CN110659897A - Method, system, computing device and medium for transaction verification - Google Patents
Method, system, computing device and medium for transaction verification Download PDFInfo
- Publication number
- CN110659897A CN110659897A CN201910896567.4A CN201910896567A CN110659897A CN 110659897 A CN110659897 A CN 110659897A CN 201910896567 A CN201910896567 A CN 201910896567A CN 110659897 A CN110659897 A CN 110659897A
- Authority
- CN
- China
- Prior art keywords
- transaction
- transaction data
- authentication
- digital token
- page
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The present disclosure provides a method of transaction verification performed by a transaction server side. The method comprises the steps of receiving transaction data sent by terminal equipment through a transaction confirmation page; determining an authentication page address according to the transaction data; indicating the terminal equipment to embed an authentication page corresponding to the authentication page address in the transaction confirmation page so that the terminal equipment obtains a digital token corresponding to the transaction data from the authentication server through the authentication page; receiving a digital token from the terminal device and verifying the digital token; and obtaining a transaction result according to the transaction data under the condition that the digital token passes the verification. The present disclosure also provides a method of transaction verification performed by a terminal device, a method of transaction verification performed by an authentication server side, a system of transaction verification, a computing device and a medium.
Description
Technical Field
The present disclosure relates to a method, system, computing device, and medium for transaction verification.
Background
In the online banking transaction system, the transaction behavior of the user needs to be authenticated to ensure the security of the transaction. Different transaction authentication means realized by different types of online banking transaction systems are different, and different authentication media can be supported in transaction authentication. When the authentication medium needs to be replaced or upgraded, each transaction system is redeveloped and docked in order to adapt to the new authentication medium, and the process consumes more human resources.
Disclosure of Invention
One aspect of the present disclosure provides a method of transaction verification performed by a transaction server, comprising: receiving transaction data sent by the terminal equipment through a transaction confirmation page; determining an authentication page address according to the transaction data; indicating the terminal equipment to embed an authentication page corresponding to the authentication page address in the transaction confirmation page so that the terminal equipment obtains a digital token corresponding to the transaction data from the authentication server through the authentication page; receiving a digital token from the terminal device and verifying the digital token; and obtaining a transaction result according to the transaction data under the condition that the digital token passes the verification.
Optionally, wherein the verifying the digital token comprises: obtaining data to be verified by analyzing the digital token; comparing the transaction data with the data to be verified; and if the transaction data is consistent with the data to be verified, the digital token passes the verification, otherwise, the digital token cannot pass the verification.
Optionally, after receiving the transaction data sent by the terminal device through the transaction confirmation page, the method further includes: determining whether the transaction data has an abnormality; and under the condition that the transaction data storage is determined to be abnormal, sending an abnormal notice to the terminal equipment and returning to the transaction data sent by the receiving terminal equipment through the transaction confirmation page.
Another aspect of the present disclosure provides a method of transaction verification performed by a terminal device, comprising: obtaining transaction data; transmitting the transaction data passing through the transaction confirmation page to a transaction server; embedding an authentication page corresponding to the authentication page address in the transaction confirmation page according to the instruction of the transaction server; sending the transaction data to an authentication server through an authentication page so that the authentication server determines a digital token corresponding to the transaction data according to the transaction data; and receiving the digital token from the authentication server and sending the digital token to the transaction server.
Optionally, the sending the transaction data to the authentication server through the authentication page includes: sending a control loading request to an authentication server so that the authentication server determines a signature control according to the control loading request; receiving a signature control sent by an authentication server, and loading the signature control in an authentication page; and sending the transaction data to the authentication server through the signature control.
Another aspect of the present disclosure provides a method of transaction verification performed by an authentication server, including: receiving transaction data sent by the terminal equipment through the authentication page; verifying the transaction data; determining a digital token according to the transaction data under the condition that the transaction data passes the verification; and sending the digital token to the terminal device.
Optionally, the method further includes: receiving a control loading request from terminal equipment; determining a signature control according to the control loading request; and sending the signature control to the terminal equipment.
Another aspect of the disclosure provides a system for transaction verification, comprising: the transaction server is used for receiving transaction data sent by the terminal equipment through the transaction confirmation page; determining an authentication page address according to the transaction data; indicating the terminal equipment to embed an authentication page corresponding to the authentication page address in the transaction confirmation page so that the terminal equipment obtains a digital token corresponding to the transaction data from the authentication server through the authentication page; receiving a digital token from the terminal device and verifying the digital token; and under the condition that the digital token passes the verification, obtaining a transaction result according to the transaction data; the terminal equipment is used for obtaining transaction data; transmitting the transaction data passing through the transaction confirmation page to a transaction server; embedding an authentication page corresponding to the authentication page address in the transaction confirmation page according to the instruction of the transaction server; the transaction data are sent to an authentication server through an authentication page, so that the authentication server determines a digital token corresponding to the transaction data according to the transaction data; receiving the digital token from the authentication server and sending the digital token to the transaction server; the authentication server is used for receiving the transaction data sent by the terminal equipment through the authentication page; verifying the transaction data; determining a digital token according to the transaction data under the condition that the transaction data passes the verification; and sending the digital token to the terminal device.
Another aspect of the disclosure provides a computing device comprising: one or more processors; storage means for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method as described above.
Another aspect of the present disclosure provides a computer-readable storage medium storing computer-executable instructions for implementing the method as described above when executed.
Another aspect of the disclosure provides a computer program comprising computer executable instructions for implementing the method as described above when executed.
According to the embodiment of the disclosure, by arranging the authentication server, the transaction server can judge whether the terminal device passes the authentication according to the digital token issued by the authentication server to the terminal device, so that the terminal device does not need to be in butt joint with an authentication medium. In addition, when the authentication medium is replaced or upgraded, the transaction server does not need to be developed again, so that human resources are saved.
Drawings
For a more complete understanding of the present disclosure and the advantages thereof, reference is now made to the following descriptions taken in conjunction with the accompanying drawings, in which:
FIG. 1 schematically illustrates an exemplary system architecture to which methods of transaction verification may be applied, according to embodiments of the present disclosure;
fig. 2 schematically shows a flow diagram of a method of transaction verification performed by a transaction server side according to an embodiment of the present disclosure;
FIG. 3 schematically shows a flow chart for verifying a digital token according to an embodiment of the present disclosure;
fig. 4 schematically shows a flow chart of a method of transaction verification performed by a terminal device according to an embodiment of the present disclosure;
fig. 5 schematically illustrates a flow diagram of a method of transaction verification performed by an authentication server side according to an embodiment of the present disclosure;
FIG. 6 schematically shows an example flow diagram of a method of transaction verification according to an embodiment of the present disclosure;
FIG. 7 schematically shows a block diagram of a system of transaction verification according to an embodiment of the present disclosure; and
FIG. 8 schematically illustrates a block diagram of a computer system suitable for implementing the above-described method according to an embodiment of the present disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a convention analogous to "A, B or at least one of C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B or C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
Some block diagrams and/or flow diagrams are shown in the figures. It will be understood that some blocks of the block diagrams and/or flowchart illustrations, or combinations thereof, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the instructions, which execute via the processor, create means for implementing the functions/acts specified in the block diagrams and/or flowchart block or blocks. The techniques of this disclosure may be implemented in hardware and/or software (including firmware, microcode, etc.). In addition, the techniques of this disclosure may take the form of a computer program product on a computer-readable storage medium having instructions stored thereon for use by or in connection with an instruction execution system.
Embodiments of the present disclosure provide a method of transaction verification performed by a transaction server side. The method comprises the steps of receiving transaction data sent by terminal equipment through a transaction confirmation page; determining an authentication page address according to the transaction data; indicating the terminal equipment to embed an authentication page corresponding to the authentication page address in the transaction confirmation page so that the terminal equipment obtains a digital token corresponding to the transaction data from the authentication server through the authentication page; receiving a digital token from the terminal device and verifying the digital token; and obtaining a transaction result according to the transaction data under the condition that the digital token passes the verification.
Fig. 1 schematically illustrates an exemplary system architecture 100 to which methods of transaction verification may be applied, according to embodiments of the present disclosure. It should be noted that fig. 1 is only an example of a scenario in which the embodiments of the present disclosure may be applied to help those skilled in the art understand the technical content of the present disclosure, but does not mean that the embodiments of the present disclosure may not be applied to other devices, systems, environments or scenarios.
As shown in fig. 1, a system architecture 100 according to this embodiment may include terminal devices 101, 102, 103, a network 104, a transaction server 105, and an authentication server 106. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103, the transaction server 105 and the authentication server 106. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have installed thereon various communication client applications, such as shopping-like applications, web browser applications, search-like applications, instant messaging tools, mailbox clients, social platform software, etc. (by way of example only).
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The transaction server 105 may analyze and/or otherwise process data received from a user request (e.g., a transaction request) and feed back the processing results (e.g., web pages, information, or data obtained or generated based on the user request) to the terminal device.
The authentication server 106 may authenticate the received transaction data and generate a digital token (token) to return to the terminal device after the authentication is passed.
Fig. 2 schematically shows a flow chart of a method of transaction verification performed by a transaction server side according to an embodiment of the present disclosure.
As shown in fig. 2, the method may include the following operations S210 to S250.
In operation S210, transaction data transmitted by the terminal device through the transaction confirmation page is received.
According to the embodiment of the disclosure, the transaction confirmation page is a website page used when the user performs transaction operation on the terminal device browser. The user enters the transaction data in the page (the input mode may be, for example, entering the transaction data in a designated input box in the page), and then performs a submission operation (the submission operation may be, for example, clicking a submission button in the page), that is, the terminal device is instructed to upload the transaction data to the transaction server.
According to an embodiment of the present disclosure, the transaction data includes, for example, remitter information, transaction amount, transaction time, and the like. It should be noted that the transaction data may be data of a single transaction or data of multiple transactions.
According to another embodiment of the present disclosure, the terminal device may generate a transaction request including transaction data according to the transaction data, and then transmit the transaction request to the transaction server. Therefore, after the transaction server receives the transaction request, it can also determine whether the transaction request needs to be verified, if the transaction request does not need to be verified, the operation S220 is directly performed, if the transaction request needs to be verified, the transaction request is verified, and after the verification is passed, the operation S220 is performed.
For example, determining whether the transaction request needs to be verified may include determining whether the transaction request satisfies a rule in a configuration file, and if the transaction request satisfies the rule in the configuration file, the transaction request needs to be further verified, otherwise the transaction request does not need to be verified.
Optionally, after the transaction server receives the transaction data, data check may be performed on the transaction data to determine whether the transaction data is abnormal. And in the case that the transaction data storage is determined to be abnormal, sending an abnormal notification to the terminal device and returning the transaction data sent by the receiving terminal device through the transaction confirmation page, and not continuing to execute the subsequent operations S220-S250. If the transaction data is not abnormal, operation S220 is performed.
Optionally, after receiving the transaction data, the transaction data may also be stored in a server cache (e.g., in a Session object) to facilitate subsequent reading.
In operation S220, an authentication page address is determined according to the transaction data.
According to the embodiment of the disclosure, in order to ensure the security of the transaction, the user identity needs to be authenticated when the transaction service is performed. Based on this, operation S220 includes, for example, the transaction server determining which authentication service needs to be performed for the transaction according to the transaction data, and then determining an authentication page address corresponding to the authentication service.
In operation S230, the terminal device is instructed to embed an authentication page corresponding to the authentication page address in the transaction confirmation page, so that the terminal device obtains the digital token corresponding to the transaction data from the authentication server through the authentication page.
According to the embodiment of the present disclosure, an inline frame (e.g., iframe frame) is set in the transaction confirmation page, and a page address attribute (e.g., src attribute) of the frame is set as the authentication page address determined in operation S220, i.e., the authentication page is displayed in the transaction page in an embedded form. The terminal equipment can interact with the authentication server through the authentication page, so that the identity of the user of the transaction is authenticated. After the authentication is passed, the authentication server runs a preset algorithm according to the transaction data uploaded by the terminal device to generate a corresponding group of character strings (such as tokens), namely digital tokens.
Optionally, after the iframe is set in the transaction confirmation page, signature control information may be generated according to the transaction data, and then the signature control information (for example, a U shield ID, a U shield vendor, and the like corresponding to the transaction requester account) is sent to the iframe, so that the authentication server may obtain the signature control information through the iframe, and determine the corresponding signature control according to the signature control information.
In operation S240, a digital token is received from the terminal device and verified.
According to an embodiment of the present disclosure, whether the transaction operation is an operation performed by a legitimate user is determined by verifying the digital token.
In operation S250, in case the digital token is authenticated, a transaction result is obtained according to the transaction data.
According to the embodiment of the disclosure, the transaction data can be processed and the transaction result can be obtained by verifying that the operator of the transaction operation is a legal user.
According to the embodiment of the disclosure, by arranging the authentication server, the transaction server can judge whether the terminal device passes the authentication according to the digital token issued by the authentication server to the terminal device, so that the terminal device does not need to be in butt joint with an authentication medium. In addition, when the authentication medium is replaced or upgraded, the transaction server does not need to be developed again, so that human resources are saved.
Fig. 3 schematically shows an example flow diagram for verifying a digital token according to an embodiment of the present disclosure.
As shown in FIG. 3, the verify digital token operation includes sub-operations S310-S330.
In sub-operation S310, data to be verified is obtained by parsing the digital token.
According to an embodiment of the present disclosure, the sub-operation S310 may include, for example, running a symmetric algorithm of an algorithm that the authentication server generates the digital token according to the digital token, and obtaining transaction data, i.e., to-be-verified data, corresponding to the digital token.
In sub-operation S320, the transaction data is compared with the data to be verified.
According to an embodiment of the present disclosure, the sub-operation S320 may include, for example, comparing the transaction data received by the transaction server from the terminal device with the transaction data obtained by parsing the digital token, and determining whether the two are consistent.
In sub-operation S330, if the transaction data is consistent with the data to be verified, the digital token passes the verification, otherwise, the digital token cannot pass the verification.
According to an embodiment of the present disclosure, the sub-operation S330 may include, for example, if the transaction data received by the transaction server from the terminal device is identical to the transaction data obtained by parsing the digital token, the digital token is authenticated, and if the transaction data received by the transaction server from the terminal device is not identical to the transaction data obtained by parsing the digital token, the digital token cannot be authenticated.
Fig. 4 schematically shows a flow chart of a method of transaction verification performed by a terminal device according to an embodiment of the present disclosure.
As shown in fig. 4, the method includes operations S410 to S450.
In operation S410, transaction data is obtained.
Operation S410 may include, for example, acquiring transaction data input by the user in a transaction confirmation page according to an embodiment of the present disclosure. It should be understood that "input" herein is a broad term "input" and includes writing of text, selection of candidates, confirmation of preselected items, and the like.
The transaction data includes, for example, remitter information, transaction amount, transaction time, and the like. The transaction request may be transmitted via the HTTP protocol, for example, in the form of an HTTP message.
In operation S420, the transaction data is transmitted to the transaction server through the transaction confirmation page.
According to an embodiment of the present disclosure, operation S420 may include, for example, submitting the transaction data to a transaction server in response to a submission operation triggered by a user at a transaction confirmation page.
In operation S430, an authentication page corresponding to the authentication page address is embedded in the transaction confirmation page according to the instruction of the transaction server.
According to an embodiment of the present disclosure, operation S430 may include, for example, setting an iframe frame in the transaction confirmation page according to the instruction of the transaction server, where a page address attribute of the iframe frame is an authentication page address, so as to embed the authentication page in the transaction page.
In operation S440, the transaction data is transmitted to the authentication server through the authentication page, so that the authentication server determines a digital token corresponding to the transaction data according to the transaction data.
According to an embodiment of the present disclosure, operation S440 may include, for example, sending a control loading request to the authentication server, so that the authentication server determines a signature control according to the control loading request; then receiving a signature control sent by an authentication server, and loading the signature control in an authentication page; and then, the signature control sends the transaction data to the authentication server, so that the authentication server can determine a digital token corresponding to the transaction data according to the transaction data and send the digital token back to the terminal equipment.
For example, sending the transaction data to the authentication server through the signature control may include calling an authentication medium (e.g., U shield, etc.) connected to the terminal device to sign the transaction data through the signature control, and then sending the signed transaction data to the authentication server.
Alternatively, in the case that the transaction Data is batch transaction Data, the Data volume is large, so that a General Data Transfer Platform (General Data Transfer Platform) may be adopted to asynchronously Transfer the transaction Data, that is, to upload the transaction Data, and at the same time, a digest is generated according to the transaction Data, and then the digest is signed and uploaded to the authentication server, so that the authentication server generates the digital token according to the digest. In this way, subsequent operations can be performed without waiting for the upload of transaction data, thereby saving time.
In operation S450, a digital token is received from an authentication server and transmitted to a transaction server.
According to another embodiment of the present disclosure, after operation S420, the terminal device may also generate some new data, which is not sent to the transaction server in operation S420, such as information on whether the authorization of the authorized transaction passed or not. Accordingly, the terminal device may merge these data into the original transaction data, and then sign the merged transaction data and transmit them together to the authentication server in operation S440. The authentication server determines a digital token from the merged transaction data. Accordingly, the terminal device transmits the digital token to the transaction server together with data that was not previously transmitted to the transaction server in operation S450. And after receiving the data, the transaction server merges the new data into the transaction data stored in the cache, and then compares the merged transaction data with the transaction data obtained by analyzing the digital token so as to verify the digital token.
Fig. 5 schematically shows a flow chart of a method of transaction verification performed by an authentication server side according to an embodiment of the present disclosure.
As shown in fig. 5, the method includes operations S510 to S540.
In operation S510, transaction data transmitted by the terminal device through the authentication page is received.
Operation S510 may include, for example, receiving signed transaction data sent by the terminal device through the authentication page, according to an embodiment of the present disclosure.
In operation S520, the transaction data is verified.
According to an embodiment of the present disclosure, operation S520 may include, for example, verifying whether the signature of the transaction data is the signature of a legal user, and if the signature of the transaction data is the signature of the legal user, the transaction data is verified, otherwise, the transaction data cannot be verified.
In operation S530, in case the transaction data is verified, a digital token is determined according to the transaction data.
Operation S530 may include, for example, running a preset algorithm according to the transaction data to generate a set of character strings as the digital token in case the signature of the transaction data is verified.
In operation S540, the digital token is transmitted to the terminal device.
The method illustrated in fig. 2 to 5 is further described with reference to fig. 6 in conjunction with specific embodiments.
Fig. 6 schematically illustrates an example flow diagram of a method of transaction verification according to an embodiment of this disclosure.
As shown in fig. 6, the method includes operations S601 to S611.
In operation S601, the terminal device submits a transaction request including transaction data to the transaction server through a transaction confirmation page.
In operation S602, the transaction server receives a transaction request sent by the terminal device, then stores transaction data included in the transaction request in a server cache, and determines whether the transaction request satisfies a rule in a configuration file.
And if the judgment result is satisfied, verifying the transaction request, and executing subsequent operation after the transaction request passes verification. If the judgment result is not satisfied, the next step is carried out to check whether the transaction data is abnormal.
And if the transaction data storage is determined to be abnormal, sending an abnormal notification to the terminal equipment and returning to the receiving terminal equipment to receive the transaction data sent by the transaction confirmation page, and not continuing to execute subsequent operations. If the transaction data is not abnormal, operation S603 is performed.
In operation S603, the transaction server instructs the terminal device to embed an authentication page corresponding to the authentication page address in the transaction confirmation page.
In operation S604, the terminal device receives the indication, and sets an iframe frame on the transaction confirmation page according to the indication to embed the authentication page in the transaction confirmation page.
In operation S605, the transaction server generates signature control information according to the transaction data, and then sends the signature control information to the iframe frame.
In operation S606, the terminal device requests the authentication server to load a signature control through a transaction confirmation page.
In operation S607, the authentication server determines a corresponding signature control according to the signature control information, and then sends the signature control to the terminal device.
In operation S608, after receiving the signature control sent back by the authentication server, the terminal device loads the signature control in the authentication page, and prompts the user to sign the transaction data through the U shield. And after the transaction data is signed, sending the signed transaction data to an authentication server.
In operation S609, the authentication server checks the signed transaction data according to the received signed transaction data, runs a preset algorithm after the check passes, generates a token according to the transaction data, and returns the token to the terminal device.
In operation S610, the terminal device receives the token and transmits the token to the transaction server.
In operation S611, the transaction server receives a token. And then, by operating a symmetrical algorithm of a preset algorithm, obtaining transaction data according to token. And then judging whether the transaction data obtained by the token is consistent with the transaction data stored in the cache, if so, continuing the subsequent transaction operation, and otherwise, terminating the transaction operation.
Fig. 7 schematically illustrates a block diagram of a system for transaction verification according to an embodiment of the present disclosure.
As shown in fig. 7, a system 700 for transaction verification includes a transaction server 710, a terminal device 720, and an authentication server 730. The system 700 for transaction verification may perform the methods described above with reference to fig. 2-5.
Specifically, the transaction server 710 is configured to receive transaction data sent by the terminal device through a transaction confirmation page; determining an authentication page address according to the transaction data; indicating the terminal equipment to embed an authentication page corresponding to the authentication page address in the transaction confirmation page so that the terminal equipment obtains a digital token corresponding to the transaction data from the authentication server through the authentication page; receiving a digital token from the terminal device and verifying the digital token; and obtaining a transaction result according to the transaction data under the condition that the digital token passes the verification.
A terminal device 720 for obtaining transaction data; transmitting the transaction data passing through the transaction confirmation page to a transaction server; embedding an authentication page corresponding to the authentication page address in the transaction confirmation page according to the instruction of the transaction server; the transaction data are sent to an authentication server through an authentication page, so that the authentication server determines a digital token corresponding to the transaction data according to the transaction data; and receiving the digital token from the authentication server and sending the digital token to the transaction server.
The authentication server 730 is used for receiving transaction data sent by the terminal equipment through the authentication page; verifying the transaction data; determining a digital token according to the transaction data under the condition that the transaction data passes the verification; and sending the digital token to the terminal device.
According to the embodiment of the disclosure, by arranging the authentication server, the transaction server can judge whether the terminal device passes the authentication according to the digital token issued by the authentication server to the terminal device, so that the terminal device does not need to be in butt joint with an authentication medium. In addition, when the authentication medium is replaced or upgraded, the transaction server does not need to be developed again, so that human resources are saved.
Any one of the transaction server 710, the terminal device 720 and the authentication server 730 may be split into a plurality of modules, sub-modules, units or sub-units according to an embodiment of the present disclosure. Any number of modules, sub-modules, units, sub-units, or at least part of the functionality of any number thereof according to embodiments of the present disclosure may be implemented in one module. Any one or more of the modules, sub-modules, units, and sub-units according to the embodiments of the present disclosure may be implemented by being split into a plurality of modules. Any one or more of the modules, sub-modules, units, sub-units according to embodiments of the present disclosure may be implemented at least in part as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in any other reasonable manner of hardware or firmware by integrating or packaging a circuit, or in any one of or a suitable combination of software, hardware, and firmware implementations. Alternatively, one or more of the modules, sub-modules, units, sub-units according to embodiments of the disclosure may be at least partially implemented as a computer program module, which when executed may perform the corresponding functions.
According to an embodiment of the present disclosure, at least one of the transaction server 710, the terminal device 720 and the authentication server 730 may be implemented at least partially as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in hardware or firmware in any other reasonable manner of integrating or packaging a circuit, or in any one of or a suitable combination of software, hardware and firmware. Alternatively, at least one of the transaction server 710, the terminal device 720 and the authentication server 730 may be at least partly implemented as computer program modules, which, when executed, may perform corresponding functions.
FIG. 8 schematically illustrates a block diagram of a computer system suitable for implementing the above-described method according to an embodiment of the present disclosure. The computer system illustrated in FIG. 8 is only one example and should not impose any limitations on the scope of use or functionality of embodiments of the disclosure.
As shown in fig. 8, computer system 800 includes a processor 810, a computer-readable storage medium 820. The computer system 800 may perform a method according to an embodiment of the disclosure.
In particular, processor 810 may include, for example, a general purpose microprocessor, an instruction set processor and/or related chip set and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), and/or the like. The processor 810 may also include on-board memory for caching purposes. Processor 810 may be a single processing unit or a plurality of processing units for performing different actions of a method flow according to embodiments of the disclosure.
Computer-readable storage medium 820, for example, may be a non-volatile computer-readable storage medium, specific examples including, but not limited to: magnetic storage devices, such as magnetic tape or Hard Disk Drives (HDDs); optical storage devices, such as compact disks (CD-ROMs); a memory, such as a Random Access Memory (RAM) or a flash memory; and so on.
The computer-readable storage medium 820 may include a computer program 821, which computer program 821 may include code/computer-executable instructions that, when executed by the processor 810, cause the processor 810 to perform a method according to an embodiment of the present disclosure, or any variation thereof.
The computer program 821 may be configured with, for example, computer program code comprising computer program modules. For example, in an example embodiment, code in computer program 821 may include one or more program modules, including for example 821A, modules 821B, … …. It should be noted that the division and number of modules are not fixed, and those skilled in the art may use suitable program modules or program module combinations according to actual situations, and when the program modules are executed by the processor 810, the processor 810 may execute the method according to the embodiment of the present disclosure or any variation thereof.
According to an embodiment of the present invention, at least one of the transaction server 710, the terminal device 720 and the authentication server 730 may be implemented as computer program modules described with reference to fig. 8, which, when executed by the processor 810, may perform the respective operations described above.
The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement the method according to an embodiment of the disclosure.
According to embodiments of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, which may include, for example but is not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
While the disclosure has been shown and described with reference to certain exemplary embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the disclosure as defined by the appended claims and their equivalents. Accordingly, the scope of the present disclosure should not be limited to the above-described embodiments, but should be defined not only by the appended claims, but also by equivalents thereof.
Claims (10)
1. A method of transaction verification performed by a transaction server side, comprising:
receiving transaction data sent by the terminal equipment through a transaction confirmation page;
determining an authentication page address according to the transaction data;
instructing the terminal equipment to embed an authentication page corresponding to an authentication page address in the transaction confirmation page so that the terminal equipment obtains a digital token corresponding to transaction data from an authentication server through the authentication page;
receiving a digital token from the terminal device and verifying the digital token; and
and under the condition that the digital token is verified, obtaining a transaction result according to the transaction data.
2. The method of claim 1, wherein said verifying said digital token comprises:
obtaining data to be verified by analyzing the digital token;
comparing the transaction data with the data to be verified; and
and if the transaction data is consistent with the data to be verified, the digital token passes the verification, otherwise, the digital token cannot pass the verification.
3. The method of claim 1, after receiving transaction data sent by the terminal device through the transaction confirmation page, the method further comprising:
determining whether there is an anomaly in the transaction data;
and under the condition that the transaction data storage is determined to be abnormal, sending an abnormal notice to the terminal equipment and returning to the transaction data sent by the receiving terminal equipment through the transaction confirmation page.
4. A method of transaction verification performed by a terminal device, comprising:
obtaining transaction data;
the transaction data passing through the transaction confirmation page is sent to a transaction server;
according to the instruction of the transaction server, embedding an authentication page corresponding to an authentication page address in the transaction confirmation page;
sending the transaction data to an authentication server through the authentication page so that the authentication server determines a digital token corresponding to the transaction data according to the transaction data; and
receiving a digital token from the authentication server and sending the digital token to the transaction server.
5. The method of claim 4, wherein said sending the transaction data to an authentication server via the authentication page comprises:
sending a control loading request to an authentication server so that the authentication server determines a signature control according to the control loading request;
receiving a signature control sent by the authentication server, and loading the signature control in the authentication page; and
and sending the transaction data to the authentication server through the signature control.
6. A method of transaction verification performed by an authentication server, comprising:
receiving transaction data sent by the terminal equipment through the authentication page;
verifying the transaction data;
determining a digital token according to the transaction data under the condition that the transaction data passes verification; and
and sending the digital token to the terminal equipment.
7. The method of claim 6, further comprising:
receiving a control loading request from the terminal equipment;
determining a signature control according to the control loading request; and
and sending the signature control to the terminal equipment.
8. A system for transaction verification, comprising:
the transaction server is used for receiving transaction data sent by the terminal equipment through the transaction confirmation page; determining an authentication page address according to the transaction data; indicating the terminal equipment to embed an authentication page corresponding to an authentication page address in the transaction confirmation page so that the terminal equipment obtains a digital token corresponding to transaction data from an authentication server through the authentication page; receiving a digital token from the terminal device and verifying the digital token; and obtaining a transaction result according to the transaction data under the condition that the digital token passes the verification;
the terminal equipment is used for obtaining transaction data; the transaction data passing through the transaction confirmation page is sent to a transaction server; according to the instruction of the transaction server, embedding an authentication page corresponding to an authentication page address in the transaction confirmation page; sending the transaction data to an authentication server through the authentication page so that the authentication server determines a digital token corresponding to the transaction data according to the transaction data; and receiving a digital token from the authentication server and sending the digital token to the transaction server; and
the authentication server is used for receiving the transaction data sent by the terminal equipment through the authentication page; verifying the transaction data; determining a digital token according to the transaction data under the condition that the transaction data passes verification; and sending the digital token to the terminal device.
9. A computing device, comprising:
one or more processors;
a memory for storing one or more computer programs,
wherein the one or more computer programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1 to 7.
10. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to carry out the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910896567.4A CN110659897A (en) | 2019-09-20 | 2019-09-20 | Method, system, computing device and medium for transaction verification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910896567.4A CN110659897A (en) | 2019-09-20 | 2019-09-20 | Method, system, computing device and medium for transaction verification |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110659897A true CN110659897A (en) | 2020-01-07 |
Family
ID=69038764
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910896567.4A Pending CN110659897A (en) | 2019-09-20 | 2019-09-20 | Method, system, computing device and medium for transaction verification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110659897A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112215592A (en) * | 2020-09-21 | 2021-01-12 | 建信金融科技有限责任公司 | Data processing method and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105184569A (en) * | 2015-08-03 | 2015-12-23 | 百度在线网络技术(北京)有限公司 | Method, terminal equipment, and server for carrying out identity authentication in electronic transaction |
| US20160359633A1 (en) * | 2015-06-02 | 2016-12-08 | Crater Dog Technologies, LLC | System and method for publicly certifying data |
| CN109087093A (en) * | 2018-07-02 | 2018-12-25 | 无锡天脉聚源传媒科技有限公司 | A kind of cash kind sub-interface method of commerce and system |
-
2019
- 2019-09-20 CN CN201910896567.4A patent/CN110659897A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160359633A1 (en) * | 2015-06-02 | 2016-12-08 | Crater Dog Technologies, LLC | System and method for publicly certifying data |
| CN105184569A (en) * | 2015-08-03 | 2015-12-23 | 百度在线网络技术(北京)有限公司 | Method, terminal equipment, and server for carrying out identity authentication in electronic transaction |
| CN109087093A (en) * | 2018-07-02 | 2018-12-25 | 无锡天脉聚源传媒科技有限公司 | A kind of cash kind sub-interface method of commerce and system |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112215592A (en) * | 2020-09-21 | 2021-01-12 | 建信金融科技有限责任公司 | Data processing method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108551437B (en) | Method and apparatus for authenticating information | |
| US20150332596A1 (en) | Integrated learning system | |
| US9934310B2 (en) | Determining repeat website users via browser uniqueness tracking | |
| CN111737687B (en) | Access control method, system, electronic equipment and medium of webpage application system | |
| US20220086131A1 (en) | Multi-factor authentication for non-internet applications | |
| US20140223532A1 (en) | Information processing system, information processing device, and authentication method | |
| CN110708335A (en) | Access authentication method and device and terminal equipment | |
| US20230120160A1 (en) | Authentication aggregator | |
| CN111598575A (en) | Business process control method and device, electronic equipment and readable storage medium | |
| CN110401630B (en) | Transaction certificate verification method, device, electronic equipment and medium | |
| CN113344523A (en) | Data processing method and device, electronic equipment and computer readable storage medium | |
| US9183184B2 (en) | Configurable templates for self-service supplier registration | |
| CN108449186B (en) | Security verification method and device | |
| CN110889106A (en) | Configuration method, device, system and computer readable storage medium | |
| CN113362173A (en) | Anti-duplication mechanism verification method, anti-duplication mechanism verification system, electronic equipment and storage medium | |
| CN110659897A (en) | Method, system, computing device and medium for transaction verification | |
| CN113132400B (en) | Business processing method, device, computer system and storage medium | |
| CN115827122A (en) | Operation guiding method and device, electronic equipment and storage medium | |
| CN114301713A (en) | Risk access detection model training method, risk access detection method and risk access detection device | |
| CN112767142A (en) | Processing method, device, computing equipment and medium for transaction file | |
| US10623414B2 (en) | Authenticating multi-facets of a user through unaware third-party services | |
| CN111489184A (en) | Method, device, server, client and medium for verifying click behavior | |
| CN113010365A (en) | System running state monitoring method, system running state detection device, electronic equipment and storage medium | |
| CN113572763B (en) | Data processing method and device, electronic equipment and storage medium | |
| CN110795720A (en) | Information processing method, system, electronic device, and computer-readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200107 |