CN103942688A - Data security interactive system - Google Patents
Data security interactive system Download PDFInfo
- Publication number
- CN103942688A CN103942688A CN201410171463.4A CN201410171463A CN103942688A CN 103942688 A CN103942688 A CN 103942688A CN 201410171463 A CN201410171463 A CN 201410171463A CN 103942688 A CN103942688 A CN 103942688A
- Authority
- CN
- China
- Prior art keywords
- intelligent cipher
- terminal
- cipher equipment
- information
- system server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
Abstract
The invention provides a data security interactive system. According to the system, a terminal obtains the identification information of intelligent code devices through scanning, obtains user information according to the identification information, stores the user information in a pre-established current user list, generates transaction information, conducts encryption computation and/or check computation on the transaction information by means of a second session key to obtain transaction request information, sends the transaction request information to the intelligent code devices, receives transaction confirmation information, conducts encryption computation and/or check computation on the transaction confirmation information by means of a first session key to obtain a transaction data packet, and sends the transaction data packet to a background system server; the intelligent code devices conduct encryption computation and/or check computation on the transaction request information by means of the second session key to obtain the transaction information, give a prompt, receive a confirmation instruction, and generate the transaction conformation information; the background system server conducts encryption computation and/or check computation on the transaction data packet by means of the first session key to obtain the transaction confirmation information, verifies the transaction confirmation information, and executes the transaction after the transition conformation information passes the verification.
Description
Technical field
The present invention relates to a kind of information security field, relate in particular to a kind of data security interactive system.
Background technology
A kind of method of service that mobile payment allows user to use its mobile terminal (terminal such as such as smart mobile phone, PDA, panel computer, notebook computer) to carry out account payment to consumed commodity or service exactly.Unit or individual by mobile terminal, internet or closely sensing directly or indirectly send payment instruction to bank finance mechanism and produce the behavior of monetary payoff and fund flow, thereby realize mobile payment function.Mobile payment is merged mobile terminal, internet, application provider and financial institution mutually, for user provides the financial business such as monetary payoff, payment.
Mobile payment mainly comprises that remote payment and near field pay two kinds.Remote payment refer to user by mobile terminal login that bank's webpage pays, account operation etc., be mainly used in shopping and the consumption of e-commerce website on line; Near field pays and refers to that consumer is in the time buying commodity or service, IMU is crossed mobile terminal and is paid to businessman, the processing paying is carried out at the scene, and be not need to use under mobile network's line to operate, by using the passages such as the radio frequency (NFC) of mobile terminal, infrared, bluetooth, the local communication of realization and automatic vending machine and POS machine.
In the process of whole mobile payment, the participant who relates to payment comprises: consumption user, trade company, mobile operator, third party service provider, bank.Consumption user and trade company are the service objects of system, and mobile operator provides network support, and bank side provides bank's related service, and third party service provider provides payment platform service, and the combination by each side is to realize business.The electronization of means of payment and mobile have become inevitable development trend, and the safety issue of mobile-payment system is the key problem of mobile e-business safety.
How in the process of mobile payment, to ensure that the security of data interaction is problem demanding prompt solution.
Summary of the invention
The present invention is intended to one of address the above problem.
Fundamental purpose of the present invention is to provide a kind of data security interactive system.
For achieving the above object, technical scheme of the present invention is specifically achieved in that
One aspect of the present invention provides a kind of data security interactive system, comprising: terminal, at signal cover interscan intelligent cipher equipment, and obtains the identification information of the described intelligent cipher equipment scanning; Obtain user profile corresponding to described intelligent cipher equipment according to the identification information of described intelligent cipher equipment; Described user profile is stored in active user's list of setting up in advance; The user profile corresponding according to intelligent cipher equipment to be transacted generates Transaction Information, and utilizes the second session key that described Transaction Information is encrypted and is calculated and/or verification calculating acquisition transaction request information; Send described transaction request information to described intelligent cipher equipment; Receive described trade confirmation information; Utilize the first session key that described trade confirmation information is encrypted and is calculated and/or verification calculating acquisition transaction data package, and send described transaction data package to described background system server; Described intelligent cipher equipment, the described transaction request information sending for receiving described terminal, utilizes described the second session key that described transaction request information is decrypted and is calculated and/or the described Transaction Information of verification checking calculating acquisition; Point out described Transaction Information; Confirmation of receipt instruction, and generate trade confirmation information; Described background system server, the described transaction data package sending for receiving described terminal, utilizes described the first session key that described transaction data package is decrypted and is calculated and/or the described trade confirmation information of verification checking calculating acquisition; Described trade confirmation information is verified, and carried out transaction after being verified.
In addition, described terminal, also for sending identification information and the user profile read requests of described intelligent cipher equipment to described background system server; Receive the response message of the user profile read requests of described background system server transmission, utilize described the first session key that the response message of described user profile read requests is decrypted and is calculated and/or the described user profile of verification checking calculating acquisition; Described background system server, also, for receiving identification information and the described user profile read requests of the described intelligent cipher equipment that described terminal sends, obtain the user profile corresponding with described intelligent cipher equipment according to the identification information of described intelligent cipher equipment; Utilize described the first session key described user profile to be encrypted to the response message of calculating and/or the described user profile read requests of verification calculating acquisition, and send the response message of described user profile read requests to described terminal.
In addition, described terminal, also for sending user profile read requests according to the identification information of described intelligent cipher equipment to described intelligent cipher equipment; Receive the response message of the described user profile read requests of described intelligent cipher equipment transmission, utilize described the second session key that the response message of described user profile read requests is decrypted and is calculated and/or the described user profile of verification checking calculating acquisition; Described intelligent cipher equipment, also for obtaining pre-stored user profile, utilize described the second session key described user profile to be encrypted to the response message of calculating and/or the described user profile read requests of verification calculating acquisition, and send the response message of described user profile read requests to described terminal.
In addition, described terminal, also at signal cover interscan intelligent cipher equipment, and after obtaining the identification information of the described intelligent cipher equipment scanning, the identification information that obtains the whole intelligent cipher equipment in the signal cover of described terminal, generates real-time identification list; The identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in described real-time identification list and described active user's list is compared according to the default time interval; If the identification information of the intelligent cipher equipment in described real-time identification list, not in described active user's list, obtains user profile corresponding to described intelligent cipher equipment according to the identification information of described intelligent cipher equipment; And if the identification information of intelligent cipher equipment in described active user's list is in described real-time identification list, delete in described active user's list the not user profile of the intelligent cipher equipment in described real-time identification list.
In addition, described terminal, also at signal cover interscan intelligent cipher equipment, and after obtaining the identification information of the described intelligent cipher equipment scanning, the identification information that obtains the whole intelligent cipher equipment in the signal cover of described terminal, generates real-time identification list; The identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in described real-time identification list and described active user's list is compared according to the default time interval; If the identification information of the intelligent cipher equipment in described real-time identification list is not in described active user's list, obtain user profile corresponding to described intelligent cipher equipment according to the identification information of described intelligent cipher equipment, and obtain after described user profile in described terminal, described user profile is stored in described real-time identification list; And if the identification information of intelligent cipher equipment in described real-time identification list is in described active user's list, the user profile of described intelligent cipher equipment in described active user's list is stored in described real-time identification list; Described active user's list using described real-time identification list after upgrading.
In addition, described background system server, also, for after sending the identification information and user profile read requests of described intelligent cipher equipment in described terminal to described background system server, judge whether the identification information of described intelligent cipher equipment is included in the intelligent cipher unit exception list prestoring in described background system server; After the identification information of judging described intelligent cipher equipment is in described intelligent cipher unit exception list, obtain locking intelligent cipher device directive, and utilize the private key of described background system server to sign and obtain the 5th signing messages locking intelligent cipher device directive, and send described locking intelligent cipher device directive and described the 5th signing messages by described terminal to described intelligent cipher equipment; Described intelligent cipher equipment, the described locking intelligent cipher device directive and described the 5th signing messages that also send by described terminal for receiving described background system server, utilize the PKI in the described background system server certificate prestoring to verify described the 5th signing messages; After described the 5th signing messages of checking passes through, carry out lock operation according to described locking intelligent cipher device directive.
In addition, described background system server, also for receiving terminal application for registration, and audits described endpoint registration application; In examination & verification after described endpoint registration application passes through, to described terminal transmitting terminal key to generating instruction; Receive after the PKI of described terminal key centering of described terminal transmission, generate described terminal certificate, and send described terminal certificate to described terminal; Described terminal, also, for receiving described terminal key that described background system server sends to generating instruction, generates terminal key pair; Send the PKI of described terminal key centering to described background system server; Store described terminal certificate; And described background system server, also for receiving the application of intelligent cipher facility registration, and application is audited to described intelligent cipher facility registration; After the application of the described intelligent cipher facility registration of examination & verification is passed through, send intelligent cipher device keys to generating instruction to described intelligent cipher equipment; The PKI that receives the described intelligent cipher device keys centering of described intelligent cipher equipment transmission, generates described intelligent cipher device certificate, and sends described intelligent cipher device certificate to described intelligent cipher equipment; Described intelligent cipher equipment, also, for receiving described intelligent cipher device keys that described background system server sends to generating instruction, generates intelligent cipher device keys pair; Send the PKI of described intelligent cipher device keys centering to described background system server; Store described intelligent cipher device certificate.
In addition, described terminal, also for obtaining terminal cancellation application, utilizes the private key of described terminal to sign and obtain the 6th signing messages described cancellation application, and sends described terminal cancellation application and described the 6th signing messages to described background system server; Described background system server receives after described terminal cancellation application and described the 6th signing messages, utilizes the PKI in the described terminal certificate prestoring to verify described the 6th signing messages; The described terminal cancellation that receives described background system server transmission completes information, deletes the private key of described terminal; Described background system server, also, for after described the 6th signing messages passes through in checking, deletes the described terminal certificate prestoring, and generates terminal cancellation and complete information, sends described terminal cancellation complete information to described terminal; And/or described intelligent cipher equipment, also for obtaining intelligent cipher equipment cancellation application, utilize the private key of described intelligent cipher equipment to sign and obtain the 7th signing messages described cancellation application, and send described intelligent cipher equipment cancellation application and described the 7th signing messages to described background system server; Described background system server receives after described intelligent cipher equipment cancellation application and described the 7th signing messages, utilizes the PKI in the described intelligent cipher device certificate prestoring to verify described the 7th signing messages; The described intelligent cipher equipment cancellation that receives described background system server transmission completes information, deletes the private key of described intelligent cipher equipment; Described background system server, also for after passing through at described the 7th signing messages of checking, the described intelligent cipher device certificate that deletion prestores, and generate the cancellation of intelligent cipher equipment and complete information, send the cancellation of described intelligent cipher equipment to described intelligent cipher equipment and complete information.
In addition, described background system server, also for sending user-authorization-request information by described terminal to described intelligent cipher equipment; Receive described authorization message, send the response message of described user profile read requests to described terminal; Described intelligent cipher equipment, also for receiving described user-authorization-request information, generates authorization message, and sends described authorization message by described terminal to described background system server.
In addition, described intelligent cipher equipment, also, for receiving after described user-authorization-request information, is converted to wake-up states by dormant state; Under wake-up states, generate authorization message.
In addition, described intelligent cipher equipment, also, for receiving after described transaction request information, is converted to wake-up states by dormant state; Under wake-up states, utilize described the second session key that described transaction request information is decrypted and is calculated and/or the described Transaction Information of verification checking calculating acquisition.
In addition, described intelligent cipher equipment, also utilizes the private key of described intelligent cipher equipment to sign to described Transaction Information, generates trading signature information as trade confirmation information or generates dynamic password as trade confirmation information.
In addition, described intelligent cipher equipment, also for generating single transaction mark, and utilizes the private key of described intelligent cipher equipment to sign to described Transaction Information and described single transaction mark, generates trading signature information as trade confirmation information; Or described intelligent cipher equipment, also for generating single transaction mark, utilize the private key of described intelligent cipher equipment to sign and obtain the signing messages of single transaction mark described single transaction mark, and generating dynamic password, the signing messages that single transaction is identified and described dynamic password are as trade confirmation information.
In addition, described terminal, also for receiving the acoustic signals of described intelligent cipher equipment transmission and described acoustic signals being decoded and obtained trade confirmation information; Or gather the image information of described intelligent cipher equipment demonstration and described image information is decoded and obtained described trade confirmation information; Or the communication interface of mating with described intelligent cipher equipment by described terminal receives described trade confirmation information; Or trade confirmation information described in the information acquisition of inputting by described terminal.
In addition, described background system server, also for described trade confirmation information being verified at described background system server, and carry out transaction after being verified after, send Transaction Success acknowledgement information and/or send Transaction Success acknowledgement information by described terminal to described intelligent cipher equipment to described terminal; Described intelligent cipher equipment, the described Transaction Success acknowledgement information also sending by described terminal for receiving described background system server, points out described Transaction Success acknowledgement information.
In addition, described terminal, also at described background system server, described trade confirmation information being verified, and carry out transaction after being verified after, sends reimbursement information to described intelligent cipher equipment; Receive described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilize the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation; Send described reimbursement to described background system server and confirm bag and described reimbursement confirmation; Described intelligent cipher equipment, the described reimbursement information also sending for receiving described terminal, points out described reimbursement information; Receive reimbursement and confirm instruction, and utilize the private key of described intelligent cipher equipment to sign to described reimbursement information, generate reimbursement confirmation; Described background system server, the described reimbursement confirmation bag and the described reimbursement confirmation that also send for receiving described terminal, confirm to wrap to described reimbursement respectively and described reimbursement confirmation is verified, and after being all verified, carrying out reimbursement and operate.
In addition, described intelligent cipher equipment, also at described background system server, described trade confirmation information being verified, and carry out transaction after being verified after, sends refund request to described terminal; Receive the described reimbursement information that described terminal sends, point out described reimbursement information; Receive reimbursement and confirm instruction, and utilize the private key of described intelligent cipher equipment to sign to described reimbursement information, generate reimbursement confirmation; Described terminal, also for generating reimbursement information, and sends described reimbursement information to described intelligent cipher equipment; Receive described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilize the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation; Send described reimbursement to described background system server and confirm bag and described reimbursement confirmation; Described background system server, the described reimbursement confirmation bag and the described reimbursement confirmation that also send for receiving described terminal, confirm to wrap to described reimbursement respectively and described reimbursement confirmation is verified, and after being all verified, carrying out reimbursement and operate.
In addition, described intelligent cipher equipment, also at described background system server, described trade confirmation information being verified, and carry out transaction after being verified after, sends refund request to described terminal; Receive the described refund request mark that described terminal sends, generate reimbursement information, and utilize the private key of described intelligent cipher equipment to sign to described reimbursement information, obtain reimbursement confirmation, and send described reimbursement confirmation to described terminal; Described terminal, also for generating refund request mark, and sends described refund request mark to described intelligent cipher equipment; Receive described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilize the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation; Send described reimbursement to described background system server and confirm bag and described reimbursement confirmation; Described background system server, the described reimbursement confirmation bag and the described reimbursement confirmation that also send for receiving described terminal, confirm to wrap to described reimbursement respectively and described reimbursement confirmation is verified, and after being all verified, carrying out reimbursement and operate.
In addition, in described reimbursement information, also comprise electron pair bill.
In addition, described Transaction Success acknowledgement information also comprises electron pair bill.
In addition, in described Transaction Information, also comprise electron pair bill.
In addition, described terminal is at signal cover interscan intelligent cipher equipment, and before obtaining the identification information of the described intelligent cipher equipment scanning, described system also comprises: described intelligent cipher equipment enters and can be scanned state.
In addition, described the first session key is pre-stored in described background system server and described terminal or described the first session key is consulted to generate by described background system server and described terminal; Described the second session key is pre-stored in described terminal and described intelligent cipher equipment or described the second session key is consulted to generate by described terminal and described intelligent cipher equipment.
In addition the information of transmitting between described background system server and described terminal, all calculates by the first session key and/or rear transmission is calculated in verification; The information of transmitting between described terminal and described intelligent cipher equipment all calculates by the second session key and/or rear transmission is calculated in verification.
In addition, described terminal also authenticates mutually with described background system server, and generates respectively described the first session key.
In addition, described terminal, also treats signing messages for generating first; Send described first to backstage system server and treat signing messages and the first authentication request information; Whether what receive that described background system server sends described second treats signing messages and described background system server certificate, utilize described in root certification authentication corresponding to the background system server certificate that prestores background system server certificate legal; After the described background system server certificate of checking is legal, generates and share master key; Utilize PKI in described background system server certificate to be encrypted and to generate the first enciphered message described shared master key, the private key that utilizes described terminal treats that to described first signing messages and described second treats signing messages generation the first signing messages of sign; Send described the first enciphered message, described the first signing messages and terminal certificate to described background system server; The described backstage that receives described background system server transmission has authenticated message, verifies that described backstage has authenticated message; After the described backstage of checking authenticate message and passes through, generation terminal authentication first completes message, and send described terminal authentication first to described background system server and complete message, and according to described shared master key calculation the first session key; Described background system server, also treats signing messages and described the first authentication request information for receiving described first of described terminal transmission, generates second and treats signing messages; Send described second to described terminal and treat signing messages and background system server certificate; Described in root certification authentication corresponding to terminal certificate that utilization prestores, whether terminal certificate is legal; After the described terminal certificate of checking is legal, utilize the first signing messages described in the public key verifications in described terminal certificate; After described the first signing messages of checking passes through, utilize the private key of described background system server to decipher described the first enciphered message, obtain described shared master key; Generate backstage and authenticated message, and send described backstage to described terminal and authenticated message; The described terminal authentication first that receives described terminal transmission completes message, verifies that described terminal authentication first completes message; After checking described terminal authentication first completes message and passes through, according to the first session key described in described shared master key calculation.
In addition, described background system server, also treats signing messages and described the first authentication request information for receiving described first of described terminal transmission, and wherein, described the first authentication request information comprises the identification information of described terminal; Whether the identification information that judges described terminal is included in the terminal abnormal list prestoring in described background system server; After the identification information of judging described terminal is in described terminal abnormal list, obtain locking terminal instruction, and the private key that utilizes described background system server to locking terminal instruction sign and obtain the 4th signing messages, and send described locking terminal instruction and described the 4th signing messages to described terminal; Described terminal, the described locking terminal instruction and described the 4th signing messages that also send for receiving described background system server, utilize the PKI in the described background system server certificate prestoring to verify described the 4th signing messages; After described the 4th signing messages of checking passes through, carry out lock operation according to described locking terminal instruction.
In addition, described terminal also authenticates mutually with described intelligent cipher equipment, and generates respectively described the second session key.
In addition, described terminal, also treats signing messages for generating the 3rd; Send the described the 3rd to described intelligent cipher equipment and treat signing messages and the second authentication request information; Whether what receive that described intelligent cipher equipment sends the described the 4th treats signing messages, described the second signing messages and described intelligent cipher device certificate, utilize described in the root certification authentication that the intelligent cipher device certificate that prestores is corresponding intelligent cipher device certificate legal; After the described intelligent cipher device certificate of checking is legal, utilize the PKI in described intelligent cipher device certificate to verify described the second signing messages; After described the second signing messages of checking passes through, the private key that utilizes described terminal treats that to the described the 3rd signing messages and the described the 4th treats that signing messages is signed and obtain the 3rd signing messages, generate the first session key and generate the factor, utilize the PKI in described intelligent cipher device certificate to be encrypted and to obtain the second enciphered message the described first session key generation factor; Send described the 3rd signing messages, described the second enciphered message and described terminal certificate to described intelligent cipher equipment; Described the 3rd enciphered message and the described intelligent cipher device authentication that receive described intelligent cipher equipment transmission complete message, verify that described intelligent cipher device authentication completes message; After the described intelligent cipher device authentication of checking completes message and passes through, generate terminal authentication second and complete message, send described terminal authentication second to described intelligent cipher equipment and complete message, and according to first session key generate the factor and decipher described the 3rd enciphered message obtain described second session key generate the factor generate described the second session key; Described intelligent cipher equipment, also treats signing messages and described the second authentication request information for receiving the described the 3rd of described terminal transmission, generates the 4th and treats signing messages; The private key that utilizes described intelligent cipher equipment treats to the described the 3rd that signing messages is signed and obtains the second signing messages, and sends the described the 4th to described terminal and treat signing messages, described the second signing messages and intelligent cipher device certificate; Receive described the 3rd signing messages, described the second enciphered message and described terminal certificate that described terminal sends, utilize described in the root certification authentication that the described terminal certificate that prestores is corresponding terminal certificate whether legal; After the described terminal certificate of checking is legal, utilize the PKI in described terminal certificate to verify described the 3rd signing messages; After described the 3rd signing messages of checking passes through, generate the second session key and generate the factor, utilize PKI in described terminal certificate to generate the factor to described the second session key and be encrypted and obtain the 3rd enciphered message, and generate intelligent cipher device authentication and complete message; Send described the 3rd enciphered message and described intelligent cipher device authentication completes message to described terminal; The described terminal authentication second that receives described terminal transmission completes message, verifies that described terminal authentication second completes message; Verify that described terminal authentication second completes after message, according to second session key generate the factor and decipher described second enciphered message obtain described first session key generate the factor generate described the second session key.
In addition, described intelligent cipher equipment, also, for receiving after described the second authentication request information, is converted to wake-up states by dormant state; Under wake-up states, generate the 4th and treat signing messages.
As seen from the above technical solution provided by the invention, client can be without completing payment by modes such as wallet, credit card, mobile phones, thereby simplify the interactive operation in payment process of client and trade company, improved payment efficiency, promoted the experience of client in the payment process of near field; Utilize the security of the safety profile promise customer payment process of intelligent cipher equipment simultaneously.
Client has chosen commodity later in the time of checkout, terminal is without obtaining user profile by the mode that allows client manually swipe the card or to brush mobile phone again, when checkout, client only need quote the name of oneself, terminal can directly be sent to the Transaction Informations such as the amount of money after clearing client's intelligent cipher equipment and show, now, client only need utilize intelligent cipher equipment to confirm, and export trade confirmation information, terminal generates transaction data package and sends to background system server, the processing of transferring accounts after this transaction data package of background system server authentication is accurate, can complete payment process.
In the time that client walks out the signal cover in this family shop, the network between intelligent cipher equipment and terminal is connected and will automatically interrupts, and user profile disappears from active user's list in this shop.If when client enters again another family shop, will automatically enter in active user's list in this another family shop, start another shopping.Do not need like this client to carry out any operation, just can bring seamless experience for client.
Brief description of the drawings
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, below the accompanying drawing of required use during embodiment is described is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, do not paying under the prerequisite of creative work, can also obtain other accompanying drawings according to these accompanying drawings.
Fig. 1 is data security interactive system structural representation provided by the invention;
Fig. 2 is the process flow diagram of data security exchange method provided by the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiment.Based on embodiments of the invention, those of ordinary skill in the art, not making the every other embodiment obtaining under creative work prerequisite, belong to protection scope of the present invention.
In description of the invention, it will be appreciated that, term " " center ", " longitudinally ", " laterally ", " on ", D score, " front ", " afterwards ", " left side ", " right side ", " vertically ", " level ", " top ", " end ", " interior ", orientation or the position relationship of instructions such as " outward " are based on orientation shown in the drawings or position relationship, only the present invention for convenience of description and simplified characterization, instead of device or the element of instruction or hint indication must have specific orientation, with specific orientation structure and operation, therefore can not be interpreted as limitation of the present invention.In addition, term " first ", " second " be only for describing object, and can not be interpreted as instruction or hint relative importance or quantity or position.
In description of the invention, it should be noted that, unless otherwise clearly defined and limited, term " installation ", " being connected ", " connection " should be interpreted broadly, and for example, can be to be fixedly connected with, and can be also to removably connect, or connect integratedly; Can be mechanical connection, can be also electrical connection; Can be to be directly connected, also can indirectly be connected by intermediary, can be the connection of two element internals.For the ordinary skill in the art, can concrete condition understand above-mentioned term concrete meaning in the present invention.
Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.
Data security interactive system provided by the invention, system architecture applicatory as shown in Figure 1, comprising: background system server, terminal and intelligent cipher equipment.Wherein:
Background system server can complete paired terminal and the management of intelligent cipher equipment and the storage to user profile and issue management, for example comprise the management such as registration to terminal and intelligent cipher equipment, cancellation, locking, certification, it can provide the financial service such as bank's related service, payment platform service; Can comprise the combination of one or more servers such as paying server, certificate server, management server.
Terminal can be the terminal of trade company's end, to complete the initiation of mobile payment, to the certification of intelligent cipher equipment and background system server, the maintenance of user profile etc., this terminal can arrive the intelligent cipher equipment in its signal cover by autoscan, and the communication connection of foundation and intelligent cipher equipment, obtain the user profile that intelligent cipher equipment is corresponding.
Intelligent cipher equipment possesses secure payment (for example: electronic signature, dynamic password generate) function, and certification to terminal, this intelligent cipher equipment possesses wireless communication module (for example: bluetooth, infrared ray, RFID, NFC, light, sound wave, heat energy, vibration, WIFI etc.), can and terminal between communicate by this wireless communication module, certainly, this intelligent cipher equipment can also include line interface (for example: audio interface, USB interface, serial ports etc.), and communicates by wireline interface and terminal.In addition, intelligent cipher equipment can also possess connectivity option function, if user does not open this function, terminal cannot be obtained the identification information of intelligent cipher equipment and corresponding user profile.For example: intelligent cipher equipment can enter the state that can be scanned, so that terminal scanning arrives this intelligent cipher equipment.The connectivity option function that intelligent cipher equipment possesses, can be that the hardware switch arranging on intelligent cipher equipment is opened realization, can be also that intelligent cipher equipment is opened and realized by software.
As shown in Figure 2, the framework shown in application drawing 1, data security interactive system provided by the invention can be carried out associative operation in the following manner:
Terminal and intelligent cipher equipment are registered to backstage system server:
Comprise following two aspects:
1, terminal is registered to backstage system server, wherein:
The application for registration of background system server receiving terminal, and application is audited to endpoint registration; Concrete, trade company can arrive bank counter and handle the application for registration of this terminal, also can handle by internet the application for registration of this terminal, and background system server receives after this application for registration, and the legitimacy of the identity to this trade company is audited.
Background system server after audit terminal application for registration is passed through, to terminal transmitting terminal key to generate instruction; Concrete, the legitimacy of background system server examination & verification merchant identification etc. after passing through is agreed to the terminal of trade company to register, and sends key to generating instruction to terminal simultaneously, be used to indicate terminal and generate terminal key pair, this terminal key is to comprising a pair of public and private key.
Terminal receives terminal key to generating after instruction, generates terminal key pair; Concrete, in terminal, can preset a generating mode that key is right, receive terminal key to generating after instruction in terminal, according to default key, generating mode is generated to terminal key pair, generate a pair of public and private key.
Terminal is to the PKI of backstage system server transmitting terminal cipher key pair; Concrete, terminal can send the PKI of the terminal key centering of its generation by believable communication link to backstage system server, with the security that ensures that the PKI of terminal sends; Also can the PKI of the terminal key centering of its generation be sent by internet to the convenience of transmitting to improve the PKI of terminal to backstage system server.
Background system server receives after the PKI of terminal key centering, generates terminal certificate, and to terminal transmitting terminal certificate; Concrete, background system server can be with the private key of backstage system server the PKI of the information to trade company and terminal calculates generation terminal certificate; In background system server, can also comprise CA server, the PKI of the information of the private key by this CA server to trade company and terminal calculates and generates terminal certificate; Background system server can also be sent to CA by the PKI of the information of trade company and terminal, and the PKI of the CA information to trade company and terminal according to the private key of CA calculates and generates terminal certificate, and sends to terminal by background system server.
Terminal storage terminal certificate; Concrete, terminal, receiving after the terminal certificate of background system server transmission, is stored in this terminal certificate in the memory block of carrying out security function.Certainly,, for different background system servers, terminal can also be stored the different terminal certificate that different background system servers sends.
2, intelligent cipher equipment is registered to backstage system server, wherein:
Background system server receives the application of intelligent cipher facility registration, and application is audited to intelligent cipher facility registration; Concrete, the user who holds intelligent cipher equipment can arrive bank counter and handle the application for registration of this intelligent cipher equipment, also can handle by internet the application for registration of this intelligent cipher equipment, background system server receives after this application for registration, and the legitimacy of the identity to this user is audited.
Background system server, after the application of examination & verification intelligent cipher facility registration is passed through, sends intelligent cipher device keys to generating instruction to intelligent cipher equipment; Concrete, after the legitimacy of background system server examination & verification user identity etc. is passed through, agreed to user's intelligent cipher equipment to register, send key to generating instruction to intelligent cipher equipment simultaneously, be used to indicate intelligent cipher equipment and generate intelligent cipher device keys pair, this intelligent cipher device keys is to comprising a pair of public and private key.
Intelligent cipher equipment receives intelligent cipher device keys to generating after instruction, generates intelligent cipher device keys pair; Concrete, in intelligent cipher equipment, can preset a generating mode that key is right, receive intelligent cipher device keys to generating after instruction at intelligent cipher equipment, according to default key, generating mode is generated to intelligent cipher device keys pair, generate a pair of public and private key.
Intelligent cipher equipment sends the PKI of intelligent cipher device keys centering to backstage system server; Concrete, intelligent cipher equipment can send the PKI of the intelligent cipher device keys centering of its generation by believable communication link to backstage system server, with the security that ensures that the PKI of intelligent cipher equipment sends; Also can the PKI of the intelligent cipher device keys centering of its generation be sent by internet to the convenience of transmitting to improve the PKI of intelligent cipher equipment to backstage system server.
Background system server receives after the PKI of intelligent cipher device keys centering, generates intelligent cipher device certificate, and sends intelligent cipher device certificate to intelligent cipher equipment; Concrete, background system server can be with the private key of backstage system server the PKI of the information to user and intelligent cipher equipment calculates generation intelligent cipher device certificate; In background system server, can also comprise CA server, the PKI of the information of the private key by this CA server to user and intelligent cipher equipment calculates and generates intelligent cipher device certificate; Background system server can also be sent to CA by the PKI of user's information and intelligent cipher equipment, the PKI of the CA information to user and intelligent cipher equipment according to the private key of CA calculates and generates intelligent cipher device certificate, and sends to intelligent cipher equipment by background system server.
Intelligent cipher device storage intelligent cipher device certificate; Concrete, intelligent cipher equipment, receiving after the intelligent cipher device certificate of background system server transmission, is stored in this intelligent cipher device certificate in the memory block of carrying out security function.Certainly,, for different background system servers, intelligent cipher equipment can also be stored the different intelligent cipher device certificate that different background system servers sends.
Terminal is at signal cover interscan intelligent cipher equipment, and obtains the identification information of the intelligent cipher equipment scanning:
Concrete, terminal can send request signal (sequence number of for example terminal) according to certain time interval and inquire about the intelligent cipher equipment in certain wireless signal coverage;
Intelligent cipher equipment is intercepted (inquiry scan) to the inquiry of terminal, after intelligent cipher equipment enters in the signal cover of terminal, the identification information that sends intelligent cipher equipment to terminal, thus, terminal scanning has arrived the identification information of intelligent cipher equipment.
Below, provide two kinds of modes that realize terminal scanning and obtain the identification information of intelligent cipher equipment:
(1) terminal can be used IAC (Inquiry Access Code, Inquiry Access Code) to inquire about the intelligent cipher equipment in certain wireless signal coverage;
Intelligent cipher equipment is intercepted (inquiry scan) to the inquiry of terminal, after intelligent cipher equipment enters in the signal cover of terminal, sends address and the clock information of intelligent cipher equipment to terminal;
Intelligent cipher equipment intercepts the paging information of self terminal, carries out page scan;
The intelligent cipher equipment that paging terminal has inquired;
Intelligent cipher equipment receives after paging information, sends the DAC (Device Access Code, device access code) of intelligent cipher equipment to terminal.
(2) terminal sends request signal and inquires about the intelligent cipher equipment in certain wireless signal coverage;
Intelligent cipher equipment is intercepted (inquiry scan) to the request signal of terminal, after intelligent cipher equipment enters in the signal cover of terminal, sends the address of intelligent cipher equipment to terminal.
Certainly, how the present invention only obtains the identification information of intelligent cipher equipment with above two examples explanation terminal, but the present invention is not limited thereto, the mode of the identification information based on above-mentioned two acquisition intelligent cipher equipment, intelligent cipher equipment can be in the time receiving any information of terminal transmission, the information that all terminal can be sent is as dormancy awakening signal, and intelligent cipher equipment, according to dormancy awakening signal, switches to wake-up states (being normal mode of operation) by dormant state.Meanwhile, intelligent cipher equipment, after any command execution finishes, all can automatically reply dormant state.Intelligent cipher equipment enters dormant state to save the electric energy of intelligent cipher equipment, increases the service life.
Before terminal scanning intelligent cipher equipment, intelligent cipher equipment also needs to enter the state that can be scanned, so that terminal can scan this intelligent cipher equipment, wherein, intelligent cipher equipment enters the state that can be scanned and can be opened and be realized by the hardware switch arranging on intelligent cipher equipment, also can be opened and be realized by intelligent cipher device software.
In the present invention, terminal can authenticate mutually with background system server, and generates respectively the first session key: and/or terminal can authenticate mutually with intelligent cipher equipment, and generate respectively the second session key:
Wherein, terminal and background system server authenticate mutually, and it is as follows to generate respectively the process of the first session key:
Terminal generates first and treats signing messages; Concrete, terminal can generate random number by random number generator and treat signing messages as first, also can adopt self sequence number, MAC Address or other identification information to treat signing messages as first, can be also that the combination of random number and identification information is treated signing messages as first.Wherein, as long as all can be used as first, the information that can be signed by background system server treats signing messages, so that background system server authenticates background system server after returning to signing messages.Random number can be a kind of or several combination arbitrarily in the characters such as numeral, letter, special character.
Terminal sends first to backstage system server and treats signing messages and the first authentication request information; Concrete, terminal can treat that by first signing messages and the first authentication request information send to backstage system server by believable communication link, the security sending with guarantee information; Also can treat that by first signing messages and the first authentication request information send to backstage system server by internet, to improve the convenience of communication.
In addition, background system server is in order to ensure the security of data interaction and the legitimacy of terminal, background system server can also receive first after signing messages and the first authentication request information, whether the identification information that judges terminal is included in the terminal abnormal list prestoring in background system server, wherein, the first authentication request information comprises the identification information of terminal; Background system server is after the identification information of judging terminal is in terminal abnormal list, obtain locking terminal instruction, and the private key that utilizes background system server to locking terminal instruction sign and obtain the 4th signing messages, and send locking terminal instruction and the 4th signing messages to terminal; Termination is received after locking terminal instruction and the 4th signing messages, utilizes the PKI in the background system server certificate prestoring to verify the 4th signing messages; Terminal, after checking the 4th signing messages passes through, is carried out lock operation according to locking terminal instruction.
Concrete, terminal abnormal list can be for blacklist, report the loss list, inefficacy list etc. represents arbitrarily the illegal list of terminal identity; If the identification information of terminal is in terminal abnormal list, illustrate that this terminal is illegal terminal, now, in order to ensure security, background system server sends lock instruction to lock this illegal terminal to this illegal terminal, and meanwhile, background system server is also signed to this lock instruction, to guarantee the legal source of lock instruction, avoid the malicious operation of illegal locking terminal.
Certainly, the present invention is not limited thereto, for practical application, as long as can legal locking illegal terminal.
In addition, background system server also can not signed to lock instruction, only send lock instruction to illegal terminal to lock this illegal terminal.
Terminal is carried out lock operation according to locking terminal instruction and can be comprised: terminal refusal is carried out any request, destroys the any-mode such as certificate of self storage.
Certainly, background system server is sending after lock instruction, can also carry out any request of this illegal terminal of refusal.
As can be seen here, in the time that terminal occurs losing or suffers the abnormal conditions such as illegal report, the identification information of this terminal will be entered into the reporting the loss in the abnormal list such as list or blacklist of background system server, after this, if someone attempts to use this terminal to conclude the business illegally to transfer accounts while stealing fund again, in the time that terminal and background system server authenticate, background system server can be compared terminal identification information at abnormal list, if find, the identification information of this terminal is in abnormal list, background system server will lock terminal, thereby protection user account safety.
Background system server receives first after signing messages and the first authentication request information, generates second and treats signing messages; Concrete, background system server can receive after the first authentication request information, generate second and treat signing messages, can generate random number by random number generator and treat signing messages as second, also can adopt self sequence number, MAC Address or other identification information to treat signing messages as second, can be also that the combination of random number and identification information is treated signing messages as second.Wherein, as long as all can be used as second, the information that can be signed by terminal treats signing messages, so that terminal authenticates terminal after returning to signing messages.Random number can be a kind of or several combination arbitrarily in the characters such as numeral, letter, special character.
Background system server sends second to terminal and treats signing messages and background system server certificate; Concrete, background system server can treat that by second signing messages and background system server certificate send to terminal by believable communication link, the security sending with guarantee information; Also can treat that by second signing messages and background system server certificate send to terminal by internet, to improve the convenience of communication.
Whether terminal receives second after signing messages and background system server certificate, utilize root certification authentication background system server certificate corresponding to the background system server certificate that prestores legal; Concrete, terminal also needs to get root certificate corresponding to background system server certificate in registration process, to background system server certificate is carried out to legitimate verification.
Terminal, after checking background system server certificate is legal, generates and shares master key; Concrete, after terminal checking background system server certificate is legal, generates and share master key, this shared master key specifically can be for generating the first session key.
Terminal utilizes PKI in background system server certificate to be encrypted and to generate the first enciphered message sharing master key, and the private key that utilizes terminal treats that to first signing messages and second treats signing messages generation the first signing messages of sign; Concrete, for safe transmission is shared master key, terminal utilizes the PKI of background system server to be encrypted sharing master key, simultaneously, in order to ensure legal source and the non repudiation of the data that transfer to background system server, terminal also treats that to first signing messages and second treats that signing messages signs, thus, signing messages and enciphered message are jointly transferred to background system server by terminal, can ensure the legal source of these data, also ensure the security of important information in data.The first signing messages in the present invention can be by first until signing messages acquisition of signing of the information after signing messages is connected with second, can be also by the first acquisition of signing of the information after signing messages is adjusted according to the adjustment scheme of consulting in advance until signing messages and second.
Terminal sends the first enciphered message, the first signing messages and terminal certificate to backstage system server;
Whether the root certification authentication terminal certificate that terminal certificate that background system server by utilizing prestores is corresponding is legal; Concrete, background system server also gets the root certificate that terminal certificate is corresponding in the registration process of terminal, to terminal certificate is carried out to legitimate verification.
Background system server, after verification terminal certificate is legal, utilizes public key verifications the first signing messages in terminal certificate;
Background system server, after checking the first signing messages passes through, utilizes the private key of background system server to decipher the first enciphered message, obtains and shares master key;
Background system server generates backstage and has authenticated message, and has authenticated message to terminal transmission backstage;
Terminal receives backstage and has authenticated after message, and checking backstage has authenticated message; Concrete, terminal has authenticated message to backstage and has carried out legitimate verification.
Terminal, after checking backstage authenticate message and passes through, generates terminal authentication first and completes message, and authenticate first to backstage system server transmitting terminal and complete message, and according to shared master key calculation the first session key;
Background system server receives terminal authentication first and completes after message, and verification terminal certification first completes message; Concrete background system server completes message to terminal authentication first and carries out legitimate verification.
Background system server is after verification terminal certification first completes message and passes through, according to shared master key calculation the first session key.
Based on aforesaid way, between background system server and terminal, produce the first session key that ensures data transmission security and/or integrality, so that when background system server and terminal are carried out subsequent data transmission, data to be transmitted is encrypted and is calculated and/or verification calculating.This first session key can comprise encryption key and/or check key, check key can be MAC verification computation key or HASH verification computation key, encryption key is symmetric cryptography computation key, and the encryption key that this first session key is included and/or check key can be to be decomposed and obtained by shared master key.
Certainly, the present invention is not limited thereto plants the first session key generative process of being initiated by terminal, can also initiate this first session key generative process by background system server.Now, for the locking of terminal, need only and can be judged by background system server after background system server receives the identification information of terminal.
In addition, after the first session key can be generated by the either party in terminal or background system server, and send to the other side after being encrypted with the other side's PKI, reduce a side computation complexity.
In addition, background system server is after verification terminal certification first completes message and passes through, also for example, to the corresponding authority of open-destination: terminal can be obtained the user profile that intelligent cipher equipment is corresponding from background system server, to realize the management of background system server to terminal.
Between terminal and background system server, generate the first session key process can and following terminal and intelligent cipher equipment between to generate the process of the second session key identical.
By the two-way authentication between terminal and background system server, can guarantee both sides' legitimacy, improve the security of subsequent treatment.
Below, provide the mode of concrete generation first session key, the present invention is not limited thereto certainly:
1) terminal of trade company's end produces random number R 1;
2) random number R 1 is sent to background system server by the terminal of trade company's end, and send authentication request to backstage system server;
3) background system server receives the authentication request of self terminal, produces random number R 2;
4) background system server sends random number R 2 and background system server certificate to terminal;
5) terminal is used the background system server certificate that root certification authentication corresponding to background system server certificate prestoring in terminal received;
If checking is not passed through, finish;
If the verification passes, terminal produces shares master key MKey, and with the PKI in background system server certificate, to MKey, encryption obtains E1;
6) terminal connects R1 and R2 and obtains R3, R3 is carried out to digest calculations and obtain H1, then uses the private key of terminal to carry out signature calculation to H1 and obtains S1;
7) S1, E1 and terminal certificate are sent to background system server by terminal;
8) background system server uses root certification authentication terminal certificate legitimacy corresponding to terminal certificate;
If verification terminal certificate does not pass through, finish;
If verification terminal certificate passes through, use terminal certificate checking S1;
If checking S1 does not pass through, finish;
If checking S1 passes through, from E1, deciphering obtains sharing master key MKey;
9) background system server carries out digest calculations to background system server certificate and obtains H2, terminal certificate is carried out to digest calculations and obtain H3, R1, R2, H2, H3, S1, E1 are obtained to T1 after connecting, T1 is carried out calculating " background system server authentication completes message " through HMAC again after digest calculations;
10) background system server sends " background system server authentication completes message " to terminal;
11) terminal is verified " background system server authentication completes message " that the background system server that receives is sent;
If checking is not passed through, finish;
If the verification passes, generate " terminal authentication completes message " (referring to mode of above-mentioned generation " background system server authentication completes message ");
12) terminal sends " terminal authentication completes message " to background system server;
13) " terminal authentication completes message " that background system server authentication receives;
If checking is not passed through, finish;
If the verification passes, represent mutual authentication process success, both sides' session key, and the encryption key K1 decompositing from session key, for carrying out the encrypting and decrypting of data transmission between background system server and terminal, and/or the check key MACKEY of verification calculating, for generation and the verification of proof test value.
So between the terminal of trade company and background system server, just carry out two-way authentication, guarantee that the other side is legal, and negotiated public session key (comprising encryption key and/or check key), can be used between terminal and background system server data encryption when data pass mutually and/or the generation of proof test value.The terminal of this trade company has also completed " the registering " at background system server place, can carry out follow-up user profile and read and the operation requests of transaction request.
It should be noted that, the proof test value generating when transmission data in this example between background system server and terminal is MAC form.In the time of specific implementation, the MAC value that described proof test value might not just generate with MAC key, also can generate proof test value by the generation mode of signature again of making a summary.
Mutually authenticate and set up escape way by terminal and background system server, certification by having completed the trade company that holds this terminal background system server " registering " later, be that background system server has been assert the legitimacy of the trade company that holds this terminal and negotiated the first session key with terminal, to utilize this first session key to realize the transaction data of background system server and the terminal encrypted transmission when mutual, carry out the follow-up preliminary work to the operation such as user profile transmission and transmission of transaction data corresponding to intelligent cipher equipment.The terminal of this process background system server authentication can be verified the legitimacy of intelligent cipher equipment by background system server afterwards, and obtains the relevant user information of legal intelligent cipher equipment.
Wherein, terminal and intelligent cipher equipment authenticate mutually, and it is as follows to generate respectively the process of the second session key:
Terminal generates the 3rd and treats signing messages; Concrete, terminal can generate random number by random number generator and treat signing messages as the 3rd, also can adopt self sequence number, MAC Address or other identification information to treat signing messages as the 3rd, can be also that the combination of random number and identification information is treated signing messages as the 3rd.Wherein, as long as all can be used as the 3rd, the information that can be signed by intelligent cipher equipment treats signing messages, so that intelligent cipher equipment authenticates intelligent cipher equipment after returning to signing messages.Random number can be a kind of or several combination arbitrarily in the characters such as numeral, letter, special character.
Terminal sends the 3rd to intelligent cipher equipment and treats signing messages and the second authentication request information; Concrete, terminal can treat that by the 3rd signing messages and the second authentication request information send to intelligent cipher equipment by wireless communication link, the convenience sending with guarantee information; Also can treat that by the 3rd signing messages and the second authentication request information send to intelligent cipher equipment by wireline interface, to improve the security of communication.
Intelligent cipher equipment receives the 3rd after signing messages and the second authentication request information, generates the 4th and treats signing messages; Concrete, intelligent cipher equipment can receive after the second authentication request information, generate the 4th and treat signing messages, can generate random number by random number generator and treat signing messages as the 4th, also can adopt self sequence number, MAC Address or other identification information (for example device access code DAC) to treat signing messages as the 4th, can be also that the combination of random number and identification information is treated signing messages as the 4th.Wherein, as long as all can be used as the 4th, the information that can be signed by terminal treats signing messages, so that terminal authenticates terminal after returning to signing messages.Random number can be a kind of or several combination arbitrarily in the characters such as numeral, letter, special character.
In addition, intelligent cipher equipment is receiving the 3rd after signing messages and the second authentication request information, generates the 4th in the time of signing messages, and intelligent cipher equipment can also, receiving after the second authentication request information, be converted to wake-up states by dormant state; Intelligent cipher equipment generates the 4th and treats signing messages under wake-up states.Be converted to wake-up states to complete normal work by dormant state, and after intelligent cipher equipment is finished the work, again switch to dormant state, to reduce electric energy loss, increase the service life.
The private key of intelligent cipher equipment utilization intelligent cipher equipment is treated to the 3rd that signing messages is signed and is obtained the second signing messages, and sends and the 4th treat signing messages, the second signing messages and intelligent cipher device certificate to terminal;
Whether terminal receives the 4th after signing messages, the second signing messages and intelligent cipher device certificate, utilize the root certification authentication intelligent cipher device certificate that the intelligent cipher device certificate that prestores is corresponding legal; Concrete, terminal also needs to obtain the root certificate that intelligent cipher device certificate is corresponding, to intelligent cipher device certificate is carried out to legitimate verification.
Terminal, after checking intelligent cipher device certificate is legal, utilizes the PKI in intelligent cipher device certificate to verify the second signing messages;
Terminal is after checking the second signing messages passes through, the private key that utilizes terminal treats that to the 3rd signing messages and the 4th treats that signing messages is signed and obtain the 3rd signing messages, generate the first session key and generate the factor, utilize the PKI in intelligent cipher device certificate to be encrypted and to obtain the second enciphered message the first session key generation factor; Concrete, terminal is after the signature of checking intelligent cipher device certificate and intelligent cipher equipment all passes through, generate the generation factor (the i.e. first session key generation factor of the session key of data interaction between terminal and intelligent cipher equipment, this first session key generates the factor for generating the session key of data interaction between terminal and intelligent cipher equipment), simultaneously, utilize the PKI in intelligent cipher device certificate to be encrypted this first session key generation factor, to ensure that the first session key generates the security of factor transmission.
Terminal sends the 3rd signing messages, the second enciphered message and terminal certificate to intelligent cipher equipment;
Whether intelligent cipher equipment receives after the 3rd signing messages, the second enciphered message and terminal certificate, utilize the root certification authentication terminal certificate that the terminal certificate that prestores is corresponding legal; Concrete, intelligent cipher equipment also needs to get the root certificate that terminal certificate is corresponding, to terminal certificate is carried out to legitimate verification.
Intelligent cipher equipment, after verification terminal certificate is legal, utilizes the PKI in terminal certificate to verify the 3rd signing messages;
Intelligent cipher equipment is after checking the 3rd signing messages passes through, generate the second session key and generate the factor, utilize PKI in terminal certificate to generate the factor to the second session key and be encrypted and obtain the 3rd enciphered message, and generate intelligent cipher device authentication and complete message, concrete, intelligent cipher equipment is after the signing messages of verification terminal certificate and terminal all passes through, generate the generation factor (the i.e. second session key generation factor of the session key of data interaction between terminal and intelligent cipher equipment, this second session key generates the factor for generating the session key of data interaction between terminal and intelligent cipher equipment), simultaneously, utilize the PKI in terminal certificate to be encrypted this second session key generation factor, to ensure that the second session key generates the security of factor transmission, in addition, also generate intelligent cipher device authentication and complete message, to inform that terminal intelligent encryption device has authenticated.
Intelligent cipher equipment completes message to terminal transmission the 3rd enciphered message and intelligent cipher device authentication;
Terminal receives the 3rd enciphered message and intelligent cipher device authentication completes after message, and checking intelligent cipher device authentication completes message; Concrete, terminal also authentication intelligent encryption device has authenticated message, to guarantee to have authenticated the legal source of message.
Terminal is after checking intelligent cipher device authentication completes message and passes through, generate terminal authentication second and complete message, complete message to intelligent cipher equipment transmitting terminal certification second, and generate the second session key according to the second session key generation factor of the first session key generation factor and deciphering the 3rd enciphered message acquisition; Concrete, terminal is after authentication intelligent encryption device has authenticated message and passed through, generate terminal authentication second and complete message, to inform that intelligent cipher device end has authenticated, the second session key generation factor that terminal generates the factor and deciphering the 3rd enciphered message acquisition according to the first session key simultaneously generates the second session key, to and carry out data interaction by this second session key between intelligent cipher equipment.
Intelligent cipher equipment receives terminal authentication second and completes after message, and verification terminal certification second completes message; Concrete, intelligent cipher equipment also authenticates terminal authentication second and completes message, to guarantee to have authenticated the legal source of message.
Intelligent cipher device authentication terminal authentication second completes after message, and the first session key generation factor that generates the factor and deciphering the second enciphered message acquisition according to the second session key generates the second session key.Concrete, intelligent cipher equipment completes after message in verification terminal certification second, the first session key generation factor that generates the factor and deciphering the second enciphered message acquisition according to the second session key generates the second session key, to and carry out data interaction by this second session key between terminal.
Certainly, the present invention is not limited thereto plants the second session key generative process of being initiated by terminal, can also initiate this second session key generative process by intelligent cipher equipment.
In addition, after the second session key can be generated by the either party in terminal or intelligent cipher equipment, and send to the other side after being encrypted with the other side's PKI, reduce a side computation complexity.
Certainly, between terminal of the present invention and intelligent cipher equipment, generate the second session key process can and above-mentioned terminal and background system server between to generate the process of the first session key identical.The second session key also can obtain by the mode of decomposing shared master key.
Below, provide the mode of concrete generation second session key, the present invention is not limited thereto certainly:
1) terminal sends authentication request to intelligent cipher equipment, and sends random number R 01;
2) after receiving the authentication request that terminal sends, the intelligent cipher equipment of dormant state is waken up;
3) intelligent cipher equipment generates random number R 02, and R01 is carried out to digest calculations also with its encrypted private key summarization generation signature S01, and random number R 02, signature S01 and intelligent cipher device certificate are sent to terminal by intelligent cipher equipment;
4) terminal is used the legitimacy of the root certification authentication intelligent cipher device certificate that the intelligent cipher device certificate that prestores in terminal is corresponding;
If checking intelligent cipher device certificate is illegal, finish to connect;
If checking intelligent cipher device certificate is legal, perform step 5);
5) whether terminal certifying signature S01 is correct,
If certifying signature S01 is incorrect, finish to connect;
If certifying signature S01 is correct, perform step 6);
6) terminal couples together R01, R02 to form R01|R02, and R01|R02 is generated and makes a summary and sign, and obtains the S02 that signs, and generates random number R 03, utilizes the public key encryption R03 generating ciphertext E01 of intelligent cipher equipment.E01, terminal certificate and S02 are sent to intelligent cipher equipment;
7) legitimacy of the root certification authentication terminal certificate that intelligent cipher equipment uses intelligent cipher equipment to prestore terminal certificate is corresponding;
If verification terminal certificate is illegal, finish to connect;
If verification terminal certificate is legal, perform step 8);
8) whether intelligent cipher device authentication signature S02 is correct;
If certifying signature S02 is incorrect, finish to connect;
If certifying signature S02 is correct, perform step 9);
9) intelligent cipher equipment generates random number R 04, utilizes the PKI of terminal to encrypt generating ciphertext E02 to R04, and ciphertext E02 is issued to terminal;
10) terminal generates and has authenticated message, to terminal certificate, the computing of making a summary obtains H01 to terminal, to intelligent cipher device certificate, the computing of making a summary obtains H02, by R01, R02, E01, E02, H01, H02, S01, S02 obtain T01 after connecting, and then T01 are made a summary and are signed, obtain " backstage has authenticated message " F01, send F01 to intelligent cipher equipment;
11) intelligent cipher equipment is received F01, and F01 is verified;
If checking F01 does not pass through, return to error message and finish to connect;
If checking F01 passes through, perform step 12);
12) intelligent cipher equipment generates and has authenticated message F02 with the same manner, and the certification of generation is completed to information sends to terminal;
13) terminal checking F02;
If checking F02 does not pass through, return to error message and finish to connect;
If checking F02 passes through, perform step 14);
14) intelligent cipher equipment is connected respectively R03, R04 with terminal, obtains R03|R04, utilizes R03|R04 to generate the second session key K2 (this key can be only encryption key), for the safe transmission of data after both.
As can be seen here, the mutual authentication process of terminal and intelligent cipher equipment (process two) and backstage and terminal mutually authenticate (process one) difference and are:
Process one has generated encryption key and check key (for example MACKEY), and two of processes have generated encryption key, does not generate check key (can certainly generate check key).
The effect of check key is for generating proof test value, and whether proof test value is used for being tampered in checking data transmitting procedure.Data receiver adopts special algorithm to utilize check key that the data of transmission are generated to proof test value, and whether the data that data receiver utilizes proof test value and check key to carry out verification reception are tampered.And be directed to terminal of the present invention and the follow-up flow process of intelligent cipher equipment, while transmitting transaction data between terminal and intelligent cipher equipment, user can artificially judge that whether data are correct by the information showing on intelligent cipher equipment, so need not introduce proof test value again; Also the verification intelligent cipher equipment of signature can send by to(for) terminal judges whether information is tampered, also without introducing proof test value, therefore in order to simplify treatment scheme, improve communication efficiency, in the time generating the second session key, can not need to generate check key.Certainly,, in order further to improve security, also can generate check key.
Between background system server and terminal, because background system server is not known transaction particular content, for ensureing safety, need the mode by introducing proof test value to judge whether data are tampered.
As can be seen here, process one is to be produced and shared master key by a side, then adopts special algorithm to process sharing master key, obtains encryption key and check key and decompose; Process two is the each composing factors that produce an encryption key of certification both sides, finally synthetic encryption key.Certainly, in session key generating mode and the process two adopting in process one, the session key generating mode of employing both can be for the generation of session key between terminal and background system server, also can be for the generation of session key between terminal and intelligent cipher equipment.
Thus, carry out, after two-way authentication, can taking precautions against fishing risk in terminal and intelligent cipher equipment, prevented the transaction risks such as the distorting of transmission information, long-range abduction and man-in-the-middle attack, thereby effectively ensured the fund security of terminal and intelligent cipher equipment.
By building the system of carrying out mutual certification between background system server and terminal, intelligent cipher equipment, set up the escape way between three, take precautions against fishing risk, prevent that Transaction Information from distorting, the transaction risk such as long-range abduction and man-in-the-middle attack, thereby the user that effective guarantee is held intelligent cipher equipment and the account fund safety of trade company of holding terminal.
Certainly, the first session key in the present invention can be pre-stored in background system server and terminal, also can consult to generate by background system server and terminal, in the time consulting to generate the first session key, can in the process that terminal and background system server authenticate, consult to generate (mutually authenticate referring to above-mentioned terminal and background system server, and generate respectively the flow process of the first session key).
Certainly all information of, transmitting between background system server and terminal in the present invention all can be calculated and/or the rear transmission of verification calculating by the first session key.
The second session key in the present invention can be pre-stored in terminal and intelligent cipher equipment, also can consult to generate by terminal and intelligent cipher equipment, in the time consulting to generate the second session key, can in the process that terminal and intelligent cipher equipment authenticate, consult to generate (mutually authenticate referring to above-mentioned terminal and intelligent cipher equipment, and generate respectively the flow process of the second session key).
Certainly all information of, transmitting between terminal and intelligent cipher equipment in the present invention also all can be calculated and/or the rear transmission of verification calculating by the second session key.
Terminal is obtained user profile:
Concrete, in this step, terminal (is for example obtained user profile that intelligent cipher equipment is corresponding according to the identification information of the intelligent cipher equipment that scans, can be the information such as user's photo, name, account), specifically can obtain the user profile that intelligent cipher equipment is corresponding through but not limited to following mode:
Mode one, terminal obtain from background system server the user profile that intelligent cipher equipment is corresponding:
Terminal sends identification information and the user profile read requests of intelligent cipher equipment to backstage system server; Concrete, in the time that terminal sends the identification information of intelligent cipher equipment and user profile read requests to backstage system server, can directly send identification information and the user profile read requests of intelligent cipher equipment to backstage system server, also can utilize the identification information of the first session key to intelligent cipher equipment and/or user profile read requests to be encrypted to calculate and/or verification sends after calculating again, with security and the integrality of guarantee information transmission.
Background system server receives after the identification information and user profile read requests of intelligent cipher equipment, obtains the user profile corresponding with intelligent cipher equipment according to the identification information of intelligent cipher equipment; Concrete, background system server user profile corresponding to registered each intelligent cipher equipment that prestored, to obtain according to the identification information of the intelligent cipher equipment receiving the user profile that this intelligent cipher equipment is corresponding.Certainly, if terminal has sent the information after computations and/or verification calculating to backstage system server, so background system server also need to utilize the first session key to be decrypted the information receiving and/or verification checking calculate errorless after, obtain identification information and/or the user profile read requests of complete intelligent cipher equipment.
In addition, in order to ensure the security of data interaction and the legitimacy of intelligent cipher equipment, background system server is receiving after the identification information and user profile read requests of intelligent cipher equipment, also judges whether the identification information of intelligent cipher equipment is included in the intelligent cipher unit exception list prestoring in background system server; Background system server is after the identification information of judging intelligent cipher equipment is in intelligent cipher unit exception list, obtain locking intelligent cipher device directive, and utilize the private key of background system server to sign and obtain the 5th signing messages locking intelligent cipher device directive, and send locking intelligent cipher device directive and the 5th signing messages by terminal to intelligent cipher equipment; Intelligent cipher equipment receives after locking intelligent cipher device directive and the 5th signing messages, utilizes the PKI in the background system server certificate prestoring to verify the 5th signing messages; Intelligent cipher equipment, after checking the 5th signing messages passes through, is carried out lock operation according to locking intelligent cipher device directive.
Concrete, intelligent cipher unit exception list can be for blacklist, report the loss list, inefficacy list etc. represents arbitrarily the illegal list of intelligent cipher equipment identities; If the identification information of intelligent cipher equipment is in intelligent cipher unit exception list, illustrate that this intelligent cipher equipment is illegal intelligent cipher equipment, now, in order to ensure security, background system server sends lock instruction to lock this illegal intelligent cipher equipment by terminal to this illegal intelligent cipher equipment, and meanwhile, background system server is also signed to this lock instruction, to guarantee the legal source of lock instruction, avoid illegally locking the malicious operation of intelligent cipher equipment.
Certainly, the present invention is not limited thereto, for practical application, as long as can the illegal intelligent cipher equipment of legal locking.
In addition, background system server also can not signed to lock instruction, only send lock instruction to illegal terminal to lock this illegal terminal.
Intelligent cipher equipment is carried out lock operation according to locking intelligent cipher device directive and can be comprised: intelligent cipher equipment refusal is carried out any request, destroys the any-mode such as certificate of self storage.
Certainly, background system server is sending after lock instruction, can also carry out any request of this illegal intelligent cipher equipment of refusal.
Visible, after having lost intelligent cipher equipment, user can report the loss to backstage system server, and background system server registers to the EIC equipment identification code of this intelligent cipher equipment to report the loss on list; Or occur that account the situation such as reported extremely, background system server also can be by these intelligent cipher device registration in blacklist.Equipment in these abnormal lists all can be served as abnormal device registration on abnormal list.Before each transaction, background system server can authenticate intelligent cipher equipment, can be by this device identification and exception name digital ratio pair, if this intelligent cipher equipment is locked on list in verification process.Application which, if someone usurps other people intelligent cipher equipment, and illegal this intelligent cipher equipment that uses of attempt is transferred accounts while stealing user's fund, owing to all can intelligent cipher equipment being authenticated before the each transaction of background system server, background system server can be long-range by this intelligent cipher equipment locking, even if therefore this intelligent cipher equipment is illegally usurped and also can be ensured that user account do not suffer a loss by others.
In addition, in the present invention, when background system server sends locking intelligent cipher device directive and the 5th signing messages by terminal to intelligent cipher equipment, can also utilize the first session key to be encrypted calculating and/or verification calculating to locking intelligent cipher device directive and the 5th signing messages, to ensure security and/or the integrality of locking intelligent cipher device directive and the transmission of the 5th signing messages, terminal receives after the information after computations and/or verification calculating, utilize the first session key to be decrypted after calculating and/or verification checking calculating, obtain locking intelligent cipher device directive and the 5th signing messages.Certainly, terminal is obtaining after locking intelligent cipher device directive and the 5th signing messages, can also utilize the second session key to be encrypted after calculating and/or verification calculating locking intelligent cipher device directive and the 5th signing messages, information after computations and/or verification calculating is sent to intelligent cipher equipment, with security and/or the integrality of guarantee information transmission, intelligent cipher equipment is receiving after the information of terminal transmission, be decrypted and calculate and/or verification checking calculating, to obtain locking intelligent cipher device directive and the 5th signing messages.
In addition, in order to ensure the security of user profile, background system server also needs user profile corresponding this intelligent cipher equipment to be sent to terminal by intelligent cipher equipment holder's mandate.Background system server sends user-authorization-request information (for example, this user-authorization-request information can be random number) by terminal to intelligent cipher equipment; Intelligent cipher equipment receives after user-authorization-request information, generates authorization message (for example, this authorization message can be the information obtaining after this random number is signed), and sends authorization message by terminal to backstage system server; Background system server receives after authorization message, sends the response message of user profile read requests to terminal.Certainly, after background system server can also utilize the private key of background system server that user-authorization-request information is signed, send to intelligent cipher equipment by terminal, intelligent cipher equipment receives after the information of signature, signature is verified, after being verified, think that user-authorization-request information is to come from legal background system server, and this request is confirmed to authorize background system server; Intelligent cipher equipment sends to background system server by terminal after also can utilizing the private key of intelligent cipher equipment to sign to authorization message, background system server receives after the information of signature, signature is verified, after being verified, think that authorization message is to come from correct intelligent cipher equipment, to carry out subsequent operation according to authorization message; Background system server sends to terminal after can also utilizing the first session key to be encrypted calculating and/or verification calculating to user-authorization-request information, and terminal utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating; Terminal sends to intelligent cipher equipment after utilizing the second session key to be encrypted calculating and/or verification calculating to user-authorization-request information, and intelligent cipher equipment utilization the second session key is decrypted and calculates and/or verification checking calculating the information receiving; Background system server recycles the first session key and is encrypted calculating and/or verification calculating after can also utilizing the private key of background system server to sign to user-authorization-request information, terminal utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating; Information after terminal utilizes the second session key to background system server signature is sent to intelligent cipher equipment after being encrypted calculating and/or verification calculating, intelligent cipher equipment utilization the second session key is decrypted and calculates and/or verification checking calculating the information receiving, and signature is carried out to sign test.Below be only several modes of background system server to the mandate of intelligent cipher device request, the present invention is not limited thereto, and above all kinds of distortion combinations also should belong to protection scope of the present invention.
Certainly, receiving after user-authorization-request information at intelligent cipher equipment, can also be converted to wake-up states by dormant state; Intelligent cipher equipment generates authorization message under wake-up states.So that saving electric energy, the serviceable life of prolongation intelligent cipher equipment.
User profile is encrypted to calculating to background system server by utilizing the first session key and/or the response message that obtains user profile read requests is calculated in verification, and send the response message of user profile read requests to terminal;
Terminal receives after the response message of user profile read requests, utilizes the first session key that the response message of user profile read requests is decrypted and is calculated and/or verification checking calculating acquisition user profile.
Mode two, terminal obtain from intelligent cipher equipment the user profile that intelligent cipher equipment is corresponding:
Terminal sends user profile read requests according to the identification information of intelligent cipher equipment to intelligent cipher equipment; Concrete, terminal can directly send user profile read requests to intelligent cipher equipment, also after can utilizing the second session key to be encrypted calculating and/or verification calculating to user profile read requests, send again, with security and the integrality of guarantee information transmission.
Intelligent cipher equipment obtains pre-stored user profile, utilize the second session key that the user profile getting is encrypted and is calculated and/or the rear response message that obtains user profile read requests of verification calculating, and send the response message of user profile read requests to terminal;
Terminal receives after the response message of user profile read requests, utilizes the second session key that the response message of user profile read requests is decrypted and is calculated and/or verification checking calculating acquisition user profile.
In addition,, if the holder of intelligent cipher equipment refuses to send user profile, can or send exclude information by software control to terminal by the button that arranges on intelligent cipher equipment, to ensure the safety of user profile.Certainly, this exclude information also can calculate and/or the rear transmission of verification calculating by the second session key.
Terminal stores user profile in active user's list of setting up in advance; Concrete, due to flowing of the variation of the volume of the flow of passengers in shop, terminal place, personnel, the intelligent cipher equipment detecting is also constantly to change, and now, this current user list can upgrade through but not limited to following mode:
Mode one:
Terminal obtains the identification information of the whole intelligent cipher equipment in the signal cover of terminal, generates real-time identification list;
Terminal was compared the identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in real-time identification list and active user's list according to the default time interval;
If the identification information of the intelligent cipher equipment in identification list, not in active user's list, obtains according to the identification information of the intelligent cipher equipment scanning the user profile that intelligent cipher equipment is corresponding in real time; And if the identification information of intelligent cipher equipment in active user's list is in identification list in real time, delete in active user's list not the user profile of the intelligent cipher equipment in identification list in real time.
By the manner, active user's list is upgraded, can ensure that user profile corresponding to intelligent cipher equipment in terminal signaling coverage can update in active user's list, can from active user's list, delete in time for user profile corresponding to intelligent cipher equipment of leaving in terminal signaling coverage, ensure security.
Mode two:
Terminal obtains the identification information of the whole intelligent cipher equipment in the signal cover of terminal, generates real-time identification list;
Terminal was compared the identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in real-time identification list and active user's list according to the default time interval;
If the identification information of the intelligent cipher equipment in identification list is not in active user's list in real time, obtain according to the identification information of the intelligent cipher equipment scanning the user profile that intelligent cipher equipment is corresponding, and obtain after user profile in terminal, user profile is stored in real-time identification list; And if in real time the identification information of the intelligent cipher equipment in identification list, in active user's list, is stored to the user profile of the intelligent cipher equipment in active user's list in real-time identification list;
Active user's list using real-time identification list after upgrading.
By the manner, active user's list is upgraded, can only user profile corresponding to intelligent cipher equipment in the signal cover of terminal be upgraded in time, improve and upgrade efficiency.Utilize the manner, terminal is in the time obtaining user profile, the user profile that in shop, original intelligent cipher equipment is corresponding directly can be copied in real-time identification list from original active user's list, user profile corresponding to client of newly entering shop can be by obtaining to backstage system server or intelligent cipher equipment proposition user profile read requests.
As can be seen here, in the time that shop, the terminal place volume of the flow of passengers changes, do not need trade company to carry out any operation, active user's list can be upgraded automatically, has facilitated the salesman of trade company to safeguard client's information management.
In addition, terminal can show user profile corresponding to user in stored active user's list, so that the holder of intelligent cipher equipment checks this user profile, guarantees the correctness of transaction.
In prior art, process of exchange all needs SIM card or smart card etc. to possess the equipment of account memory function, user's operations such as mobile phone of need to swiping the card, and so trade company could obtain user's accounts information.
Be different from prior art, the terminal of trade company can be by first reading the identification information of intelligent cipher equipment, and the identification information that recycles this intelligent cipher equipment obtains the user profile that intelligent cipher equipment is corresponding.Therefore, client can be without carrying out payment for merchandise by modes such as wallet, credit card, mobile phones, thereby simplified the interactive operation of client and trade company, promoted user's experience.
Transaction Information processing:
Terminal generates Transaction Information according to user profile corresponding to intelligent cipher equipment to be transacted, and utilizes the second session key that Transaction Information is encrypted and is calculated and/or verification calculating acquisition transaction request information; Concrete, Transaction Information can comprise dealing money, bank settlement both sides' the information such as account information, bank settlement both sides' identification information, in Transaction Information, can also comprise electron pair bill, user can be according to electron pair bill examination & verification trade detail, for example, concrete exchange hour, transaction odd numbers, the article of dealing money, purchase etc.Terminal utilizes the second session key to be encrypted calculating to Transaction Information and/or security and/or the integrality of guaranteeing that Transaction Information transmits are calculated in verification.
Terminal sends transaction request information to intelligent cipher equipment; Concrete, terminal can send transaction request information through but not limited to following mode: terminal sends by acoustic signals after transaction request information is encoded; Or terminal carries out also showing so that intelligent cipher equipment carries out image acquisition after encoding of graphs to transaction request information; Or the communication interface that terminal is mated with intelligent cipher equipment by terminal sends transaction request information.
Intelligent cipher equipment receives after transaction request information, utilizes the second session key that transaction request information is decrypted and is calculated and/or verification checking calculating acquisition Transaction Information;
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also, receiving after transaction request information, be converted to wake-up states by dormant state; Intelligent cipher equipment utilizes the second session key that transaction request information is decrypted and is calculated and/or verification checking calculating acquisition Transaction Information under wake-up states.
Intelligent cipher device prompts Transaction Information; Concrete, intelligent cipher equipment can show Transaction Information by display screen, also can Transaction Information be played back in the mode of voice by loudspeaker etc.Certainly, intelligent cipher equipment can also point out user to know real Transaction Information by other means, guarantees the safety of transaction.In addition, intelligent cipher equipment gets after Transaction Information, can also carry out to Transaction Information the extraction of key message, and intelligent cipher equipment is only pointed out key message, concrete prompting mode can be referring to intelligent cipher equipment the prompting mode to Transaction Information.
Intelligent cipher equipment confirmation of receipt instruction, and generate trade confirmation information; Concrete, the information confirmation of receipt instruction that intelligent cipher equipment can send when detecting that the acknowledgement key being arranged on intelligent cipher equipment is pressed, also can touch the information confirmation of receipt instruction that the virtual acknowledgement key of screen display sends when clicked by detecting, the biological informations such as voice that can also be by detecting, fingerprint, iris are as confirming the any-modes such as instruction.Further, intelligent cipher equipment can generate trade confirmation information through but not limited to following mode: the private key of intelligent cipher equipment utilization intelligent cipher equipment is signed to Transaction Information, generates trading signature information as trade confirmation information; Or intelligent cipher equipment generates dynamic password as trade confirmation information, certain above-mentioned trade confirmation information can also be the information of utilizing after the second session key calculating and/or verification are calculated.Certainly, in order to prevent repeat business, ensure user's account safety, in the time that intelligent cipher equipment generates trade confirmation information at every turn, intelligent cipher equipment also generates single transaction mark, and utilize the private key of intelligent cipher equipment to sign to Transaction Information and single transaction mark, generate trading signature information as trade confirmation information; Or intelligent cipher equipment generates single transaction mark, utilize the private key of intelligent cipher equipment to sign and obtain the signing messages of single transaction mark single transaction mark, and generate dynamic password, the signing messages that single transaction is identified and dynamic password are as trade confirmation information, to ensure that once transaction is only successfully executed once, wherein single transaction mark can be random number etc., and certain above-mentioned trade confirmation information can be also the information of utilizing after the second session key calculating and/or verification are calculated.Because wireless network transmissions circuit is unstable, may occur that intelligent cipher equipment can not receive the situation of receipt, if single transaction mark is not set, terminal is not in the time receiving the signing messages of intelligent cipher equipment, may need the user who holds this intelligent cipher equipment repeatedly to confirm signature operation, namely intelligent cipher equipment repeatedly sends signing messages to terminal, so just likely cause terminal can utilize these multiple signature values to generate multiple transaction data package and send to background system server, thereby account corresponding to intelligent cipher equipment repeated to withhold.And if be provided with single transaction mark, in the time occurring that circuit is unstable, intelligent cipher equipment will continue Transaction Information and same single transaction mark to sign again and send to terminal again, until receive receipt.The signature value that terminal is sent with intelligent cipher equipment generates transaction data package; background system server receives that transaction data package can identify and judge the single transaction of the inside; if this single transaction mark has been kept in transaction daily record; that is to say and conclude the business; just can not process this transaction data package again; can not cause repeatedly or repeat to withhold, thereby having protected intelligent cipher equipment user's account fund safety.
Terminal receives trade confirmation information; Concrete, terminal can receive trade confirmation information through but not limited to following mode: terminal receives the acoustic signals of intelligent cipher equipment transmission and acoustic signals is decoded and (for example obtained trade confirmation information, can adopt sound wave identification equipment to identify acoustic signals, adopt sound wave demoder to decode and obtain trade confirmation information acoustic signals); Or terminal gathers image information that intelligent cipher equipment shows to image information (for example, Quick Response Code, bar code etc.) decoding obtains trade confirmation information (for example adopt image capture device to gather image information, employing demoder obtains trade confirmation information after image information is decoded); Or the communication interface that terminal is mated with intelligent cipher equipment by terminal receives trade confirmation information; Or the information acquisition trade confirmation information that terminal is inputted by terminal.If trade confirmation information utilizes the second session key to calculate and/or verification calculates, so also utilize the second session key that the information after calculating is decrypted and is calculated and/or verification checking calculating.
Terminal utilizes the first session key that trade confirmation information is encrypted and is calculated and/or verification calculating acquisition transaction data package, and sends transaction data package to backstage system server; Concrete, terminal utilizes the first session key to be encrypted and to calculate and/or verification calculating to trade confirmation information or to the information after trade confirmation decrypts information; In transaction data package, also can comprise other information such as Transaction Information.Transaction Information can comprise dealing money, bank settlement both sides' the information such as account information, bank settlement both sides' identification information, in Transaction Information, can also comprise electron pair bill, user can be according to electron pair bill examination & verification trade detail, for example, concrete exchange hour, transaction odd numbers, the article of dealing money, purchase etc.
Background system server receives after transaction data package, utilizes the first session key that transaction data package is decrypted and is calculated and/or verification checking calculating acquisition trade confirmation information;
Background system server is verified trade confirmation information, and carry out transaction after being verified; Concrete, background system server only after the Information Authentication of checking trade confirmation is passed through, just illustrates that this transaction passed through the confirmation of legal intelligent cipher equipment, and carries out and conclude the business according to the result after confirming.Certainly,, in order to ensure that the holder of intelligent cipher equipment knows transaction and completes, background system server can also send Transaction Success acknowledgement information to intelligent cipher equipment by terminal; Intelligent cipher equipment receives after Transaction Success acknowledgement information, prompting Transaction Success acknowledgement information, in Transaction Success acknowledgement information, can also comprise electron pair bill, user can be according to electron pair bill examination & verification trade detail, for example, concrete exchange hour, transaction odd numbers, the article of dealing money, purchase etc.In addition, background system server can also send Transaction Success acknowledgement information to terminal, has concluded the business so that terminal is known.Certainly, Transaction Success acknowledgement information sends to terminal after can utilizing the first session key calculating and/or verification to calculate, terminal deciphering calculating and/or verification checking send to intelligent cipher equipment after utilizing the second session key to be encrypted calculating and/or verification calculating after calculating, and the calculating of intelligent cipher device decrypts and/or verification checking are prompted to user after calculating and know; Transaction Success acknowledgement information can be also to send to intelligent cipher equipment by terminal after the private key of background system server by utilizing background system server is signed, intelligent cipher equipment to the information of signature carry out sign test by after be prompted to user and know; Can also be to send to terminal after utilizing the first session key calculating and/or verification to calculate after background system server signature, terminal deciphering calculates and/or verification utilizes after calculating the second session key to calculate and/or verification sends to intelligent cipher equipment after calculating, intelligent cipher device decrypts is calculated and/or verification checking calculate after and sign test by after be prompted to user and know.
Reimbursement:
In the time of customer need reimbursement, can carry out but be not limited to following several mode to realize reimbursement operation:
Mode one, terminal send reimbursement information to intelligent cipher equipment; Concrete, reimbursement information can comprise: the combination in any such as reimbursement both sides' account, refund amount, reimbursement transaction odd numbers, reimbursement both sides' identification information, in reimbursement information, can also comprise electron pair bill, user can be according to electron pair bill examination & verification reimbursement details, for example, concrete reimbursement time, reimbursement transaction odd numbers, refund amount, the article replaced etc.Certainly, this reimbursement information is sent to intelligent cipher equipment after can also being encrypted calculating and/or verification calculating by the second session key, with security and/or the integrality of guarantee information transmission.Terminal can also send reimbursement information through but not limited to following mode: terminal sends by acoustic signals after reimbursement information is encoded; Or terminal carries out also showing so that intelligent cipher equipment carries out image acquisition after encoding of graphs to reimbursement information; Or the communication interface that terminal is mated with intelligent cipher equipment by terminal sends reimbursement information.
Intelligent cipher equipment receives after reimbursement information, prompting reimbursement information; Concrete, intelligent cipher equipment is receiving after reimbursement information, and this reimbursement information exchange is crossed to the any-mode such as speech play or display screen demonstration and be prompted to user and know, be real reimbursement information so that user determines this reimbursement information.Utilize the second session key when terminal and reimbursement information is encrypted after calculating and/or verification calculating, also need to utilize the second session key that the information receiving is decrypted and is calculated and/or verification checking calculating.
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also, receiving after reimbursement information, be converted to wake-up states by dormant state; Intelligent cipher equipment is pointed out reimbursement information under wake-up states.Intelligent cipher equipment receives reimbursement and confirms instruction, and utilizes the private key of intelligent cipher equipment to sign to reimbursement information, generates reimbursement confirmation; Concrete, user, after having determined that reimbursement information is real reimbursement information, confirms by the mode such as physical button or virtual key arranging on intelligent cipher equipment.Intelligent cipher equipment after sending reimbursement confirmation to terminal (for example, send after acoustic signals corresponding to reimbursement confirmation, or show that image information corresponding to reimbursement confirmation reached after predetermined time), be converted to dormant state by wake-up states.
Terminal receives reimbursement confirmation, reimbursement confirmation is verified, and after being verified, utilized the private key of terminal to sign and generate reimbursement confirmation bag reimbursement confirmation; Concrete, terminal can receive reimbursement confirmation through but not limited to following mode: terminal receives the acoustic signals of intelligent cipher equipment transmission and acoustic signals is decoded and (for example obtained reimbursement confirmation, can adopt sound wave identification equipment to identify acoustic signals, adopt sound wave demoder to decode and obtain reimbursement confirmation acoustic signals); Or terminal gathers image information that intelligent cipher equipment shows to image information (for example, Quick Response Code, bar code etc.) decoding obtains reimbursement confirmation (for example adopt image capture device to gather image information, employing demoder obtains reimbursement confirmation after image information is decoded); Or the communication interface that terminal is mated with intelligent cipher equipment by terminal receives reimbursement confirmation.In addition, terminal utilizes the PKI of intelligent cipher equipment to verify reimbursement confirmation.
Terminal sends reimbursement to backstage system server and confirms bag and reimbursement confirmation; Concrete, terminal can utilize the first session key to confirm to be sent to background system server after bag and reimbursement confirmation are encrypted calculating and/or verification calculating to reimbursement, with security and/or the integrality of guarantee information transmission.
Background system server receives reimbursement to be confirmed after bag and reimbursement confirmation, respectively reimbursement confirmation bag and reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.Concrete, if terminal has utilized the first session key to reimbursement confirmation bag and reimbursement confirmation has been carried out computations and/or verification is calculated, background system server also utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating so.In addition, background system server also utilizes the PKI of terminal to confirm to wrap to reimbursement and verifies, utilizes the PKI of intelligent cipher equipment to verify reimbursement confirmation.
For mode one, provide a kind of application scenarios of reimbursement, but the present invention is not limited thereto below:
Shop is according to client's reimbursement purpose, (this reimbursement information can be to obtain by searching the Transaction Information having recorded to generate reimbursement information by terminal, also can be a reimbursement information or the other forms of reimbursement information regenerating), and use the second session key reimbursement information between terminal and intelligent cipher equipment, and send to intelligent cipher equipment;
Intelligent cipher equipment, after the reimbursement information receiving after encryption, is converted to wake-up states by dormant state, and utilizes the second session key to decipher this encryption reimbursement information, obtains reimbursement information, and reimbursement information is shown, confirms for client;
Client confirms that this reimbursement information is correct, the acknowledgement key of pressing on intelligent cipher equipment is confirmed, intelligent cipher equipment receives this reimbursement and confirms after instruction, utilize the private key of intelligent cipher equipment to sign and obtain reimbursement confirmation reimbursement information, and utilize the second session key to be encrypted reimbursement confirmation, send to terminal;
Terminal receives after the reimbursement confirmation after encryption, utilize the second session key to decipher this information, obtain reimbursement confirmation, and utilize the correctness of the public key verifications reimbursement confirmation of intelligent cipher equipment, if correct, terminal utilizes the private key of terminal to sign and obtain reimbursement confirmation bag reimbursement confirmation, and certainly, terminal can also directly be signed and obtain reimbursement confirmation bag reimbursement information;
Terminal utilizes the first session key to confirm to be sent to background system server after bag and reimbursement confirmation are encrypted to reimbursement;
Background system server receives after the information after encryption, utilize the first session key to be decrypted the information receiving, and utilize the PKI of terminal to verify reimbursement confirmation bag, utilize the PKI of intelligent cipher equipment to verify reimbursement confirmation, and after the two checking is all passed through, execution reimbursement operation, and send reimbursement success receipt information to terminal and/or intelligent cipher equipment.
Mode two, which two are with the difference of mode one: before terminal sends reimbursement information to intelligent cipher equipment, this terminal also receives the refund request that this intelligent cipher equipment sends, and generates reimbursement information according to refund request.Concrete, client can be by pressing button on intelligent cipher equipment to generate refund request, and intelligent cipher equipment receives after this refund request, and this refund request is sent to this terminal.In reimbursement information, can also comprise electron pair bill, user can be according to electron pair bill examination & verification reimbursement details, for example, and concrete reimbursement time, reimbursement transaction odd numbers, refund amount, the article replaced etc.Certainly, any intelligent cipher equipment that can trigger generates the implementation of refund request and all belongs in protection scope of the present invention.
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also, sending before refund request to terminal, be converted to wake-up states by dormant state; Intelligent cipher equipment sends refund request to terminal under wake-up states.Intelligent cipher equipment is converted to dormant state by wake-up states after sending refund request.In the time that intelligent cipher equipment receives the reimbursement information of terminal transmission, be converted to wake-up states by dormant state, under wake-up states, carry out the operation of prompting reimbursement information and generation reimbursement confirmation.Intelligent cipher equipment after sending reimbursement confirmation to terminal (for example, send after acoustic signals corresponding to reimbursement confirmation, or show that image information corresponding to reimbursement confirmation reached after predetermined time), be converted to dormant state by wake-up states.
Mode three, intelligent cipher equipment send refund request to terminal; Concrete, client can be by pressing button on intelligent cipher equipment to generate refund request, and intelligent cipher equipment receives after this refund request, and this refund request is sent to this terminal.Certainly, any intelligent cipher equipment that can trigger generates the implementation of refund request and all belongs in protection scope of the present invention.
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also, sending before refund request to terminal, be converted to wake-up states by dormant state; Intelligent cipher equipment sends refund request to terminal under wake-up states.
Terminal generates refund request mark, and sends refund request mark to intelligent cipher equipment; Concrete, terminal can generate random number, and this random number is identified as refund request, and this random number is used for offering intelligent cipher equipment to generate reimbursement information.
Intelligent cipher equipment receives after refund request mark, generates reimbursement information, and utilizes the private key of intelligent cipher equipment to sign to reimbursement information, obtains reimbursement confirmation, and sends reimbursement confirmation to terminal; Concrete, the Information generation reimbursement information such as this refund request mark of intelligent cipher equipment utilization, refund amount, reimbursement account, this reimbursement information can also comprise the combination in any such as reimbursement transaction odd numbers, reimbursement both sides' identification information; Wherein, refund amount can be inputted by the button on intelligent cipher equipment, certainly, also can be by other means (for example, phonetic entry) input, reimbursement account can be inputted by the button on intelligent cipher equipment, can also the reimbursement account in intelligent cipher equipment input by reading pre-stored; Certainly, can also, after transaction completes, on intelligent cipher equipment, preserve Transaction Information, by inquiring about Transaction Information to obtain the information such as refund amount and reimbursement account; Certainly, this reimbursement information is sent to terminal after can also being encrypted calculating and/or verification calculating by the second session key, with security and/or the integrality of guarantee information transmission.Intelligent cipher equipment can also send reimbursement information through but not limited to following mode: intelligent cipher equipment sends by acoustic signals after reimbursement information is encoded; Or intelligent cipher equipment carries out also showing so that terminal is carried out image acquisition after encoding of graphs to reimbursement information; Or the communication interface that intelligent cipher equipment mates with terminal by intelligent cipher equipment sends reimbursement information.
In order to save the electric energy of intelligent cipher equipment, increase the service life, intelligent cipher equipment can also be after sending reimbursement confirmation to terminal (for example, send after acoustic signals corresponding to reimbursement confirmation, or show that image information corresponding to reimbursement confirmation reached after predetermined time), be converted to dormant state by wake-up states.
Terminal receives reimbursement confirmation, reimbursement confirmation is verified, and after being verified, utilized the private key of terminal to sign and generate reimbursement confirmation bag reimbursement confirmation; Specifically, when intelligent cipher equipment utilization the second session key is encrypted reimbursement information after calculating and/or verification calculating, also need to utilize the second session key that the information receiving is decrypted and is calculated and/or verification checking calculating; Terminal can receive reimbursement confirmation through but not limited to following mode: terminal receives the acoustic signals of intelligent cipher equipment transmission and acoustic signals is decoded and (for example obtained reimbursement confirmation, can adopt sound wave identification equipment to identify acoustic signals, adopt sound wave demoder to decode and obtain reimbursement confirmation acoustic signals); Or terminal gathers image information that intelligent cipher equipment shows to image information (for example, Quick Response Code, bar code etc.) decoding obtains reimbursement confirmation (for example adopt image capture device to gather image information, employing demoder obtains reimbursement confirmation after image information is decoded); Or the communication interface that terminal is mated with intelligent cipher equipment by terminal receives reimbursement confirmation.In addition, terminal utilizes the PKI of intelligent cipher equipment to verify reimbursement confirmation.
Terminal sends reimbursement to backstage system server and confirms bag and reimbursement confirmation; Concrete, terminal can utilize the first session key to confirm to be sent to background system server after bag and reimbursement confirmation are encrypted calculating and/or verification calculating to reimbursement, with security and/or the integrality of guarantee information transmission.
Background system server receives reimbursement to be confirmed after bag and reimbursement confirmation, respectively reimbursement confirmation bag and reimbursement confirmation is verified, and after being all verified, is carried out reimbursement operation.Concrete, if terminal has utilized the first session key to reimbursement confirmation bag and reimbursement confirmation has been carried out computations and/or verification is calculated, background system server also utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating so.In addition, background system server also utilizes the PKI of terminal to confirm to wrap to reimbursement and verifies, utilizes the PKI of intelligent cipher equipment to verify reimbursement confirmation.
For mode three, provide a kind of application scenarios of reimbursement, but the present invention is not limited thereto below:
Intelligent cipher equipment is converted to wake-up states by dormant state; For example, client's that can be by holding this intelligent cipher equipment button operation makes intelligent cipher equipment enter wake-up states;
Client can be by pressing button on intelligent cipher equipment to generate refund request, and intelligent cipher equipment receives after this refund request, and this refund request is sent to this terminal;
Terminal can generate random number R, is refund request mark by this random number as R, and sends refund request mark to intelligent cipher equipment;
Intelligent cipher equipment generates reimbursement information, and utilizes the private key of intelligent cipher equipment to sign to reimbursement information, obtains reimbursement confirmation, and sends reimbursement confirmation to terminal, wherein, this reimbursement information at least comprises: refund request mark, refund amount, the information such as reimbursement account, wherein, refund amount, the information such as reimbursement account can be inputted by the button on intelligent cipher equipment by client, or refund amount can be by client by the key-press input on intelligent cipher equipment, the information that reimbursement account prestores from intelligent cipher equipment, read and obtain, or refund amount, the information such as reimbursement account all can read and obtain from the information that intelligent cipher equipment prestores, intelligent cipher equipment uses the second session key reimbursement confirmation between terminal and intelligent cipher equipment, and send to terminal,
Terminal receives after the reimbursement confirmation after encryption, utilize the second session key to decipher this information, obtain reimbursement confirmation, and utilize the correctness of the public key verifications reimbursement confirmation of intelligent cipher equipment, if correct, terminal utilizes the private key of terminal to sign and obtain reimbursement confirmation bag reimbursement confirmation, and certainly, terminal can also directly be signed and obtain reimbursement confirmation bag reimbursement information;
Terminal utilizes the first session key to confirm to be sent to background system server after bag and reimbursement confirmation are encrypted to reimbursement;
Background system server receives after the information after encryption, utilize the first session key to be decrypted the information receiving, and utilize the PKI of terminal to verify reimbursement confirmation bag, utilize the PKI of intelligent cipher equipment to verify reimbursement confirmation, and after the two checking is all passed through, execution reimbursement operation, and send reimbursement success receipt information to terminal and/or intelligent cipher equipment.
In above three kinds of reimbursement modes, reimbursement is confirmed can also comprise single reimbursement mark in bag or reimbursement confirmation, and this single reimbursement mark can be random number, to ensure that a reimbursement is only successfully executed once.Certainly, this single reimbursement mark can be generated by terminal, also can be generated by intelligent cipher equipment, can confirm to be signed by terminal in bag in reimbursement, also can be by intelligent cipher device subscription in reimbursement confirmation.
Certainly, background system server is being carried out after reimbursement operation, can also send reimbursement success receipt information to terminal and/or intelligent cipher equipment, so that shop and/or client can learn reimbursement success.
As can be seen here, by above-mentioned reimbursement flow process, can greatly simplify the operation of client in reimbursement process, the device-dependent security function of application intelligent cipher can ensure the security of client's reimbursement process, for consumer brings seamless experience.
Cancellation:
Comprise the cancellation of terminal and the cancellation of intelligent cipher equipment, below first the cancellation of terminal described:
Terminal is obtained terminal cancellation application, utilizes the private key of terminal to sign and obtain the 6th signing messages cancellation application, and to backstage system server transmitting terminal cancellation application and the 6th signing messages; Concrete, terminal can also utilize the first session key that the 6th signing messages is encrypted and is calculated and/or verification calculating, and the information after calculating is sent to background system server, with security and/or the integrality of guarantee information transmission.
Background system server receives after terminal cancellation application and the 6th signing messages, utilizes the PKI in the terminal certificate prestoring to verify the 6th signing messages; Concrete, if terminal also utilizes the first session key to carry out computations and/or verification is calculated, background system server also utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating.
Background system server after the 6th signing messages passes through, is deleted the terminal certificate prestoring in checking, and generates terminal cancellation and complete information, completes information to the cancellation of terminal transmitting terminal; Concrete, background system server, in the time carrying out cancellation, except deleting the terminal certificate prestoring, can also be put into information corresponding this terminal in the default cancellation list of background system server and wait other cancellations to operate.In addition, cancellation complete information also can utilize the first session key be encrypted calculate and/or verification calculate, also can be to utilize the private key of background system server to sign to obtain, or after utilizing the private key of background system server to sign, recycle the first session key and be encrypted and calculate and/or verification calculates.
Terminal receives terminal cancellation and completes after information, deletes the private key of terminal.Concrete, terminal receives terminal cancellation and completes after information, deletes private key, certainly, can also refuse to carry out any with send this terminal cancellation and complete the relevant transaction of the background system server of information and operate.In addition, terminal can also utilize the first session key to be decrypted calculating and/or verification checking calculating and/or sign test operation etc.
Below the cancellation of intelligent cipher equipment is described:
Intelligent cipher equipment obtains intelligent cipher equipment cancellation application, utilizes the private key of intelligent cipher equipment to sign and obtain the 7th signing messages cancellation application, and sends intelligent cipher equipment cancellation application and the 7th signing messages to backstage system server; Concrete, the 7th signing messages can send by terminal, also can manually handle, in the time sending by terminal, can utilize the first session key and the second session key to be encrypted the calculating such as calculating and/or verification calculating, with the security of guarantee information transmission.
Background system server receives after the cancellation application of intelligent cipher equipment and the 7th signing messages, utilizes the PKI in the intelligent cipher device certificate prestoring to verify the 7th signing messages; Concrete, if terminal also utilizes the first session key to carry out computations and/or verification is calculated, background system server also utilizes the first session key that the information receiving is decrypted and is calculated and/or verification checking calculating.
Background system server after the 7th signing messages passes through, is deleted the intelligent cipher device certificate prestoring in checking, and generates the cancellation of intelligent cipher equipment and complete information, sends the cancellation of intelligent cipher equipment complete information to intelligent cipher equipment; Concrete, background system server, in the time carrying out cancellation, except deleting the intelligent cipher device certificate prestoring, can also be put into information corresponding this intelligent cipher equipment in the default cancellation list of background system server and wait other cancellations to operate.In addition, cancellation completes information also can be sent to intelligent cipher equipment by terminal, now can utilize the first session key to be encrypted to calculate and/or verification calculates, also can be to utilize the private key of background system server to sign to obtain, or after utilizing the private key of background system server to sign, recycle the first session key and be encrypted and calculate and/or verification calculates.
Intelligent cipher equipment receives the cancellation of intelligent cipher equipment and completes after information, deletes the private key of intelligent cipher equipment.Concrete; intelligent cipher equipment can carry out sign test to signing messages; and after sign test is passed through; carry out deletion action; also can utilize the second session key deciphering and/or verification to verify the information obtaining; certainly, again signing messages is carried out to sign test after can also utilizing the second session key deciphering and/or verification verifys the information obtaining, as long as security and/or integrality that guarantee information is transmitted all should be included in protection scope of the present invention.
Registration, cancellation, the certification of background system server by office terminal and intelligent cipher equipment and lock several aspects, guarantee the legitimacy of terminal and intelligent cipher equipment, stopped the property loss producing while illegally being usurped due to terminal or intelligent cipher equipment.
What deserves to be explained is; above operation is not carried out successively; it can only complete wherein several operations; in addition; above operation is also not limited only to complete under same application scenarios; no matter under which kind of application scenarios, as long as use arbitrary operation of the present invention, and can safety execute transaction and should belong to protection scope of the present invention.
Certainly, in the present invention, the information of transmitting between terminal and background system server can utilize as required the first session key to calculate and/or rear transmission is calculated in verification, the information of transmitting between terminal and intelligent cipher equipment also can utilize as required the second session key to calculate and/or rear transmission is calculated in verification, as long as informational needs waiting for transmission ensures security and/or integrality, all can utilize session key to complete communication.
Below, provide the exemplary a kind of application scenarios of the present invention:
In this application scene, integrated wireless communication module on intelligent cipher equipment, and status control module forms the novel intelligent cipher equipment that can be used for secure payment of the present invention.This intelligent cipher equipment comprises wireless communication module, it can be bluetooth communication or WIFI communication module etc., this wireless communication module can carry out inquiry scan and page scan to other equipment, and can carry out the mutual of signal and data with other wireless devices.On this intelligent cipher equipment, also comprise a status control module simultaneously, can control the duty of wireless communication module and the main frame of intelligent cipher equipment.And intelligent cipher equipment of the present invention possesses two states: dormant state and wake-up states, under dormant state, only have transceiver (wireless communication module) and status control module in work, CPU will close, (for example: signature can not carry out command operating, receive, send the functions such as data), thus make the state of intelligent cipher equipment in a kind of low-power consumption.When other wireless devices are issued this intelligent cipher equipment application instruction from outside, status control module can be identified these signals, and generates wake-up signal, and CPU is waken up as wake-up states, starts to carry out this utility command.After command execution is complete, CPU will enter dormant state again.
Below, be briefly described for transaction flow process of the present invention:
Intelligent cipher equipment is in dormant state, user enters with this intelligent cipher equipment in the wireless signal coverage of terminal, intelligent cipher equipment and terminal complete the interactive identification of wireless device, and terminal can be known has intelligent cipher equipment to enter shop, terminal place and connects with this intelligent cipher equipment.
After terminal and intelligent cipher equipment connect, terminal can send to intelligent cipher equipment the request of authenticating device, intelligent cipher equipment receives this request, status control module can be sent wake-up signal, now CPU will be waken up, intelligent cipher equipment enters wake-up states, and carries out corresponding operation.
After intelligent cipher equipment completes command adapted thereto, return to dormant state, and continue the equipment interactive identification of maintenance and terminal, whether check out so that terminal can judge the holder of intelligent cipher equipment.
After terminal and intelligent cipher equipment mutually authenticate and pass through, terminal can propose the request of reading user profile to backstage system server, background system server proposes the request of input authorized user message, and now terminal can send user-authorization-request to intelligent cipher equipment.
Intelligent cipher equipment under dormant state receives the user-authorization-request that self terminal sends, and enters wake-up states.Intelligent cipher equipment is by the request of display terminal, and prompting user judges whether to authorize.
The request that user sends according to the terminal showing judges whether to authorize, if authorize, the acknowledgement key of pressing on intelligent cipher equipment makes intelligent cipher equipment produce authorization message and send to terminal, then proceed to dormant state, otherwise, intelligent cipher device end fill order, directly proceeds to dormant state.
In the time of clearing, terminal can send customer transaction to the intelligent cipher equipment of dormant state again and confirm request instruction, intelligent cipher equipment under dormant state receives this instruction and enters wake-up states, intelligent cipher equipment shows the Transaction Information receiving, user confirms, if Transaction Information is correct, presses acknowledgement key intelligent cipher equipment is signed to Transaction Information, and return to terminal; Otherwise, finishing executable operations, intelligent cipher equipment proceeds to dormant state.
Below, provide another kind of application scenarios of the present invention:
Background system server and terminal authenticate mutually, set up escape way and consult common session key K1;
Terminal is set up active user's list at home server, and this current user list can be used for storing user profile corresponding to intelligent cipher equipment that the client in current shop holds;
Terminal home server for example, is monitored the intelligent cipher equipment in the wireless signal coverage of terminal by wireless mode (adopting wireless exploration equipment);
Client is carrying the shopping of going window-shopping of the intelligent cipher equipment (in dormant state) with wireless communication function, in this client enters the wireless signal coverage of terminal, intelligent cipher equipment can be arrived by terminal searching, and sets up wireless connections with terminal;
Terminal and intelligent cipher equipment authenticate mutually, and set up escape way and negotiate common session key K2;
Terminal sends the request of reading the user profile that intelligent cipher equipment is corresponding to backstage system server;
Background system server produces random number (single mandate mark), and as the parameter that generates authorized user message, background system server by utilizing session key K1 encrypts this random number;
Background system server sends user-authorization-request information to terminal, and this random number ciphertext is sent to terminal;
Terminal deciphering ciphertext, the session key K2 consulting between recycling terminal and intelligent cipher equipment is to this random number encryption;
Terminal sends user-authorization-request information to intelligent cipher equipment, and this random number ciphertext is issued to intelligent cipher equipment;
Intelligent cipher equipment receives after this user-authorization-request information, convert wake-up states to, and utilize session key K2 to be decrypted this random number ciphertext receiving, then in this user-authorization-request information of demonstration screen display of intelligent cipher equipment, wait for that user confirms;
User judges this information, if do not allowed, refuses, and intelligent cipher equipment proceeds to dormant state;
If allowed, press the acknowledgement key on intelligent cipher equipment, intelligent cipher equipment is made a summary and is signed this random number (single mandate mark), and using signature value as authorized user message, utilize session key K2 ciphering signature value to be sent to terminal, then proceed to dormant state;
Terminal is received signature value and is utilized session key K2 deciphering, and recycling session key K1 encrypts, and sends background system server to;
Background system server by utilizing session key K1 deciphering is signed, the PKI decrypted signature of recycling intelligent cipher equipment, the value obtaining after the summary that utilizes the random number himself generating to generate and decrypted signature is contrasted, if inconsistent, return to error message end operation;
If consistent, background system server utilizes session key K1 to be encrypted user profile, and generating authorized user message proof test value (the first proof test value), this proof test value can be MAC form or hash function form of adding signature etc., and ciphertext and proof test value are sent to terminal;
After terminal is received user profile, user profile is stored in active user's list;
After finishing, client's shopping settles accounts to cashier;
Terminal settlement amounts, and account corresponding to intelligent cipher equipment of choosing this client to hold in active user's list;
Dealing money, bank settlement both sides account, bank settlement both sides identification information etc. are generated Transaction Information by terminal, utilizes session key K2 encrypted transaction message;
Terminal sends transaction request information to intelligent cipher equipment, and Transaction Information ciphertext is sent to intelligent cipher equipment;
Intelligent cipher equipment receives the transaction request information of terminal, proceeds to wake-up states, and Transaction Information is decrypted into expressly and is shown on screen;
Client confirms Transaction Information, if having problem by cancellation, and trading suspension, intelligent cipher equipment proceeds to dormant state;
If no problem, press acknowledgement key, intelligent cipher equipment generates random number, identifies as single transaction;
Intelligent cipher equipment is made a summary and is signed Transaction Information and this random number, utilizes session key K2 ciphering signature, obtains customer transaction confirmation and sends to terminal;
Terminal is decrypted customer transaction confirmation, and generate transaction data package and (comprise dealing money, bank settlement both sides account and unique identifying information separately etc.), utilize session key K1 to transaction data packet encryption, and generate transaction data package proof test value (the second proof test value);
Terminal sends to backstage system server concurrent transaction data package ciphertext and the second proof test value of sending of application of transferring accounts;
The background system server processing of transferring accounts, and send to transfer accounts to terminal and has successfully paid information, certain, background system server can also complete payment information exchange and cross terminal and send to intelligent cipher equipment, has concluded the business so that client learns;
Terminal receives that this payment completes information, pays commodity to client, and checkout completes.
By the certification of carrying out between terminal and background system server, after terminal has been assert the legitimacy of background system server, can utilize believable background system server to authenticate the legitimacy of intelligent cipher equipment.Determine that at the same time background system server and intelligent cipher equipment are in believable situation, have so just ensured the transaction security of terminal.While utilizing background system server the legitimacy of terminal is authenticated and conclude the business, intelligent cipher equipment, to showing the link of information manual confirmation, has also ensured intelligent cipher equipment holder's transaction security simultaneously.
Based on data security interactive system provided by the invention, client is in the time entering shop and conclude the business, complete payment without related account vehicle equipments such as matching with mobile phone, bank card or financial IC cards, and the payment process of original technology all need to possess by SIM card or smart card etc. the equipment of account memory function, user also needs to swipe the card, brush the operations such as mobile phone just can complete transaction.Adopt system provided by the invention, client can be without completing payment by modes such as wallet, credit card, mobile phones, thereby simplify the interactive operation in payment process of client and trade company, improved payment efficiency, promoted the experience of client in the payment process of near field; Utilize the security of the safety profile promise customer payment process of intelligent cipher equipment simultaneously.
Client has chosen commodity later in the time of checkout, terminal is without obtaining user profile by the mode that allows client manually swipe the card or to brush mobile phone again, to have suffered because this user profile has been stored in active user's list of terminal in the time just entering shop, when checkout, client only need quote the name of oneself, terminal can directly be sent to the Transaction Informations such as the amount of money after clearing client's intelligent cipher equipment and show, now, client only need utilize intelligent cipher equipment to confirm, and export trade confirmation information, terminal generates transaction data package and sends to background system server, the processing of transferring accounts after this transaction data package of background system server authentication is accurate, can complete payment process.
In the time that client walks out the signal cover in this family shop, the network between intelligent cipher equipment and terminal is connected and will automatically interrupts, and user profile disappears from active user's list in this shop.If when client enters again another family shop, will automatically enter in active user's list in this another family shop, start another shopping.Do not need like this client to carry out any operation, only need client, in the time of shopping, a small and exquisite intelligent cipher equipment is put into oneself to pocket, adopt the present invention just can bring seamless experience for client.
Any process of otherwise describing in process flow diagram or at this or method are described and can be understood to, represent to comprise that one or more is for realizing module, fragment or the part of code of executable instruction of step of specific logical function or process, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can be not according to order shown or that discuss, comprise according to related function by the mode of basic while or by contrary order, carry out function, this should be understood by embodiments of the invention person of ordinary skill in the field.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, multiple steps or method can realize with being stored in software or the firmware carried out in storer and by suitable instruction execution system.For example, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: there is the discrete logic for data-signal being realized to the logic gates of logic function, there is the special IC of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is can carry out the hardware that instruction is relevant by program to complete, described program can be stored in a kind of computer-readable recording medium, this program, in the time carrying out, comprises step of embodiment of the method one or a combination set of.
In addition, the each functional unit in each embodiment of the present invention can be integrated in a processing module, can be also that the independent physics of unit exists, and also can be integrated in a module two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and also can adopt the form of software function module to realize.If described integrated module realizes and during as production marketing independently or use, also can be stored in a computer read/write memory medium using the form of software function module.
The above-mentioned storage medium of mentioning can be ROM (read-only memory), disk or CD etc.
In the description of this instructions, the description of reference term " embodiment ", " some embodiment ", " example ", " concrete example " or " some examples " etc. means to be contained at least one embodiment of the present invention or example in conjunction with specific features, structure, material or the feature of this embodiment or example description.In this manual, the schematic statement of above-mentioned term is not necessarily referred to identical embodiment or example.And specific features, structure, material or the feature of description can be with suitable mode combination in any one or more embodiment or example.
Although illustrated and described embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, those of ordinary skill in the art can change above-described embodiment within the scope of the invention in the situation that not departing from principle of the present invention and aim, amendment, replacement and modification.Scope of the present invention is by claims and be equal to and limit.
Claims (30)
1. a data security interactive system, is characterized in that, comprising:
Terminal, at signal cover interscan intelligent cipher equipment, and obtains the identification information of the described intelligent cipher equipment scanning; Obtain user profile corresponding to described intelligent cipher equipment according to the identification information of described intelligent cipher equipment; Described user profile is stored in active user's list of setting up in advance; The user profile corresponding according to intelligent cipher equipment to be transacted generates Transaction Information, and utilizes the second session key that described Transaction Information is encrypted and is calculated and/or verification calculating acquisition transaction request information; Send described transaction request information to described intelligent cipher equipment; Receive described trade confirmation information; Utilize the first session key that described trade confirmation information is encrypted and is calculated and/or verification calculating acquisition transaction data package, and send described transaction data package to described background system server;
Described intelligent cipher equipment, the described transaction request information sending for receiving described terminal, utilizes described the second session key that described transaction request information is decrypted and is calculated and/or the described Transaction Information of verification checking calculating acquisition; Point out described Transaction Information; Confirmation of receipt instruction, and generate trade confirmation information;
Described background system server, the described transaction data package sending for receiving described terminal, utilizes described the first session key that described transaction data package is decrypted and is calculated and/or the described trade confirmation information of verification checking calculating acquisition; Described trade confirmation information is verified, and carried out transaction after being verified.
2. system according to claim 1, is characterized in that,
Described terminal, also for sending identification information and the user profile read requests of described intelligent cipher equipment to described background system server; Receive the response message of the user profile read requests of described background system server transmission, utilize described the first session key that the response message of described user profile read requests is decrypted and is calculated and/or the described user profile of verification checking calculating acquisition;
Described background system server, also, for receiving identification information and the described user profile read requests of the described intelligent cipher equipment that described terminal sends, obtain the user profile corresponding with described intelligent cipher equipment according to the identification information of described intelligent cipher equipment; Utilize described the first session key described user profile to be encrypted to the response message of calculating and/or the described user profile read requests of verification calculating acquisition, and send the response message of described user profile read requests to described terminal.
3. system according to claim 1, is characterized in that,
Described terminal, also for sending user profile read requests according to the identification information of described intelligent cipher equipment to described intelligent cipher equipment; Receive the response message of the described user profile read requests of described intelligent cipher equipment transmission, utilize described the second session key that the response message of described user profile read requests is decrypted and is calculated and/or the described user profile of verification checking calculating acquisition;
Described intelligent cipher equipment, also for obtaining pre-stored user profile, utilize described the second session key described user profile to be encrypted to the response message of calculating and/or the described user profile read requests of verification calculating acquisition, and send the response message of described user profile read requests to described terminal.
4. according to the system described in claims 1 to 3 any one, it is characterized in that,
Described terminal, also at signal cover interscan intelligent cipher equipment, and after obtaining the identification information of the described intelligent cipher equipment scanning, obtain the identification information of the whole intelligent cipher equipment in the signal cover of described terminal, generate real-time identification list; The identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in described real-time identification list and described active user's list is compared according to the default time interval; If the identification information of the intelligent cipher equipment in described real-time identification list, not in described active user's list, obtains user profile corresponding to described intelligent cipher equipment according to the identification information of described intelligent cipher equipment; And if the identification information of intelligent cipher equipment in described active user's list is in described real-time identification list, delete in described active user's list the not user profile of the intelligent cipher equipment in described real-time identification list.
5. according to the system described in claims 1 to 3 any one, it is characterized in that,
Described terminal, also at signal cover interscan intelligent cipher equipment, and after obtaining the identification information of the described intelligent cipher equipment scanning, obtain the identification information of the whole intelligent cipher equipment in the signal cover of described terminal, generate real-time identification list; The identification information of the intelligent cipher equipment in the identification information of the intelligent cipher equipment in described real-time identification list and described active user's list is compared according to the default time interval; If the identification information of the intelligent cipher equipment in described real-time identification list is not in described active user's list, obtain user profile corresponding to described intelligent cipher equipment according to the identification information of described intelligent cipher equipment, and obtain after described user profile in described terminal, described user profile is stored in described real-time identification list; And if the identification information of intelligent cipher equipment in described real-time identification list is in described active user's list, the user profile of described intelligent cipher equipment in described active user's list is stored in described real-time identification list; Described active user's list using described real-time identification list after upgrading.
6. system according to claim 2, is characterized in that,
Described background system server, also, for after sending the identification information and user profile read requests of described intelligent cipher equipment in described terminal to described background system server, judge whether the identification information of described intelligent cipher equipment is included in the intelligent cipher unit exception list prestoring in described background system server; After the identification information of judging described intelligent cipher equipment is in described intelligent cipher unit exception list, obtain locking intelligent cipher device directive, and utilize the private key of described background system server to sign and obtain the 5th signing messages locking intelligent cipher device directive, and send described locking intelligent cipher device directive and described the 5th signing messages by described terminal to described intelligent cipher equipment;
Described intelligent cipher equipment, the described locking intelligent cipher device directive and described the 5th signing messages that also send by described terminal for receiving described background system server, utilize the PKI in the described background system server certificate prestoring to verify described the 5th signing messages; After described the 5th signing messages of checking passes through, carry out lock operation according to described locking intelligent cipher device directive.
7. according to the system described in claim 1 to 6 any one, it is characterized in that,
Described background system server, also for receiving terminal application for registration, and audits described endpoint registration application; In examination & verification after described endpoint registration application passes through, to described terminal transmitting terminal key to generating instruction; Receive after the PKI of described terminal key centering of described terminal transmission, generate described terminal certificate, and send described terminal certificate to described terminal;
Described terminal, also, for receiving described terminal key that described background system server sends to generating instruction, generates terminal key pair; Send the PKI of described terminal key centering to described background system server; Store described terminal certificate;
And
Described background system server, also for receiving the application of intelligent cipher facility registration, and application is audited to described intelligent cipher facility registration; After the application of the described intelligent cipher facility registration of examination & verification is passed through, send intelligent cipher device keys to generating instruction to described intelligent cipher equipment; The PKI that receives the described intelligent cipher device keys centering of described intelligent cipher equipment transmission, generates described intelligent cipher device certificate, and sends described intelligent cipher device certificate to described intelligent cipher equipment;
Described intelligent cipher equipment, also, for receiving described intelligent cipher device keys that described background system server sends to generating instruction, generates intelligent cipher device keys pair; Send the PKI of described intelligent cipher device keys centering to described background system server; Store described intelligent cipher device certificate.
8. system according to claim 7, is characterized in that,
Described terminal, also for obtaining terminal cancellation application, utilizes the private key of described terminal to sign and obtain the 6th signing messages described cancellation application, and sends described terminal cancellation application and described the 6th signing messages to described background system server; Described background system server receives after described terminal cancellation application and described the 6th signing messages, utilizes the PKI in the described terminal certificate prestoring to verify described the 6th signing messages; The described terminal cancellation that receives described background system server transmission completes information, deletes the private key of described terminal;
Described background system server, also, for after described the 6th signing messages passes through in checking, deletes the described terminal certificate prestoring, and generates terminal cancellation and complete information, sends described terminal cancellation complete information to described terminal;
And/or
Described intelligent cipher equipment, also for obtaining intelligent cipher equipment cancellation application, utilize the private key of described intelligent cipher equipment to sign and obtain the 7th signing messages described cancellation application, and send described intelligent cipher equipment cancellation application and described the 7th signing messages to described background system server; Described background system server receives after described intelligent cipher equipment cancellation application and described the 7th signing messages, utilizes the PKI in the described intelligent cipher device certificate prestoring to verify described the 7th signing messages; The described intelligent cipher equipment cancellation that receives described background system server transmission completes information, deletes the private key of described intelligent cipher equipment;
Described background system server, also for after passing through at described the 7th signing messages of checking, the described intelligent cipher device certificate that deletion prestores, and generate the cancellation of intelligent cipher equipment and complete information, send the cancellation of described intelligent cipher equipment to described intelligent cipher equipment and complete information.
9. system according to claim 2, is characterized in that,
Described background system server, also for sending user-authorization-request information by described terminal to described intelligent cipher equipment; Receive described authorization message, send the response message of described user profile read requests to described terminal;
Described intelligent cipher equipment, also for receiving described user-authorization-request information, generates authorization message, and sends described authorization message by described terminal to described background system server.
10. system according to claim 9, is characterized in that,
Described intelligent cipher equipment, also, for receiving after described user-authorization-request information, is converted to wake-up states by dormant state; Under wake-up states, generate authorization message.
11. according to the system described in claim 1 to 10 any one, it is characterized in that,
Described intelligent cipher equipment, also, for receiving after described transaction request information, is converted to wake-up states by dormant state; Under wake-up states, utilize described the second session key that described transaction request information is decrypted and is calculated and/or the described Transaction Information of verification checking calculating acquisition.
12. according to the system described in claim 1 to 11 any one, it is characterized in that,
Described intelligent cipher equipment, also utilizes the private key of described intelligent cipher equipment to sign to described Transaction Information, generates trading signature information as trade confirmation information or generates dynamic password as trade confirmation information.
13. according to the system described in claim 1 to 11 any one, it is characterized in that,
Described intelligent cipher equipment, also for generating single transaction mark, and utilizes the private key of described intelligent cipher equipment to sign to described Transaction Information and described single transaction mark, generates trading signature information as trade confirmation information; Or
Described intelligent cipher equipment, also for generating single transaction mark, utilize the private key of described intelligent cipher equipment to sign and obtain the signing messages of single transaction mark described single transaction mark, and generating dynamic password, the signing messages that single transaction is identified and described dynamic password are as trade confirmation information.
14. according to the system described in claim 12 or 13, it is characterized in that,
Described terminal, also for receiving the acoustic signals of described intelligent cipher equipment transmission and described acoustic signals being decoded and obtained trade confirmation information; Or
Gather the image information of described intelligent cipher equipment demonstration and described image information is decoded and obtained described trade confirmation information; Or
The communication interface of mating with described intelligent cipher equipment by described terminal receives described trade confirmation information; Or
Trade confirmation information described in the information acquisition of inputting by described terminal.
15. according to the system described in claim 1 to 14 any one, it is characterized in that,
Described background system server, also for described trade confirmation information being verified at described background system server, and carry out transaction after being verified after, send Transaction Success acknowledgement information and/or send Transaction Success acknowledgement information by described terminal to described intelligent cipher equipment to described terminal;
Described intelligent cipher equipment, the described Transaction Success acknowledgement information also sending by described terminal for receiving described background system server, points out described Transaction Success acknowledgement information.
16. according to the system described in claim 1 to 15 any one, it is characterized in that,
Described terminal, also at described background system server, described trade confirmation information being verified, and carry out transaction after being verified after, sends reimbursement information to described intelligent cipher equipment; Receive described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilize the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation; Send described reimbursement to described background system server and confirm bag and described reimbursement confirmation;
Described intelligent cipher equipment, the described reimbursement information also sending for receiving described terminal, points out described reimbursement information; Receive reimbursement and confirm instruction, and utilize the private key of described intelligent cipher equipment to sign to described reimbursement information, generate reimbursement confirmation;
Described background system server, the described reimbursement confirmation bag and the described reimbursement confirmation that also send for receiving described terminal, confirm to wrap to described reimbursement respectively and described reimbursement confirmation is verified, and after being all verified, carrying out reimbursement and operate.
17. according to the system described in claim 1 to 15 any one, it is characterized in that,
Described intelligent cipher equipment, also at described background system server, described trade confirmation information being verified, and carry out transaction after being verified after, sends refund request to described terminal; Receive the described reimbursement information that described terminal sends, point out described reimbursement information; Receive reimbursement and confirm instruction, and utilize the private key of described intelligent cipher equipment to sign to described reimbursement information, generate reimbursement confirmation;
Described terminal, also for generating reimbursement information, and sends described reimbursement information to described intelligent cipher equipment; Receive described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilize the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation; Send described reimbursement to described background system server and confirm bag and described reimbursement confirmation;
Described background system server, the described reimbursement confirmation bag and the described reimbursement confirmation that also send for receiving described terminal, confirm to wrap to described reimbursement respectively and described reimbursement confirmation is verified, and after being all verified, carrying out reimbursement and operate.
18. according to the system described in claim 1 to 15 any one, it is characterized in that,
Described intelligent cipher equipment, also at described background system server, described trade confirmation information being verified, and carry out transaction after being verified after, sends refund request to described terminal; Receive the described refund request mark that described terminal sends, generate reimbursement information, and utilize the private key of described intelligent cipher equipment to sign to described reimbursement information, obtain reimbursement confirmation, and send described reimbursement confirmation to described terminal;
Described terminal, also for generating refund request mark, and sends described refund request mark to described intelligent cipher equipment; Receive described reimbursement confirmation, described reimbursement confirmation is verified, and after being verified, utilize the private key of described terminal to sign and generate reimbursement confirmation bag described reimbursement confirmation; Send described reimbursement to described background system server and confirm bag and described reimbursement confirmation;
Described background system server, the described reimbursement confirmation bag and the described reimbursement confirmation that also send for receiving described terminal, confirm to wrap to described reimbursement respectively and described reimbursement confirmation is verified, and after being all verified, carrying out reimbursement and operate.
19. according to the system described in claim 16 or 17, it is characterized in that, in described reimbursement information, also comprises electron pair bill.
20. systems according to claim 15, is characterized in that, described Transaction Success acknowledgement information also comprises electron pair bill.
21. according to the system described in claim 1 to 18 any one, it is characterized in that, also comprises electron pair bill in described Transaction Information.
22. according to the system described in claim 1 to 21 any one, it is characterized in that, described terminal is at signal cover interscan intelligent cipher equipment, and before obtaining the identification information of the described intelligent cipher equipment scanning, described system also comprises:
Described intelligent cipher equipment enters and can be scanned state.
23. according to the system described in claim 1 to 22 any one, it is characterized in that,
Described the first session key is pre-stored in described background system server and described terminal or described the first session key is consulted to generate by described background system server and described terminal;
Described the second session key is pre-stored in described terminal and described intelligent cipher equipment or described the second session key is consulted to generate by described terminal and described intelligent cipher equipment.
24. systems according to claim 23, is characterized in that,
The information of transmitting between described background system server and described terminal all calculates by the first session key and/or rear transmission is calculated in verification;
The information of transmitting between described terminal and described intelligent cipher equipment all calculates by the second session key and/or rear transmission is calculated in verification.
25. according to the system described in claim 1 to 24 any one, it is characterized in that,
Described terminal also authenticates mutually with described background system server, and generates respectively described the first session key.
26. systems according to claim 25, is characterized in that,
Described terminal, also treats signing messages for generating first; Send described first to backstage system server and treat signing messages and the first authentication request information; Whether what receive that described background system server sends described second treats signing messages and described background system server certificate, utilize described in root certification authentication corresponding to the background system server certificate that prestores background system server certificate legal; After the described background system server certificate of checking is legal, generates and share master key; Utilize PKI in described background system server certificate to be encrypted and to generate the first enciphered message described shared master key, the private key that utilizes described terminal treats that to described first signing messages and described second treats signing messages generation the first signing messages of sign; Send described the first enciphered message, described the first signing messages and terminal certificate to described background system server; The described backstage that receives described background system server transmission has authenticated message, verifies that described backstage has authenticated message; After the described backstage of checking authenticate message and passes through, generation terminal authentication first completes message, and send described terminal authentication first to described background system server and complete message, and according to described shared master key calculation the first session key;
Described background system server, also treats signing messages and described the first authentication request information for receiving described first of described terminal transmission, generates second and treats signing messages; Send described second to described terminal and treat signing messages and background system server certificate; Described in root certification authentication corresponding to terminal certificate that utilization prestores, whether terminal certificate is legal; After the described terminal certificate of checking is legal, utilize the first signing messages described in the public key verifications in described terminal certificate; After described the first signing messages of checking passes through, utilize the private key of described background system server to decipher described the first enciphered message, obtain described shared master key; Generate backstage and authenticated message, and send described backstage to described terminal and authenticated message; The described terminal authentication first that receives described terminal transmission completes message, verifies that described terminal authentication first completes message; After checking described terminal authentication first completes message and passes through, according to the first session key described in described shared master key calculation.
27. systems according to claim 26, is characterized in that,
Described background system server, also treats signing messages and described the first authentication request information for receiving described first of described terminal transmission, and wherein, described the first authentication request information comprises the identification information of described terminal; Whether the identification information that judges described terminal is included in the terminal abnormal list prestoring in described background system server; After the identification information of judging described terminal is in described terminal abnormal list, obtain locking terminal instruction, and the private key that utilizes described background system server to locking terminal instruction sign and obtain the 4th signing messages, and send described locking terminal instruction and described the 4th signing messages to described terminal;
Described terminal, the described locking terminal instruction and described the 4th signing messages that also send for receiving described background system server, utilize the PKI in the described background system server certificate prestoring to verify described the 4th signing messages; After described the 4th signing messages of checking passes through, carry out lock operation according to described locking terminal instruction.
28. according to the system described in claim 1 to 27 any one, it is characterized in that,
Described terminal also authenticates mutually with described intelligent cipher equipment, and generates respectively described the second session key.
29. systems according to claim 28, is characterized in that,
Described terminal, also treats signing messages for generating the 3rd; Send the described the 3rd to described intelligent cipher equipment and treat signing messages and the second authentication request information; Whether what receive that described intelligent cipher equipment sends the described the 4th treats signing messages, described the second signing messages and described intelligent cipher device certificate, utilize described in the root certification authentication that the intelligent cipher device certificate that prestores is corresponding intelligent cipher device certificate legal; After the described intelligent cipher device certificate of checking is legal, utilize the PKI in described intelligent cipher device certificate to verify described the second signing messages; After described the second signing messages of checking passes through, the private key that utilizes described terminal treats that to the described the 3rd signing messages and the described the 4th treats that signing messages is signed and obtain the 3rd signing messages, generate the first session key and generate the factor, utilize the PKI in described intelligent cipher device certificate to be encrypted and to obtain the second enciphered message the described first session key generation factor; Send described the 3rd signing messages, described the second enciphered message and described terminal certificate to described intelligent cipher equipment; Described the 3rd enciphered message and the described intelligent cipher device authentication that receive described intelligent cipher equipment transmission complete message, verify that described intelligent cipher device authentication completes message; After the described intelligent cipher device authentication of checking completes message and passes through, generate terminal authentication second and complete message, send described terminal authentication second to described intelligent cipher equipment and complete message, and according to first session key generate the factor and decipher described the 3rd enciphered message obtain described second session key generate the factor generate described the second session key;
Described intelligent cipher equipment, also treats signing messages and described the second authentication request information for receiving the described the 3rd of described terminal transmission, generates the 4th and treats signing messages; The private key that utilizes described intelligent cipher equipment treats to the described the 3rd that signing messages is signed and obtains the second signing messages, and sends the described the 4th to described terminal and treat signing messages, described the second signing messages and intelligent cipher device certificate; Receive described the 3rd signing messages, described the second enciphered message and described terminal certificate that described terminal sends, utilize described in the root certification authentication that the described terminal certificate that prestores is corresponding terminal certificate whether legal; After the described terminal certificate of checking is legal, utilize the PKI in described terminal certificate to verify described the 3rd signing messages; After described the 3rd signing messages of checking passes through, generate the second session key and generate the factor, utilize PKI in described terminal certificate to generate the factor to described the second session key and be encrypted and obtain the 3rd enciphered message, and generate intelligent cipher device authentication and complete message; Send described the 3rd enciphered message and described intelligent cipher device authentication completes message to described terminal; The described terminal authentication second that receives described terminal transmission completes message, verifies that described terminal authentication second completes message; Verify that described terminal authentication second completes after message, according to second session key generate the factor and decipher described second enciphered message obtain described first session key generate the factor generate described the second session key.
30. systems according to claim 29, is characterized in that,
Described intelligent cipher equipment, also, for receiving after described the second authentication request information, is converted to wake-up states by dormant state; Under wake-up states, generate the 4th and treat signing messages.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410171463.4A CN103942688A (en) | 2014-04-25 | 2014-04-25 | Data security interactive system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410171463.4A CN103942688A (en) | 2014-04-25 | 2014-04-25 | Data security interactive system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103942688A true CN103942688A (en) | 2014-07-23 |
Family
ID=51190348
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410171463.4A Pending CN103942688A (en) | 2014-04-25 | 2014-04-25 | Data security interactive system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103942688A (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104219058A (en) * | 2014-09-28 | 2014-12-17 | 小米科技有限责任公司 | Identity authentication and authorization method and device |
| CN104661215A (en) * | 2015-01-15 | 2015-05-27 | 天地融科技股份有限公司 | Communication method of wireless equipment and wireless equipment |
| CN105550859A (en) * | 2015-07-30 | 2016-05-04 | 宇龙计算机通信科技(深圳)有限公司 | Method and apparatus for service data transfer between accounts |
| CN105577612A (en) * | 2014-10-11 | 2016-05-11 | 中兴通讯股份有限公司 | Identity authentication method, third party server, merchant server, and user terminal |
| CN106169993A (en) * | 2016-06-28 | 2016-11-30 | 北京华大领创智能科技有限公司 | A kind of safety certifying method, equipment and server |
| CN107360126A (en) * | 2016-08-22 | 2017-11-17 | 天地融科技股份有限公司 | A kind of method, system and terminal that client is logged in using pattern identification code |
| CN107464105A (en) * | 2017-09-15 | 2017-12-12 | 深圳天珑无线科技有限公司 | Device pays interactive authentication method and its system |
| CN107733647A (en) * | 2017-12-08 | 2018-02-23 | 前海联大(深圳)技术有限公司 | A kind of key updating method based on PKI security systems |
| CN109343515A (en) * | 2018-11-30 | 2019-02-15 | 深圳市元征科技股份有限公司 | Car fault diagnosis method, system, equipment and computer readable storage medium |
| CN109410406A (en) * | 2018-11-14 | 2019-03-01 | 北京华大智宝电子系统有限公司 | A kind of authorization method, device and system |
| CN109410394A (en) * | 2018-10-11 | 2019-03-01 | 深圳市捷恩斯威科技有限公司 | A kind of method for sending information and information transmitting system of intelligent door lock |
| CN109598663A (en) * | 2018-11-16 | 2019-04-09 | 阿里巴巴集团控股有限公司 | There is provided and obtain the method and device of secure identity information |
| CN109802834A (en) * | 2017-11-16 | 2019-05-24 | 航天信息股份有限公司 | The method and system that a kind of pair of business layer data is encrypted, decrypted |
| CN110084017A (en) * | 2019-04-24 | 2019-08-02 | 上海互啊佑智能科技有限公司 | A kind of ID authentication device, system, method, apparatus and storage medium |
| CN110635901A (en) * | 2019-09-11 | 2019-12-31 | 北京方研矩行科技有限公司 | Local Bluetooth dynamic authentication method and system for Internet of things equipment |
| CN112055019A (en) * | 2020-09-03 | 2020-12-08 | 深圳市百富智能新技术有限公司 | Method for establishing communication channel and user terminal |
| CN112956169A (en) * | 2018-10-29 | 2021-06-11 | 7-11股份有限公司 | Authentication using key pairs and inter-process communication |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1518235A (en) * | 2003-01-16 | 2004-08-04 | �ձ�������ʽ���� | Identification system of electronic busness and its implementing method |
| CN101087189A (en) * | 1998-05-05 | 2007-12-12 | 杰伊·C·陈 | A cryptographic system and method for electronic trade |
| CN101465019A (en) * | 2009-01-14 | 2009-06-24 | 北京华大智宝电子系统有限公司 | Method and system for implementing network authentication |
| WO2009125919A1 (en) * | 2008-04-10 | 2009-10-15 | Lg Electronics Inc. | Terminal and method for managing secure devices |
| CN101789934A (en) * | 2009-11-17 | 2010-07-28 | 北京飞天诚信科技有限公司 | Method and system for online security trading |
| CN103259765A (en) * | 2012-02-19 | 2013-08-21 | 上海博路信息技术有限公司 | Zone social intercourse system based on Bluetooth |
| CN103346883A (en) * | 2013-06-19 | 2013-10-09 | 天地融科技股份有限公司 | Method and device for initializing electronic signature tool |
-
2014
- 2014-04-25 CN CN201410171463.4A patent/CN103942688A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087189A (en) * | 1998-05-05 | 2007-12-12 | 杰伊·C·陈 | A cryptographic system and method for electronic trade |
| CN1518235A (en) * | 2003-01-16 | 2004-08-04 | �ձ�������ʽ���� | Identification system of electronic busness and its implementing method |
| WO2009125919A1 (en) * | 2008-04-10 | 2009-10-15 | Lg Electronics Inc. | Terminal and method for managing secure devices |
| CN101465019A (en) * | 2009-01-14 | 2009-06-24 | 北京华大智宝电子系统有限公司 | Method and system for implementing network authentication |
| CN101789934A (en) * | 2009-11-17 | 2010-07-28 | 北京飞天诚信科技有限公司 | Method and system for online security trading |
| CN103259765A (en) * | 2012-02-19 | 2013-08-21 | 上海博路信息技术有限公司 | Zone social intercourse system based on Bluetooth |
| CN103346883A (en) * | 2013-06-19 | 2013-10-09 | 天地融科技股份有限公司 | Method and device for initializing electronic signature tool |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104219058A (en) * | 2014-09-28 | 2014-12-17 | 小米科技有限责任公司 | Identity authentication and authorization method and device |
| CN105577612A (en) * | 2014-10-11 | 2016-05-11 | 中兴通讯股份有限公司 | Identity authentication method, third party server, merchant server, and user terminal |
| CN104661215A (en) * | 2015-01-15 | 2015-05-27 | 天地融科技股份有限公司 | Communication method of wireless equipment and wireless equipment |
| CN105550859A (en) * | 2015-07-30 | 2016-05-04 | 宇龙计算机通信科技(深圳)有限公司 | Method and apparatus for service data transfer between accounts |
| CN106169993A (en) * | 2016-06-28 | 2016-11-30 | 北京华大领创智能科技有限公司 | A kind of safety certifying method, equipment and server |
| CN107360126B (en) * | 2016-08-22 | 2020-03-24 | 天地融科技股份有限公司 | Method, system and terminal for logging in client by using graphic identification code |
| CN107360126A (en) * | 2016-08-22 | 2017-11-17 | 天地融科技股份有限公司 | A kind of method, system and terminal that client is logged in using pattern identification code |
| CN107464105A (en) * | 2017-09-15 | 2017-12-12 | 深圳天珑无线科技有限公司 | Device pays interactive authentication method and its system |
| CN109802834A (en) * | 2017-11-16 | 2019-05-24 | 航天信息股份有限公司 | The method and system that a kind of pair of business layer data is encrypted, decrypted |
| CN107733647A (en) * | 2017-12-08 | 2018-02-23 | 前海联大(深圳)技术有限公司 | A kind of key updating method based on PKI security systems |
| CN109410394A (en) * | 2018-10-11 | 2019-03-01 | 深圳市捷恩斯威科技有限公司 | A kind of method for sending information and information transmitting system of intelligent door lock |
| CN112956169A (en) * | 2018-10-29 | 2021-06-11 | 7-11股份有限公司 | Authentication using key pairs and inter-process communication |
| US11915226B2 (en) | 2018-10-29 | 2024-02-27 | 7-Eleven, Inc. | Validation using key pairs and interprocess communications |
| CN109410406A (en) * | 2018-11-14 | 2019-03-01 | 北京华大智宝电子系统有限公司 | A kind of authorization method, device and system |
| CN109598663A (en) * | 2018-11-16 | 2019-04-09 | 阿里巴巴集团控股有限公司 | There is provided and obtain the method and device of secure identity information |
| CN109598663B (en) * | 2018-11-16 | 2023-05-09 | 创新先进技术有限公司 | Method and device for providing and acquiring safety identity information |
| CN109343515A (en) * | 2018-11-30 | 2019-02-15 | 深圳市元征科技股份有限公司 | Car fault diagnosis method, system, equipment and computer readable storage medium |
| CN110084017A (en) * | 2019-04-24 | 2019-08-02 | 上海互啊佑智能科技有限公司 | A kind of ID authentication device, system, method, apparatus and storage medium |
| CN110635901A (en) * | 2019-09-11 | 2019-12-31 | 北京方研矩行科技有限公司 | Local Bluetooth dynamic authentication method and system for Internet of things equipment |
| CN112055019A (en) * | 2020-09-03 | 2020-12-08 | 深圳市百富智能新技术有限公司 | Method for establishing communication channel and user terminal |
| CN112055019B (en) * | 2020-09-03 | 2022-09-27 | 深圳市百富智能新技术有限公司 | Method for establishing communication channel and user terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3136646B1 (en) | Secure data interaction method and system | |
| CN103942687A (en) | Data security interactive system | |
| CN103942688A (en) | Data security interactive system | |
| CN103944736A (en) | Data security interactive method | |
| CN103942690A (en) | Data security interactive system | |
| CN103944729A (en) | Data security interactive method | |
| CN103944734A (en) | Data security interactive method | |
| WO2015161690A1 (en) | Secure data interaction method and system | |
| CN103942684A (en) | Data security interactive system | |
| CN105046488A (en) | Method, apparatus, and system for generating transaction-signing one-time password | |
| KR101644124B1 (en) | Server for transaction using pre-authentication and method thereof | |
| TWI591553B (en) | Systems and methods for mobile devices to trade financial documents | |
| CN103942685A (en) | Data security interactive system | |
| CN103944728A (en) | Data security interactive system | |
| CN103944730A (en) | Data security interactive system | |
| CN103944735A (en) | Data security interactive method | |
| JP2015537399A (en) | Application system for mobile payment and method for providing and using mobile payment means | |
| CN103944908A (en) | Data updating method and system | |
| CN101944216A (en) | Two-factor online transaction safety authentication method and system | |
| CN103944731A (en) | Data security interactive method | |
| CN103942686A (en) | Data security interactive system | |
| CN103944911A (en) | Data security interactive system | |
| CN103944909A (en) | Data updating method and system | |
| CN103944907A (en) | Data updating method and system | |
| CN101390115A (en) | Authentication system for on-line banking, and user terminal for the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140723 |