CN101686225A - Methods of data encryption and key generation for on-line payment - Google Patents
Methods of data encryption and key generation for on-line payment Download PDFInfo
- Publication number
- CN101686225A CN101686225A CN200810200736A CN200810200736A CN101686225A CN 101686225 A CN101686225 A CN 101686225A CN 200810200736 A CN200810200736 A CN 200810200736A CN 200810200736 A CN200810200736 A CN 200810200736A CN 101686225 A CN101686225 A CN 101686225A
- Authority
- CN
- China
- Prior art keywords
- key
- encryption
- chip
- safety chip
- payment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a method of data encryption for on-line payment, which comprises the following steps: brushing a card through a keyboard and inputting a transaction password by a user; encrypting magnetic track information and the transaction password; receiving and decrypting the magnetic track information, the transaction password and MAC data, encrypting the magnetic track information,the transaction password and the MAC data for the second time and organizing messages; carrying out digital signatures on message data; and transmitting all the messages to a payment gateway by a network browser. The invention also discloses a method for key generation, which comprises the following steps: setting an encryption main key and an MAC main key; applying to the payment gateway for downloading a terminal main key; taking a root key in an encryption machine of the payment gateway; and generating the terminal main key according to the serial number of a safety chip and obtaining a terminal public key. By the methods of the data encryption and the key generation, triple encryption of symmetrical encryption, asymmetric encryption and an SSL passage is adopted when the sensitive dataand the transaction data of a bank card are transmitted on the Internet, one machine with one key and one time with one key are realized, and the invention has very high safety.
Description
Technical field
The present invention relates to the E-business applications field, relate in particular to the secure payment technology in the E-business applications.
Background technology
Along with the raising of expanding economy and people's living standard, bank card has become the means of payment and the means of payment that are seen everywhere in the daily life.For example, the POS terminal in market, supermarket, airport or hotel provides convenient service for the user, and the holder only need input the password of bank card just can realize not having the coin payment.In addition, flourish along with ecommerce on the Internet, the online payment business of bank card also presents the situation that increases rapidly, compare with the traditional business of bank card, online payment belongs to emerging business field, online buyer provides bank card account number and personal identification number when carrying out online payment, just can finish commodity purchasing.
Yet, in the age of Internet economy of prosperity,, bring higher potential risk for the online payment business because risk management system and risk prevention measure are imperfect as yet, also use this online payment business to bring many negative effects to the holder.Even some netizens utilize homemade fake site to gain holder's bank card account number and trading password by cheating, emerge in an endless stream with the online economic case of falsely claiming as one's own remaining sum in the bank card, also make the holder use the enthusiasm of online payment to have a greatly reduced quality to a certain extent.
How means of payment safe, easy-to-use, safe enough are provided is technical problems that the holder pays close attention to the most, and meanwhile, means of payment safe, easy-to-use and that enjoy trust are expanded business opportunity and increased profit for network trade company also is huge motive force.Though, in the prior art, credit card issuer has been released Internet-based banking services at Development of E-business, and adopt the hardware security chip to improve the fail safe of transaction as the carrier of certificate of fair, by providing the online payment business in the mode of backstage binding with bank card and certificate of fair, but the user must at first arrive banker's buying rate hardware security chip, and bind certain bank card, cost is higher, complex operation step, follow-up business change can only be arrived bank counter and be handled, and brings inconvenience to the user.
On the other hand, individual PC is universal day by day in family life, can be by the financing function of expansion normal domestic use computer, the transaction of swiping the card is incorporated into the payment link of shopping online, to realize " shopping on net, the payment of swiping the card ", be pendulum presses for solution in face of the technical staff of bank service industry a difficult problem.
Summary of the invention
At the existing above-mentioned technological deficiency when carrying out online payment of user in the prior art, the invention provides a kind of data ciphering method and key generation method that is used for online payment.By respectively on the mainboard of computer and keyboard design safety chip and encryption chip finish the encryption and/or the deciphering of bank card sensitive data, to realize the safe transmission of data.Different with existing online payment business, the user not only will import bank card password in this payment system, but also need on the keyboard of computer, carry out the operation of swiping the card obtaining the magnetic track information data of bank card, and encrypt the safety chip that is sent on the computer main board by the encryption chip on the keyboard.
According to one aspect of the present invention, provide a kind of data ciphering method that is used for online payment.This data ciphering method comprises:
After the user order goods, swipe the card and import trading password, to produce magnetic track information expressly and the trading password plaintext by keyboard;
Encryption chip is expressly encrypted magnetic track information plaintext and trading password, and is converted to corresponding magnetic track information ciphertext, Transaction Information ciphertext and MAC data;
Safety chip receives and deciphering magnetic track information ciphertext, trading password ciphertext and MAC data, and is converted to magnetic track information plaintext, trading password plaintext, transaction data plaintext and safety chip numbering;
Safety chip expressly carries out superencipher and organizes message magnetic track information plaintext, trading password, adds transaction data plaintext and safety chip numbering in message;
Safety chip carries out digital signature to message data, and cryptographic digital signature and transaction data plaintext; And
Web browser is sent to payment gateway by ssl protocol with whole messages.
Wherein, encryption chip is arranged in the keyboard of computer, and safety chip is arranged on the mainboard of computer.
Wherein, encryption chip has encryption main key and MAC master key.
Wherein, safety chip has encryption main key, MAC master key, terminal master key and terminal certificate.Further, terminal certificate comprises terminal public key, terminal secret key and payment gateway PKI.
Wherein, the encryption main key of encryption chip is identical with the key schedule of the encryption main key of safety chip, and encryption chip and safety chip carry out symmetric cryptography based on encryption main key.In addition, the encryption chip of keyboard uses the safety chip of encryption main key and mainboard to consult the ciphering process key, and utilizes this ciphering process key to encrypt magnetic track information plaintext and trading password plaintext.
Wherein, the safety chip of mainboard use ciphering process key is deciphered magnetic track information ciphertext and the trading password ciphertext from encryption chip.
Wherein, the step of encryption chip on the keyboard and the safety chip on mainboard negotiation ciphering process key comprises:
Encryption chip is preset key schedule;
Safety chip is preset the key schedule identical with encryption chip;
Encryption chip generates a random factor at random, and calculates the ciphering process key according to encryption main key and random factor;
Encryption chip sends connection request and random factor to safety chip;
Safety chip calculates the ciphering process key according to encryption main key and random factor; And
Finish process key agreement based on symmetrical root key.
Wherein, superencipher is meant safety chip by terminal master key and payment gateway negotiations process key, and use key and 3DES algorithm for encryption magnetic track information plaintext and trading password plaintext, and the 3DES algorithm adopts 128 long key.
Wherein, safety chip carries out digital signature by terminal secret key to message data, and use the random factor of payment gateway public key encryption digital signature and transaction data plaintext and negotiations process key, the algorithm of digital signature uses the RSA Algorithm of 1024 long keys.
Wherein, realize between safety chip and described encryption chip that key synchronization comprises:
Set encryption main key and MAC master key;
Send the request of application key to safety chip by BIOS;
Utilize keyboard driver to inject encryption chip by the key that BIOS will apply for automatically; And
Finish the key synchronization between safety chip and encryption chip.
According to another aspect of the present invention, a kind of key generation method at the data ciphering method that is used for online payment is provided, this method comprises:
Set encryption main key and MAC master key, with the key between synchronous safety chip and encryption chip;
Send request to payment gateway, application download terminal master key;
Transfer the root key in the described payment gateway encryption equipment;
Disperse to generate terminal master key according to the safety chip numbering by described root key; And
Number according to safety chip and to obtain terminal public key.
Wherein, encryption chip is arranged in the keyboard of computer, and safety chip is arranged on the mainboard of computer.
Wherein, encryption chip has encryption main key and MAC master key; And safety chip has encryption main key, MAC master key, terminal master key and terminal certificate.More specifically, terminal certificate comprises terminal public key, terminal secret key and payment gateway PKI.
Wherein, the wallet program on the computer is after safety chip sends the terminal certificate initialization command, and safety chip generation and preservation RSA key are right.This RSA key is to comprising terminal secret key and terminal public key.
Adopt data encryption of the present invention and key generation method, can be platform with individual PC, for the holder provides a safe payment environment, the convenience of ecommerce on the Internet and the fail safe of financing computer are integrated in one, all adopt the data encryption transmission from computer keyboard, computer motherboard, payment gateway to the clearance changeover mechanism, traditional transaction of swiping the card is introduced the payment link of online transaction, realize " shopping on net, the payment of swiping the card ", when promoting the online payment level of security, also be very easy to the network user.And, utilize data encryption of the present invention and key generation method, when transmitting the sensitive data of bank card and transaction data on the internet, adopt three re-encryptions of symmetric cryptography, asymmetric encryption and SSL passage, realize " machine one is close " and " one-time pad " having high fail safe.
Description of drawings
The reader will become apparent various aspects of the present invention after the reference accompanying drawing has been read the specific embodiment of the present invention.Wherein,
Fig. 1 shows and the present invention is based on the schematic flow sheet that the financing computer is realized online payment;
Fig. 2 shows the structural representation that the present invention is used to realize the financing computer of online payment;
Fig. 3 shows the present invention activates the financing computer before using the online payment business principle schematic;
Fig. 4 shows when adopting financing computer of the present invention to carry out online payment, receives data encryption schematic diagram the message process from holder's third party's payment gateway of swiping the card;
Fig. 5 shows according to the present invention and carries out online payment and the storage schematic diagram of the various keys that adopt;
Fig. 6 shows the present invention the manage money matters terminal master key stored on the mainboard of computer and the generation schematic diagram of terminal public key;
Fig. 7 shows the present invention's principle schematic that safety chip on the mainboard of computer and the encryption chip on the keyboard consult the ciphering process key based on encryption main key of managing money matters;
Fig. 8 shows the theory diagram of realizing key synchronization between safety chip and encryption chip among the present invention;
Fig. 9 shows the safety chip that the present invention manages money matters on the mainboard of computer and carries out initialized schematic flow sheet;
Figure 10 shows the schematic flow sheet that bank card that the present invention is used for online payment is registered on payment gateway;
Figure 11 shows the payment flow schematic diagram of the online payment system that the present invention is based on the financing computer; And
Figure 12 shows the gathering schematic flow sheet of the online payment system that the present invention is based on the financing computer.
Embodiment
With reference to the accompanying drawings, the specific embodiment of the present invention is described in further detail.
Fig. 1 shows and the present invention is based on the schematic flow sheet that the financing computer is realized online payment.Here, the financing computer is meant the household PC with online payment function.It will be understood by those of skill in the art that Fig. 1 can represent that not only the structure of payment system of the present invention forms, but also can illustrate that this payment system carries out the idiographic flow schematic diagram of online payment.
With reference to Fig. 1, this payment system comprises: the network user's financing computer 10, payment gateway 20, clearance changeover mechanism 30, credit card issuer 40 and network trade company 50.Wherein, the network user is the user of credit card issuer and China Unionpay, holds interchanger and is the owner of financing computer, and the behavior of swiping the card that financing takes place on the computer is responsible for; Payment gateway 20 (being also referred to as the single service organization of receipts) is expanded the Internet B2C trade company that uses the payment of financing computer, the single service of the receipts such as clearing, mistake request submission of providing with funds for network trade company; Clearance changeover mechanism 30 is that operation financing computer inserts network preposition and exchange, and carries out the service of inter-bank payment clearance; Credit card issuer 40 is card sending mechanism of the bank card held of the network user; And network trade company 50 is unit or mechanisms that commerce services is provided for the holder by the Internet.It is pointed out that credit card issuer can directly receive sensitive data and transaction data from described payment gateway, and return response message to described payment gateway without the transfer of clearance changeover mechanism.More specifically, financing computer 10 comprises mainboard 104 and keyboard 102 at least.
When adopting above-mentioned payment system to carry out online payment, mainly may further comprise the steps:
Step S1, by the online network of financing computer 10 visits trade company 50, order goods also selects the financing computer payment mode to pay as holder's the network user;
Step S2 accepts the financing computer payment mode, and webpage is redirected to the unified payment page of China Unionpay;
Step S3, the network user's financing computer 10 detects the wait payment information from payment gateway 20, and the special-purpose indicator light on financing computer 10 keyboards lights, to point out user card punching and to input password;
Step S4, the holder swipes the card by the keyboard of integrated card reader, behind the input trading password, magnetic track information and trading password is sent to safety chip on financing computer 10 mainboards in the mode of encrypting;
Step S5, safety chip receives magnetic track information and the trading password from keyboard, encrypts the back once more and is sent to payment gateway 20 together with transaction data;
Step S6, payment gateway 20 judge whether the information that is received is legal, if legal then Transaction Information is sent to clearance changeover mechanism 30; If not conforming to rule finishes and returns;
Step S7, clearance changeover mechanism 30 transmitted transaction information are to credit card issuer 40;
Step S8, credit card issuer 40 echo replies are to clearing changeover mechanism 30;
Step S9, clearance changeover mechanism 30 is forwarded to payment gateway 20 with the echo reply of credit card issuer;
Step S10, payment gateway 20 is notified online network trade company 50 with transaction results;
Step S11, online network trade company 50 return transaction results and order coupling the transaction results notice and reply;
Step S12, payment gateway 20 returns the payment result page to financing computer 10, and the user returns online network merchant website with the acknowledgment of your inquiry payment result by the link in the payment result page; And
Step S13, this online network trade company 50 are sent to the holder with corresponding commodity.
Wherein, in above-mentioned steps, payment gateway is meant the payment gateway of China Unionpay, and it is mainly used in the Internet B2C trade company of expansion based on the financing computer payment mode, and receives singly and serve for provide with funds clearing, mistake request submission etc. of trade company.
Wherein, in above-mentioned steps, the holder is in the financing payment of swiping the card on the computer.But swipe the card people and holder can be same individuals, also can be different people.
Fig. 2 shows the structural representation that the present invention is used to realize the financing computer of online payment.With reference to Fig. 2, financing computer 10 comprises mainboard 104 and keyboard 102 at least, and wherein, mainboard 104 has safety chip 1041, and keyboard 102 has encryption chip 1021, card reader and payment indicator light etc.As described in Figure 1, payment system of the present invention is when carrying out the internet safe payment, at first webpage is redirected to the unified payment page of Unionpay, when the special-purpose indicator light of keyboard lights, the holder utilizes card reader to swipe the card and imports trading password, at this moment, encryption chip 1021 is sent to safety chip 1041 on the mainboard with the magnetic track information of holder input and trading password with cipher mode, and organize transaction message after safety chip 1041 these enciphered messages of deciphering, once more by being sent to the backstage after the sensitive transactions data in the safety chip encryption transaction message.To in follow-up accompanying drawing, specifically describe as for key mechanism between safety chip 1041 and the encryption chip 1021 and negotiation.
Preferably, be used to import the keypad employing code keypad of trading password, perhaps adopt the PIN input equipment of the lsafety level that reaches code keypad at least.Wherein, keyboard is provided with special-purpose switch key, and when only switching to the payment way based on the financing computer, card reader just receives the magnetic track information of bank card, by the built-in encryption chip of keyboard the trading password of user's input is encrypted simultaneously.
Wherein, keyboard also is provided with special-purpose indicator light and driver thereof, when the network user when payment gateway is submitted the payment request to, computer will receive the information of waiting for payment, the special-purpose indicator light of keyboard lights, with the prompting user operation of can swiping the card.Further, wait for that payment is provided with timeout treatment, when the holder did not swipe the card payment yet above certain hour, the special-purpose indicator light of keyboard extinguished, and the holder must submit the request of payment to again to the unified payment page of payment gateway.The keyboard of forging of swiping the card so just can prevent to forge the keyboard of swiping the card, because can't be made real-time response to waiting for payment information.
Fig. 3 illustrates the present invention activates the financing computer before using the online payment business principle schematic.With reference to Fig. 3, have safety chip on its mainboard and before the household PC that has encryption chip on its keyboard is using the financing function, must activated among the present invention.Its concrete activation process is:
At first, the network user enter basic input output system (BIOS) be provided with in corresponding menu item, select to activate the financing function of computer;
Then, BIOS sends instruction with the inquiry keyboard state to keyboard, confirms on the keyboard encryption chip to be housed; Send instruction with inquiry mainboard state to mainboard, confirm on the mainboard safety chip to be housed; At this moment, keyboard and mainboard all receive corresponding query statement, and return state information;
Step S3, BIOS send the initialization activation command and receive the response message of mainboard; And mainboard returns unique response message;
Step S4, analyzing responding information also sends to keyboard with new transmission security key, receives the response message of keyboard; And keyboard writes new key, the communication mechanism between the encryption chip of locking keyboard and the safety chip of mainboard;
Step S5, BIOS send and activate keyboard commands, to activate the financing function of computer; Mainboard is provided with new transmission security key, and record keyboard string number also starts the financing function.
Fig. 4 shows when adopting financing computer of the present invention to carry out online payment, receives data encryption schematic diagram the message process from holder's third party's payment gateway of swiping the card.With reference to Fig. 4, in the transfer process of this enciphered data, relate generally to the encryption chip of keyboard, safety chip and third party's payment gateway of mainboard.And, data encryption mainly be present in the keyboard that utilizes card reader integrated from the holder swipe the card the safety chip of mainboard, from the safety chip of mainboard to third party's payment gateway.Below, use node (1), (2), (3), (4) and (5) in the flow process to be described in detail respectively.
It is to be noted, magnetic track information ciphertext among Fig. 4, trading password ciphertext, transaction data ciphertext and digital signature are all represented enciphered data, and magnetic track information plaintext, trading password plaintext, transaction data plaintext and safety chip numbering are all represented the data after clear data or encrypted data are deciphered.
Node (1), the network user swipes the card by keyboard and imports trading password, producing expressly and expressly corresponding to the trading password of trading password corresponding to the magnetic track information of magnetic track information, the encryption chip of keyboard utilize ciphering process key and MAC process key with magnetic track information expressly and trading password expressly be converted to magnetic track information ciphertext, Transaction Information ciphertext and MAC data;
Node (2), the safety chip of mainboard receives the magnetic track information ciphertext from encryption chip, after Transaction Information ciphertext and the MAC data, at first use MAC process key authentication data not to be modified, re-use the ciphering process key and decipher magnetic track information ciphertext and trading password ciphertext, and be converted to magnetic track information expressly, trading password expressly, transaction data plaintext and safety chip numbering, here, the mechanism of symmetric cryptography is adopted in communication between the encryption chip of keyboard and the safety chip of mainboard, the encryption chip of keyboard uses the safety chip of encryption main key and mainboard to consult the ciphering process key, and utilizes the ciphering process key to decipher magnetic track information ciphertext and trading password ciphertext; And the encryption chip of keyboard uses the MAC master key to consult MAC process key, uses the Message Authentication Code of MAC process cipher key calculation ciphertext again, is not modified to guarantee data;
Node (3), the safety chip of mainboard is by terminal master key and third party's payment gateway negotiations process key, and use key and 3DES algorithm for encryption generation magnetic track information ciphertext and trading password ciphertext, wherein the 3DES algorithm adopts 128 long keys, and adds transaction data such as sequence information expressly and the safety chip numbering in message;
Node (4), the safety chip of mainboard carries out digital signature by terminal secret key to message data, re-uses payment gateway public key encryption digital signature in the terminal certificate and the transaction data in the node (3) expressly and the random factor of negotiations process key.Wherein asymmetric encryption and Digital Signature Algorithm use the RSA Algorithm of 1024 long keys; And
Node (5), web browser is sent to third party's payment gateway by ssl protocol with whole messages, after this third party's payment gateway receives message, at first divide the PKI of the terminal correspondence that sheds by the safety chip numbering, use self private key decrypted transaction data ciphertext, random factor and digital signature, and use the terminal public key check figures to sign, re-use random factor and terminal master key and calculate the process key, last use secret key decryption obtains magnetic track information plaintext and trading password plaintext.After obtaining all data plaintexts, third party's payment gateway uses the working key encryption trading password of consulting with the clearance changeover mechanism, and is forwarded to the clearance changeover mechanism with magnetic track information, transaction data by Network and Finance Network.
Can know by above-mentioned transfer of data flow process, payment system of the present invention has following characteristics with respect to online payment method of the prior art:
Encryption chip by keyboard encrypts the magnetic track information of user card punching generation and the trading password of input to be transferred to the safety chip of mainboard;
When transmitting data on the internet, adopt three re-encryptions of symmetric cryptography, asymmetric encryption and SSL passage, realize " machine one is close " and " one-time pad "; Here, a machine one close key that is meant that every financing computer has uniqueness; One-time pad is meant the different encryption key of employing on each transmission node;
Magnetic track information and trading password are encrypted transmission on any node of network;
Be not modified before the safety chip of code keypad by MAC assurance sensitive data arrival mainboard; Guarantee the transaction integrality of transmission on the internet by terminal certificate signature and http communication agreement; And guarantee the non-repudiation of transaction by terminal certificate signature, and preserve the original message (containing signature) of financial transaction, when taking place to dispute on, have good grounds guaranteeing.
Fig. 5 shows according to the present invention and carries out online payment and the storage schematic diagram of the various keys that adopt.As shown in Figure 5, the encryption chip 1021 of keyboard has encryption main key and MAC master key, and the safety chip 1041 of mainboard has encryption main key, MAC master key, terminal master key and terminal certificate.Wherein, terminal certificate comprises self PKI and private key and third party's payment gateway PKI, is used for carrying out asymmetric encryption with third party's payment gateway; Encryption main key is used for carrying out symmetric cryptography between safety chip and encryption chip, and consults the ciphering process key; Be used to consult MAC process key with the MAC master key.In addition, the terminal master key safety chip and the third party's payment gateway that are used for mainboard carries out symmetric cryptography.
Fig. 6 shows the present invention the manage money matters terminal master key stored on the mainboard of computer and the generation schematic diagram of terminal public key.As mentioned above, safety chip and third party's payment gateway that terminal master key is used for mainboard carry out symmetric cryptography, in more detail, safety chip on the mainboard uses this process key and 3DES algorithm for encryption trading password plaintext and magnetic track information expressly by terminal master key and third party's payment gateway negotiations process key.With reference to Fig. 6, generate terminal master key and terminal public key and comprise:
Step 600 sends request to third party's payment gateway, application download terminal master key;
Step 602 is transferred the root key in this third party's payment gateway encryption equipment;
Step 604 disperses to generate terminal master key according to the safety chip numbering by this root key; And
Step 606 is numbered according to safety chip and to be obtained terminal public key.
Wherein, the terminal pact of being obtained is used for the check figures signature.
Wherein, the encryption equipment of third party's payment gateway is mainly used in the encryption and decryption operation, comprising: use payment gateway self private key decrypted transaction data ciphertext, random factor and digital signature; Based on the process key that random factor and terminal master key calculate, deciphering obtains magnetic track information expressly and the trading password plaintext; Use the working key of consulting with the clearance changeover mechanism to encrypt trading password.
Fig. 7 shows the present invention's principle schematic that safety chip on the mainboard of computer and the encryption chip on the keyboard consult the ciphering process key based on encryption main key of managing money matters.As mentioned above, adopt the communication mechanism of symmetric cryptography between the encryption chip of keyboard and the safety chip of mainboard, specifically, the encryption chip of keyboard uses the encryption main key and the safety chip of mainboard to consult the ciphering process key, and with this ciphering process secret key encryption magnetic track information plaintext and trading password plaintext; On the other hand, safety chip utilizes identical ciphering process key to decipher magnetic track information ciphertext and trading password ciphertext after receiving magnetic track information ciphertext and trading password ciphertext.This negotiation ciphering process key comprises:
Step 710 is finished the process key agreement based on symmetrical root key.
Those skilled in the art is to be understood that, the encryption chip of keyboard can adopt with the similar method of above-mentioned flow process and use the MAC master key to consult MAC process key, equally, the safety chip of mainboard can use terminal master key and third party's payment gateway negotiations process key; And third party's payment gateway can be consulted working key with the clearance changeover mechanism.
Fig. 8 shows the theory diagram of realizing key synchronization between safety chip and encryption chip among the present invention.With reference to Fig. 8, the encryption chip of keyboard and the safety chip of mainboard adopt encryption main key and MAC master key to carry out transfer of data, and encryption main key and MAC master key only are used to guarantee the integrality from keyboard to the safety chip transmitting data information, and be irrelevant with third party's payment gateway.Realize that key synchronization comprises between safety chip and encryption chip:
Step 800 is set encryption main key and MAC master key;
Step 804 utilizes keyboard driver to inject encryption chip by the key that BIOS will apply for automatically; And
Step 806 is finished the key synchronization between safety chip and the encryption chip.
Fig. 9 shows the safety chip that the present invention manages money matters on the mainboard of computer and carries out initialized schematic flow sheet.When the network user uses bank card to carry out online payment on the financing computer, at first bank card just can must used after the registration on third party's payment gateway, promptly third party's payment gateway can be discerned holder's bank card.For this reason, be provided with a program that is used for managing the registration bank card on the computer specially in financing, it mainly is that bank card information with the user is sent to third party's payment gateway safely and registers.Only the bank card that has carried out registration at payment gateway just can be handled the online payment business, and because of the program of this registration bank card is similar to the function of wallet, we might as well be referred to as the wallet program.This wallet program can be independent application program, and the program of perhaps moving on webpage is used for the safety chip on the initialization mainboard, and the bank card of management registration also is provided with the payment card of acquiescence.
Consider that from the angle of secure payment user's bank card information all will be undertaken just transmitting on the internet after the encryption at every turn by safety chip when transaction.Its initialized flow process comprises:
The validity of wallet program inquiring certificate;
Safety chip returns certificate status to the wallet program, if certificate is effective, then finishes this initialization procedure, if certificate is invalid, then sends the certificate initialization command to safety chip;
After safety chip received initialization command, it was right to generate RSA key, and preserved the private key of safety chip, and the PKI that returns safety chip is to the wallet program;
The wallet program receives the PKI of safety chip, obtains to send payment gateway after the personal information and carry out digital signature;
To treat that signing messages send CA signature, returns digital certificate to the wallet program; And
Concurrent the losing one's life of wallet program acceptance certificate makes STORE_CERT to be saved to safety chip.
Wherein, the digital certificate that is stored on the safety chip can be used for encrypting or signing when transaction, if certificate lost efficacy or do not exist, then the online payment behavior can't be finished.
As described in Figure 9, holder's bank card only just can use after the registration on third party's payment gateway.Thereby Figure 10 shows the schematic flow sheet that bank card that the present invention is used for online payment is registered on payment gateway.This register flow path comprises:
The user opens the wallet program, selects the registration bank card functionality;
Financing computer prompting user card punching is also imported PIN;
The user swipes the card and operates and input PIN;
The financing computer is sent to third party's payment gateway after the magnetic track information of card and trading password are encrypted;
Behind the magnetic track information and trading password deciphering of third party's payment gateway with the bank card received, be sent to corresponding credit card issuer and verify, return response message to the financing computer according to the checking result of credit card issuer; And
The financing computer receives this response message, and the presenting bank card succeeds in registration or fails.
The key step that the bank card that is used for online payment is registered on payment gateway has below briefly been described.Here, in order to introduce register flow path in further detail, we might as well be divided into it four nodes, are specially: the safety chip on wallet program prompts user card punching and input PIN, the mainboard to magnetic track information ciphertext and trading password ciphertext from encryption chip handle, the wallet program sends data to third party's payment gateway and third party's payment gateway binding bank card.Detail operations step to these four nodes is described as follows below:
(1) wallet program prompts user card punching and input PIN
A. the wallet program of computer of managing money matters sends the signal of swiping the card to keyboard, and the special-purpose indicator light of keyboard lights the operation of swiping the card with the prompting user;
B. user card punching, it is to be read that keyboard is encrypted back etc. with the magnetic track information of bank card;
C. the wallet program is delivered to safety chip after reading the magnetic track information ciphertext;
D. wallet program prompts user imports PIN; And
E. the user imports PIN, and it is to be read that keyboard is encrypted back etc. with trading password.
(2) safety chip on the mainboard is handled magnetic track information ciphertext and trading password ciphertext from encryption chip
A. safety chip is only just replaced ciphertext and signature after receiving magnetic track information ciphertext and trading password ciphertext;
B. after safety chip receives the magnetic track information ciphertext, it is decrypted, checks whether form is correct, if success then flag bit is set, the indication magnetic track information is ready;
C. after safety chip receives the trading password ciphertext, it is decrypted, checks whether form is correct, if success then flag bit is set, the indication trading password is ready;
D. be provided with at every turn all check that whether magnetic track information and trading password all possess behind the flag bit,, otherwise wait for flag bit is set if possess then carry out next step;
E. safety chip generates 16 long random symmetric key SK, uses SK to encrypt trading password and magnetic track information;
F. with third party's payment gateway PKI SK is encrypted the information that obtains and be called envelope, trading password ciphertext and magnetic track information ciphertext are signed according to certain form, obtain signing messages with the safety chip private key;
G. return trading password ciphertext and magnetic track information ciphertext; And
H. return envelope and signing messages.
(3) the wallet program sends data to third party's payment gateway
A. information such as bank card title and Email are imported in prompting; And
B. customized information and envelope, signing messages and magnetic track information ciphertext and trading password ciphertext are formed message together and be sent to third party's payment gateway.
(4) third party's payment gateway binding bank card
A. after third party's payment gateway is received message, untie envelope, obtain SK with private key;
B. use SK magnetic track information decrypt ciphertext PIN, and encrypt magnetic track information again with the terminal key of bank;
C. magnetic track information and trading password being sent to credit card issuer verifies; And
D. the response message that whether returns success is to the wallet program
Wherein,, then the hardware serial number of bank card number and financing computer is bound, formed corresponding relation and be saved in safety chip if be proved to be successful; If authentication failed is then returned response message prompting user and is registered unsuccessful.
Figure 11 shows the payment flow schematic diagram of the online payment system that the present invention is based on the financing computer.This payment flow comprises:
The network user browses web sites, and the free choice of goods is also specified and used the financing computer payment mode;
The user selects the bank card of paying and determines;
The financing computer activates the wallet program, and the prompting user card punching is also imported PIN;
The user carries out swipe the card operation and input PIN on keyboard;
The financing computer receives to be encrypted magnetic track information and encrypts PIN;
Check current bank card whether in the authentication card tabulation of safety chip, if do not exist, the prompting user can't pay, if exist, organizes message to send to payment gateway after then obtaining sequence information and bank card information;
Payment gateway is received message, checks binding relationship, after affirmation can be concluded the business, E-Packets to the clearance changeover mechanism, and obtains the response message of clearance changeover mechanism;
Payment gateway Sending Payments success message is to trade company, and obtains order inquiry URL;
Trade company receives successful payment message, and match orders is prepared delivery;
Payment gateway returns response message to the computer of managing money matters, and the financing computer receives this response message, the prompting closing the transaction; And
The user selects to continue shopping or withdraw from.
Wherein, activation wallet program is carried out online payment and can be divided into two kinds, and a kind of is the unified payment page that jumps to payment gateway when selecting payment on shopping website automatically, by paying the page by wallet interface interchange wallet program; Another kind is when clicking the payment page, and the target pages automatic guide is to the shopping information file that is generated certain format by merchant website automatically, and this document type forms related with the wallet program at the financing computer.
Figure 12 shows the gathering schematic flow sheet of the online payment system that the present invention is based on the financing computer.Similar with payment flow shown in Figure 11, this gathering flow process comprises:
Network user's free choice of goods is also specified and is used the financing computer payment mode;
Trade company enables the financing computer and collects money and transfer accounts, and requires user card punching and input PIN;
The financing computer activates the gathering program;
User card punching is also imported PIN;
The financing computer receives to be encrypted magnetic track information and encrypts PIN, and organizes message to be sent to payment gateway;
Payment gateway is received message, checks binding relationship, after affirmation can be concluded the business, E-Packets to the clearance changeover mechanism, and obtains the response message of clearance changeover mechanism;
Payment gateway Sending Payments success message is to trade company, and obtains order inquiry URL;
Trade company receives the notice of transferring accounts, and confirms to collect money successfully;
Payment gateway returns this response message to the computer of managing money matters, and the financing computer receives this response message, the prompting closing the transaction; And
Trade company pays commodity and gives this user.
Above, describe the specific embodiment of the present invention with reference to the accompanying drawings.But those skilled in the art can understand, and under situation without departing from the spirit and scope of the present invention, can also do various changes and replacement to the specific embodiment of the present invention.These changes and replace all drop in claims of the present invention institute restricted portion.
Claims (15)
1. data ciphering method that is used for online payment is characterized in that it comprises step:
After the user order goods, swipe the card and import trading password, to produce magnetic track information expressly and the trading password plaintext by keyboard;
Encryption chip is expressly encrypted described magnetic track information plaintext and trading password, and is converted to corresponding magnetic track information ciphertext, Transaction Information ciphertext and MAC data;
Safety chip receives and deciphers described magnetic track information ciphertext, trading password ciphertext and MAC data, and is converted to magnetic track information plaintext, trading password plaintext, transaction data plaintext and safety chip numbering;
Safety chip expressly carries out superencipher and organizes message described magnetic track information plaintext, trading password, adds transaction data plaintext and safety chip numbering in message;
Safety chip carries out digital signature to message data, and encrypts described digital signature and described transaction data plaintext; And
Web browser is sent to payment gateway by ssl protocol with whole messages.
2. the method for claim 1 is characterized in that, described encryption chip is arranged in the keyboard of computer, and described safety chip is arranged on the mainboard of computer.
3. the method for claim 1 is characterized in that, described encryption chip has encryption main key and MAC master key.
4. the method for claim 1 is characterized in that, described safety chip has encryption main key, MAC master key, terminal master key and terminal certificate.
5. as claim 3 or 4 described methods, it is characterized in that, the encryption main key of described encryption chip is identical with the key schedule of the encryption main key of described safety chip, and described encryption chip and described safety chip carry out symmetric cryptography based on encryption main key.
6. method as claimed in claim 5 is characterized in that, the encryption chip of keyboard uses the safety chip of encryption main key and mainboard to consult the ciphering process key, and utilizes described ciphering process key to encrypt magnetic track information plaintext and trading password plaintext.
7. method as claimed in claim 6 is characterized in that, the step of described negotiation ciphering process key comprises:
Encryption chip is preset key schedule;
Safety chip is preset the key schedule identical with described encryption chip;
Encryption chip generates a random factor at random, and calculates the ciphering process key according to encryption main key and random factor;
Encryption chip sends connection request and random factor to safety chip;
Safety chip calculates the ciphering process key according to encryption main key and random factor; And
Finish process key agreement based on symmetrical root key.
8. the method for claim 1 is characterized in that, described superencipher is meant that safety chip is by terminal master key and payment gateway negotiations process key, and use key and 3DES algorithm for encryption magnetic track information plaintext and trading password plaintext.
9. the method for claim 1 is characterized in that, safety chip carries out digital signature by terminal secret key to message data, and uses the random factor of payment gateway public key encryption digital signature and transaction data plaintext and negotiations process key.
10. the method for claim 1 is characterized in that, realizes between described safety chip and described encryption chip that key synchronization comprises:
Set encryption main key and MAC master key;
Send the request of application key to safety chip by BIOS;
Utilize keyboard driver to inject encryption chip by the key that BIOS will apply for automatically; And
Finish the key synchronization between safety chip and encryption chip.
11. the key generation method in data ciphering method as claimed in claim 1 is characterized in that, this method comprises:
Set encryption main key and MAC master key, with the key between synchronous safety chip and encryption chip;
Send request to payment gateway, application download terminal master key;
Transfer the root key in the described payment gateway encryption equipment;
Disperse to generate terminal master key according to the safety chip numbering by described root key; And
Number according to safety chip and to obtain terminal public key.
12. method as claimed in claim 11 is characterized in that, described encryption chip is arranged in the keyboard of computer, and described safety chip is arranged on the mainboard of computer.
13. method as claimed in claim 11 is characterized in that, described encryption chip has encryption main key and MAC master key.
14. method as claimed in claim 11 is characterized in that, described safety chip has encryption main key, MAC master key, terminal master key and terminal certificate.
15. method as claimed in claim 11 is characterized in that, the wallet program on the computer is after safety chip sends the terminal certificate initialization command, and described safety chip generation and preservation RSA key are right.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810200736A CN101686225A (en) | 2008-09-28 | 2008-09-28 | Methods of data encryption and key generation for on-line payment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810200736A CN101686225A (en) | 2008-09-28 | 2008-09-28 | Methods of data encryption and key generation for on-line payment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101686225A true CN101686225A (en) | 2010-03-31 |
Family
ID=42049198
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810200736A Pending CN101686225A (en) | 2008-09-28 | 2008-09-28 | Methods of data encryption and key generation for on-line payment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101686225A (en) |
Cited By (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101883096A (en) * | 2010-06-07 | 2010-11-10 | 北京天地融科技有限公司 | Method, device and system for safely transferring data between electronic signature tools |
| CN101964793A (en) * | 2010-10-08 | 2011-02-02 | 上海银联电子支付服务有限公司 | Method and system for transmitting data between terminal and server and sign-in and payment method |
| CN102404121A (en) * | 2011-11-30 | 2012-04-04 | 华为技术有限公司 | Method, device and system for processing cipher text |
| CN102568097A (en) * | 2010-12-08 | 2012-07-11 | 邵通 | Method and system for improving safety of electronic wallets |
| CN103117856A (en) * | 2012-01-16 | 2013-05-22 | 深圳市家富通汇科技有限公司 | Method and apparatus for provisioning applications in mobile devices |
| CN103345799A (en) * | 2013-06-08 | 2013-10-09 | 钱袋网(北京)信息技术有限公司 | Card swiping device and method for encrypting information of bank card in card swiping device |
| CN103684759A (en) * | 2012-09-11 | 2014-03-26 | 中国银联股份有限公司 | Terminal data encrypting method and device |
| CN103714639A (en) * | 2013-03-15 | 2014-04-09 | 福建联迪商用设备有限公司 | Method and system enabling safe operation of POS terminal to be achieved |
| CN104376493A (en) * | 2014-10-29 | 2015-02-25 | 中国建设银行股份有限公司 | Safe processing system and method based on encryption equipment |
| CN105095701A (en) * | 2014-05-06 | 2015-11-25 | 黄熙镜 | User authentication method and device and terminal equipment |
| CN105306201A (en) * | 2014-06-13 | 2016-02-03 | 广州涌智信息科技有限公司 | Encrypted data transmission method |
| CN105684346A (en) * | 2013-09-27 | 2016-06-15 | 金雅拓股份有限公司 | Method for securing over-the-air communication between a mobile application and a gateway |
| CN105868653A (en) * | 2016-03-29 | 2016-08-17 | 山东华芯富创电子科技有限公司 | Password input method and device |
| CN105894662A (en) * | 2016-03-29 | 2016-08-24 | 山东华芯富创电子科技有限公司 | Password input device and system using same |
| CN106059771A (en) * | 2016-05-06 | 2016-10-26 | 上海动联信息技术股份有限公司 | Intelligent POS machine secret key management system and method |
| CN106302482A (en) * | 2016-08-22 | 2017-01-04 | 浙江省数字安全证书管理有限公司 | A kind of browser-cross uses hardware encryption medium data safe transmission system and method |
| CN106506149A (en) * | 2016-11-07 | 2017-03-15 | 福建星海通信科技有限公司 | Key generation method and system between a kind of TBOX terminals and TSP platforms |
| CN106529941A (en) * | 2016-11-24 | 2017-03-22 | 深圳市久通物联科技股份有限公司 | PBOC micro payment security promotion method |
| CN106537432A (en) * | 2014-07-17 | 2017-03-22 | 卓格莱特有限责任公司 | Method and device for securing access to wallets in which cryptocurrencies are stored |
| CN106559412A (en) * | 2016-10-11 | 2017-04-05 | 北京元心科技有限公司 | Strengthen the method and system of authentication safety |
| CN106572106A (en) * | 2016-11-07 | 2017-04-19 | 福建星海通信科技有限公司 | Method of transmitting message between TBOX terminal and TSP platform |
| CN106228713B (en) * | 2016-07-26 | 2018-08-10 | 中国银联股份有限公司 | Data processing system and method for multiple POS terminals |
| CN108460597A (en) * | 2018-03-23 | 2018-08-28 | 银联商务股份有限公司 | A kind of key management system and method |
| CN108596593A (en) * | 2018-04-20 | 2018-09-28 | 珠海横琴盛达兆业科技投资有限公司 | A method of the pharmacy's shortcut key cash register realized based on B/S framework |
| CN111600829A (en) * | 2019-02-21 | 2020-08-28 | 杭州萤石软件有限公司 | Secure communication method and system for Internet of things equipment |
| CN112464188A (en) * | 2020-12-14 | 2021-03-09 | 艾体威尔电子技术(北京)有限公司 | Method for binding payment terminal and peripheral password keyboard |
| US11531984B2 (en) | 2016-06-28 | 2022-12-20 | Advanced New Technologies Co., Ltd. | Method and device facilitating expansion of primary payment instruments |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1527208A (en) * | 2003-09-25 | 2004-09-08 | 联想(北京)有限公司 | Method and device for realizing computer safety and enciphering based on identity confirmation |
| CN1588954A (en) * | 2004-07-27 | 2005-03-02 | 中国工商银行 | Intelligent terminal, system including said intelligent terminal and data exchanging method |
| CN1598794A (en) * | 2003-09-19 | 2005-03-23 | 联想(北京)有限公司 | Computer terminal safety system based on safety chip |
| CN101192295A (en) * | 2006-11-30 | 2008-06-04 | 讯想科技股份有限公司 | Chip credit card network transaction system and method |
-
2008
- 2008-09-28 CN CN200810200736A patent/CN101686225A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1598794A (en) * | 2003-09-19 | 2005-03-23 | 联想(北京)有限公司 | Computer terminal safety system based on safety chip |
| CN1527208A (en) * | 2003-09-25 | 2004-09-08 | 联想(北京)有限公司 | Method and device for realizing computer safety and enciphering based on identity confirmation |
| CN1588954A (en) * | 2004-07-27 | 2005-03-02 | 中国工商银行 | Intelligent terminal, system including said intelligent terminal and data exchanging method |
| CN101192295A (en) * | 2006-11-30 | 2008-06-04 | 讯想科技股份有限公司 | Chip credit card network transaction system and method |
Cited By (40)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101883096A (en) * | 2010-06-07 | 2010-11-10 | 北京天地融科技有限公司 | Method, device and system for safely transferring data between electronic signature tools |
| CN101883096B (en) * | 2010-06-07 | 2014-07-02 | 天地融科技股份有限公司 | Method, device and system for safely transferring data between electronic signature tools |
| CN101964793A (en) * | 2010-10-08 | 2011-02-02 | 上海银联电子支付服务有限公司 | Method and system for transmitting data between terminal and server and sign-in and payment method |
| CN102568097A (en) * | 2010-12-08 | 2012-07-11 | 邵通 | Method and system for improving safety of electronic wallets |
| CN102404121B (en) * | 2011-11-30 | 2014-03-12 | 华为技术有限公司 | Method, device and system for processing cipher text |
| CN102404121A (en) * | 2011-11-30 | 2012-04-04 | 华为技术有限公司 | Method, device and system for processing cipher text |
| CN103117856B (en) * | 2012-01-16 | 2015-07-01 | 深圳市可秉资产管理合伙企业(有限合伙) | Method and apparatus for provisioning applications in mobile devices |
| CN103117856A (en) * | 2012-01-16 | 2013-05-22 | 深圳市家富通汇科技有限公司 | Method and apparatus for provisioning applications in mobile devices |
| CN103684759A (en) * | 2012-09-11 | 2014-03-26 | 中国银联股份有限公司 | Terminal data encrypting method and device |
| CN103714639A (en) * | 2013-03-15 | 2014-04-09 | 福建联迪商用设备有限公司 | Method and system enabling safe operation of POS terminal to be achieved |
| CN103716320A (en) * | 2013-03-15 | 2014-04-09 | 福建联迪商用设备有限公司 | Security downloading method and system of TMK |
| CN103716320B (en) * | 2013-03-15 | 2017-08-01 | 福建联迪商用设备有限公司 | A kind of terminal master key TMK safety downloading method and systems |
| CN103714639B (en) * | 2013-03-15 | 2016-05-04 | 福建联迪商用设备有限公司 | A kind of method and system that realize the operation of POS terminal security |
| CN103345799A (en) * | 2013-06-08 | 2013-10-09 | 钱袋网(北京)信息技术有限公司 | Card swiping device and method for encrypting information of bank card in card swiping device |
| CN103345799B (en) * | 2013-06-08 | 2015-08-05 | 北京钱袋宝支付技术有限公司 | Bank card information encryption method and swiping card equipment in swiping card equipment |
| CN105684346B (en) * | 2013-09-27 | 2019-11-19 | 金雅拓股份有限公司 | Ensure the method for air communication safety between mobile application and gateway |
| CN105684346A (en) * | 2013-09-27 | 2016-06-15 | 金雅拓股份有限公司 | Method for securing over-the-air communication between a mobile application and a gateway |
| CN105095701A (en) * | 2014-05-06 | 2015-11-25 | 黄熙镜 | User authentication method and device and terminal equipment |
| CN105306201B (en) * | 2014-06-13 | 2018-09-28 | 广州涌智信息科技有限公司 | A method of transmission is encrypted to data |
| CN105306201A (en) * | 2014-06-13 | 2016-02-03 | 广州涌智信息科技有限公司 | Encrypted data transmission method |
| CN106537432A (en) * | 2014-07-17 | 2017-03-22 | 卓格莱特有限责任公司 | Method and device for securing access to wallets in which cryptocurrencies are stored |
| CN104376493A (en) * | 2014-10-29 | 2015-02-25 | 中国建设银行股份有限公司 | Safe processing system and method based on encryption equipment |
| CN105868653A (en) * | 2016-03-29 | 2016-08-17 | 山东华芯富创电子科技有限公司 | Password input method and device |
| CN105894662A (en) * | 2016-03-29 | 2016-08-24 | 山东华芯富创电子科技有限公司 | Password input device and system using same |
| CN106059771A (en) * | 2016-05-06 | 2016-10-26 | 上海动联信息技术股份有限公司 | Intelligent POS machine secret key management system and method |
| US11531984B2 (en) | 2016-06-28 | 2022-12-20 | Advanced New Technologies Co., Ltd. | Method and device facilitating expansion of primary payment instruments |
| CN106228713B (en) * | 2016-07-26 | 2018-08-10 | 中国银联股份有限公司 | Data processing system and method for multiple POS terminals |
| TWI668646B (en) * | 2016-07-26 | 2019-08-11 | 中國銀聯股份有限公司 | Data processing system and method for multiple POS terminals |
| CN106302482A (en) * | 2016-08-22 | 2017-01-04 | 浙江省数字安全证书管理有限公司 | A kind of browser-cross uses hardware encryption medium data safe transmission system and method |
| CN106559412A (en) * | 2016-10-11 | 2017-04-05 | 北京元心科技有限公司 | Strengthen the method and system of authentication safety |
| CN106506149B (en) * | 2016-11-07 | 2019-10-22 | 福建星海通信科技有限公司 | Key generation method and system between a kind of TBOX terminal and TSP platform |
| CN106572106A (en) * | 2016-11-07 | 2017-04-19 | 福建星海通信科技有限公司 | Method of transmitting message between TBOX terminal and TSP platform |
| CN106506149A (en) * | 2016-11-07 | 2017-03-15 | 福建星海通信科技有限公司 | Key generation method and system between a kind of TBOX terminals and TSP platforms |
| CN106529941A (en) * | 2016-11-24 | 2017-03-22 | 深圳市久通物联科技股份有限公司 | PBOC micro payment security promotion method |
| CN108460597B (en) * | 2018-03-23 | 2022-03-15 | 银联商务股份有限公司 | Key management system and method |
| CN108460597A (en) * | 2018-03-23 | 2018-08-28 | 银联商务股份有限公司 | A kind of key management system and method |
| CN108596593A (en) * | 2018-04-20 | 2018-09-28 | 珠海横琴盛达兆业科技投资有限公司 | A method of the pharmacy's shortcut key cash register realized based on B/S framework |
| CN111600829A (en) * | 2019-02-21 | 2020-08-28 | 杭州萤石软件有限公司 | Secure communication method and system for Internet of things equipment |
| CN112464188A (en) * | 2020-12-14 | 2021-03-09 | 艾体威尔电子技术(北京)有限公司 | Method for binding payment terminal and peripheral password keyboard |
| CN112464188B (en) * | 2020-12-14 | 2023-10-31 | 艾体威尔电子技术(北京)有限公司 | Binding method of payment terminal and peripheral password keyboard |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101686225A (en) | Methods of data encryption and key generation for on-line payment | |
| CN101685512A (en) | Computer, payment system and method thereof for realizing on-line payment | |
| US11195174B2 (en) | Systems and methods for cryptographic authentication of contactless cards | |
| EP3861704A1 (en) | Systems and methods for cryptographic authentication of contactless cards | |
| CN108476227A (en) | System and method for equipment push supply | |
| US20200184463A1 (en) | Systems and methods for cryptographic authentication of contactless cards | |
| US20110103586A1 (en) | System, Method and Device To Authenticate Relationships By Electronic Means | |
| US20090172402A1 (en) | Multi-factor authentication and certification system for electronic transactions | |
| AU2019355834B2 (en) | Systems and methods for cryptographic authentication of contactless cards | |
| CN101770619A (en) | Multiple-factor authentication method for online payment and authentication system | |
| WO2020072670A1 (en) | Systems and methods for cryptographic authentication of contactless cards | |
| CN105117963A (en) | Device and method based on digital signature | |
| US11129019B2 (en) | Systems and methods for performing transactions with contactless cards | |
| CN104182875A (en) | Payment method and payment system | |
| EP1171849B1 (en) | Communication system and method for efficiently implementing electronic transactions in mobile communication networks | |
| US11974127B2 (en) | Systems and methods for cryptographic authentication of contactless cards | |
| Sifatullah Bhuiyan | Securing mobile payment protocol based on emv standard | |
| KR20210153592A (en) | System and method for contactless card reissuance | |
| WO2015110039A1 (en) | Method and system for inputting payment account using public data of card | |
| KR20000063481A (en) | The card for internet e-commerce | |
| KR20110092383A (en) | System and method for providing financial transaction |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20100331 |