CN101184107B - Network transaction system and method for executing network transaction using the system - Google Patents
Network transaction system and method for executing network transaction using the system Download PDFInfo
- Publication number
- CN101184107B CN101184107B CN2007101797139A CN200710179713A CN101184107B CN 101184107 B CN101184107 B CN 101184107B CN 2007101797139 A CN2007101797139 A CN 2007101797139A CN 200710179713 A CN200710179713 A CN 200710179713A CN 101184107 B CN101184107 B CN 101184107B
- Authority
- CN
- China
- Prior art keywords
- information
- transaction
- identifying code
- transaction information
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention discloses an online trade system and the method utilizing the system for online trade, belonging to the information security field, which comprises a first communication device, a second communication device, a smart key device, a terminal server device and a second signal channel receiving device. The method is as follow: the trade information is sent to the smart key device and the terminal server device via the first communication device; the verification code is generated by the terminal server device; the smart key device waits for users to input the verification code for confirmation; the received information is forwarded to the second signal channel receiving device via the second communication device; after the verification code inputted by users is received by the smart key device, the received trade information and the verification code are processed for digital signature to obtain the digital signature data which is sent to the terminal server device; the digital signature data is received and verified by the terminal server device; if the verification is successful, the corresponding trade operation is executed, or the operation is ended. The invention has the advantages of further improved safety of network trade, and guaranteed benefit of network traders.
Description
Technical field
The present invention relates to information security field, particularly a kind of online transaction system and utilize this system to carry out the method for online transaction.
Background technology
Along with the fast development of the Internet, it is more and more general that online transaction also becomes, but because the insecurity of network, people often use intelligent key apparatus to guarantee the fail safe of online transaction.
Intelligent key apparatus is a kind of small hardware portable unit that has processor and memory, and it adopts the double factor authentication pattern, and use is simple, cost is lower.Its built-in single-chip microcomputer or intelligent card chip can be stored user's key or digital certificate, utilizes the authentication of the built-in cryptographic algorithm realization of intelligent key apparatus to user identity.That intelligent key apparatus has is E-mail enciphered, digital signature, safety certificate, secure network login and visit SSL (Security Socket Layer, the secure socket layer protocol layer) function such as secure network, and has the feature that the private key that guarantees the user leaves hardware never, also have the characteristic of attack protection physically, fail safe is high.
Simultaneously, we also see, along with mobile communication rapid development, increasing people brings into use all kinds of hand-held devices such as mobile phone, PDA (Personal Digital Assistant, personal digital assistant) etc. to converse, receive and dispatch short message, reminds account etc.These hand-held devices all have display and input unit, and display design is increasing, and the also more convenient user of input unit design uses.And the information interaction that also makes between computer and the mobile phone that develops rapidly of network becomes more and more general, SMS platform is exactly a kind of general-purpose platform of the information interaction between computer and mobile phone or the PDA with mobile communication function, it is a kind of SP (Service Provider, the ISP) system, by mobile message interaction platform, be the information issue towards portable terminal, the mobile Internet website that receives, manages based on the WEB interface management.
In addition, Email and JICQ such as QQ, MSN, bubble and Fetion etc. also are the instruments that generally uses of user's acquired information.
But facts have proved that even the user has used intelligent key apparatus, still there is very big potential safety hazard in network trading, because the client environment of user when carrying out online transaction is unsafe.Following applicant illustrates this problem with existing online transaction flow process: client sends to the intelligent key apparatus signature with Transaction Information, but because the insecurity of network, attack such as suffering wooden horse, distorted etc. by wooden horse, then the Transaction Information that receives of intelligent key apparatus may not be the Transaction Information that the user imports, and intelligent key apparatus still can be to suffering the wooden horse attack or being carried out digital signature and signed data is sent to the server end checking by the Transaction Information that wooden horse is distorted, even server end authentication failed, computer bottom wooden horse also may return to client with the result who is proved to be successful, fascination user and then cause damage to the user.
Present problem is, PDA, Email and the JICQ such as QQ, MSN, bubble and the Fetion that how to utilize intelligent key apparatus and mobile phone, possess communication function wait the fail safe that further improves online transaction, also do not have good solution at present.
Summary of the invention
In order further to improve the fail safe of online transaction, the invention provides a kind of online transaction system and utilize this system to carry out the method for online transaction.
A kind of online transaction system, described system comprise first communicator, second communication device, intelligent key apparatus, service end device and second channel receiving system;
Described first communicator is used for communicating with described intelligent key apparatus and service end device;
Described second communication device is used for communicating with described service end device and second channel receiving system;
Described intelligent key apparatus is used to confirm Transaction Information and combine digital signature operation;
Described service end device is used to generate identifying code and certifying digital signature data;
Described second channel receiving system is used to receive and show the information that described second communication device sends;
Described intelligent key apparatus comprises Transaction Information receiver module, input module, confirmation receiver module and intelligent key module;
Described Transaction Information receiver module is used to receive the Transaction Information that described first communicator sends;
Described input module is used for sending to described confirmation receiver module for user's input validation sign indicating number and with described identifying code;
Described confirmation receiver module is used to receive the identifying code that described input module sends;
Wherein, described intelligent key module is used for after described confirmation receiver module receives described identifying code, described Transaction Information and identifying code is carried out digital signature obtain digital signature data, and described digital signature data is sent to described service end device;
Described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation, correspondingly, described user determine Transaction Information that Transaction Information that described second channel receiving system shows and described first communicator send consistent after, import described identifying code by described input module.
Described first communicator specifically is used for Transaction Information is sent to described intelligent key apparatus and service end device.
Described second communication device specifically is used to receive the information that described service end device returns, and described information is sent to described second channel receiving system.
Described second communication device is specially SMS platform or instant communication server or mail server.
Described intelligent key apparatus also comprises output module, described output module is used to the Transaction Information that shows that described Transaction Information receiver module receives, correspondingly, described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation, correspondingly, it is consistent with the Transaction Information that described first communicator sends that described user determines the Transaction Information that described output module shows, and after the Transaction Information that the Transaction Information that described second channel receiving system shows and described first communicator send is consistent, import described identifying code by described input module.
Described intelligent key apparatus also comprises output module, described output module is used to the Transaction Information that shows that described Transaction Information receiver module receives, correspondingly, described second channel receiving system receives and the information of demonstration is the identifying code that described service end device generates, correspondingly, described user determine Transaction Information that Transaction Information that described output module shows and described first communicator send consistent after, import described identifying code by described input module.
Described intelligent key apparatus also comprises authentication module, and whether described authentication module is used for by individual identification coding mode or biological characteristic mode authenticated user identity legal.
Described input module is a keypad.
Described service end device comprises Transaction Information receiver module, identifying code generation module, information sending module, signed data receiver module, authentication module and transaction Executive Module;
Described Transaction Information receiver module is used to receive the Transaction Information that described first communicator sends;
Described identifying code generation module is used for generating identifying code after described Transaction Information receiver module receives the Transaction Information that described first communicator sends;
Described information sending module is used for sending information to described second communication device;
Described signed data receiver module is used to receive the digital signature data that described intelligent key apparatus sends, and described digital signature data is sent to described authentication module;
Described authentication module is used for receiving and verifying whether described digital signature data is effective, if be proved to be successful, then carries out corresponding transaction operation, otherwise end operation;
Described transaction Executive Module is used for being proved to be successful the back at described authentication module and carries out corresponding transaction operation.
Described authentication module specifically is used to receive the digital signature data that described signed data receiver module sends, and verify according to described Transaction Information and described identifying code whether described digital signature data is effective, if identifying code and described identifying code that the consistent and described intelligent key apparatus of Transaction Information that described Transaction Information and described first communicator send receives are consistent, then be proved to be successful, notify described transaction Executive Module to carry out corresponding transaction operation, otherwise authentication failed, end operation.
Described second channel receiving system comprises information receiving module and display module;
Described information receiving module is used to receive the information that described second communication device sends, and the information that described information receiving module receives is sent to described display module;
Described display module is used to receive and show the information that described information receiving module receives.
Described second channel receiving system receives and the information of demonstration is the identifying code that described service end device generates.
Described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation.
Described second channel receiving system is mobile phone or the PDA with mobile communication function or Email or JICQ.
A kind of method of utilizing online transaction system to carry out online transaction, described method comprises:
Steps A: first communicator sends to intelligent key apparatus and service end device respectively with Transaction Information;
Step B: described service end device is according to the Transaction Information generation identifying code of receiving, described intelligent key apparatus receives Transaction Information and waits for that receiving the user imports described identifying code affirmation;
Step C: described service end device sends information to the second communication device, and described second communication device is transmitted to the second channel receiving system with described information;
Step D: described second channel receiving system reception also shows described information;
Step e: after described intelligent key apparatus receives the identifying code of user's input, the Transaction Information that receives and described identifying code are carried out digital signature obtain digital signature data, and described digital signature data is sent to described service end device;
Step F: described service end device receives and verifies described digital signature data, if be proved to be successful, then carries out corresponding transaction operation, otherwise end operation;
Described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation, correspondingly, described user determine Transaction Information that information that described second channel receiving system shows and described first communicator send consistent after, import described identifying code by the keypad on the described intelligent key apparatus, described intelligent key apparatus receives described identifying code.
The step that reception Transaction Information of intelligent key apparatus described in the described step B and wait reception user import described identifying code affirmation also comprises: the Transaction Information that described intelligent key apparatus demonstration receives, correspondingly, described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation, correspondingly, it is consistent with the Transaction Information that described first communicator sends that described user determines the Transaction Information that described intelligent key apparatus shows, and after the Transaction Information that the information that described second channel receiving system shows and described first communicator send is consistent, import described identifying code by the keypad on the described intelligent key apparatus, described intelligent key apparatus receives described identifying code.
The step that reception Transaction Information of intelligent key apparatus described in the described step B and wait reception user import described identifying code affirmation also comprises: the Transaction Information that described intelligent key apparatus demonstration receives, correspondingly, described second channel receiving system receives and the information of demonstration is the identifying code that described service end device generates, correspondingly, described user determine Transaction Information that Transaction Information that described intelligent key apparatus shows and described first communicator send consistent after, import described identifying code by the keypad on the described intelligent key apparatus, described intelligent key apparatus receives described identifying code.
Also comprise before the described steps A: whether legal by individual identification coding mode or biological characteristic mode authenticated user identity.
Described step F is specially: described service end device receives described digital signature data, and verify according to the Transaction Information and the described identifying code that receive whether described digital signature data is effective, if identifying code and described identifying code that the consistent and described intelligent key apparatus of Transaction Information that Transaction Information that receives and described first communicator send receives are consistent, then be proved to be successful, carry out corresponding transaction operation, otherwise authentication failed, end operation.
Described second communication device is SMS platform or instant communication server or mail server.
Described second channel receiving system is mobile phone or the PDA with mobile communication function or Email or JICQ.
The beneficial effect of technical scheme provided by the invention is: the present invention has under the prerequisite of security risk at client computer, the system and method for a kind of safer reliable service end to the client confirmation is provided, improve the fail safe of online transaction further, ensured online transaction person's interests.
Description of drawings
Fig. 1 is the preferred structure schematic diagram of a kind of safe online transaction system that provides of the embodiment of the invention 1;
Fig. 2 is a kind of method flow diagram that utilizes online transaction system to carry out online transaction that the embodiment of the invention 2 provides.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, embodiment of the present invention is described further in detail below in conjunction with accompanying drawing.
Embodiment 1:
Fig. 1 shows a kind of preferred embodiment of safe online transaction system, this system comprises first communicator 110, second communication device 120, intelligent key apparatus 130, service end device 140 and second channel receiving system 150, wherein, intelligent key apparatus 130 comprises Transaction Information receiver module 131, output module 132, input module 133, confirmation receiver module 134 and intelligent key module 135; Service end device 140 comprises Transaction Information receiver module 141, identifying code generation module 142, information sending module 143, signed data receiver module 144, authentication module 145 and transaction Executive Module 146; Second channel receiving system 150 comprises information receiving module 151 and display module 152.
First communicator 110 is used for communicating with intelligent key apparatus 130 and service end device 140, specifically is used for Transaction Information 1 is sent to intelligent key apparatus 130 and service end device 140.
Second communication device 120 is used for communicating with service end device 140 and second channel receiving system 150, specifically is used to receive the information that service end device 140 returns, and this information is sent to second channel receiving system 150.
Intelligent key apparatus 130 is used to confirm Transaction Information and combine digital signature operation, wherein, Transaction Information receiver module 131 is used to receive the Transaction Information 2 that first communicator 110 sends (because first communicator 110 and intelligent key apparatus 130 communicate by network, so the Transaction Information 1 that first communicator 110 sends might be intercepted and captured or distort by the bottom wooden horse, the Transaction Information that receives of intelligent key apparatus 130 might not be the Transaction Information 1 that first communicator 110 sends like this, and present embodiment is represented the Transaction Information that intelligent key apparatus 130 receives with Transaction Information 2) and Transaction Information 2 sent to output module 132; Output module 132 is used to receive and show the Transaction Information 2 that Transaction Information receiver module 131 sends; Input module 133 is used for for user's input validation sign indicating number and this identifying code is sent to confirmation receiver module 134, the user can pass through input module 133 input validation sign indicating numbers when consistent determining Transaction Information 2 and Transaction Information 1, preferably, input module 133 can be a keypad; Confirmation receiver module 134 is used to receive the identifying code that input module 133 sends; Intelligent key module 135 is used for after confirmation receiver module 134 receives identifying code, Transaction Information 2 and identifying code is carried out digital signature obtain digital signature data, and this digital signature data is sent to service end device 140.In the practical application, intelligent key apparatus 130 can also comprise authentication module, and whether be used for by PIN code mode or biological characteristic mode authenticated user identity legal, and biological characteristic can be fingerprint, palmmprint, iris or facial characteristics or the like.
Service end device 140 is used to generate identifying code and verify the digital signature data that intelligent key apparatus 130 sends, wherein Transaction Information receiver module 141 is used to receive the Transaction Information 3 that first communicator 110 sends (because first communicator 110 and service end device 140 communicate by network, so the Transaction Information 1 that first communicator 110 sends might be intercepted and captured or distort by the bottom wooden horse, the Transaction Information that receives of service end device 140 might not be the Transaction Information 1 that first communicator 110 sends like this, and present embodiment is represented the Transaction Information that service end device 140 receives with Transaction Information 3); Identifying code generation module 142 is used for receiving the Transaction Information 3 back generation identifying codes that first communicator 110 sends at Transaction Information receiver module 141, and this identifying code is sent to information sending module 143; Information sending module 143 is used for the Receipt Validation sign indicating number, and this identifying code is sent to second communication device 120; Signed data receiver module 144 is used to receive the digital signature data that intelligent key apparatus 130 sends, and this digital signature data is sent to authentication module 145; Authentication module 145 is used to receive the digital signature data that signed data receiver module 144 sends, and whether the identifying code that generates according to Transaction Information 3 and identifying code generation module 142 comes the certifying digital signature data effective, if Transaction Information 3 and Transaction Information 1 are consistent and intelligent key apparatus to connect the identifying code that 130 identifying codes of receiving and identifying code generation module 142 generate consistent, then be proved to be successful, carry out corresponding transaction operation, otherwise authentication failed, end operation; Transaction Executive Module 146 is used for being proved to be successful the back at authentication module 145 and carries out corresponding transaction operation.
Second channel receiving system 150 is used to receive and show the information that second communication device 120 sends, and wherein, information receiving module 151 is used to receive the identifying code that second communication device 120 sends, and this identifying code is sent to display module 152; The identifying code that display module 152 is used to receive and display message receiver module 151 sends.
In the present embodiment, service end device 140 can also together send to second communication device 120 with Transaction Information 3 that receives and the identifying code that generates, second communication device 120 is transmitted to second channel receiving system 150 with Transaction Information 3 and the identifying code of receiving, second channel receiving system 150 receives and demonstration Transaction Information 3 and identifying code, correspondingly, it is consistent with the Transaction Information 1 that first communicator 110 sends that the user determines the Transaction Information 2 that output module 132 shows, and after Transaction Information that the Transaction Information 3 that second channel receiving system 150 shows and first communicator 110 send 1 is consistent, by input module 133 input validation sign indicating numbers.
In addition, in actual applications, intelligent key apparatus 130 in the online transaction system that this enforcement provides can also not comprise output module 132, correspondingly, service end device 140 together sends to second communication device 120 with Transaction Information 3 that receives and the identifying code that generates, second communication device 120 is transmitted to second channel receiving system 150 with Transaction Information 3 and the identifying code of receiving, second channel receiving system 150 receives and demonstration Transaction Information 3 and identifying code, correspondingly, the user determine Transaction Information that Transaction Information 3 that the second channel receiving system shows and first communicator send 1 consistent after, by input module 133 input validation sign indicating numbers.
Preferably, can select for use SMS platform to realize the function of second communication device 120, SMS platform is an a kind of SP system, by mobile message interaction platform based on the WEB interface management, be the information issue towards portable terminal, the mobile Internet website of accepting, managing, in the present embodiment, can realize second channel receiving system 150 and the communication of service between the end device 140 by SMS platform, correspondingly, preferably mobile phone or PDA with mobile communication function realize the function of second channel receiving system 150.In the practical application, can also select for use instant communication server or mail server to realize the function of second communication device 120, correspondingly, preferred JICQ such as QQ or MSN or bubble or Fetion or Email are realized the function of second channel receiving system 150.
Embodiment 2:
Referring to Fig. 2, this enforcement provides a kind of method of utilizing online transaction system to carry out online transaction, specifically may further comprise the steps:
Step 201: first communicator sends to intelligent key apparatus and service end device with Transaction Information 1;
Step 202: the service end device receives the Transaction Information 3 that first communicator sends and generates identifying code, and intelligent key apparatus receives and also shows the Transaction Information 2 that first communicator sends and wait for that receiving user's input validation sign indicating number confirms;
Because first communicator and service end device and intelligent key apparatus communicate by network, so the Transaction Information 1 that first communicator sends might be intercepted and captured or distort by the bottom wooden horse, the Transaction Information that receives of service end device and intelligent key apparatus might not be the Transaction Information 1 that first communicator sends like this, present embodiment is represented the Transaction Information that the service end device receives with Transaction Information 3, represents the Transaction Information that intelligent key apparatus receives with Transaction Information 2;
Step 203: the service end device sends to the second communication device with the identifying code of its generation;
Step 204: the identifying code that the second communication device sends the service end device is transmitted to the second channel receiving system;
Step 205: the identifying code that the second channel receiving system receives and demonstration second communication device sends;
Step 206: the user judges whether Transaction Information 2 and Transaction Information 1 be consistent, if consistent, user's identifying code input intelligent key apparatus that the second channel receiving system is shown then, intelligent key apparatus receives the identifying code of user's input; If inconsistent, end operation then;
Step 207: intelligent key apparatus carries out digital signature to Transaction Information 2 and identifying code and obtains digital signature data;
Step 208: intelligent key apparatus sends to the service end device with digital signature data;
Step 209: the service end device receives digital signature data that intelligent key apparatus sends and it is verified that if be proved to be successful, then execution in step 210, if authentication failed, then end operation;
Whether the service end device comes the certifying digital signature data effective according to the identifying code of Transaction Information 3 and its generation, if the identifying code that Transaction Information 3 and Transaction Information 1 are consistent and intelligent key apparatus receives and the identifying code of its generation are consistent, then be proved to be successful, execution in step 210, if authentication failed, then end operation.
Step 210: the service end device is carried out corresponding transaction operation.
In the present embodiment, the service end device can also together send to the second communication device with Transaction Information 3 that receives and the identifying code that generates, the second communication device is transmitted to the second channel receiving system with Transaction Information 3 and the identifying code of receiving, the second channel receiving system receives and demonstration Transaction Information 3 and identifying code, correspondingly, it is consistent with the Transaction Information 1 that first communicator sends that the user determines the Transaction Information 2 that intelligent key apparatus shows, and after Transaction Information that the Transaction Information 3 that the second channel receiving system shows and first communicator send 1 is consistent, by the keypad input validation sign indicating number on the intelligent key apparatus, intelligent key apparatus receives this identifying code, and this moment, step 203 to step 206 became:
Step 203 ': the service end device sends to the second communication device with the identifying code of the Transaction Information that receives 3 and its generation;
Step 204 ': the second communication device is transmitted to the second channel receiving system with Transaction Information 3 and the identifying code that the service end device sends;
Step 205 ': the second channel receiving system receives and demonstration second communication device sends Transaction Information 3 and identifying code;
Step 206 ': the user judges whether Transaction Information 3, Transaction Information 2 and Transaction Information 1 be consistent, if consistent, then the user imports intelligent key apparatus with the identifying code that the second channel receiving system shows, intelligent key apparatus receives the identifying code of user's input; If inconsistent, end operation then.
In addition, intelligent key apparatus can also not show its Transaction Information that receives 2, correspondingly, the service end device together sends to the second communication device with Transaction Information 3 that receives and the identifying code that generates, the second communication device is transmitted to the second channel receiving system with Transaction Information 3 and the identifying code of receiving, the second channel receiving system receives and demonstration Transaction Information 3 and identifying code, correspondingly, the user determine Transaction Information that Transaction Information 3 that the second channel receiving system shows and first communicator send 1 consistent after, by the keypad input validation sign indicating number on the intelligent key apparatus, intelligent key apparatus receives described identifying code, and this moment, step 202 to step 206 became:
Step 202 ": the service end device receives the Transaction Information 3 that first communicator sends and generates identifying code, and intelligent key apparatus receives the Transaction Information 2 that first communicator sends and waits for that receiving user's input validation sign indicating number confirms;
Step 203 ": the service end device sends to the second communication device with the identifying code of the Transaction Information that receives 3 and its generation;
Step 204 ": the second communication device is transmitted to the second channel receiving system with Transaction Information 3 and the identifying code that the service end device sends;
Step 205 ": the second channel receiving system receives and demonstration second communication device sends Transaction Information 3 and identifying code;
Step 206 ": the user judges whether Transaction Information 3 and Transaction Information 1 be consistent, if consistent, user's identifying code input intelligent key apparatus that the second channel receiving system is shown then, intelligent key apparatus receives the identifying code of user's input; If inconsistent, end operation then.
In actual applications, can also comprise before execution in step 201: whether legal by PIN code mode or biological characteristic mode authenticated user identity, if authentication success, then execution in step 201, otherwise end operation; Biological characteristic can be fingerprint, palmmprint, iris or facial characteristics or the like.
Preferably, can select for use SMS platform to realize the function of second communication device, SMS platform is an a kind of SP system, by mobile message interaction platform based on the WEB interface management, be the information issue towards portable terminal, the mobile Internet website of accepting, managing, in the present embodiment, can realize second channel receiving system and the communication of service between the end device by SMS platform, correspondingly, preferably mobile phone or PDA with mobile communication function realize the function of second channel receiving system.In the practical application, can also select for use instant communication server or mail server to realize the function of second communication device, correspondingly, preferred JICQ such as QQ or MSN or bubble or Fetion or Email are realized the function of second channel receiving system.
The present invention has under the prerequisite of security risk at client computer, and the system and method for a kind of safer reliable service end to the client confirmation is provided, and has improved the fail safe of online transaction further, has ensured online transaction person's interests.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (24)
1. an online transaction system is characterized in that, described system comprises first communicator, second communication device, intelligent key apparatus, service end device and second channel receiving system;
Described first communicator is used for communicating with described intelligent key apparatus and service end device;
Described second communication device is used for communicating with described service end device and second channel receiving system;
Described intelligent key apparatus is used to confirm Transaction Information and combine digital signature operation;
Described service end device is used to generate identifying code and certifying digital signature data;
Described second channel receiving system is used to receive and show the information that described second communication device sends;
Wherein, described intelligent key apparatus comprises Transaction Information receiver module, input module, confirmation receiver module and intelligent key module;
Described Transaction Information receiver module is used to receive the Transaction Information that described first communicator sends;
Described input module is used for sending to described confirmation receiver module for user's input validation sign indicating number and with described identifying code;
Described confirmation receiver module is used to receive the identifying code that described input module sends;
Described intelligent key module is used for after described confirmation receiver module receives described identifying code, described Transaction Information and identifying code is carried out digital signature obtain digital signature data, and described digital signature data is sent to described service end device;
Described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation, correspondingly, described user determine Transaction Information that Transaction Information that described second channel receiving system shows and described first communicator send consistent after, import described identifying code by described input module.
2. online transaction system as claimed in claim 1 is characterized in that, described first communicator specifically is used for Transaction Information is sent to described intelligent key apparatus and service end device.
3. online transaction system as claimed in claim 1 is characterized in that, described second communication device specifically is used to receive the information that described service end device returns, and described information is sent to described second channel receiving system.
4. as claim 1 or 3 described online transaction systems, it is characterized in that described second communication device is specially SMS platform or instant communication server or mail server.
5. online transaction system as claimed in claim 1 is characterized in that described intelligent key apparatus also comprises output module, and described output module is used to the Transaction Information that shows that described Transaction Information receiver module receives.
6. online transaction system as claimed in claim 5, it is characterized in that, described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation, correspondingly, it is consistent with the Transaction Information that described first communicator sends that described user determines the Transaction Information that described output module shows, and after the Transaction Information that the Transaction Information that described second channel receiving system shows and described first communicator send is consistent, import described identifying code by described input module.
7. online transaction system as claimed in claim 5, it is characterized in that, described second channel receiving system receives and the information of demonstration is the identifying code that described service end device generates, correspondingly, described user determine Transaction Information that Transaction Information that described output module shows and described first communicator send consistent after, import described identifying code by described input module.
8. as claim 1 or 5 described online transaction systems, it is characterized in that described intelligent key apparatus also comprises authentication module, whether described authentication module is used for by individual identification coding mode or biological characteristic mode authenticated user identity legal.
9. as claim 1 or 5 described online transaction systems, it is characterized in that described input module is a keypad.
10. online transaction system as claimed in claim 8 is characterized in that, described input module is a keypad.
11. online transaction system as claimed in claim 1 is characterized in that, described service end device comprises Transaction Information receiver module, identifying code generation module, information sending module, signed data receiver module, authentication module and transaction Executive Module;
Described Transaction Information receiver module is used to receive the Transaction Information that described first communicator sends;
Described identifying code generation module is used for generating identifying code after described Transaction Information receiver module receives the Transaction Information that described first communicator sends;
Described information sending module is used for sending information to described second communication device;
Described signed data receiver module is used to receive the digital signature data that described intelligent key apparatus sends, and described digital signature data is sent to described authentication module;
Described authentication module is used for receiving and verifying whether described digital signature data is effective, if be proved to be successful, then carries out corresponding transaction operation, otherwise end operation;
Described transaction Executive Module is used for being proved to be successful the back at described authentication module and carries out corresponding transaction operation.
12. online transaction system as claimed in claim 11, it is characterized in that, described authentication module specifically is used to receive the digital signature data that described signed data receiver module sends, and verify according to described Transaction Information and described identifying code whether described digital signature data is effective, if identifying code and described identifying code that the consistent and described intelligent key apparatus of Transaction Information that described Transaction Information and described first communicator send receives are consistent, then be proved to be successful, notify described transaction Executive Module to carry out corresponding transaction operation, otherwise authentication failed, end operation.
13. online transaction system as claimed in claim 1 is characterized in that, described second channel receiving system comprises information receiving module and display module;
Described information receiving module is used to receive the information that described second communication device sends, and the information that described information receiving module receives is sent to described display module;
Described display module is used to receive and show the information that described information receiving module receives.
14., it is characterized in that described second channel receiving system receives and the information of demonstration is the identifying code that described service end device generates as claim 3 or 11 or 13 described online transaction systems.
15., it is characterized in that described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation as claim 3 or 11 or 13 described online transaction systems.
16. online transaction system as claimed in claim 1 is characterized in that, described second channel receiving system is mobile phone or the PDA with mobile communication function or Email or JICQ.
17. a method of utilizing online transaction system to carry out online transaction is characterized in that, described method comprises:
Steps A: first communicator sends to intelligent key apparatus and service end device respectively with Transaction Information;
Step B: described service end device is according to the Transaction Information generation identifying code of receiving, described intelligent key apparatus receives Transaction Information and waits for that receiving the user imports described identifying code affirmation;
Step C: described service end device sends information to the second communication device, and described second communication device is transmitted to the second channel receiving system with described information;
Step D: described second channel receiving system reception also shows described information;
Step e: after described intelligent key apparatus receives the identifying code of user's input, the Transaction Information that receives and described identifying code are carried out digital signature obtain digital signature data, and described digital signature data is sent to described service end device;
Step F: described service end device receives and verifies described digital signature data, if be proved to be successful, then carries out corresponding transaction operation, otherwise end operation;
Described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation, correspondingly, described user determine Transaction Information that information that described second channel receiving system shows and described first communicator send consistent after, import described identifying code by the keypad on the described intelligent key apparatus, described intelligent key apparatus receives described identifying code.
18. the method for utilizing online transaction system to carry out online transaction as claimed in claim 17, it is characterized in that the step that reception Transaction Information of intelligent key apparatus described in the described step B and wait reception user import described identifying code affirmation also comprises: the Transaction Information that described intelligent key apparatus demonstration receives.
19. the method for utilizing online transaction system to carry out online transaction as claimed in claim 18, it is characterized in that, described second channel receiving system receives and the information that shows is the Transaction Information that receives of described service end device and the identifying code of generation, correspondingly, it is consistent with the Transaction Information that described first communicator sends that described user determines the Transaction Information that described intelligent key apparatus shows, and after the Transaction Information that the information that described second channel receiving system shows and described first communicator send is consistent, import described identifying code by the keypad on the described intelligent key apparatus, described intelligent key apparatus receives described identifying code.
20. the method for utilizing online transaction system to carry out online transaction as claimed in claim 18, it is characterized in that, described second channel receiving system receives and the information of demonstration is the identifying code that described service end device generates, correspondingly, described user determine Transaction Information that Transaction Information that described intelligent key apparatus shows and described first communicator send consistent after, import described identifying code by the keypad on the described intelligent key apparatus, described intelligent key apparatus receives described identifying code.
21. whether the method for utilizing online transaction system to carry out online transaction as claimed in claim 17 is characterized in that, also comprise before the described steps A: legal by individual identification coding mode or biological characteristic mode authenticated user identity.
22. the method for utilizing online transaction system to carry out online transaction as claimed in claim 17, it is characterized in that, described step F is specially: described service end device receives described digital signature data, and verify according to the Transaction Information and the described identifying code that receive whether described digital signature data is effective, if identifying code and described identifying code that the consistent and described intelligent key apparatus of Transaction Information that Transaction Information that receives and described first communicator send receives are consistent, then be proved to be successful, carry out corresponding transaction operation, otherwise authentication failed, end operation.
23. the method for utilizing online transaction system to carry out online transaction as claimed in claim 17 is characterized in that, described second communication device is SMS platform or instant communication server or mail server.
24. the method for utilizing online transaction system to carry out online transaction as claimed in claim 17 is characterized in that, described second channel receiving system is mobile phone or the PDA with mobile communication function or Email or JICQ.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101797139A CN101184107B (en) | 2007-12-17 | 2007-12-17 | Network transaction system and method for executing network transaction using the system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101797139A CN101184107B (en) | 2007-12-17 | 2007-12-17 | Network transaction system and method for executing network transaction using the system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101184107A CN101184107A (en) | 2008-05-21 |
| CN101184107B true CN101184107B (en) | 2010-09-01 |
Family
ID=39449188
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101797139A Active CN101184107B (en) | 2007-12-17 | 2007-12-17 | Network transaction system and method for executing network transaction using the system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101184107B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101340289B (en) * | 2008-08-19 | 2011-11-09 | 北京飞天诚信科技有限公司 | Replay attack preventing method and system thereof |
| CN101409622B (en) * | 2008-11-26 | 2012-10-31 | 飞天诚信科技股份有限公司 | Digital signing system and method |
| CN101588364B (en) * | 2009-03-31 | 2012-08-08 | 飞天诚信科技股份有限公司 | Signature method, device and system thereof |
| CN101950403A (en) * | 2010-09-15 | 2011-01-19 | 中国工商银行股份有限公司 | Data processing method, device and system based on internet banking |
| CN102469453B (en) * | 2010-11-12 | 2015-03-25 | 国民技术股份有限公司 | Security certificate method |
| CN103944732A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive method |
| CN105991563B (en) | 2015-02-05 | 2020-07-03 | 阿里巴巴集团控股有限公司 | Method and device for protecting security of sensitive data and three-party service system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1212732B1 (en) * | 1999-08-31 | 2004-01-21 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions |
| CN1897530A (en) * | 2006-06-22 | 2007-01-17 | 北京飞天诚信科技有限公司 | Financial-transaction terminal for processing information carrier according to USB interface normalization and its operation |
| CN101034986A (en) * | 2007-01-15 | 2007-09-12 | 北京飞天诚信科技有限公司 | Method and system for securely using the intelligent secrete key device |
| CN101169848A (en) * | 2006-10-23 | 2008-04-30 | 李东声 | Network bank transaction safe control method and safe control device |
-
2007
- 2007-12-17 CN CN2007101797139A patent/CN101184107B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1212732B1 (en) * | 1999-08-31 | 2004-01-21 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions |
| CN1897530A (en) * | 2006-06-22 | 2007-01-17 | 北京飞天诚信科技有限公司 | Financial-transaction terminal for processing information carrier according to USB interface normalization and its operation |
| CN101169848A (en) * | 2006-10-23 | 2008-04-30 | 李东声 | Network bank transaction safe control method and safe control device |
| CN101034986A (en) * | 2007-01-15 | 2007-09-12 | 北京飞天诚信科技有限公司 | Method and system for securely using the intelligent secrete key device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101184107A (en) | 2008-05-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101184107B (en) | Network transaction system and method for executing network transaction using the system | |
| US7003497B2 (en) | System and method for confirming electronic transactions | |
| CN102202300B (en) | A kind of based on twin-channel dynamic cipher authentication system and method | |
| CN105515783B (en) | Identity identifying method, server and certification terminal | |
| CN102347942B (en) | A kind of information security method based on image acquisition and system | |
| CN102123033A (en) | Identity authentication method and system of dynamic password token as well as mobile terminal of dynamic password token | |
| CN103617531A (en) | Safety payment method and device based on credible two-dimension code | |
| CN101790166A (en) | Digital signing method based on mobile phone intelligent card | |
| CN103037323B (en) | Based on random code verification system and the verification method thereof of mobile terminal | |
| CN104820944A (en) | Method and system for bank self-service terminal authentication, and device | |
| CN102906776A (en) | A method for mutual authentication of a user and service provider | |
| CN101699892A (en) | Method and device for generating dynamic passwords and network system | |
| CN104703151A (en) | Client dynamic password authentication method, device and terminal | |
| CN102624687A (en) | Networking program user authentication method based on mobile terminal | |
| CN103024706A (en) | Short message based device and short message based method for bidirectional multiple-factor dynamic identity authentication | |
| WO2023050524A1 (en) | Im-based user identity authentication method and apparatus, and server and storage medium | |
| CN101216915A (en) | A secured mobile payment method | |
| CN102073803A (en) | Device, method and system for enhancing safety of USBKEY | |
| US20210044558A1 (en) | Methods and systems for email verification | |
| CN102611702A (en) | System and method for ensuring safety of network payment | |
| CN103401686B (en) | A kind of user's OTP WEB Authentication System and application process thereof | |
| CN105741116A (en) | Fast payment method, apparatus and system | |
| CN105719130B (en) | Payment verification method, device and system | |
| CN104918245B (en) | A kind of identity identifying method, device, server and client | |
| CN110647737B (en) | Enterprise user security authentication method and device in warehouse receipt system and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee |
Owner name: FEITIAN TECHNOLOGIES CO., LTD. Free format text: FORMER NAME: BEIJING FEITIAN CHENGXIN SCIENCE + TECHNOLOGY CO. LTD. |
|
| CP03 | Change of name, title or address |
Address after: 100085 Beijing city Haidian District Xueqing Road No. 9 Ebizal building B block 17 layer Patentee after: Feitian Technologies Co., Ltd. Address before: 100083, Haidian District, Xueyuan Road, No. 40 research, 7 floor, 5 floor, Beijing Patentee before: Beijing Feitian Chengxin Science & Technology Co., Ltd. |