CN111062715A

CN111062715A - Method, device and equipment for code scanning payment, information sending and collection code generation

Info

Publication number: CN111062715A
Application number: CN202010171354.8A
Authority: CN
Inventors: 刘佳伟; 魏亚文; 孙曦; 林立
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2020-03-12
Filing date: 2020-03-12
Publication date: 2020-04-24
Anticipated expiration: 2040-03-12
Also published as: WO2021179748A1; CN111062715B

Abstract

The embodiment of the specification discloses a method, a device and equipment for sending information and generating a cash register code in the processes of code scanning payment and payment. The scheme comprises the following steps: the terminal acquires code image information; analyzing the code image information to obtain code image analysis information contained in the code image information, wherein the code image analysis information contains a first key parameter; acquiring a second key parameter; calculating to obtain a key according to the first key parameter and the second key parameter; acquiring encrypted access address information of the acquiring mechanism stored in the block link point; decrypting the encrypted acquirer access address information by using the secret key to obtain acquirer access address information; and paying based on the acquirer access address information.

Description

Method, device and equipment for code scanning payment, information sending and collection code generation

Technical Field

The application relates to the technical field of computers, in particular to a method, a device and equipment for sending information and generating a cash register code in a code scanning payment and payment process.

Background

In the prior art, electronic payment has been widely used in various fields. In particular, a method of performing code scanning payment by using a two-dimensional code or other code images is widespread. In practical application, each merchant can display the two-dimensional code of the merchant at the position where the merchant collects money, and a consumer can complete payment through scanning the two-dimensional code.

With the evolution of payment technology, one two-dimensional code can support the payment channels of a plurality of payment institutions. That is, after scanning a two-dimensional code, the user may select a payment channel a (e.g., a certain bank) for payment, or may select a payment channel B (e.g., an electronic wallet of a certain platform) for payment. In order to enable one two-dimensional code to support a plurality of payment channels, information of a plurality of payment channels supported by one merchant needs to be simultaneously stored in a node of a payment network. The payment channel information belongs to privacy information for the merchant or the payment institution.

However, how to protect the privacy information related in the code scanning payment process from the data perspective is an urgent technical problem to be solved.

Disclosure of Invention

In view of this, embodiments of the present application provide a method, an apparatus, and a device for code scanning payment, information sending in a payment process, and a method, an apparatus, and a device for generating a cash register, which are used to protect privacy of private data involved in a code scanning payment process from a data perspective.

In order to solve the above technical problem, the embodiments of the present specification are implemented as follows:

the code scanning payment method provided by the embodiment of the specification comprises the following steps: the terminal acquires code image information; analyzing the code image information to obtain code image analysis information contained in the code image information; the code image analysis information comprises a first key parameter; acquiring a second key parameter; calculating to obtain a key according to the first key parameter and the second key parameter; acquiring encrypted access address information of the acquiring mechanism stored in the block link point; decrypting the encrypted acquirer access address information by using the secret key to obtain acquirer access address information; and paying based on the acquirer access address information.

An information sending method in a payment process provided by an embodiment of the present specification includes: a block chain node acquires an information acquisition request sent by a terminal; the information acquisition request is used for requesting to acquire the access address information of the acquirer; searching corresponding encrypted acquirer access address information based on the information acquisition request; the key used for encrypting the access address information of the acquirer is the same as the key calculated by the terminal according to the first key parameter and the second key parameter; the initial storage device of the first key parameter is different from the initial storage device of the second key parameter; and sending the searched encrypted access address information of the acquirer to the terminal.

The method for generating a cash register code provided by the embodiment of the specification comprises the following steps: the first terminal acquires a receiving code generating instruction; the receiving code generating instruction is used for indicating the first terminal to generate a receiving code; acquiring a decentralized identity of the first terminal; sending the decentralized identity to a block chain node stored with a decentralized identity document; acquiring merchant information inquired from the decentralized identity document by the block link point based on the decentralized identity; generating a cash register code based on the merchant information and a pre-stored first key parameter; and the collection code is used for acquiring the encrypted access address information of the acquiring mechanism after being scanned by the second terminal.

An electronic payment method provided by an embodiment of the present specification includes: the server acquires encrypted acquirer access address information sent by the terminal; determining a key corresponding to the server; decrypting the encrypted acquirer access address information by using the secret key to obtain acquirer access address information; and paying based on the acquirer access address information.

The code scanning payment device that this specification embodiment provided includes: the code image information acquisition module is used for acquiring code image information; the code image information analysis module is used for analyzing the code image information to obtain code image analysis information contained in the code image information; the code image analysis information comprises a first key parameter; the second key parameter acquisition module is used for acquiring a second key parameter; the key generation module is used for calculating a key according to the first key parameter and the second key parameter; the ciphertext acquisition module is used for acquiring the encrypted access address information of the acquiring mechanism stored in the block chain link point; the ciphertext decryption module is used for decrypting the encrypted acquirer access address information by adopting the secret key to obtain acquirer access address information; and the payment module is used for carrying out payment based on the access address information of the acquirer.

An information sending apparatus in a payment process provided in an embodiment of the present specification includes: the request receiving module is used for acquiring an information acquisition request sent by the terminal by the block link nodes; the information acquisition request is used for requesting to acquire the access address information of the acquirer; the information searching module is used for searching the corresponding encrypted access address information of the acquirer on the basis of the information acquisition request; the key used for encrypting the access address information of the acquirer is the same as the key calculated by the terminal according to the first key parameter and the second key parameter; the initial storage device of the first key parameter is different from the initial storage device of the second key parameter; and the information sending module is used for sending the searched encrypted access address information of the acquirer to the terminal.

An apparatus for generating a cash register code provided in an embodiment of the present specification includes: the instruction acquisition module is used for acquiring a cash register code generation instruction by the first terminal; the receiving code generating instruction is used for indicating the first terminal to generate a receiving code; the decentralized identity acquisition module is used for acquiring a decentralized identity of the first terminal; the decentralized identity sending module is used for sending the decentralized identity to the block chain link points in which the decentralized identity documents are stored; the merchant information acquisition module is used for acquiring merchant information inquired from the decentralized identity document by the block link point based on the decentralized identity; the cash register code generating module generates a cash register code based on the merchant information and a pre-stored first key parameter; and the collection code is used for acquiring the encrypted access address information of the acquiring mechanism after being scanned by the second terminal.

The electronic payment device provided by the embodiment of the specification comprises a ciphertext information acquisition module, a receiving mechanism access address information generation module and a sending module, wherein the ciphertext information acquisition module is used for acquiring encrypted receiving mechanism access address information sent by a terminal; the key determining module is used for determining a key corresponding to the server; the decryption module is used for decrypting the encrypted acquirer access address information by adopting the secret key to obtain acquirer access address information; and the payment module is used for carrying out payment based on the access address information of the acquirer.

An embodiment of the present specification provides a user terminal, including:

at least one processor; and the number of the first and second groups,

a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,

the memory stores instructions executable by the at least one processor to enable the user terminal to: acquiring code image information; analyzing the code image information to obtain code image analysis information contained in the code image information; the code image analysis information comprises a first key parameter; acquiring a second key parameter; calculating to obtain a key according to the first key parameter and the second key parameter; acquiring encrypted access address information of the acquiring mechanism stored in the block link point; decrypting the encrypted acquirer access address information by using the secret key to obtain acquirer access address information; and paying based on the acquirer access address information.

The embodiment of this specification provides a block link point, includes:

at least one processor; and the number of the first and second groups,

the memory stores instructions executable by the at least one processor to enable the blockchain node to: acquiring an information acquisition request sent by a terminal; the information acquisition request is used for requesting to acquire the access address information of the acquirer; searching corresponding encrypted acquirer access address information based on the information acquisition request; the key used for encrypting the access address information of the acquirer is the same as the key calculated by the terminal according to the first key parameter and the second key parameter; the initial storage device of the first key parameter is different from the initial storage device of the second key parameter; and sending the searched encrypted access address information of the acquirer to the terminal.

An embodiment of this specification provides a terminal, including:

at least one processor; and the number of the first and second groups,

the memory stores instructions executable by the at least one processor to enable the terminal to: acquiring a cash register code generating instruction; the receiving code generating instruction is used for indicating the terminal to generate a receiving code; acquiring a decentralized identity of the terminal; sending the decentralized identity to a block chain node stored with a decentralized identity document; acquiring merchant information inquired from the decentralized identity document by the block link point based on the decentralized identity; generating a cash register code based on the merchant information and a pre-stored first key parameter; and the collection code is used for acquiring the encrypted access address information of the acquiring mechanism after being scanned by the second terminal.

An embodiment of this specification provides a server, including:

at least one processor; and the number of the first and second groups,

the memory stores instructions executable by the at least one processor to enable the server to: acquiring encrypted acquirer access address information sent by a terminal; determining a key corresponding to the server; decrypting the encrypted acquirer access address information by using the secret key to obtain acquirer access address information; and paying based on the acquirer access address information.

The embodiment of the specification adopts at least one technical scheme which can achieve the following beneficial effects: the encrypted access address information of the acquiring mechanism is stored in the block chain nodes, and the block chain nodes cannot analyze and obtain the privacy data of a certain merchant or a certain payment mechanism based on the data corresponding to the merchant or the payment mechanism stored in the block chain nodes because the block chain nodes are stored in a ciphertext mode, so that the data privacy of the merchant and the payment mechanism is ensured, and the safety of the information stored in the regional block chain nodes can be ensured. Thus, the privacy of the privacy data involved in the code scanning payment process is protected from a data perspective.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:

fig. 1 is a schematic flowchart of a code scanning payment method provided in an embodiment of the present disclosure;

fig. 2 is a schematic flowchart of an information sending method in a payment process according to an embodiment of the present disclosure;

fig. 3 is a schematic flowchart of a method for generating a cash register according to an embodiment of the present disclosure;

FIG. 4 is a schematic diagram of an application scenario of a code scanning payment scheme provided in an embodiment of the present description;

fig. 5 is a schematic structural diagram of a code scanning payment device corresponding to fig. 1 provided in an embodiment of the present disclosure;

fig. 6 is a schematic structural diagram of an information sending apparatus in a payment process corresponding to fig. 2 provided in an embodiment of the present specification;

fig. 7 is a schematic structural diagram of a device for generating a cash register code corresponding to fig. 3 according to an embodiment of the present disclosure;

fig. 8 is a schematic structural diagram of a network payment device provided in an embodiment of the present specification.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

In the description of the present application, the terms first, second, etc. are used to describe various information, parameters, fields, instructions, terminals, etc., but these information, parameters, fields, instructions, terminals, etc. should not be limited by these terms. These terms are used to distinguish one information, parameter, field, instruction, terminal from another information, parameter, field, instruction, terminal. Thus, a first information, parameter, field, instruction, terminal discussed below could also be termed a second information, parameter, field, instruction, terminal without departing from the teachings of the present disclosure.

The technical solutions provided by the embodiments of the present application are described in detail below with reference to the accompanying drawings.

Fig. 1 is a schematic flowchart of a code scanning payment method provided in an embodiment of the present specification. From the viewpoint of the program, the main body of execution of the flow may be the program installed in the user terminal. In the embodiment of the present application, the user terminal specifically refers to a terminal used by a user who performs code scanning payment, that is, a terminal installed with a payment application (payment APP).

As shown in fig. 1, the process may include the following steps:

step 102: the terminal acquires code image information.

In a code scanning payment scenario, a user terminal may be used to scan a payee's checkout code to obtain code image information. Wherein the user terminal may comprise a smartphone. The payee may include a merchant. The payment code can comprise any form of codes such as a two-dimensional code and a bar code. The acquisition code image information may be image information of an acquisition code.

The cash register code may be presented on a printed matter, or may be presented on a display screen of the merchant terminal device, and for example, the following description assumes a case where the cash register code is presented on the merchant terminal.

Step 104: and analyzing the code image information to obtain code image analysis information contained in the code image information, wherein the code image analysis information contains a first key parameter.

After the user terminal acquires the code image information, the acquired code image information may be analyzed to obtain code image analysis information contained therein. The code image resolution information may include information related to a current merchant and a current transaction.

In an embodiment, the code image parsing information may include a first key parameter. The first key parameter may be used to generate a key that may be used to decrypt encrypted acquirer access address information. The first key parameter may be a key corresponding to a current merchant. Each merchant may correspond to one first key parameter, and different merchants may correspond to different first key parameters.

Optionally, the process of the user terminal obtaining the first parameter key from the merchant terminal may be performed by using a key exchange protocol, so as to ensure the security of the key. For example, if the first key parameter is y, then the processed first key parameter, e.g. g, may actually be transmitted in the code image information carried in the code image information^yWhere g is a large number, in particular a large prime number, e.g. a prime number greater than 10000000. Prime number of quilt benefitIn cryptography, a prime number is added when information (password) to be transmitted is coded, and the information is transmitted after the coding, so that the information cracking process becomes a process of searching for the prime number, and therefore, even if the information is obtained, the process of searching for the prime number (decomposition prime factor) is too long, the information is meaningless. Therefore, based on the use of a large prime number, the security of information (password) transmission can be ensured.

Step 106: and acquiring a second key parameter.

The second key parameter may be used with the first key parameter to generate a key that may be used to decrypt encrypted acquirer access address information. The second key parameter may be a key corresponding to a current payment application. Each payment application may correspond to one second key parameter and different payment applications may correspond to different second key parameters. For example, the APP of payment authority a may correspond to one second key parameter and the APP of payment authority B may correspond to one further second key parameter.

Optionally, the obtaining of the second key parameter may specifically include: and acquiring a second key parameter locally stored by the terminal. That is, the user terminal installed with the payment application may store the second key parameter corresponding to the payment application in advance.

Optionally, the obtaining of the second key parameter may specifically include: sending a request for acquiring a second key parameter to the first server; and acquiring the second key parameter fed back by the first server. The first server may be a server of a payment mechanism corresponding to the payment application, that is, the first server may be a server of a payment mechanism to which the payment application belongs. For example, the payment application may be a payment instrument APP, the payment authority may be a payment instrument, and the first server may be a server of the payment instrument.

Optionally, the payment authority may also store different second key parameters according to different merchant indexes.

Step 108: and calculating to obtain a key according to the first key parameter and the second key parameter.

In the embodiment of the present application, a first key parameter (e.g., a processed first key parameter) corresponding to a merchant is obtained at a user terminal, and a second key parameter corresponding to the user terminal is obtained, a key may be obtained based on the first key parameter and the second key parameter, and the key may be used to decrypt encrypted acquirer access address information.

For example, following the above example, the processed second key parameter is g^yIf the second key parameter can be denoted as x, then the key can be calculated as (g)^y)^x=g^xy。

Step 110: and acquiring the encrypted access address information of the acquiring mechanism stored in the block link point.

The acquirer access address information stored on the blockchain node is ciphertext information obtained through encryption processing in advance, and is also in the form of ciphertext when the acquirer access address information is returned to the user terminal from the blockchain node. The ciphertext information refers to the encrypted access address information of the acquirer. Therefore, the access address information of the acquirer cannot be acquired by an opponent mechanism and the like no matter in a storage state or in an information transmission process, and the confidentiality is ensured.

In an embodiment, the acquirer access address information may include the primary address information and the merchant ID. For example, the acquirer access address may be: https:// alipay.com/123456, where "alipay.com" is the principal payment address and "123456" is the merchant ID. The format of the acquirer access address is not limited to this example.

Step 112: and decrypting the encrypted access address information of the acquirer by using the secret key to obtain the access address information of the acquirer.

The key locally generated at the user terminal installed with the payment application and used for decrypting the encrypted acquirer access address information is the same as the key used when the encrypted acquirer access address information stored in the block link node is encrypted, so that the generated key can be used for decrypting the acquired encrypted acquirer access address information to obtain the acquirer access address information.

Step 114: and paying based on the acquirer access address information.

Specifically, the user may access the decrypted acquiring mechanism access address at the user terminal, and complete the payment operation in the page corresponding to the address, where the method for completing the payment operation may refer to the prior art, and no specific description is provided in this specification.

In the above embodiments of the present application, in the storage state of the information on the block link point and in the process of transmitting the information from the block link point to the user terminal, the access address of the acquirer exists in the form of a ciphertext, which ensures privacy. In addition, since the block chain nodes are stored in a ciphertext form, the block chain nodes cannot analyze and obtain the privacy data of a certain merchant or a certain payment mechanism based on the data corresponding to the merchant or the payment mechanism stored in the block chain nodes, so that the privacy of the privacy data of the merchant and the payment mechanism is ensured, namely the security of the information stored in the block chain nodes in the area is ensured. Further, the key for decrypting the ciphertext is not stored in any one of the terminal and the server, but is generated before payment in

steps

102, 104, 106, and 108, wherein the first key parameter and the second key parameter for generating the key are respectively stored on the merchant side (for example, the merchant terminal or the server) and the payment institution side (for example, the user terminal local to the payment application of the payment institution, or the server of the payment institution), and the security of the key for decrypting the ciphertext is ensured by dispersedly managing the key parameters and generating the key parameters immediately when in use.

Based on the process of fig. 1, some specific embodiments of the process are also provided in the examples of this specification, which are described below.

In practical application, the block chain node may store therein ciphertexts of the acquirer access addresses corresponding to a plurality of different payment mechanisms, and the user terminal installed with the payment application may obtain the ciphertexts of the acquirer access addresses corresponding to the payment application from the block chain node. In an embodiment of the present specification, the acquirer in the acquirer access address corresponding to the payment application may be the payment authority.

Specifically, according to an embodiment of the present application, the obtaining encrypted acquirer access address information stored in a block link node (step 110) may specifically include: acquiring payment mechanism identification information of an application used in the payment process; generating index data according to the secret key and the payment mechanism identification information; sending a request for acquiring the access address information of the acquiring mechanism to the block chain nodes, wherein the request for acquiring the access address information of the acquiring mechanism at least comprises the index data; and acquiring the encrypted access address information of the acquiring mechanism fed back by the block link point.

In this embodiment, when sending a request for acquiring acquirer access address information to a block node, index data generated based on payment mechanism identification information corresponding to a payment application may be carried in the request, so that the block node may return encrypted acquirer access address information corresponding to the payment application (or payment mechanism) based on the index data.

As a specific example, the key calculated in the above example is g^xyThe payor identification is denoted "payor ID", the Index data Index, i.e. Index ← KDF (g), can be generated by, for example, a Key Derivation Function (KDF)^xyPayment authority ID) to carry the index data in the acquisition request. And then searching for the encrypted Index data Index corresponding to the Index data in the blockchain node and returning.

In practical applications, each merchant may have a cooperative relationship with a plurality of payment mechanisms, in which case the encrypted acquirer access address information may be stored in the blockchain corresponding to the merchant and corresponding to the payment mechanism. Specifically, for example, the encrypted acquirer access address information may be stored with the merchant index as a first-layer directory and the index data as a second-layer directory.

According to an optional embodiment, in step 102 and step 104, the code image analysis information obtained by analyzing the code image acquired from the merchant side may further include a merchant index number. The merchant index number may be a number used to identify the merchant. In a network payment system with a specified range, one merchant has a unique merchant index number, and different merchants have different merchant index numbers. For example, in a network payment system where a banking institution, an electronic payment platform a and an electronic payment platform B cooperate, the merchant index number of a certain merchant may be the same for all of the banking institution, the electronic payment platform a and the electronic payment platform B.

In an optional embodiment, the code image parsing information may further include a transaction key parameter. The transaction key parameters may include a transaction order number, a transaction setup time, a transaction amount, etc.

In an optional embodiment, the code image parsing information may further include a merchant signature. In practice, before the request information is returned in response to the request of the information requester, the information sender may verify the identity of the information requester to ensure the information security. In the embodiment of the application, before sending the encrypted acquirer access address information to the user terminal by the subsequent block node, the merchant signature can be checked first, and when the signature passes, the encrypted acquirer access address information is sent to the user terminal. In the embodiment of the application, the verification of the merchant can verify the authenticity of the source of the merchant index number received by the block chain node point so as to ensure the safety of the acquirer access address information.

In an embodiment of the present application, the request for obtaining the acquirer access address information may specifically include: a merchant index number, a merchant signature, and the index data. Therefore, after the block chain node receives the request, the ciphertext under the corresponding Index below the corresponding merchant can be found based on the merchant Index number and the Index data, and the ciphertext is returned to the user terminal.

In one or more embodiments of the present application, a privacy protection scheme for a code scanning payment process is provided, where encrypted acquirer access address information is stored in a block chain node, and since the encrypted acquirer access address information is stored in a ciphertext form, the block chain node cannot analyze privacy data of a certain merchant or a certain payment mechanism based on data corresponding to the merchant or the certain payment mechanism stored in the block chain node, so that data privacy of the merchant and the payment mechanism is ensured, that is, the security of information stored in a regional block chain node is ensured. And the merchant side and the payment mechanism side respectively store partial key parameters for generating keys, the key parameters are transmitted through a key protocol, the two sides do not know the key parameters of the other side, and information confidentiality between the merchant and the payment mechanism is realized.

In practical applications, when a block link point searches for corresponding ciphertext information in response to a request sent by a user terminal, there is a possibility that the ciphertext corresponding to index data carried in the request cannot be found. In this case, all the cryptographs under the merchant corresponding to the merchant index number carried in the request may be returned, and the cryptograph data meeting a certain condition may be sent to the server of the payment mechanism associated with the payment mechanism to which the current payment application belongs, so as to perform decryption. For example, the current payment application is "pay pal APP", the payment mechanism is "pay pal", and the corresponding server is a pay pal server (which may be referred to as "first server" in this application); the payment authority associated with the payment authority described in the current payment application may be "paypal international", and the corresponding server is a paypal international server (which may be referred to as "second server" in this application). In an embodiment of the present application, a server of a payment mechanism corresponding to a current payment application may be referred to as a first server of the current payment application, and a server of an associated payment mechanism of the payment mechanism to which the current payment application belongs may be referred to as a second server of the current payment application.

According to an embodiment, after the decrypting (step 112) the encrypted acquirer access address information by using the key, the method may further include: and if the encrypted acquirer access address information cannot be decrypted by adopting the secret key, sending the encrypted acquirer access address information to a second server of the application used in the payment process, so that the second server can complete the payment based on the encrypted acquirer access address information.

The user terminal may not be able to decrypt the encrypted acquirer access address information by using the locally generated key, or may not be able to search from the block link point and return the encrypted acquirer access address information that can be decrypted by using the locally generated key of the user terminal.

For example, for a store abroad, payment can be actually made using, for example, "paypal international APP", and accordingly, an acquirer access address accessed at the time of payment can be acquired based on information corresponding to paypal international. In actual use, if the payment application used is "pay for pal APP" (i.e., the payment application can be used for payment in china), a key is generated based on a first key parameter corresponding to the foreign store and a second key parameter corresponding to the domestic payment application, and further, after index data is generated based on the key and a payment application ID, a ciphertext corresponding to the index data cannot be found on the blockchain node. In this case, the ciphertext data corresponding to the merchant may be returned to the user terminal and then sent to the second server of the current payment application, in this example, the ciphertext may be sent to the server of the international payment treasury, and then the ciphertext may be decrypted by the server of the international payment treasury, so that the subsequent payment may be completed.

In practical application, all encrypted acquirer address accesses under the current merchant are not required to be sent to the second server, but only a part of ciphertext meeting a certain condition can be sent.

In embodiments of the present application, for each Index stored on a block link point and corresponding encrypted acquirer access address information, a corresponding first field may be additionally stored, the one first field corresponding to at least one encrypted acquirer access address information. The first field may be generated in advance based on the associated field of the payment mechanism and its associated mechanism corresponding to the current payment application. A payment institution may have the same association fields as the payment institution's association, which may be stored on the server of the payment institution and its association, and/or may be stored in the user terminal of the payment institution where the corresponding payment application is located.

According to an embodiment, before sending the encrypted acquirer access address information to the second server of the application used in the payment process, the method may further include: acquiring first fields fed back by the block link points, wherein one first field at least corresponds to encrypted acquirer access address information; acquiring a second field; judging whether the first field is the same as the second field or not to obtain a judgment result; and if the judgment result shows that the first field is the same as the second field, sending the encrypted access address information of the acquirer to a second server of the application used in the payment process.

The process of obtaining the second field may include generating the second field based on the associated field of the payment mechanism corresponding to the current payment application and based on the first key parameter (e.g., the processed first key parameter) obtained from the merchant. The second field is generated in the payment application in the same way as the pre-generated first field stored in the blockchain node. For example, if the processed first key parameter from the merchant is g^yThe associated key of the payment mechanism corresponding to the current payment application is T, the first field/second field can be generated by, for example, a Hash algorithm, for example, the first field Q1 ← Hash (T, g) stored in the blockchain node is generated in advance^y) Generating a second field Q2 ← Hash (T, g) at the user terminal where the payment application is located^y). If the second field is the same as the first field, the encrypted acquirer access address information in the Index corresponding to the first field can be decrypted by the payment mechanism or the related mechanism of the current payment application. Thus, the corresponding payment is applied at the current paymentAnd when the mechanism cannot decrypt the data, sending the data to the association mechanism of the current payment mechanism. In an embodiment, if a first field corresponds to two encrypted acquirer access address information, that is, the current payment mechanism has another association mechanism, the ciphertext meeting the condition may be sent to the other association mechanism when the current payment mechanism cannot decrypt the ciphertext. Optionally, if one first field corresponds to more than two encrypted acquirer access address information, that is, the current payment mechanism has at least two other association mechanisms, when the current payment mechanism cannot decrypt, the ciphertexts meeting the condition may be sequentially sent to the at least two other association mechanisms.

In the embodiment of the present application, the case where payment is made through a server (second server) of an associated institution of a payment institution to which payment is currently applied using an electronic payment method of proxy payment may be referred to as proxy payment. Implementation of this scheme enables payment to be effected even if the payment application is used across countries (e.g. domestic versions of the payment application are used abroad), and is not perceived at the user end.

In order to more clearly describe the above-described electronic payment method using proxy payment. The method is described below from the perspective of the second server. From the perspective of the program, the execution subject of the method is the second server.

Specifically, the second server (namely, the proxy server) acquires the encrypted acquirer access address information sent by the user terminal; determining a key corresponding to the server; decrypting the encrypted acquirer access address information by using the secret key to obtain acquirer access address information; and paying based on the acquirer access address information.

The second server can obtain the encrypted acquirer access address information stored on the block link point and the corresponding first field through the user terminal where the current payment application is located. Specifically, what the second server can obtain is the first field equal to the second field calculated by the user terminal and the encrypted acquirer access address information corresponding to the first field.

The determining the key corresponding to the server may specifically include: acquiring a first key parameter sent by the user terminal; acquiring a third key parameter corresponding to the server; and calculating to obtain a key according to the first key parameter and the third key parameter. The first key parameter sent by the user terminal is a key parameter corresponding to the merchant and obtained from the merchant terminal, and the above example is continued, which may be denoted as g^y. The third key parameter, i.e. the second key parameter in claim 16, is a key parameter corresponding to the second server (i.e. corresponding to the association authority), and may be denoted as x', for example. The key can be calculated to be (g)^y)^x'=g^x'y。

Corresponding to the code scanning payment method, the application provides an information sending method in the payment process. Fig. 2 is a schematic flow chart of an information sending method in a payment process according to an embodiment of the present disclosure. From a procedural perspective, the execution subject of the flow may be a blockchain node.

As shown in fig. 2, the process may include the following steps:

step 202: a block chain node acquires an information acquisition request sent by a terminal; the information acquisition request is used for requesting to acquire the access address information of the acquirer.

Wherein the terminal is a user terminal installed with a payment application.

Step 204: searching corresponding encrypted acquirer access address information based on the information acquisition request; the key used for encrypting the access address information of the acquirer is the same as the key calculated by the terminal according to the first key parameter and the second key parameter; the initial storage of the first key parameter is different from the initial storage of the second key parameter.

The initial storage device of the first key parameter is a merchant terminal, and the first key parameter corresponds to a merchant index of the merchant terminal. The second key parameter initial storage device is a user terminal where the current payment application is located or a server of a payment mechanism to which the current payment application belongs, and the second key parameter corresponds to the current payment application. The user terminal may obtain the first key parameter from the merchant terminal, and the user terminal may obtain the second key parameter stored locally or obtained from a server of a payment authority corresponding to the payment application, and then calculate a key based on the first key parameter and the second key parameter.

The key used for encrypting the acquirer access address information is also actually generated and used in advance based on the first key parameter and the second key parameter.

Step 206: and sending the searched encrypted access address information of the acquirer to the terminal.

In an embodiment, the searching for the corresponding encrypted acquirer access address information (step 204) may specifically include: acquiring index data contained in the information acquisition request; and searching the encrypted access address information of the acquirer corresponding to the index data. Wherein the index data is generated based on the key and identification information of the payment authority.

In an embodiment, after the searching for the corresponding encrypted acquirer access address information (step 206), the method may further include: and if the encrypted acquirer access address information corresponding to the index data is not found, sending all encrypted acquirer access address information corresponding to the merchant index number contained in the information acquisition request to the terminal.

In an embodiment, before the searching for the corresponding encrypted acquirer access address information (step 206), the method may further include: acquiring a merchant signature contained in the information acquisition request; verifying the merchant signature; and if the verification is passed, executing the step of searching the corresponding encrypted access address information of the acquirer.

Since the embodiment of the information sending method in the payment process has the same or corresponding technical characteristics as the above embodiments of the code scanning payment method, the same technical effects as those of the above embodiments of the code scanning payment method can be achieved. Specifically, in the information sending method in the payment process, the encrypted acquirer access address information is stored in the blockchain node, and the ciphertext is stored, so that the blockchain node cannot analyze and obtain privacy data of a certain merchant or a certain payment mechanism based on the data corresponding to the merchant or the payment mechanism stored in the blockchain node, thereby ensuring the data privacy of the merchant and the payment mechanism, i.e. ensuring the security of the information stored in the blockchain node. Thus, the privacy of the privacy data involved in the code scanning payment process is protected from a data perspective.

Corresponding to the code scanning payment method and the information sending method in the payment process, the application provides a method for generating a cash register code. Fig. 3 is a schematic flowchart of a method for generating a cash register according to an embodiment of the present disclosure. From a program perspective, the executing body of the flow may be a merchant terminal.

As shown in fig. 3, the process may include the following steps:

step 302: the first terminal acquires a receiving code generating instruction; the receiving code generating instruction is used for indicating the first terminal to generate a receiving code.

In this embodiment, the first terminal is a terminal at a merchant side, and the merchant terminal may generate and present a cash register code; the second terminal hereinafter refers to a terminal on the user side, i.e. a terminal in which the payment application is installed.

Step 304: and acquiring the decentralized identity of the first terminal.

Among them, Decentralized Identity (DID) is a new type of Identifier with global uniqueness, high availability, resolvability and encryption verifiability. DIDs are typically associated with cryptographic material (e.g., public keys) and service endpoints to establish secure communication channels. DIDs are useful for any application that benefits from self-managed, cryptographically verifiable identifiers, such as personal identifiers, organizational identifiers, and internet of things scene identifiers. For example, current W3C may verify that commercial deployments of credentials use DIDs extensively to identify people, organizations, and things, and implement many security and privacy safeguards guarantees.

In step 304, the decentralized identity of the terminal is obtained, that is, a globally unique identifier of the merchant terminal is obtained.

Step 306: and sending the decentralized identity to the block chain nodes which store the decentralized identity documents.

Step 308: and acquiring the merchant information inquired from the decentralized identity document by the block link point based on the decentralized identity.

In the regional blockchain node, a decentralized identity document (DID document) is stored, which may include a DID identifier, a set of cryptographic materials (e.g., a public key), a set of cryptographic protocols, a set of service endpoints, a timestamp, and an optional signature for proving the legitimacy of the DID document. In practical application, the corresponding DID document can be found on the blockchain node based on the DID identifier as a key. Then, the merchant information of the merchant terminal can be obtained from the DID document.

It should be noted that the block link point storing the DID document and the block link point storing the encrypted acquirer access address information described above may be different block link nodes.

Step 310: generating a cash register code based on the merchant information and a pre-stored first key parameter; and the collection code is used for acquiring the encrypted access address information of the acquiring mechanism after being scanned by the second terminal.

In an embodiment, the merchant information may specifically include a merchant index number.

Correspondingly, the generating a cash register code based on the merchant information and the pre-stored first key parameter may specifically include: acquiring transaction parameters of current transaction; acquiring a first key parameter corresponding to the merchant index number; obtaining a private key corresponding to the merchant index number; generating a merchant signature according to the private key; and generating a cash register code, wherein the information carried by the cash register code comprises the merchant index number, the first key parameter, the transaction parameter and the merchant signature.

Corresponding to the code scanning payment method and the information sending method in the payment process, in the cash register code generation method, information related to a merchant, such as a merchant index number, is obtained based on DID, then the cash register code is generated based on the information, so that the cash register code at least comprises identification information uniquely corresponding to the merchant, the encrypted access address information of the acquiring mechanism corresponding to the merchant and the payment application can be obtained and decrypted by the payment application, and the privacy of privacy data related to the code scanning payment process is protected from a data perspective.

In order to make the description of the present application clearer, fig. 4 is a schematic diagram of an application scenario of the code scanning payment scheme provided in the embodiment of the present specification. The overall scheme is described below with reference to fig. 4.

Referring to fig. 4, the code scanning payment scheme provided in the embodiment of the present application may specifically include the following steps:

(1) the merchant terminal generates a cash register code aiming at the current transaction, wherein the cash register code comprises merchant index number information, merchant signature information, first key parameter information and transaction key parameter information. The first key parameter information may correspond to the merchant index number, i.e., different merchant index numbers correspond to different first key parameters.

(2) And scanning the cash register code through a user terminal provided with a payment application, and analyzing to obtain the merchant index number, the merchant signature, the first key parameter and the transaction key parameter contained in the cash register code.

(3) The user terminal obtains the second key parameter from the first server corresponding to the payment application, or the user terminal obtains the second key parameter stored locally. Wherein the second key parameter may correspond to a payment application, i.e. different payment applications correspond to different second key parameters.

(4) And the user terminal generates a key based on the first key parameter and the second key parameter.

(5) The user terminal acquires the payment authority ID and then obtains Index data (i.e., Index) based on the key and the payment authority ID.

(6) And the user terminal sends the merchant index number, the merchant signature and the index data obtained by calculation to a block chain node.

(7) After the block chain link point verifies that the merchant signature passes, acquiring encrypted acquirer access address information corresponding to the index data under the merchant corresponding to the merchant index number, and sending the acquired ciphertext information back to the user terminal; and the key used for encrypting the access address information of the acquirer is the same as the key calculated by the user terminal according to the first key parameter and the second key parameter.

(8) And the user terminal decrypts the received ciphertext information by using the secret key to obtain the access address information of the acquiring mechanism, so that payment is completed based on the access address information of the acquiring mechanism.

In addition, in practical applications, the ciphertext corresponding to the index data in the acquisition request may not be found in the blockchain, and proxy payment may be used. In the application of the proxy payment scenario, correspondingly, a first field is stored at the block link point corresponding to each index data and the corresponding ciphertext. The first field may be used to indicate the payment institution and its associated institution to which the acquirer address contained in the respective ciphertext corresponds. That is, a payment mechanism and its associated mechanism may correspond to a first field, which may correspond to at least one payment mechanism (as the payment mechanism may have an associated mechanism).

Continuing with the above embodiment, if on a blockchain node, a ciphertext corresponding to the received index data cannot be found under a certain merchant, all data under the merchant is returned in step (7) of fig. 4, where the returned data includes the ciphertext corresponding to the index data and also includes a first field corresponding to the index data.

After that, (9) the user terminal acquires the associated field from the local or the first server corresponding to the payment application, generates a second field based on the associated field and the key, and then judges whether the first field is the same as the second field to obtain a judgment result;

(10) and if the judgment result is that the first field is the same as the second field, sending the encrypted acquirer access address information to a second server of the payment application used in the payment process, so that the second server can decrypt the encrypted acquirer access address information and further complete the payment.

In some cases, the actions or steps recited in the claims and the description may be performed in an order different than in the embodiments and still achieve desirable results, and further, the processes depicted in the figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or possible.

Based on the same idea, the embodiment of the present specification further provides a device corresponding to the above method. Fig. 5 is a schematic structural diagram of a code scanning payment device corresponding to fig. 1 provided in an embodiment of the present disclosure. As shown in fig. 4, the apparatus may include:

a code image information obtaining module 502 for obtaining code image information;

a code image information analyzing module 504, configured to analyze the code image information to obtain code image analysis information included in the code image information; the code image analysis information comprises a first key parameter;

a second key parameter obtaining module 506, configured to obtain a second key parameter;

a key generation module 508, configured to calculate a key according to the first key parameter and the second key parameter;

a ciphertext obtaining module 510, configured to obtain encrypted access address information of the acquirer, where the encrypted access address information is stored in a block link point;

a ciphertext decryption module 512, configured to decrypt the encrypted acquirer access address information by using the key to obtain acquirer access address information;

a payment module 514 for making a payment based on the acquirer access address information.

According to an embodiment, the second key parameter obtaining module 506 may be specifically configured to: acquiring a second key parameter locally stored by the terminal; alternatively, it may be used in particular for: sending a request for acquiring a second key parameter to the first server; and acquiring the second key parameter fed back by the first server.

According to an embodiment, the ciphertext obtaining module 510 may specifically include:

a payment mechanism identification information acquisition unit for acquiring payment mechanism identification information of an application used in the payment process;

the index data generating unit is used for generating index data according to the secret key and the payment mechanism identification information;

a ciphertext request information sending unit, configured to send, to the block link node, a request for obtaining acquirer access address information, where the request for obtaining acquirer access address information at least includes the index data;

and the ciphertext acquisition unit is used for acquiring the encrypted access address information of the acquiring mechanism fed back by the block link point.

According to an embodiment, the request for obtaining the acquirer access address information may specifically include: a merchant index number, a merchant signature, and the index data.

According to an embodiment, the code image parsing information may specifically include: merchant index number and merchant signature; or, the code image analysis information may specifically include: merchant index number, transaction key parameters, and merchant signature.

According to an embodiment, the code scanning payment device may further include: and the ciphertext sending module is used for sending the encrypted acquirer access address information to a second server of the application used in the payment process if the encrypted acquirer access address information cannot be decrypted by adopting the secret key, so that the second server can complete the payment based on the encrypted acquirer access address information.

According to an embodiment, the ciphertext obtaining module 510 may be further configured to obtain first fields of the block link point feedback, where one of the first fields corresponds to at least one encrypted acquirer access address information. The code scanning payment device may further include: a second field obtaining module, configured to obtain a second field; and the judging module is used for judging whether the first field is the same as the second field to obtain a judging result. The ciphertext sending module may be specifically configured to send the encrypted acquirer access address information to a second server of an application used in the payment process if the determination result indicates that the first field is the same as the second field.

Based on the same idea, the embodiment of the present specification further provides a device corresponding to the above method. Fig. 6 is a schematic structural diagram of an information sending apparatus in a payment process corresponding to fig. 2 provided in an embodiment of this specification. As shown in fig. 6, the apparatus may include:

a request receiving module 602, configured to obtain an information obtaining request sent by a terminal by using a block link node; the information acquisition request is used for requesting to acquire the access address information of the acquirer;

an information search module 604 for searching for the corresponding encrypted acquirer access address information based on the information acquisition request; the key used for encrypting the access address information of the acquirer is the same as the key calculated by the terminal according to the first key parameter and the second key parameter; the initial storage device of the first key parameter is different from the initial storage device of the second key parameter;

the information sending module 606 sends the searched encrypted acquirer access address information to the terminal.

According to an embodiment, the information searching module 604 may specifically include: an index data acquisition unit configured to acquire index data included in the information acquisition request; and the information searching unit is specifically used for searching the encrypted access address information of the acquirer corresponding to the index data. Wherein the index data is generated based on the key and identification information of the payment authority.

According to an embodiment, the information sending module 606 may be further configured to, if the encrypted acquirer access address information corresponding to the index data is not found, send all encrypted acquirer access address information corresponding to the merchant index included in the information acquisition request to the terminal.

According to an embodiment, the apparatus may further comprise: a merchant signature acquisition module, configured to acquire a merchant signature included in the information acquisition request; and the signature verification module is used for verifying the merchant signature. The information search module 604 may be specifically configured to, if the verification is passed, perform the step of searching for the encrypted acquirer access address information corresponding to the encrypted acquirer.

Based on the same idea, the embodiment of the present specification further provides a device corresponding to the above method. Fig. 7 is a schematic structural diagram of a device for generating a cash register code corresponding to fig. 3 according to an embodiment of the present disclosure. As shown in fig. 7, the apparatus may include:

an instruction obtaining module 702, configured to obtain, by a first terminal, a receiving code generation instruction; the receiving code generating instruction is used for indicating the first terminal to generate a receiving code;

a decentralized identity obtaining module 704, configured to obtain a decentralized identity of the first terminal;

a decentralized identity sending module 706, configured to send the decentralized identity to the block nodes in which the decentralized identity documents are stored;

a merchant information obtaining module 708, configured to obtain merchant information queried by the block link point from the decentralized identity document based on the decentralized identity;

a receiving code generating module 710 for generating a receiving code based on the merchant information and a pre-stored first key parameter; and the collection code is used for acquiring the encrypted access address information of the acquiring mechanism after being scanned by the second terminal.

According to an embodiment, the merchant information may specifically include a merchant index number. The receiving code generating module 710 may be specifically configured to: acquiring transaction parameters of current transaction; acquiring a first key parameter corresponding to the merchant index number; obtaining a private key corresponding to the merchant index number; generating a merchant signature according to the private key; and generating a cash register code, wherein the information carried by the cash register code comprises the merchant index number, the first key parameter, the transaction parameter and the merchant signature.

Based on the same idea, corresponding to the implementation of the proxy payment method, from the perspective of the proxy server, the embodiments of the present specification further provide a corresponding electronic payment device. Specifically, the apparatus may include:

the ciphertext information acquisition module is used for acquiring encrypted acquirer access address information sent by the terminal;

the key determining module is used for determining a key corresponding to the server;

the decryption module is used for decrypting the encrypted acquirer access address information by adopting the secret key to obtain acquirer access address information;

and the payment module is used for carrying out payment based on the access address information of the acquirer.

In an embodiment, the key determination module may be specifically configured to: acquiring a first key parameter sent by the terminal; acquiring a third key parameter corresponding to the server; and calculating to obtain a key according to the first key parameter and the third key parameter.

Based on the same idea, the embodiment of the present specification further provides a device corresponding to the method and apparatus.

Fig. 8 is a schematic structural diagram of a network payment device 800 provided in an embodiment of the present specification. Specifically, the network payment device may include a user terminal installed with a payment application, a merchant terminal, and a blockchain node storing encrypted acquirer access address information. Optionally, the network payment device may further include a first server corresponding to the current payment application. Optionally, the network payment device may further include a second server corresponding to the current payment application, i.e., a proxy server.

As shown in fig. 8, when the device 800 is a user terminal, the device 800 may include:

at least one processor 810; and the number of the first and second groups,

a memory 830 communicatively coupled to the at least one processor; wherein the content of the first and second substances,

the memory 830 stores instructions 820 executable by the at least one processor 810 that are executed by the at least one processor 810 to enable the user terminal to:

acquiring code image information;

analyzing the code image information to obtain code image analysis information contained in the code image information; the code image analysis information comprises a first key parameter;

acquiring a second key parameter;

calculating to obtain a key according to the first key parameter and the second key parameter;

acquiring encrypted access address information of the acquiring mechanism stored in the block link point;

decrypting the encrypted acquirer access address information by using the secret key to obtain acquirer access address information;

and paying based on the acquirer access address information.

As shown in fig. 8, when the apparatus 800 is a block link point, the apparatus 800 may include:

at least one processor 810; and the number of the first and second groups,

the memory 830 stores instructions 820 executable by the at least one processor 810 to enable the blockchain node to:

acquiring an information acquisition request sent by a terminal; the information acquisition request is used for requesting to acquire the access address information of the acquirer;

searching corresponding encrypted acquirer access address information based on the information acquisition request; the key used for encrypting the access address information of the acquirer is the same as the key calculated by the terminal according to the first key parameter and the second key parameter; the initial storage device of the first key parameter is different from the initial storage device of the second key parameter;

and sending the searched encrypted access address information of the acquirer to the terminal.

at least one processor 810; and the number of the first and second groups,

As shown in fig. 8, when the device 800 is a merchant terminal, the device 800 may include:

at least one processor 810; and the number of the first and second groups,

the memory 830 stores instructions 820 executable by the at least one processor 810, the instructions being executable by the at least one processor 810 to enable the terminal to:

acquiring a cash register code generating instruction; the receiving code generating instruction is used for indicating the terminal to generate a receiving code;

acquiring a decentralized identity of the terminal;

sending the decentralized identity to a block chain node stored with a decentralized identity document;

acquiring merchant information inquired from the decentralized identity document by the block link point based on the decentralized identity;

generating a cash register code based on the merchant information and a pre-stored first key parameter; and the collection code is used for acquiring the encrypted access address information of the acquiring mechanism after being scanned by the second terminal.

As shown in fig. 8, when the device 800 is a proxy server, the device 800 may include:

at least one processor 810; and the number of the first and second groups,

the memory 830 stores instructions 820 executable by the at least one processor 810 to enable the server to:

acquiring encrypted acquirer access address information sent by a terminal;

determining a key corresponding to the server;

and paying based on the acquirer access address information.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.

The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Language Description Language), traffic, pl (core unified Programming Language), HDCal, JHDL (Java Hardware Description Language), langue, Lola, HDL, laspam, hardsradware (Hardware Description Language), vhjhd (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.

The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.

The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.

As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape disk storage or other magnetic storage devices, or any other non-transmission medium which can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

Claims

1. A code scanning payment method, comprising:

the terminal acquires code image information;

acquiring a second key parameter;

and paying based on the acquirer access address information.

2. The method according to claim 1, wherein the obtaining of the second key parameter specifically includes:

acquiring a second key parameter locally stored by the terminal;

or sending a request for acquiring the second key parameter to the first server;

and acquiring the second key parameter fed back by the first server.

3. The method of claim 1, wherein the obtaining encrypted acquirer access address information stored by a block link node specifically comprises:

acquiring payment mechanism identification information of an application used in the payment process;

generating index data according to the secret key and the payment mechanism identification information;

sending a request for acquiring the access address information of the acquiring mechanism to the block chain nodes; the request for acquiring the access address information of the acquirer at least comprises the index data;

and acquiring the encrypted access address information of the acquiring mechanism fed back by the block link point.

4. The method according to claim 3, wherein the request for obtaining the acquirer access address information specifically includes:

a merchant index number, a merchant signature, and the index data.

5. The method according to any one of claims 1 to 4, wherein the code image parsing information specifically includes:

merchant index number and merchant signature;

or, the code image analysis information specifically includes:

merchant index number, transaction key parameters, and merchant signature.

6. The method of any of claims 1 to 4, further comprising, after decrypting the encrypted acquirer access address information using the key:

and if the encrypted acquirer access address information cannot be decrypted by adopting the secret key, sending the encrypted acquirer access address information to a second server of the application used in the payment process, so that the second server can complete the payment based on the encrypted acquirer access address information.

7. The method of claim 6, wherein before sending the encrypted acquirer access address information to the second server of the application used in the payment process, the method further comprises:

acquiring first fields fed back by the block link points, wherein one first field at least corresponds to encrypted acquirer access address information;

acquiring a second field;

judging whether the first field is the same as the second field or not to obtain a judgment result;

the sending the encrypted acquirer access address information to a second server of an application used in the payment process specifically includes:

and if the judgment result shows that the first field is the same as the second field, sending the encrypted access address information of the acquirer to a second server of the application used in the payment process.

8. An information sending method in a payment process comprises the following steps:

a block chain node acquires an information acquisition request sent by a terminal; the information acquisition request is used for requesting to acquire the access address information of the acquirer;

9. The method according to claim 8, wherein the searching for the corresponding encrypted acquirer access address information specifically includes:

acquiring index data contained in the information acquisition request;

and searching the encrypted access address information of the acquirer corresponding to the index data.

10. The method of claim 9, wherein the index data is generated based on the key and identification information of the payment authority.

11. The method of claim 9 or 10, after searching for the corresponding encrypted acquirer access address information, further comprising:

and if the encrypted acquirer access address information corresponding to the index data is not found, sending all encrypted acquirer access address information corresponding to the merchant index number contained in the information acquisition request to the terminal.

12. The method of any of claims 7 to 10, prior to finding the corresponding encrypted acquirer access address information, further comprising:

acquiring a merchant signature contained in the information acquisition request;

verifying the merchant signature;

and if the verification is passed, executing the step of searching the corresponding encrypted access address information of the acquirer.

13. A generation method of a cash register code comprises the following steps:

the first terminal acquires a receiving code generating instruction; the receiving code generating instruction is used for indicating the first terminal to generate a receiving code;

acquiring a decentralized identity of the first terminal;

14. The method according to claim 13, wherein the merchant information specifically includes: a merchant index number;

generating a cash register code based on the merchant information and a pre-stored first key parameter specifically comprises:

acquiring transaction parameters of current transaction;

acquiring a first key parameter corresponding to the merchant index number;

obtaining a private key corresponding to the merchant index number;

generating a merchant signature according to the private key;

and generating a cash register code, wherein the information carried by the cash register code comprises the merchant index number, the first key parameter, the transaction parameter and the merchant signature.

15. An electronic payment method comprising:

the server acquires encrypted acquirer access address information sent by the terminal;

determining a key corresponding to the server;

and paying based on the acquirer access address information.

16. The method according to claim 15, wherein the determining the key corresponding to the server specifically includes:

acquiring a first key parameter sent by the terminal;

acquiring a second key parameter corresponding to the server;

and calculating to obtain a key according to the first key parameter and the second key parameter.

17. A code scanning payment device, comprising:

the code image information acquisition module is used for acquiring code image information;

the code image information analysis module is used for analyzing the code image information to obtain code image analysis information contained in the code image information; the code image analysis information comprises a first key parameter;

the second key parameter acquisition module is used for acquiring a second key parameter;

the key generation module is used for calculating a key according to the first key parameter and the second key parameter;

the ciphertext acquisition module is used for acquiring the encrypted access address information of the acquiring mechanism stored in the block chain link point;

the ciphertext decryption module is used for decrypting the encrypted acquirer access address information by adopting the secret key to obtain acquirer access address information;

18. The apparatus according to claim 17, wherein the ciphertext obtaining module specifically includes:

19. The apparatus of claim 17 or 18, the apparatus further comprising: and the ciphertext sending module is used for sending the encrypted acquirer access address information to a second server of the application used in the payment process if the encrypted acquirer access address information cannot be decrypted by adopting the secret key, so that the second server can complete the payment based on the encrypted acquirer access address information.

20. An information transmission apparatus in a payment process, comprising:

the request receiving module is used for acquiring an information acquisition request sent by the terminal by the block link nodes; the information acquisition request is used for requesting to acquire the access address information of the acquirer;

the information searching module is used for searching the corresponding encrypted access address information of the acquirer on the basis of the information acquisition request; the key used for encrypting the access address information of the acquirer is the same as the key calculated by the terminal according to the first key parameter and the second key parameter; the initial storage device of the first key parameter is different from the initial storage device of the second key parameter;

and the information sending module is used for sending the searched encrypted access address information of the acquirer to the terminal.

21. The apparatus according to claim 20, wherein the information searching module specifically includes:

an index data acquisition unit configured to acquire index data included in the information acquisition request; the index data is generated based on the key and identification information of the payment institution;

and the information searching unit is specifically used for searching the encrypted access address information of the acquirer corresponding to the index data.

22. The apparatus according to claim 21, wherein the information sending module is further configured to send all encrypted acquirer access address information corresponding to the merchant index included in the information acquisition request to the terminal if the information searching unit does not find the encrypted acquirer access address information corresponding to the index data.

23. A generation apparatus of a cash register code, comprising:

the instruction acquisition module is used for acquiring a cash register code generation instruction by the first terminal; the receiving code generating instruction is used for indicating the first terminal to generate a receiving code;

the decentralized identity acquisition module is used for acquiring a decentralized identity of the first terminal;

the decentralized identity sending module is used for sending the decentralized identity to the block chain link points in which the decentralized identity documents are stored;

the merchant information acquisition module is used for acquiring merchant information inquired from the decentralized identity document by the block link point based on the decentralized identity;

the cash register code generating module generates a cash register code based on the merchant information and a pre-stored first key parameter; and the collection code is used for acquiring the encrypted access address information of the acquiring mechanism after being scanned by the second terminal.

24. An electronic payment device comprising:

25. A user terminal, comprising:

at least one processor; and the number of the first and second groups,

the memory stores instructions executable by the at least one processor to enable the user terminal to:

acquiring code image information;

acquiring a second key parameter;

and paying based on the acquirer access address information.

26. A block link point, comprising:

at least one processor; and the number of the first and second groups,

the memory stores instructions executable by the at least one processor to enable the blockchain node to:

27. A terminal, comprising:

at least one processor; and the number of the first and second groups,

the memory stores instructions executable by the at least one processor to enable the terminal to:

acquiring a decentralized identity of the terminal;

28. A server, comprising:

at least one processor; and the number of the first and second groups,

the memory stores instructions executable by the at least one processor to enable the server to:

acquiring encrypted acquirer access address information sent by a terminal;

determining a key corresponding to the server;

and paying based on the acquirer access address information.