CN110691265B - Television payment method and system based on voiceprint recognition - Google Patents

Television payment method and system based on voiceprint recognition Download PDF

Info

Publication number
CN110691265B
CN110691265B CN201910959506.8A CN201910959506A CN110691265B CN 110691265 B CN110691265 B CN 110691265B CN 201910959506 A CN201910959506 A CN 201910959506A CN 110691265 B CN110691265 B CN 110691265B
Authority
CN
China
Prior art keywords
application
service
voiceprint
user
payment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910959506.8A
Other languages
Chinese (zh)
Other versions
CN110691265A (en
Inventor
翟栋
刘建敏
杨超
周强强
杨国东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Hongwei Technology Co Ltd
Original Assignee
Sichuan Hongwei Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Hongwei Technology Co Ltd filed Critical Sichuan Hongwei Technology Co Ltd
Priority to CN201910959506.8A priority Critical patent/CN110691265B/en
Publication of CN110691265A publication Critical patent/CN110691265A/en
Application granted granted Critical
Publication of CN110691265B publication Critical patent/CN110691265B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2542Management at additional data server, e.g. shopping server, rights management server for selling goods, e.g. TV shopping
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/258Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
    • H04N21/25866Management of end-user data
    • H04N21/25875Management of end-user data involving end-user authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general

Abstract

The invention discloses a television payment method based on voiceprint recognition, which comprises the following steps: establishing a television payment security system through a three-level authentication mechanism, wherein the three-level authentication comprises equipment authentication, application authentication and service authentication; the user carries out voiceprint registration at the television terminal according to the prompt words output by the prompt; binding a bank card at a television terminal by a user; the user clicks to purchase at the television terminal to finish ordering; the user speaks the awakening word, safety authentication is carried out according to a three-level authentication mechanism, if the authentication is passed, voiceprint payment is completed, and a payment success interface is returned at the television terminal; the invention also provides a television payment system based on voiceprint recognition, which enables the television payment to be more convenient and faster, thereby improving the user experience.

Description

Television payment method and system based on voiceprint recognition
Technical Field
The invention relates to the technical field of television security payment, in particular to a television payment method and system based on voiceprint recognition.
Background
With the development and progress of the smart television technology, people are more and more used to purchase video resources such as high-definition videos, games, MVs, education and the like on a television or directly perform television shopping. The current television payment mainly has two types, a first user needs to input a bank card account number and a password on a television payment interface, the input operation by using a television remote controller is complex, the user experience is poor, and the security of inputting a user name and the password on the television is not high, so that the current television payment adopts a second payment mode, namely scanning two-dimensional code payment. And generating a two-dimensional code at the television end, and scanning the code for payment by using intelligent terminals such as a mobile phone and the like. The two-dimensional code serving as an information issuing medium is poor in safety, and the payment mode needs to be assisted by an intelligent terminal such as a mobile phone in each payment. Therefore, a more convenient, fast and safe television payment method is urgently needed.
Disclosure of Invention
In order to solve the problems in the prior art, the invention aims to provide a television payment method and system based on voiceprint recognition.
In order to achieve the purpose, the invention adopts the technical scheme that: a television payment method based on voiceprint recognition comprises the following steps:
s10, establishing a television payment security system through a three-level authentication mechanism, wherein the three-level authentication comprises equipment authentication, application authentication and service authentication;
s20, the user registers the voiceprint at the television terminal according to the prompt words output by the prompt;
s30, binding a bank card at the television terminal by the user;
s40, clicking and purchasing at the television terminal by the user to finish ordering;
and S50, the user speaks the awakening word, safety authentication is carried out according to the three-level authentication mechanism, and if the authentication is passed, voiceprint payment is completed and a payment success interface is returned at the television terminal.
As a preferred implementation manner, in step S10, the device authentication specifically includes:
before the television terminal equipment leaves a factory, generating a public and private key pair of the equipment, storing an equipment private key in the television terminal, and importing and storing an equipment public key in a terminal security management platform in an off-line manner; at the time of storage, the device ID and the device private key are stored in a form corresponding to the device ID and the device certificate.
As another preferred embodiment, in step S10, the application authentication specifically includes:
when the application is started for the first time, the television terminal calls the security SDK to generate a public and private key pair of the application, the application private key is stored in the television terminal, and the application public key is stored in the payment server; when the application private key is stored, the device ID, the application ID and the application private key are stored in a corresponding mode, when the application public key is stored, the device ID, the application package name and the application public key are signed by the device private key and then sent to the payment server, the payment server calls the device public key of the terminal security management platform interface to check the received data, and if the check passes, the device ID, the application package name and the application public key are stored in a corresponding mode.
As another preferred embodiment, in step S10, the service authentication specifically includes:
when the television terminal application initiates related services for the first time, the television terminal calls a security SDK to generate a public and private key pair of the services, stores a service private key in the television terminal, and stores a service public key in a payment server; when the service private key is stored, the device ID, the application ID, the service ID and the service private key are stored in a corresponding mode, when the service public key is stored, the device ID, the application package name, the service ID and the service public key are signed by the application private key and then sent to a payment server, the payment server calls the application public key to check the received data, and if the check passes, the device ID, the application package name, the service ID and the service public key are stored in a corresponding mode.
As another preferred embodiment, the device private key, the application private key and the service private key are stored in a trusted execution environment TEE of the television terminal.
As another preferred embodiment, the step S20 specifically includes the following steps:
s21, logging in a television user system by a user;
s22, entering a voiceprint registration interface;
s23, the user speaks a prompt word according to the prompt;
s24, the television terminal receives voiceprint information of the prompt words, signs the device ID, the application ID, the user ID, the voiceprint information, the times needing to be registered and the times needing to be registered through a service private key of a voiceprint registration service and then sends the device ID, the application ID, the user ID, the voiceprint information, the times needing to be registered and the times needing to be registered to the payment server;
s25, the payment server calls a service public key of the voiceprint registration service to check the received data, and if the check passes, the payment server forwards the equipment ID, the application ID, the user ID, the voiceprint information, the times needing to be registered and the times already registered to the voiceprint server for storage;
s26, repeating the steps S22-S24 three times.
As another preferred embodiment, in step S30, the user enters a card binding interface, the television terminal queries the payment server whether the user binds the card, if the user has bound the card, the television terminal prompts that the user has bound the card, if the user has not bound the card, the television terminal displays a card binding two-dimensional code, and the user scans the code to perform a card binding operation on the card binding two-dimensional code, which specifically includes the following steps:
s31, signing the equipment ID, the application ID and the user ID by using a service private key corresponding to the card inquiry service, and calling a card inquiry interface of the payment server by the television terminal to send the card inquiry interface to the payment server;
s32, the payment server checks the received data through a service public key corresponding to the card inquiry service, if the check is passed, a card inquiry operation is initiated to a bank channel, and if the check is failed, the user card inquiry operation is prompted to have communication safety, and application authentication is requested to be performed again;
s33, the payment server generates a card binding two-dimensional code according to the user ID;
and S34, the user scans the two-dimensional code of the binding card and inputs account opening information of the bank card to carry out the binding operation.
As another preferred embodiment, the step S40 specifically includes the following steps:
s41, selecting commodities and clicking to purchase by a user, packaging the commodity information and the user information by the television terminal and sending the packaged commodity information and the user information to a business server of a mall;
s42, the service server generates an order according to the order format required by the payment server according to the received order placing information and returns the order to the television terminal;
s43, the television terminal receives the order information returned by the service server and then calls the safe SDK to transmit the order information;
s44, the secure SDK calls an ordering interface of the payment server, inputs the device ID, the application ID, the user ID and the order information signed by the service private key of the voiceprint registration service, completes ordering operation, and simultaneously starts monitoring user voiceprint input service.
As another preferred embodiment, the step S50 specifically includes the following steps:
s51, the user inputs voice prompt words;
s52, the secure SDK calls a voiceprint payment interface of the payment server, and inputs the device ID, the application ID, the user ID, the order information and the voiceprint information which are signed by the service private key of the voiceprint payment service;
s53, the payment server checks the received data through the service public key of the voiceprint payment service, if the check passes, the payment server sends the user ID and the voiceprint information to the voiceprint server for voiceprint verification, and the step S54 is entered;
s54, the voiceprint server verifies the received voiceprint by machine learning and returns a verification result;
s55, the payment server receives the voiceprint comparison result returned by the voiceprint server, if the voiceprint comparison result is successfully verified, the payment server submits a payment order to the bank server, and the step S56 is entered; if the verification fails, returning the comparison failure result to the safe SDK, and entering the step S58;
s56, the safe SDK transfers the successful payment message to the terminal mall in a callback mode;
s57, the payment server asynchronously sends the successful payment message to the service server, and the service server forwards the successful payment message to the television terminal;
s58, the secure SDK interface displays "voiceprint authentication failed, please say again" and repeats step S40.
The invention also provides a television payment system based on voiceprint recognition, which comprises:
the television terminal is used for storing private keys and safety SDKs generated in the equipment authentication stage, the application authentication stage and the service authentication stage and finishing voiceprint registration of a user, bank card binding and ordering of commodities;
the business server is used for receiving the generation and transmission of commodity information, user information and orders sent by the television terminal;
the payment server is used for storing the application public key generated in the application authentication stage and the service public key generated in the service authentication stage and carrying out corresponding signature verification through the application public key and the service public key;
the terminal safety management platform is used for storing the equipment public key generated in the equipment authentication stage;
the voiceprint server is used for finishing voiceprint registration of the user and voiceprint comparison in the payment process;
and the bank server is used for providing a payment channel.
The invention has the beneficial effects that:
1. according to the invention, the voiceprint recognition and authentication are added in the television shopping process according to the mature voiceprint recognition technology, so that a scheme of 'one sentence payment' based on a television is realized, the user experience of television shopping is greatly improved, and a new intelligent life business model is developed.
2. The method ensures the safety of the communication main body of the payment service by adopting a three-level authentication mode, forms a credible trust root by performing equipment authentication at a production line stage, ensures the formation of a three-level authentication key chain, and authenticates an unauthenticated key by using an authenticated key.
3. The method and the device store the sensitive information such as the private key of each stage in the trusted execution environment TEE of the television terminal, and ensure the safety of the private key.
Drawings
FIG. 1 is a schematic diagram of a three-level authentication process according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a voiceprint registration process according to an embodiment of the invention;
FIG. 3 is a schematic view of a voiceprint payment process according to an embodiment of the invention;
fig. 4 is a block diagram of a system configuration according to an embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
Example 1
As shown in fig. 1-3, a television payment method based on voiceprint recognition includes the following steps:
step 1: establishing a payment security system by using a three-level authentication mechanism, namely equipment authentication, application authentication and service authentication;
step 2: the user outputs prompt words according to the prompts to perform voiceprint registration;
and step 3: a user uses intelligent equipment such as a mobile phone and the like to scan a television terminal to prompt that the two-dimensional code is bound with a bank card;
and 4, step 4: the user clicks to purchase at the television terminal to finish ordering;
and 5: the user speaks the awakening words according to the requirement to complete voiceprint payment;
step 6: and the television terminal returns a commodity purchase success interface.
Specifically, in step 1, a three-level authentication security system is established in a software and hardware combination manner, and specifically includes:
step 1.1: equipment authentication: the equipment authentication is completed in a production line stage, and before the television terminal equipment leaves a factory, a public and private key pair is generated and respectively stored in a Trusted Execution Environment (TEE) of the television terminal and a terminal security management platform;
step 1.2: application authentication: the television terminal calls a security SDK by default to generate an application public and private key pair, and the application public and private key pair is respectively stored in a trusted execution environment TEE of the television terminal and a payment server;
step 1.3: and (4) service authentication: when the television terminal application initiates related services for the first time, the television terminal calls the secure SDK by default to generate a service public and private key pair, and the service public and private key pair is stored in the television terminal trusted execution environment TEE and the payment server respectively.
Further, the step 1.1 specifically includes:
step 1.1.1: importing the equipment private key into a TEE environment of the television terminal and storing the equipment private key and the equipment ID in a one-to-one corresponding mode;
step 1.1.2: importing the equipment public key into a terminal security management platform in an off-line manner, and storing the equipment public key in a one-to-one correspondence form of equipment ID and equipment certificate;
a further technical solution is that step 1.2 generally occurs when the application is started for the first time, the television terminal also has other active modes for application verification, and step 1.2 specifically includes:
step 1.2.1: storing the device ID, the application ID and the application private key in a Trusted Execution Environment (TEE) in a one-to-one correspondence manner;
step 1.2.2: sending the equipment ID, the application package name, the application public key and the equipment private key signature code to a payment server, wherein the equipment private key signature code is obtained by signing information such as the equipment ID, the application package name and the application public key by using an equipment private key;
step 1.2.3: the payment server calls a terminal security management platform interface to check the received information, if the check passes, the equipment ID, the application package name and the application public key are stored in a one-to-one correspondence manner, and the step 1.3 is carried out; and if the signature verification fails, the equipment authentication fails, and the user is prompted to contact the manufacturer to perform application authentication again.
A further technical scheme is that the step 1.3 specifically comprises the following steps:
step 1.3.1: storing the equipment ID, the application ID, the service ID and the service private key in a trusted execution environment TEE of the television terminal in a one-to-one correspondence manner;
step 1.3.2: sending the equipment ID, the application package name, the service ID, the service public key and the application private key signature code to a payment server, wherein the application private key signature code is a signature code obtained by signing information such as the equipment ID, the application package name, the service ID, the service public key and the like by using the application private key, the payment server checks the signature by using the application public key, if the signature passes, the equipment ID, the application package name, the service ID and the service public key are stored and stored in a one-to-one correspondence manner, if the signature fails, the application authentication fails, and the step 1.2 is carried out again;
specifically, the step 2 specifically comprises the following steps:
step 2.1: logging in a television user system;
step 2.2: entering a voiceprint registration interface;
step 2.3: the user speaks a cue word, such as "long rainbow and small white" as a prompt;
step 2.4: the terminal receives the voiceprint information and sends the equipment ID, the application ID, the user ID, the voiceprint information, the number of registration required times, the number of registration already and the service private key signature code of voiceprint registration to the payment server;
step 2.5: the payment server checks the received information by using the service public key of the voiceprint registration, if the check is successful, the equipment ID, the application ID, the user ID, the voiceprint information, the required registration times and the registered times are forwarded to the voiceprint server, and if the check is unsuccessful, the user is prompted to have unsafe application communication, and the application authentication is carried out again;
step 2.6: the steps 2.2-2.4 are repeated three times.
Specifically, the specific steps of step 3 include:
step 3.1: the user enters a card binding interface, the television terminal inquires whether the user binds the card or not to the payment server, if the user binds the card, the binding is prompted, if the user does not bind the card, the card binding two-dimensional code is displayed, and the user scans the code and binds the card two-dimensional code to carry out card binding operation.
A further technical scheme is that the specific steps of the step 3.1 comprise:
step 3.1.1: the television terminal calls a payment server card inquiry interface, and inputs a device ID, an application ID, a user ID and a card inquiry service private key signature code;
step 3.1.2: the payment server checks the received content, if the check result is passed, a card inquiry operation is initiated to a bank channel, and if the check result is failed, the user card inquiry operation is prompted to have communication safety, and application authentication is requested to be carried out again;
step 3.1.3: the payment server generates a card binding two-dimensional code according to the user ID;
step 3.1.4: the user scans the two-dimensional code, inputs the bank card account number, the bank account opening bank and other information to carry out card binding operation;
specifically, step 4 includes:
step 4.1: the user selects the commodity and clicks to purchase, and the television terminal packs information such as commodity information user information and sends the information to a business server of the mall;
step 4.2: the business server generates an order according to the received order placing information and the order format required by the payment server, and returns the order to the television terminal;
step 4.3: the television terminal receives the order information returned by the service server and then calls the safe SDK to transmit the order information;
step 4.4: and the safety SDK calls an ordering interface of the payment server, inputs the equipment ID, the application ID, the user ID, the order information and the voiceprint payment service private key signature code, completes ordering operation and simultaneously starts monitoring user voiceprint input service.
Specifically, step 5 comprises:
step 5.1: a user inputs a voice prompt word;
step 5.2: the secure SDK calls a voiceprint payment interface of the payment server and inputs a device ID, an application ID, a user ID, order information, voiceprint information and a service private key signature code of voiceprint payment;
step 5.3: the payment server checks the received information, if the check is passed, the user ID and the voiceprint information are sent to the voiceprint server for voiceprint verification, and the step 5.4 is carried out; if the verification is not passed, prompting the user that the application communication is unsafe, and performing application authentication again, and entering the step 1.2;
step 5.4: the voiceprint server verifies the received voiceprint by using machine learning and returns a verification result;
step 5.5: the payment server receives the voiceprint comparison result returned by the voiceprint server, if the voiceprint comparison result is successfully verified, a payment order is submitted to a third-party financial payment institution such as a bank, and the steps 5.6 and 5.7 are carried out; if the verification fails, returning a comparison failure result to the safe SDK, and entering the step 5.8;
step 5.6: the safe SDK transfers the successful payment message to a shopping mall of the television terminal in a callback mode;
step 5.7: and the payment server asynchronously sends the successful payment message to the service server, and the service server forwards the successful payment message to the television terminal.
Step 5.8: the secure SDK interface displays "voiceprint authentication failed, please say again" and repeats step 4.
The specific implementation manner of step 6 is that the television terminal will return the interface of successful payment after receiving the notification of successful payment in step 5.6 and step 5.7 at the same time.
For better security, the user identity may be identified with the user token instead of the user ID in the whole step.
Example 2
As shown in fig. 1-3, a television payment method based on voiceprint recognition includes the following steps (a) to (six), which are described in detail below:
and (I) establishing a payment security system by using a three-level authentication mechanism, namely equipment authentication, application authentication and business authentication. The method comprises the following steps of establishing a three-level authentication security system by combining software and hardware, and specifically comprises the following steps: device authentication, application authentication, and service authentication. The equipment authentication is completed in the production line stage, the application authentication and the service authentication are respectively completed when the application and the service are started for the first time, and the television terminal also has other active modes for application verification. The third-level authentication comprises the following specific steps:
step (1): in the production line stage, the equipment private key is led into a trusted execution environment TEE of the television terminal and is stored in a one-to-one correspondence mode of the equipment ID and the equipment private key;
step (2): the device public key is imported into a terminal security management platform in an off-line manner in the form of a certificate and is stored in a one-to-one correspondence manner of a device ID and a device certificate;
and (3): when the application is started for the first time, storing the equipment ID, the application ID and the application private key in a Trusted Execution Environment (TEE) in a one-to-one correspondence manner;
and (4): and sending the device ID, the application package name, the application public key and the device private key signature code to a payment server. The device private key signature code is a signature code obtained by signing information such as a device ID, an application package name, an application public key and the like by using a device private key;
and (5): the payment server calls a terminal security management platform interface to check the received information, if the check passes, the equipment ID, the application package name and the application certificate are stored in a one-to-one correspondence manner, and if the check fails, the equipment authentication fails, and the user is prompted to contact a manufacturer to perform application authentication again;
and (6): when the service is started for the first time, storing the equipment ID, the application ID, the service ID and the service private key in a Trusted Execution Environment (TEE) in a one-to-one correspondence manner;
and (7): and sending the equipment ID, the application package name, the service ID, the service public key and the application private key signature code to a payment server, using the application public key to check the signature by the payment server, storing and storing the equipment ID, the application package name, the service ID and the service public key in a one-to-one correspondence manner if the signature is checked to be passed, indicating that the application authentication fails if the signature is checked to be failed, and performing the application authentication again. Here, the application private key signature code is a signature code obtained by signing information such as a device ID, an application package name, a service ID, and a service public key with an application private key.
And (II) outputting prompt words by the user according to the prompt to perform voiceprint registration. The method mainly aims to collect voiceprints of users and other personal information to determine the identity of the users when the users pay, and comprises the following specific steps:
step (1): logging in a television user system;
step (2): entering a voiceprint registration interface;
and (3): the user speaks a cue word, such as "long rainbow and small white" as a prompt;
and (4): the terminal television receives the voiceprint information and sends the equipment ID, the application ID, the user ID, the voiceprint information, the required registration times, the registered times and the voiceprint registration service private key signature code to the payment server;
and (5): the payment server checks the received information by using the service public key of the voiceprint registration, if the check is successful, the equipment ID, the application ID, the user ID, the voiceprint information, the required registration times and the registered times are forwarded to the voiceprint server, and if the check is unsuccessful, the user is prompted to have unsafe application communication, and the application authentication is carried out again;
and (6): the steps 2.2-2.4 are repeated three times.
And (III) the user uses intelligent equipment such as a mobile phone and the like to scan the television terminal to prompt the two-dimensional code to bind the bank card. The step mainly prompts the user to carry out card binding operation and makes preparation for subsequent payment. In order to solve the problem of poor experience of television operation users, a mobile phone code scanning and card binding mode is adopted. The user gets into the interface of tying up the card, and the terminal inquires whether this user ties up the card to payment server, if tie up the card, then the suggestion has been bound, if not tie up the card yet, then show and tie up the card two-dimensional code, the user sweeps the code and ties up the card operation concrete operating procedure as follows:
step (1): the television terminal calls a payment server card inquiry interface, and inputs a device ID, an application ID, a user ID and a card inquiry service private key signature code;
step (2): the payment server checks the received content, if the check result is passed, a card inquiry operation is initiated to a bank channel, and if the check result is failed, the user card inquiry operation is prompted to have communication safety, and application authentication is requested to be carried out again;
and (3): the payment server generates a card binding two-dimensional code according to information such as the user ID and the like, and sends the card binding two-dimensional code to the television terminal;
and (4): and (4) scanning the two-dimensional code by the user, and inputting bank card account numbers, bank card information of an issuer and the like according to requirements to bind the bank card.
And (IV) clicking and purchasing at the television terminal by the user to finish the order placing request sending.
The method mainly comprises the steps of generating an order, and specifically comprises the following operation steps:
step (1): a user selects a commodity and clicks to purchase, and a terminal packs information such as commodity information user information and the like and sends the information to a business server of a mall;
step (2): the business server generates an order according to the received order placing information and the order format required by the payment server, and returns the order to the television terminal;
and (3): the television terminal receives the order information returned by the service server and then calls the safe SDK to transmit the order information;
and (4): and the safety SDK calls an ordering interface of the payment server, inputs the equipment ID, the application ID, the user ID, the order information and the voiceprint payment service private key signature code, completes ordering operation and simultaneously starts monitoring user voiceprint input service.
And (V) the user speaks the awakening words according to the requirements to complete voiceprint payment. The step mainly completes voice collection and payment operation, and comprises the following specific steps:
step (1): a user inputs a voice prompt word;
step (2): the secure SDK calls a voiceprint payment interface of the payment server and inputs a device ID, an application ID, a user ID, order information, voiceprint information and a service private key signature code of voiceprint payment;
and (3): the payment server checks the received information, and if the check passes, the payment server sends the user ID and the voiceprint information to the voiceprint server for voiceprint verification; if the verification is not passed, prompting the user that the application communication is unsafe, and carrying out application authentication again;
and (4): the voiceprint server verifies the received voiceprint by using machine learning and returns a verification result;
and (5): the payment server receives the voiceprint comparison result returned by the voiceprint server, if the voiceprint comparison result is verified successfully, a payment order is submitted to a third-party financial payment institution such as a bank, and the steps (6) and (7) are carried out; if the verification fails, returning a comparison failure result to the safe SDK, and entering the step (8);
and (6): the safety SDK transfers the successful payment message to the terminal mall in a callback mode;
and (7): and the payment server asynchronously sends the successful payment message to the service server, and the service server forwards the successful payment message to the television terminal.
And (8): the secure SDK interface displays "voiceprint authentication failed, please say again" and repeats step (4).
And (VI) the television terminal returns a commodity purchase success interface. In the step, the television terminal returns an interface of successful payment after receiving the notification of successful payment of the safe SDK and the service server at the same time.
Example 3
As shown in fig. 4, this embodiment is a payment system for implementing a television payment method based on voiceprint recognition in embodiments 1 and 2, and includes:
the television terminal is used for storing private keys and safety SDKs generated in the equipment authentication stage, the application authentication stage and the service authentication stage and finishing voiceprint registration of a user, bank card binding and ordering of commodities;
the business server is used for receiving the generation and transmission of commodity information, user information and orders sent by the television terminal;
the payment server is used for storing the application public key generated in the application authentication stage and the service public key generated in the service authentication stage and carrying out corresponding signature verification through the application public key and the service public key;
the terminal safety management platform is used for storing the equipment public key generated in the equipment authentication stage;
the voiceprint server is used for finishing voiceprint registration of the user and voiceprint comparison in the payment process;
and the bank server is used for providing a payment channel.
The above-mentioned embodiments only express the specific embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention.

Claims (7)

1. A television payment method based on voiceprint recognition is characterized by comprising the following steps:
s10, establishing a television payment security system through a three-level authentication mechanism, wherein the three-level authentication comprises equipment authentication, application authentication and service authentication;
the device authentication specifically includes:
before the television terminal equipment leaves a factory, generating a public and private key pair of the equipment, storing an equipment private key in the television terminal, and importing and storing an equipment public key in a terminal security management platform in an off-line manner; when storing, storing in a form that the device ID corresponds to the device private key and the device ID corresponds to the device certificate;
the application authentication specifically includes:
when the application is started for the first time, the television terminal calls the security SDK to generate a public and private key pair of the application, the application private key is stored in the television terminal, and the application public key is stored in the payment server; when the application private key is stored, storing in a form that the equipment ID, the application ID and the application private key correspond to each other, when the application public key is stored, signing the equipment ID, the application package name and the application public key by using the equipment private key and then sending the signed data to a payment server, calling the equipment public key of a terminal security management platform interface by the payment server to check the received data, and storing in a form that the equipment ID, the application package name and the application public key correspond to each other if the check is passed;
the service authentication specifically includes:
when the television terminal application initiates related services for the first time, the television terminal calls a security SDK to generate a public and private key pair of the services, stores a service private key in the television terminal, and stores a service public key in a payment server; when the service private key is stored, storing in a form that the equipment ID, the application ID, the service ID and the service private key correspond to each other, when the service public key is stored, signing the equipment ID, the application package name, the service ID and the service public key by using the application private key and then sending the signed data to a payment server, calling the application public key by the payment server to check the received data, and storing the form that the equipment ID, the application package name, the service ID and the service public key correspond to each other if the check passes;
s20, the user registers the voiceprint at the television terminal according to the prompt words output by the prompt;
s30, binding a bank card at the television terminal by the user;
s40, clicking and purchasing at the television terminal by the user to finish ordering;
and S50, the user speaks the awakening word, safety authentication is carried out according to the three-level authentication mechanism, and if the authentication is passed, voiceprint payment is completed and a payment success interface is returned at the television terminal.
2. The television payment method based on the voiceprint recognition of claim 1, wherein the device private key, the application private key and the service private key are stored in a Trusted Execution Environment (TEE) of the television terminal.
3. The television payment method based on voiceprint recognition according to claim 1, wherein the step S20 specifically comprises the following steps:
s21, logging in a television user system by a user;
s22, entering a voiceprint registration interface;
s23, the user speaks a prompt word according to the prompt;
s24, the television terminal receives voiceprint information of the prompt words, signs the device ID, the application ID, the user ID, the voiceprint information, the times needing to be registered and the times needing to be registered through a service private key of a voiceprint registration service and then sends the device ID, the application ID, the user ID, the voiceprint information, the times needing to be registered and the times needing to be registered to the payment server;
s25, the payment server calls a service public key of the voiceprint registration service to check the received data, and if the check passes, the payment server forwards the equipment ID, the application ID, the user ID, the voiceprint information, the times needing to be registered and the times already registered to the voiceprint server for storage;
s26, repeating the steps S22-S24 three times.
4. The television payment method based on voiceprint recognition according to claim 3, wherein in step S30, the user enters a card binding interface, the television terminal queries the payment server whether the user binds the card, if the user binds the card, the television terminal prompts that the user has bound the card, if the user does not bind the card, the television terminal displays a card binding two-dimensional code, and the user scans the code binding two-dimensional code to perform a card binding operation, which specifically comprises the following steps:
s31, signing the equipment ID, the application ID and the user ID by using a service private key corresponding to the card inquiry service, and calling a card inquiry interface of the payment server by the television terminal to send the card inquiry interface to the payment server;
s32, the payment server checks the received data through a service public key corresponding to the card inquiry service, if the check is passed, a card inquiry operation is initiated to a bank channel, and if the check is failed, the user card inquiry operation is prompted to have communication safety, and application authentication is requested to be performed again;
s33, the payment server generates a card binding two-dimensional code according to the user ID;
and S34, the user scans the two-dimensional code of the binding card and inputs account opening information of the bank card to carry out the binding operation.
5. The television payment method based on voiceprint recognition according to claim 4, wherein the step S40 specifically comprises the following steps:
s41, selecting commodities and clicking to purchase by a user, packaging the commodity information and the user information by the television terminal and sending the packaged commodity information and the user information to a business server of a mall;
s42, the service server generates an order according to the order format required by the payment server according to the received order placing information and returns the order to the television terminal;
s43, the television terminal receives the order information returned by the service server and then calls the safe SDK to transmit the order information;
s44, the secure SDK calls an ordering interface of the payment server, inputs the device ID, the application ID, the user ID and the order information signed by the service private key of the voiceprint registration service, completes ordering operation, and simultaneously starts monitoring user voiceprint input service.
6. The television payment method based on voiceprint recognition according to claim 5, wherein the step S50 specifically comprises the following steps:
s51, the user inputs voice prompt words;
s52, the secure SDK calls a voiceprint payment interface of the payment server, and inputs the device ID, the application ID, the user ID, the order information and the voiceprint information which are signed by the service private key of the voiceprint payment service;
s53, the payment server checks the received data through the service public key of the voiceprint payment service, if the check passes, the payment server sends the user ID and the voiceprint information to the voiceprint server for voiceprint verification, and the step S54 is entered;
s54, the voiceprint server verifies the received voiceprint by machine learning and returns a verification result;
s55, the payment server receives the voiceprint comparison result returned by the voiceprint server, if the voiceprint comparison result is successfully verified, the payment server submits a payment order to the bank server, and the step S56 is entered; if the verification fails, returning the comparison failure result to the safe SDK, and entering the step S58;
s56, the safe SDK transfers the successful payment message to the terminal mall in a callback mode;
s57, the payment server asynchronously sends the successful payment message to the service server, and the service server forwards the successful payment message to the television terminal;
s58, the secure SDK interface displays "voiceprint authentication failed, please say again" and repeats step S40.
7. A television payment system based on voiceprint recognition, comprising:
the television terminal is used for storing private keys and safety SDKs generated in the equipment authentication stage, the application authentication stage and the service authentication stage and finishing voiceprint registration of a user, bank card binding and ordering of commodities;
the device authentication specifically includes:
before the television terminal equipment leaves a factory, generating a public and private key pair of the equipment, storing an equipment private key in the television terminal, and importing and storing an equipment public key in a terminal security management platform in an off-line manner; when storing, storing in a form that the device ID corresponds to the device private key and the device ID corresponds to the device certificate;
the application authentication specifically includes:
when the application is started for the first time, the television terminal calls the security SDK to generate a public and private key pair of the application, the application private key is stored in the television terminal, and the application public key is stored in the payment server; when the application private key is stored, storing in a form that the equipment ID, the application ID and the application private key correspond to each other, when the application public key is stored, signing the equipment ID, the application package name and the application public key by using the equipment private key and then sending the signed data to a payment server, calling the equipment public key of a terminal security management platform interface by the payment server to check the received data, and storing in a form that the equipment ID, the application package name and the application public key correspond to each other if the check is passed;
the service authentication specifically includes:
when the television terminal application initiates related services for the first time, the television terminal calls a security SDK to generate a public and private key pair of the services, stores a service private key in the television terminal, and stores a service public key in a payment server; when the service private key is stored, storing in a form that the equipment ID, the application ID, the service ID and the service private key correspond to each other, when the service public key is stored, signing the equipment ID, the application package name, the service ID and the service public key by using the application private key and then sending the signed data to a payment server, calling the application public key by the payment server to check the received data, and storing the form that the equipment ID, the application package name, the service ID and the service public key correspond to each other if the check passes;
the business server is used for receiving the generation and transmission of commodity information, user information and orders sent by the television terminal;
the payment server is used for storing the application public key generated in the application authentication stage and the service public key generated in the service authentication stage and carrying out corresponding signature verification through the application public key and the service public key;
the terminal safety management platform is used for storing the equipment public key generated in the equipment authentication stage;
the voiceprint server is used for finishing voiceprint registration of the user and voiceprint comparison in the payment process;
and the bank server is used for providing a payment channel.
CN201910959506.8A 2019-10-10 2019-10-10 Television payment method and system based on voiceprint recognition Active CN110691265B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910959506.8A CN110691265B (en) 2019-10-10 2019-10-10 Television payment method and system based on voiceprint recognition

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910959506.8A CN110691265B (en) 2019-10-10 2019-10-10 Television payment method and system based on voiceprint recognition

Publications (2)

Publication Number Publication Date
CN110691265A CN110691265A (en) 2020-01-14
CN110691265B true CN110691265B (en) 2021-04-20

Family

ID=69111862

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910959506.8A Active CN110691265B (en) 2019-10-10 2019-10-10 Television payment method and system based on voiceprint recognition

Country Status (1)

Country Link
CN (1) CN110691265B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111784345B (en) * 2020-07-21 2022-06-14 支付宝(杭州)信息技术有限公司 Payment processing method, device, equipment and system
US20240144232A1 (en) * 2022-10-28 2024-05-02 Stripe, Inc. Systems and methods for terminal device attestation for contactless payments

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102542451A (en) * 2010-12-24 2012-07-04 北大方正集团有限公司 Electronic paying method, system and device thereof
CN104065641A (en) * 2013-03-18 2014-09-24 三星电子株式会社 Method And Apparatus For Performing Authentication Between Applications
CN105049945A (en) * 2015-08-13 2015-11-11 中国科学院信息工程研究所 Safety payment system and method based on smart TV multi-screen interaction
CN106156635A (en) * 2016-07-29 2016-11-23 深圳兆日科技股份有限公司 Method for starting terminal and device
CN107294722A (en) * 2016-03-31 2017-10-24 阿里巴巴集团控股有限公司 A kind of terminal identity authentication method, apparatus and system
KR101836236B1 (en) * 2017-03-15 2018-04-19 주식회사 센스톤 User authentication method and apparatus using authentication between applications, program therefor
CN109412812A (en) * 2018-08-29 2019-03-01 中国建设银行股份有限公司 Data safe processing system, method, apparatus and storage medium
CN109639427A (en) * 2017-10-09 2019-04-16 华为技术有限公司 A kind of method and apparatus that data are sent
CN110163617A (en) * 2019-05-29 2019-08-23 四川长虹电器股份有限公司 A kind of TV shopping method of payment supported based on vocal print

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103186857A (en) * 2011-12-31 2013-07-03 中国银联股份有限公司 Bank card payment method and system
CN105450406B (en) * 2014-07-25 2018-10-02 华为技术有限公司 The method and apparatus of data processing
CN105657468B (en) * 2015-12-30 2019-03-12 深圳数字电视国家工程实验室股份有限公司 A kind of FIDO remote controler and television payment system and method

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102542451A (en) * 2010-12-24 2012-07-04 北大方正集团有限公司 Electronic paying method, system and device thereof
CN104065641A (en) * 2013-03-18 2014-09-24 三星电子株式会社 Method And Apparatus For Performing Authentication Between Applications
CN105049945A (en) * 2015-08-13 2015-11-11 中国科学院信息工程研究所 Safety payment system and method based on smart TV multi-screen interaction
CN107294722A (en) * 2016-03-31 2017-10-24 阿里巴巴集团控股有限公司 A kind of terminal identity authentication method, apparatus and system
CN106156635A (en) * 2016-07-29 2016-11-23 深圳兆日科技股份有限公司 Method for starting terminal and device
KR101836236B1 (en) * 2017-03-15 2018-04-19 주식회사 센스톤 User authentication method and apparatus using authentication between applications, program therefor
CN109639427A (en) * 2017-10-09 2019-04-16 华为技术有限公司 A kind of method and apparatus that data are sent
CN109412812A (en) * 2018-08-29 2019-03-01 中国建设银行股份有限公司 Data safe processing system, method, apparatus and storage medium
CN110163617A (en) * 2019-05-29 2019-08-23 四川长虹电器股份有限公司 A kind of TV shopping method of payment supported based on vocal print

Also Published As

Publication number Publication date
CN110691265A (en) 2020-01-14

Similar Documents

Publication Publication Date Title
US10552835B2 (en) Secure payment service and system for interactive voice response (IVR) systems
CN110930147B (en) Offline payment method and device, electronic equipment and computer-readable storage medium
US20190179652A1 (en) Helper software developer kit for native device hybrid applications
US11108558B2 (en) Authentication and fraud prevention architecture
CN103095662B (en) A kind of online transaction safety certifying method and online transaction security certification system
US20220400109A1 (en) Centralized gateway server for providing access to services
US20030055738A1 (en) Method and system for effecting an electronic transaction
CN109598149B (en) Service processing method and device
US20020178122A1 (en) System and method for confirming electronic transactions
US20090006254A1 (en) Virtual prepaid or credit card and process and system for providing same and for electronic payments
CN108764848B (en) Electronic contract signing method and system
CN112953970B (en) Identity authentication method and identity authentication system
US20210209582A1 (en) Virtual smart card for banking and payments
WO2009094949A1 (en) Creditable remote service method and system
US9001977B1 (en) Telephone-based user authentication
CN104820944A (en) Method and system for bank self-service terminal authentication, and device
CN103023638A (en) Identity verification method and device based on mobile terminal
CN102906776A (en) A method for mutual authentication of a user and service provider
JP2015537399A (en) Application system for mobile payment and method for providing and using mobile payment means
CN110691265B (en) Television payment method and system based on voiceprint recognition
US20120303534A1 (en) System and method for a secure transaction
CN105591745A (en) Method and system for performing identity authentication on user using third-party application
AU2017319373A1 (en) Payment method and payment system based on security authentication mechanism
CN104657860A (en) Mobile banking security authentication method
US20170344992A1 (en) Payment verification method, apparatus and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant