Disclosure of Invention
However, in the research process, the inventor finds that, since the third party payment Industry Data Security Standard (PCI DSS) does not allow the international payment system to store the confirmation Code (CVN) that the user initially inputs to the international payment system, the confirmation code that the user initially inputs cannot be transferred to the third party payment platform when the international payment system finally issues an authorization application to the third party payment platform. In the 3D payment process, if the third-party payment platform cannot acquire the confirmation code input by the user at the beginning, information authentication cannot be realized. Therefore, the efficiency of successful information authentication in the implementation process of the prior art is low, and further, the use experience of the user in using 3D payment is also influenced.
The technical problem to be solved by the application is to provide an information authentication method based on the confirmation code, so as to avoid the problem that the success rate of information authentication is low due to the fact that the international payment system cannot store the confirmation code in the prior art as much as possible, and further, the use experience of a user in using 3D payment can be improved.
The application also provides an information authentication device and an information authentication system based on the confirmation code, which are used for ensuring the realization and the application of the method in practice.
In order to solve the above problem, the present application discloses an information authentication method based on a confirmation code, which includes:
the authentication method is applied to a payment system in an authentication system, and the authentication system further comprises: a third party payment platform; the method comprises the following steps:
receiving a confirmation code and information to be authenticated which are currently input by a user;
correspondingly storing the confirmation codes into a cache; the cache is used for storing the confirmation codes within preset time;
after the information to be authenticated is sent to the third-party payment platform and prompt information returned by the third-party payment platform is received, the prompt information is referred to trigger the payment system to jump to a password verification interface for display;
and responding to the fact that the payment password input by the user on the password verification interface passes verification, sending the confirmation code in the cache and the information to be authenticated to the third party payment platform to realize authentication, and deleting the confirmation code in the cache.
The application discloses information authentication device based on affirmation code includes:
the device is integrated on a payment system in an authentication system, the authentication system further comprises a third party payment platform, and the device comprises:
the receiving module is used for receiving the confirmation code and the information to be authenticated which are currently input by the user;
the cache module is used for correspondingly storing the confirmation codes into a cache; the cache is used for storing the confirmation codes within preset time;
the triggering module is used for triggering the payment system to jump to a password verification interface for display by referring to the prompt information after the information to be authenticated is sent to the third-party payment platform and the prompt information returned by the third-party payment platform is received;
the sending module is used for responding to the verification that the payment password input by the user on the password verification interface passes, and sending the confirmation code in the cache and the information to be authenticated to the third-party payment platform to realize authentication;
and the deleting module is used for deleting the confirmation codes in the cache.
The application discloses information authentication system based on confirmation code, including:
the system comprises the information authentication device and a third party payment platform.
Compared with the prior art, the method has the following advantages:
in the embodiment of the application, the international payment system stores the confirmation code input by the user at first by setting an independent cache space, and deletes the confirmation code from the cache after the authentication is completed, so that the requirement of the PCI DSS can be met, the problem of low success rate of information authentication in the prior art can be avoided as much as possible, and the use experience of the user in using 3D payment can be further improved.
Of course, it is not necessary for any product to achieve all of the above-described advantages at the same time for the practice of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The application is operational with numerous general purpose or special purpose computing device environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet-type devices, multi-processor apparatus, distributed computing environments that include any of the above devices or equipment, and the like.
The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
Referring to fig. 1, a flowchart of an embodiment of an authentication method for information based on a confirmation code according to the present application is shown, where the authentication method according to the embodiment of the present application may be applied to an international payment system in an authentication system, and the authentication system may further include: a third party payment platform; the present embodiment may include the following steps:
step 101: and receiving the confirmation code and the information to be authenticated which are currently input by the user.
Firstly, the international payment system receives a confirmation code and information to be authenticated input by a user, wherein the information to be authenticated comprises information such as a bank card number and a bank card validity period, and the confirmation code is a fixed-digit security code on the back of the bank card, for example, a fixed digit '567' on the back of a credit card. The bank card in the embodiment of the present application may be a credit card or a debit card with a confirmation code. And the international payment system refers to an international payment system for information authentication with an international issuer.
Step 102: correspondingly storing the confirmation codes into a cache; the cache is used for storing the confirmation codes in preset time.
In this embodiment, the international payment system may separately provide a buffer for temporarily storing the confirmation code, and in order to avoid the non-compliance with the PCI DSS, the confirmation code may only exist in the buffer for a predetermined time. For example, a preset fixed time period (e.g., 1 hour), or a trigger time that takes successful authentication of the information to be authenticated as a trigger condition, that is, in step 104, if the information to be authenticated is successfully authenticated, deletion of the confirmation code in the cache is triggered.
It is to be understood that the cache may be a separate storage space inside the international payment system, or may be an independent server connected to the international payment system.
Step 103: after the information to be authenticated is sent to the third-party payment platform and prompt information returned by the third-party payment platform is received, the prompt information is referred to trigger the payment system to jump to a password verification interface for display.
Fig. 2 is a diagram of a scene structure in practical application of the embodiment of the present application. The international payment system 201 also sends the information of the bank card number, the validity period and the like to the third party payment platform 202 connected with the international payment system in the process of storing the confirmation code in the cache, after receiving the information of the bank card number, the validity period and the like, the third party payment platform 202 judges whether the bank card is registered, if so, a prompt message is returned to the international payment system to prompt the international payment system to jump the browser to the password verification interface of the bank card and display the browser to the user.
Step 104: and responding to the fact that the payment password input by the user on the password verification interface passes verification, and sending the confirmation code in the cache and the information to be authenticated to the third party payment platform to realize authentication.
The user can input the payment password of the own bank card in the password verification interface and send the payment password to the card issuing bank of the bank card for verification, if the verification is passed, the card issuing bank can send the verification result to the international payment system, the verification result triggers the international payment system to send the confirmation code once stored in the cache, the bank card number and the validity period waiting authentication information to the third party payment platform, and the third party payment platform can authenticate whether the 3D payment request initiated by the user currently is valid according to the confirmation code and the information to be authenticated, so that the authentication is realized.
Step 105: deleting the confirmation code in the cache.
The international payment system then deletes the stored confirmation code in the cache.
Therefore, in the embodiment of the application, the international payment system stores the confirmation code input by the user at first by setting an independent cache space, and deletes the confirmation code from the cache after the authentication is completed, so that the requirement of the PCIDSS can be met, the problem of low success rate of information authentication in the prior art can be avoided as much as possible, and the use experience of the user in using 3D payment can be further improved.
To facilitate understanding of the implementation of the present application in practical applications by those skilled in the art, a specific example is described below.
Step A1: and the international payment system receives the confirmation code and the information to be authenticated which are currently input by the user.
The implementation process of step a1 is similar to that of step 101, and is not described herein again.
In this specific example, the implementation process of step 102 may include step a2 to step A3.
Step A2: and the international payment system encrypts the confirmation code according to an encryption algorithm approved by the third-party payment industry data security standard PCI DSS, and correspondingly stores the encrypted confirmation code and the current service identifier into a cache.
After receiving the confirmation code, the international payment system encrypts the confirmation code and stores the encrypted confirmation code in the cache in this example. The international payment system can encrypt by adopting an encryption algorithm approved by PCI DSS, and correspondingly store the encrypted confirmation code and the current service identifier into the cache. Wherein, the current service identifier is: and the international payment system generates identification information for uniquely identifying the current authentication service for the current 3D payment service initiated by the user. For example, a fixed length sequence number, etc. Specifically, as shown in table 1, the storage manner of the encrypted confirmation code stored in the cache is described, where key is the current service identifier, and value is the encrypted confirmation code.
TABLE 1
Key
|
Value
|
Current service identification
|
Encrypted CVN information |
Step A3: the international payment system stores the employed encryption key in the key management infrastructure KMI system.
In this example, the international payment system may further store the encryption Key used for encrypting the confirmation code in step a2 in KMI (Key management infrastructure). In order to use the confirmation code conveniently, the confirmation code can be encrypted by adopting a uniform encryption key.
This example also differs from the embodiment shown in fig. 1 in that it comprises step a 4:
step A4: the international payment system stores the task information of the confirmation code into a database, and the task information of the confirmation code may include: the current service identification, the preset time of the confirmation code stored in the cache and the authentication state of the current service.
In this example, the international payment system may also store the task information associated with the confirmation code in a database, which may be implemented using any memory space of the international payment system. The current service identifier, the preset time of the confirmation code stored in the cache and the authentication state of the current service, such as authenticated or not authenticated, are also included. And when the authentication state is initially stored, the authentication state is not authenticated.
TABLE 2
Payment_order_id
|
Trigger_time
|
Status
|
Current service identification
|
Preset time
|
Status of whether or not it has been consumed |
Step a5 is then entered: after the information to be authenticated is sent to the third-party payment platform and prompt information returned by the third-party payment platform is received, the international payment system refers to the prompt information to trigger the payment system to jump to a password verification interface for display.
It is understood that step a5 is the same as the implementation of step 103, and will not be described herein.
In this example, step 104 may include step a6 to step A8.
Step A6: and in response to the fact that the payment password input by the user on the password verification interface passes verification, the international payment system reads the corresponding encrypted confirmation code from the cache according to the current service identifier, and acquires an encryption key from the KMI system.
First, if the payment password input by the user on the password verification interface passes the verification of the issuer, after receiving the notification message of the issuer, the international payment system may obtain the corresponding encrypted confirmation code from table 1 according to the current service identifier, and may obtain the encryption key used when encrypting the confirmation code from KMI system.
Step A7: and the international payment system decrypts the encrypted confirmation code by adopting the encryption key to obtain the confirmation code.
The international payment system then decrypts the encrypted confirmation code using the encryption key to obtain the unencrypted confirmation code.
Step A8: and the international payment system sends the confirmation code and the information to be authenticated to the third party payment platform to realize authentication.
And the international payment system sends the confirmation code, the bank card number and the validity period waiting authentication information to the third party payment platform to realize authentication.
Step A9: the international payment system judges whether the current time reaches the preset time for deleting the confirmation code in real time, and if so, the step A0 is carried out.
After the authentication is successful, the international payment system determines whether the current time reaches a preset time for deleting the confirmation code, for example, whether the current time reaches 1 hour. If a trigger condition, such as successful authentication of the information to be authenticated, is stored in table 1, then in this step it is determined whether step A8 has been successfully authenticated. It will be appreciated that if the current time has not reached the preset time for confirmation code deletion, no action is taken.
Step A10: and the international payment system searches the corresponding encrypted confirmation code in the cache according to the current service identifier.
And if the preset time for deleting the confirmation code is reached, searching the corresponding encrypted confirmation code from the cache according to the current service identifier.
Step A11: and the international payment system deletes the encrypted confirmation code in the cache and modifies the authentication state of the current service into the authentication state in the database.
The international payment system deletes the encrypted confirmation code in the cache, and after the deletion is successful, the international payment system does not have the confirmation code in the cache any more, and modifies the authentication state in the table 2 into the completion from the database.
For simplicity of explanation, the foregoing method embodiments are described as a series of acts or combinations, but those skilled in the art will appreciate that the present application is not limited by the order of acts, as some steps may occur in other orders or concurrently with other steps based on the disclosure herein. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.
Corresponding to the method provided by the above embodiment of the information authentication method based on the confirmation code in the present application, referring to fig. 3, the present application further provides an embodiment of an information authentication device based on the confirmation code, in this embodiment, the device may be integrated on a payment system in an authentication system, the authentication system may further include a third party payment platform, and the device may include:
the receiving module 301 is configured to receive a confirmation code and information to be authenticated, which are currently input by a user.
A cache module 302, configured to store the confirmation code into a cache correspondingly; the cache is used for storing the confirmation codes in preset time.
The triggering module 303 is configured to, after sending the information to be authenticated to the third-party payment platform and receiving the prompt information returned by the third-party payment platform, refer to the prompt information to trigger the payment system to jump to a password verification interface for display.
A sending module 304, configured to send, in response to that the payment password input by the user in the password verification interface passes verification, the confirmation code in the cache and the information to be authenticated to the third-party payment platform to implement authentication.
A deleting module 305, configured to delete the confirmation code in the cache.
Optionally, in different embodiments, the cache module 302 may specifically include:
the encryption submodule is used for encrypting the confirmation code according to an encryption algorithm approved by the third-party payment industry data security standard PCI DSS; the first storage submodule is used for correspondingly storing the encrypted confirmation code and the current service identifier into a cache; the current service identifier is: the payment system generates identification information for uniquely identifying the current authentication service; and, a second storage submodule for storing the employed encryption key in the key management infrastructure KMI system;
the corresponding sending module 304 may specifically include:
the reading submodule is used for reading the corresponding encrypted confirmation code from the cache according to the current service identifier; an obtaining submodule, configured to obtain an encryption key from the KMI system; the decryption submodule is used for decrypting the encrypted confirmation code by adopting the encryption key to obtain the confirmation code; and the sending submodule is used for sending the confirmation code and the information to be authenticated to the third party payment platform so as to realize authentication.
Optionally, in different embodiments, the apparatus may further include:
a task saving module, configured to save task information of the confirmation code to a database, where the task information of the confirmation code includes: the current service identification, the deletion time of the confirmation code and the authentication state of the current service; the corresponding deleting module 305 may specifically include:
the judging submodule is used for judging whether the current time reaches the deleting time of the confirmation code; the deletion time is as follows: a preset fixed time period, or a trigger moment taking the successful authentication of the information to be authenticated as a trigger condition; the searching submodule is used for searching the corresponding encrypted confirmation code in the cache according to the current service identifier under the condition that the result of the judging submodule is yes; a deletion submodule, configured to delete the encrypted confirmation code from the cache; and the modification submodule is used for modifying the authentication state of the current service into the finished state in the database.
In the embodiment of the application, the international payment system stores the confirmation code input by the user at first by setting an independent cache space, and deletes the confirmation code from the cache after the authentication is completed, so that the requirement of the PCI DSS can be met, the problem of low success rate of information authentication in the prior art can be avoided as much as possible, and the use experience of the user in using 3D payment can be further improved.
The embodiment of the application also provides an international payment system based on the confirmation code, and the system can comprise the information authentication device shown in fig. 3 and a third party payment platform.
In the embodiment of the application, the international payment system stores the confirmation code input by the user at first by setting an independent cache space, and deletes the confirmation code from the cache after the authentication is completed, so that the requirement of the PCI DSS can be met, the problem of low efficiency of successful authentication of information in the prior art can be avoided as much as possible, and the use experience of the user in using 3D payment can be further improved.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The information authentication method, device and system based on the confirmation code provided by the present application are introduced in detail above, and a specific example is applied in the text to explain the principle and implementation of the present application, and the description of the above embodiment is only used to help understand the method and core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.