message indicating the one-time password by computer voice according to the one-time password, and then the noise message Mix with the cipher audio in a superimposed manner. In other words, in this embodiment, the key part of the password provided by the voice is equivalent to the result of the voice communication unit 12 mixing the noise audio with the cryptographic audio, but it is not limited to this.

補充說明的是,在其他的實施例中,該噪音音訊亦可例如被實施為白噪音以外的其他有色噪音(例如粉色噪音、紅色噪音或灰色噪音),或者是多種有色噪音的組合。甚至,該噪音音訊亦可例如被實施為風聲、雨聲及車聲等環境噪音,然而,基於白噪音及其他有色噪音相對不易對人耳的聽覺造成干擾,故將該噪音音訊實施為白噪音及/或其他有色噪音屬於本新型的較佳實施方式。另外,較佳地,該語音通訊單元12每一次產生密碼提供語音所使用的噪音音訊皆與前一次產生密碼提供語音所使用的噪音音訊不完全相同,但並不以此為限。It is supplemented that in other embodiments, the noise audio can also be implemented as other colored noises (such as pink noise, red noise, or gray noise) other than white noise, or a combination of multiple colored noises. Moreover, the noise audio can be implemented as environmental noises such as wind, rain, and car sounds. However, since white noise and other colored noises are relatively less likely to interfere with human hearing, the noise audio is implemented as white noise And/or other colored noises belong to the preferred embodiments of the present invention. In addition, preferably, each time the voice communication unit 12 generates a password to provide a voice, the noise audio used is not exactly the same as the noise used to generate a password to provide a voice before, but it is not limited to this.

在該語音通訊單元12產生該密碼提供語音後,流程進行至步驟S6。After the voice communication unit 12 generates the password to provide voice, the process proceeds to step S6.

在步驟S6中,該語音通訊單元12例如透過公用交換電話網路(即PSTN)傳送一語音通話請求至該客戶方通話裝置3(該客戶方通話裝置3在本實施例中即為該客戶端2),也就是撥打一通電話至該客戶方通話裝置3。In step S6, the voice communication unit 12, for example, transmits a voice call request to the client-side communication device 3 through the public switched telephone network (ie PSTN) (the client-side communication device 3 in this embodiment is the client 2), that is, make a call to the client's communication device 3.

補充說明的是,該語音通訊單元12可例如是從該驗證單元11獲得該客戶方通話裝置3的電話號碼,亦可例如是先從該驗證單元11獲得該目標客戶識別資料,再根據該目標客戶識別資料對一客戶資料庫進行查詢以獲得該客戶方通話裝置3的電話號碼,但並不以此為限。It is supplemented that the voice communication unit 12 may obtain the telephone number of the client-side communication device 3 from the verification unit 11, or may obtain the target customer identification data from the verification unit 11 first, and then obtain the target client identification data from the verification unit 11. The customer identification data queries a customer database to obtain the phone number of the customer-side communication device 3, but it is not limited to this.

另一方面,在其他的實施例中,該語音通訊單元12亦可例如是透過網際網路傳送該語音通話請求至該客戶方通話裝置3,也就是撥打一通網路電話至該客戶方通話裝置3,因此,該語音通訊單元12傳送該語音通話請求至該客戶方通話裝置3的方式並不以本實施例為限。On the other hand, in other embodiments, the voice communication unit 12 may also transmit the voice call request to the client side communication device 3 via the Internet, that is, make a VoIP call to the client side communication device 3 3. Therefore, the manner in which the voice communication unit 12 transmits the voice call request to the client-side communication device 3 is not limited to this embodiment.

再一方面,在本實施例的應用中,該客戶端2與該客戶方通話裝置3實質上是同一台裝置,然而,在其他的應用情形中,該客戶端2與該客戶方通話裝置3也可以是彼此獨立的兩台裝置,舉例來說,該客戶端2可例如是該使用者的桌上型電腦,而該客戶方通話裝置3則可例如是該使用者的手機。On the other hand, in the application of this embodiment, the client 2 and the client-side calling device 3 are essentially the same device. However, in other application scenarios, the client-side 2 and the client-side calling device 3 are essentially the same device. It may also be two independent devices. For example, the client 2 may be a desktop computer of the user, and the client-side communication device 3 may be a mobile phone of the user, for example.

在該語音通訊單元12傳送該語音通話請求至該客戶方通話裝置3後,流程進行至步驟S7。After the voice communication unit 12 transmits the voice call request to the client-side communication device 3, the flow proceeds to step S7.

在步驟S7中,當該語音通話請求被該客戶方通話裝置3所同意(亦即該使用者接聽了電話),而使得該語音通訊單元12與該客戶方通話裝置3之間的一語音通訊被建立的情況下,該語音通訊單元12持續接收一來自該客戶方通話裝置3的聲音輸入,並例如藉由運行該語音處理模型而對該聲音輸入進行分析,且判斷該語音通訊是否被轉接至一對應該客戶方通話裝置3的語音信箱。舉例來說,若該語音通訊單元12藉由該語音處理模型而辨識出該聲音輸入包含「您撥的號碼通話中」、「您的通話將被轉接至語音信箱」等內容,則該語音通訊單元12便能據以判定該語音通訊是被轉接至該語音信箱,但並不以此為限。In step S7, when the voice call request is approved by the client-side communication device 3 (that is, the user answers the call), a voice communication between the voice communication unit 12 and the client-side communication device 3 When established, the voice communication unit 12 continuously receives a voice input from the client-side communication device 3, and analyzes the voice input, for example, by running the voice processing model, and determines whether the voice communication is transferred. Connect to the voice mailbox corresponding to the client's communication device 3. For example, if the voice communication unit 12 recognizes through the voice processing model that the voice input includes "the number you dialed is in a call", "your call will be transferred to the voice mailbox", etc., then the voice The communication unit 12 can then determine that the voice communication is transferred to the voice mailbox, but it is not limited to this.

若該語音通訊單元12判斷出該語音通訊已被轉接至語音信箱,則該語音通訊單元12例如自動地結束其本身與該客戶方通話裝置3之間的該語音通訊,且本實施例的密碼處理方法結束。另一方面,若該語音通訊單元12判斷出該語音通訊並未被轉接至語音信箱,則流程進行至步驟S8。If the voice communication unit 12 determines that the voice communication has been transferred to the voice mailbox, the voice communication unit 12, for example, automatically ends the voice communication between itself and the client-side communication device 3, and in this embodiment The password processing method ends. On the other hand, if the voice communication unit 12 determines that the voice communication has not been transferred to the voice mailbox, the process proceeds to step S8.

在步驟S8中,在該語音通訊持續進行且並未被該客戶方通話裝置3轉接至語音信箱的情況下,該語音通訊單元12將該密碼提供語音透過該語音通訊以播放的方式向該客戶方通話裝置3輸出,藉此將該一次性密碼以電腦語音的形式提供給該使用者。In step S8, in the case that the voice communication continues and is not transferred to the voice mailbox by the client-side communication device 3, the voice communication unit 12 provides voice to the password through the voice communication and broadcasts it to the voice mailbox. The client-side communication device 3 outputs, thereby providing the one-time password to the user in the form of computer voice.

以上即為本實施例之密碼處理系統1如何實施該密碼處理方法的示例說明。應當理解的是,前述對於步驟S1至步驟S8的說明及圖2的流程圖僅是用於示例說明該密碼處理方法的其中一種可實施方式,並且,即便將步驟S1至步驟S8進行合併或順序調整,只要能達成與本實施例均等之功效,即屬於該密碼處理方法的可實施態樣,因此,步驟S1至步驟S8的順序並非用於限制本新型之可實施範圍。The foregoing is an example of how the cryptographic processing system 1 of this embodiment implements the cryptographic processing method. It should be understood that the foregoing description of steps S1 to S8 and the flowchart of FIG. 2 are only used to illustrate one of the possible implementations of the cryptographic processing method, and even if steps S1 to S8 are combined or sequenced As long as the adjustment can achieve the same effect as this embodiment, it belongs to the implementable aspect of the cryptographic processing method. Therefore, the sequence of step S1 to step S8 is not used to limit the implementable scope of the present invention.

藉由實施該密碼處理方法,本實施例的該密碼處理系統1能讓使用者要先操作該客戶方通話裝置3以同意該語音通訊單元12所輸出的語音通話請求,才能透過該語音通訊從該語音通訊單元12獲得該一次性密碼,並且,藉由將該密碼提供語音透過該語音通訊輸出至該客戶方通話裝置3,能避免如簡訊或電子郵件一般地留下紀錄而導致該一次性密碼被有心人士從遠端竊取。By implementing the cipher processing method, the cipher processing system 1 of this embodiment allows the user to operate the client-side communication device 3 to agree to the voice call request output by the voice communication unit 12 before the user can access the voice communication through the voice communication. The voice communication unit 12 obtains the one-time password, and by outputting the voice provided by the password to the client-side communication device 3 through the voice communication, the one-time password can be prevented from being recorded as a short message or email. The password was stolen remotely by someone who wanted to.

特別值得一提的是,該密碼提供語音中之關鍵部分的噪音音訊對於自動語音辨識(英文為Automatic Speech Recognition,簡稱ASR)技術而言屬於強烈的雜訊,因此,該關鍵部分的噪音音訊會對自動語音辨識技術的語音辨識過程造成嚴重干擾,而降低其辨識的正確度。所以,藉由該語音通訊單元12產生並輸出指示出該一次性密碼且又包括有該噪音音訊的該關鍵部分,本實施例能夠在不妨礙使用者聽取該密碼提供語音的情況下防止該一次性密碼被具有自動語音辨識功能的竊聽軟體成功竊聽,而有助於提升一次性密碼之提供過程的資訊安全性。It is particularly worth mentioning that the key part of the noise audio provided by the password is a strong noise for the automatic speech recognition (Automatic Speech Recognition, ASR for short) technology. Therefore, the key part of the noise audio will be It causes serious interference to the speech recognition process of the automatic speech recognition technology, and reduces the accuracy of its recognition. Therefore, by the voice communication unit 12 generating and outputting the key part indicating the one-time password and including the noise audio, this embodiment can prevent the one-time password without preventing the user from listening to the voice provided by the password. The security password was successfully tapped by eavesdropping software with automatic voice recognition function, which helped to improve the information security of the one-time password provision process.

補充說明的是,該一次性密碼例如是用於供該使用者將其輸入至該客戶端2、該客戶方通話裝置3或其他電子裝置,再被傳送至該驗證單元11進行驗證。然而,應當理解的是,該驗證單元11根據該一次性密碼進行驗證的流程屬於現有技術且並非本專利說明書的技術重點,故在此不詳述其細節。It is supplemented that the one-time password is, for example, used by the user to input it into the client terminal 2, the client-side communication device 3 or other electronic devices, and then be transmitted to the verification unit 11 for verification. However, it should be understood that the verification process of the verification unit 11 according to the one-time password belongs to the prior art and is not the technical focus of this patent specification, so its details are not described in detail here.

綜上所述,藉由實施該密碼處理方法,該密碼處理系統1能透過語音通訊來提供一次性密碼給使用者,而不會如簡訊或電子郵件一般地在客戶方通戶裝置中留下紀錄,並且,藉由該密碼提供語音中包括有該噪音音訊的關鍵部分,該密碼處理系統1還能防止該一次性密碼在該密碼提供語音的輸出過程中被竊聽軟體所竊聽,而有助於提升一次性密碼之提供過程的資訊安全性,故確實能達成本新型之目的。In summary, by implementing the password processing method, the password processing system 1 can provide a one-time password to the user through voice communication, instead of leaving it in the client’s account device like a text message or email. Records, and by the key part of the noise audio included in the voice provided by the password, the password processing system 1 can also prevent the one-time password from being intercepted by eavesdropping software during the output process of the voice provided by the password, which helps In order to improve the information security of the one-time password provision process, it can indeed achieve the new purpose of the cost.

惟以上所述者,僅為本新型之實施例而已,當不能以此限定本新型實施之範圍,凡是依本新型申請專利範圍及專利說明書內容所作之簡單的等效變化與修飾,皆仍屬本新型專利涵蓋之範圍內。However, the above are only examples of the present model, and should not be used to limit the scope of implementation of the present model, all simple equivalent changes and modifications made in accordance with the patent scope of the present model application and the contents of the patent specification still belong to This new patent covers the scope.

1:密碼處理系統 11:驗證單元 12:語音通訊單元 2:客戶端 3:客戶方通話裝置 S1~S8:步驟1: Password processing system 11: Verification unit 12: Voice communication unit 2: client 3: Customer-side communication device S1~S8: steps

本新型之其他的特徵及功效,將於參照圖式的實施方式中清楚地呈現,其中: 圖1是本新型密碼處理系統之一實施例應用於一客戶端(客戶方通話裝置)的一方塊示意圖;及 圖2是一流程圖,用於示例性地說明該實施例如何實施一密碼處理方法。Other features and effects of the present invention will be clearly presented in the embodiments with reference to the drawings, in which: Fig. 1 is a block diagram of an embodiment of the present invention cryptographic processing system applied to a client (client-side communication device) Schematic diagram; and Figure 2 is a flowchart for exemplarily explaining how this embodiment implements a cryptographic processing method.

1:密碼處理系統 1: Password processing system

11:驗證單元 11: Verification unit

12:語音通訊單元 12: Voice communication unit

2:客戶端 2: client

3:客戶方通話裝置 3: Customer-side communication device

Claims (5)

一種密碼處理系統,包含: 一驗證單元;及 一語音通訊單元,電連接該驗證單元,並用於在該驗證單元接收到一密碼提供請求後,在與一客戶方通話裝置進行一語音通訊的情況下將一密碼提供語音透過該語音通訊向該客戶方通話裝置輸出,其中,該密碼提供語音包含一關鍵部分,且該關鍵部分包括一指示出一個一次性密碼的密碼音訊,以及一與該密碼音訊重疊的噪音音訊。 A cryptographic processing system, including: A verification unit; and A voice communication unit is electrically connected to the verification unit, and is used to provide a password to the verification unit through the voice communication when a voice communication is performed with a client-side communication device after the verification unit receives a password provision request The client-side communication device outputs, wherein the password provided voice includes a key part, and the key part includes a password message indicating a one-time password, and a noise message overlapping the password message. 如請求項1所述的密碼處理系統,其中,該噪音音訊為白噪音。The cryptographic processing system according to claim 1, wherein the noise audio is white noise. 如請求項1所述的密碼處理系統,其中,該密碼提供語音中除了該關鍵部分以外的其他部分不包括該噪音音訊。The cryptographic processing system according to claim 1, wherein other parts of the cryptographic provided voice except for the key part do not include the noise audio. 如請求項1所述的密碼處理系統,其中,在該密碼處理系統與該客戶方通話裝置之間的該語音通訊建立的情況下,該密碼處理系統還根據一來自於該客戶方通話裝置的聲音輸入判斷該語音通訊是否被轉接至一對應該客戶方通話裝置的語音信箱,並且,該密碼處理系統於判斷出該語音通訊被轉接至該語音信箱時結束該語音通訊。The cryptographic processing system according to claim 1, wherein, in the case that the voice communication between the cryptographic processing system and the client-side communication device is established, the cryptographic processing system is further based on a message from the client-side communication device The voice input determines whether the voice communication is transferred to the voice mailbox corresponding to the client's call device, and the password processing system ends the voice communication when it determines that the voice communication is transferred to the voice mailbox. 如請求項1所述的密碼處理系統,其中,該密碼處理系統儲存有多筆客戶識別資料,且該密碼提供請求是對應於該等客戶識別資料中的其中一筆目標客戶識別資料,並且,在該密碼處理系統接收到該密碼提供請求後,該密碼處理系統還先判斷該目標客戶識別資料是否符合一請求次數規範條件,並且在判斷結果為是時產生該密碼提供語音,其中,該請求次數規範條件代表該密碼處理系統在一段歷史期間內所接收到之對應該目標客戶識別資料之密碼提供請求的總數量小於等於一預定門檻值。The password processing system according to claim 1, wherein the password processing system stores multiple pieces of customer identification data, and the password provision request corresponds to one piece of target customer identification data in the customer identification data, and After the password processing system receives the password provision request, the password processing system first determines whether the target customer identification data meets a request frequency specification condition, and generates the password provision voice when the judgment result is yes, where the number of requests The standard condition means that the total number of password providing requests corresponding to the target customer identification data received by the password processing system during a historical period is less than or equal to a predetermined threshold.
TW110204768U 2021-04-28 2021-04-28 Cryptographic processing system TWM615259U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW110204768U TWM615259U (en) 2021-04-28 2021-04-28 Cryptographic processing system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW110204768U TWM615259U (en) 2021-04-28 2021-04-28 Cryptographic processing system

Publications (1)

Publication Number Publication Date
TWM615259U true TWM615259U (en) 2021-08-01

Family

ID=78285570

Family Applications (1)

Application Number Title Priority Date Filing Date
TW110204768U TWM615259U (en) 2021-04-28 2021-04-28 Cryptographic processing system

Country Status (1)

Country Link
TW (1) TWM615259U (en)

Similar Documents

Publication Publication Date Title
US11032421B2 (en) Systems for transitioning telephony-based and in-person servicing interactions to and from an artificial intelligence (AI) chat session
US10665244B1 (en) Leveraging multiple audio channels for authentication
US12424224B2 (en) Limiting identity space for voice biometric authentication
US8151326B2 (en) Using audio in N-factor authentication
US10972458B1 (en) Methods and systems for authentication assistant
US20200329036A1 (en) Out-of-band biometric enrollment and verification using interactive messaging
US10623403B1 (en) Leveraging multiple audio channels for authentication
CN108605043A (en) Authentication of packetized audio signals
US12445557B2 (en) Systems for transitioning telephony-based and in-person servicing interactions to and from an artificial intelligence (AI) chat session
US11750587B1 (en) Systems and methods for communications channel authentication
US20220294899A1 (en) Protecting user data during audio interactions
KR102748605B1 (en) Technology for currency authentication
Shrestha et al. Sound-based two-factor authentication: Vulnerabilities and redesign
US8417791B1 (en) Hosted calling service
WO2016114937A1 (en) Out-of-band biometric enrollment and verification using interactive messaging
TWM615259U (en) Cryptographic processing system
TW202242690A (en) Method and system for password processing
US12323431B2 (en) Multi-channel communication authentication and validation
US20120167171A1 (en) Voice-capable system and method for authentication query recall and reuse prevention
US20250371120A1 (en) System and method for authenticating users in a computing system
HK40005611B (en) Authentication method and device