CN112669042A

CN112669042A - Payment method, server, user terminal, system and storage medium

Info

Publication number: CN112669042A
Application number: CN202110274046.2A
Authority: CN
Inventors: 刘刚; 彭程; 孙权; 邹震中; 詹成初; 才华
Original assignee: China Unionpay Co Ltd
Current assignee: China Unionpay Co Ltd
Priority date: 2021-03-15
Filing date: 2021-03-15
Publication date: 2021-04-16

Abstract

The application discloses a payment method, a server, a user terminal, a system and a storage medium, and belongs to the field of data processing. The payment method comprises the following steps: providing transaction information to the payment device in response to the payment function being invoked, and enabling the payment device to transmit the transaction information to the authentication authority platform through the information exchange system; and under the condition that the authentication authority platform determines that the authentication judgment information does not meet the preset authentication-free safety condition, receiving a user identity authentication request sent by the trusted service management platform, responding to the user identity authentication request, performing user identity authentication, and transmitting an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform, so that the authentication authority platform determines whether to continuously execute target payment, wherein the authentication judgment information is obtained by the authentication authority platform according to the transaction information and comprises one or more items of account information of a payer, information of a payee and transaction content information. The embodiment of the application can realize flexible and safe payment.

Description

Payment method, server, user terminal, system and storage medium

Technical Field

The present application relates to the field of data processing, and in particular, to a payment method, a server, a user terminal, a system, and a storage medium.

Background

Electronic payment is a technology by which users, merchants, and financial institutions can electronically effect monetary payments or transfer of funds. The payment-related application may be installed in the user terminal, and payment is made by operating the payment-related application. The convenience of electronic payment makes its popularity wider and wider. Due to the wide application field and frequent use of electronic payment, users have higher and higher requirements on electronic payment safety, flexibility and the like.

There is a need in the art for a flexible and secure payment method.

Disclosure of Invention

The embodiment of the application provides a payment method, a server, a user terminal, a system and a storage medium, which can realize flexible and safe payment.

In a first aspect, an embodiment of the present application provides a payment method, which is applied to a user terminal, and the payment method includes: providing transaction information to the payment device in response to the payment function being invoked, such that the payment device transmits the transaction information to the authentication authority platform via the information exchange system; and under the condition that the authentication authority platform determines that the authentication judgment information does not meet the preset authentication-free safety condition, receiving a user identity authentication request sent by the trusted service management platform, responding to the user identity authentication request, performing user identity authentication, and transmitting an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform so that the authentication authority platform determines whether to continuously execute target payment, wherein the authentication judgment information is obtained by the authentication authority platform according to the transaction information and comprises one or more items of account information of a payer, information of a payee and transaction content information.

In a second aspect, an embodiment of the present application provides a payment method, which is applied to a user terminal, and the payment method includes: providing transaction information to the payment device in response to the payment function being invoked, such that the payment device transmits the transaction information to the authentication authority platform via the information exchange system; and under the condition that the authentication authority platform determines that the authentication judgment information meets the preset authentication-free safety condition, the user identity authentication is avoided, wherein the authentication judgment information is obtained by the authentication authority platform according to the transaction information and comprises one or more items of account information of a payer, information of a payee and transaction content information.

In a third aspect, an embodiment of the present application provides a payment method, which is applied to an authentication authority platform, and the payment method includes: receiving transaction information of target payment transmitted by payment equipment through an information exchange system, wherein the transaction information is obtained by interaction between the payment equipment and a user terminal with the invoked payment function; according to the transaction information, acquiring authentication judgment information of the target payment, wherein the authentication judgment information comprises one or more items of payer account information, payee information and transaction content information; and under the condition that the authentication judgment information does not meet the preset authentication-free safety condition, sending an authentication request to the trusted service management platform, wherein the authentication request is used for indicating the trusted service management platform to request user identity authentication from the user terminal, and determining whether target payment is finished or not according to the authentication result of the user identity authentication, and the authentication-free safety condition is used for judging that the safety of the target payment meets the safety standard.

In a fourth aspect, an embodiment of the present application provides a payment method, which is applied to an authentication authority platform, and the payment method includes: receiving transaction information of target payment transmitted by payment equipment through an information exchange system, wherein the transaction information is obtained by interaction between the payment equipment and a user terminal with the invoked payment function; according to the transaction information, acquiring authentication judgment information of the target payment, wherein the authentication judgment information comprises one or more items of payer account information, payee information and transaction content information; and under the condition that the authentication judgment information meets the preset authentication-free safety condition, user identity authentication of the user terminal is avoided, target payment is completed through the information exchange system and the payment processing platform, and the authentication-free safety condition is used for judging that the safety of the target payment reaches the safety standard.

In a fifth aspect, an embodiment of the present application provides a user terminal, including: the output module is used for responding to the awakening of the payment function and providing transaction information to the payment equipment so that the payment equipment transmits the transaction information to the authentication authority platform through the information exchange system; the receiving module is used for receiving a user identity authentication request sent by the trusted service management platform under the condition that the authentication authority platform determines that the authentication judgment information does not meet the preset authentication-free safety condition; the authentication module is used for responding to the user identity authentication request and performing user identity authentication; and the sending module is used for transmitting the authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform so that the authentication authority platform can determine whether to continuously execute the target payment, wherein the authentication judgment information is obtained by the authentication authority platform according to the transaction information and comprises one or more items of account information of a payer, information of a payee and transaction content information.

In a sixth aspect, an embodiment of the present application provides a user terminal, including: the output module is used for responding to the awakening of the payment function and providing transaction information to the payment equipment so that the payment equipment transmits the transaction information to the authentication authority platform through the information exchange system; and the authentication module is used for avoiding user identity authentication under the condition that the authentication authority platform determines that the authentication judgment information meets the preset authentication-free safety condition, wherein the authentication judgment information is obtained by the authentication authority platform according to the transaction information and comprises one or more items of account information of a payer, information of a payee and transaction content information.

In a seventh aspect, an embodiment of the present application provides a server, including: the payment system comprises a receiving module, a payment module and a payment module, wherein the receiving module is used for receiving transaction information of target payment transmitted by payment equipment through an information exchange system, and the transaction information is obtained by interaction between the payment equipment and a user terminal with a payment function being called; the information acquisition module is used for acquiring authentication judgment information of the target payment according to the transaction information, wherein the authentication judgment information comprises one or more of payer account information, payee information and transaction content information; the sending module is used for sending an authentication request to a trusted service management platform under the condition that the authentication judgment information does not meet the preset authentication-free safety condition, wherein the authentication request is used for indicating the trusted service management platform to request user identity authentication from the user terminal, and the authentication-free safety condition is used for judging that the safety of target payment reaches a safety standard; and the processing module is used for determining whether the target payment is finished or not according to the authentication result of the user identity authentication.

In an eighth aspect, an embodiment of the present application provides a server, including: the payment system comprises a receiving module, a payment module and a payment module, wherein the receiving module is used for receiving transaction information of target payment transmitted by the payment device through the information exchange system, and the transaction information is obtained by interaction between the payment device and a user terminal with the invoked payment function; the information acquisition module is used for acquiring authentication judgment information of target payment according to the transaction information, wherein the authentication judgment information comprises one or more items of account information of a payer, information of a payee and transaction content information; and the safety judgment module is used for avoiding user identity authentication of the user terminal under the condition that the authentication judgment information meets the preset authentication-free safety condition, completing target payment through the information exchange system and the payment processing platform, and judging that the safety of the target payment meets the safety standard under the authentication-free safety condition.

In a ninth aspect, an embodiment of the present application provides a user terminal, including: a processor and a memory storing computer program instructions; the processor, when executing the computer program instructions, implements the payment method of the first aspect or the payment method of the second aspect.

In a tenth aspect, an embodiment of the present application provides a server, including: a processor and a memory storing computer program instructions; the processor, when executing the computer program instructions, implements the payment method of the third aspect or the payment method of the fourth aspect.

In an eleventh aspect, an embodiment of the present application provides a payment system, including the user terminal of the ninth aspect and the server of the tenth aspect.

In a twelfth aspect, embodiments of the present application provide a computer-readable storage medium having computer program instructions stored thereon, where the computer program instructions, when executed by a processor, implement the payment method of the first, second, third or fourth aspect.

The application provides a payment method, a server, a user terminal, a system and a storage medium, which enable the user terminal to provide transaction information for payment equipment by calling up a payment function of the user terminal. The transaction information can be transmitted to the authentication authority platform through the information exchange system. And under the condition that the authentication authority platform determines that the authentication judgment information does not meet the preset authentication-free safety condition, the user terminal performs user identity authentication. The authentication judgment information is obtained by the authentication authority platform according to the transaction information and contains safety risk factors for safety risk judgment. The authentication judgment information does not meet the authentication-free safety condition, the target payment is represented as the payment with lower safety and higher risk, and the user identity authentication is required to realize the flexible and safe payment.

The application provides a payment method, a server, a user terminal, a system and a storage medium, which enable the user terminal to provide transaction information for payment equipment by calling up a payment function of the user terminal. The transaction information can be transmitted to the authentication authority platform through the information exchange system. And under the condition that the authentication authority platform determines that the authentication judgment information meets the preset authentication-free safety condition, the user terminal avoids user identity authentication. The authentication judgment information is obtained by the authentication authority platform according to the transaction information and contains safety risk factors for safety risk judgment. The authentication judgment information meets the authentication-free safety condition, the target payment is represented as the payment with higher safety and smaller risk, and the user identity authentication is not needed, so that the flexible and safe payment is realized.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the embodiments of the present application will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.

Fig. 1 is a schematic view of an example of a payment method provided in an embodiment of the present application;

FIG. 2 is a flowchart of an embodiment of a payment method applied to an authentication authority platform provided in the present application;

FIG. 3 is a flowchart of another embodiment of a payment method applied to an authentication authority platform provided in the present application;

fig. 4 is a flowchart of an embodiment of a payment method applied to a user terminal provided in the present application;

fig. 5 is a flowchart of another embodiment of a payment method applied to a user terminal provided in the present application;

FIG. 6 is a flow chart of an example of a payment process provided by embodiments of the present application;

FIG. 7 is a schematic structural diagram of an embodiment of a server provided in the present application;

FIG. 8 is a schematic structural diagram of another embodiment of a server provided by the present application;

fig. 9 is a schematic structural diagram of an embodiment of a user terminal provided in the present application;

fig. 10 is a schematic structural diagram of another embodiment of a user terminal provided in the present application;

FIG. 11 is a diagram illustrating a hardware configuration of an embodiment of a server provided in the present application;

fig. 12 is a schematic hardware structure diagram of an embodiment of a user terminal provided in the present application.

Detailed Description

Features and exemplary embodiments of various aspects of the present application will be described in detail below, and in order to make objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be understood that the specific embodiments described herein are intended to be illustrative only and are not intended to be limiting. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by illustrating examples thereof.

With the development of electronic payment technology, the popularization range of electronic payment is wider and wider. In order to ensure the payment safety, the user terminal requires the user to perform authentication first in the process of using electronic payment by the user. And under the condition that the identity authentication is successful, providing the payment information so that the payment equipment can acquire the payment information and pay by using the payment information. However, since the user terminal requires the user to perform authentication for each payment, the payment process is complicated and the time spent is long.

The application provides a payment method, a server, a user terminal, a system and a storage medium, transaction information is provided firstly in the payment process, whether the safety degree of the payment reaches the safety standard required by the authentication-free safety condition or not is judged according to the transaction information, and the user identity authentication of the payment is avoided and the payment process is carried out under the condition that the safety degree of the payment reaches the safety requirement; and carrying out the user identity authentication of the payment under the condition that the safety degree of the payment does not reach the safety standard, and carrying out the payment process under the condition that the user identity authentication is passed. Therefore, the complexity of the payment process is reduced under the condition of ensuring the safety of payment.

The payment method provided by the application can relate to a user terminal, payment equipment, an information exchange system, an authentication authority platform, a trusted service management platform, a payment processing platform and the like. Fig. 1 is a scene schematic diagram of an example of a payment method provided in an embodiment of the present application. As shown in fig. 1, the user terminal 11 may interact with the payment device 12. The payment device 12 may interact with the information exchange system 13. The information exchange system 13 can perform information interaction with the authentication authority platform 14 and the payment processing platform 15. The certification authority platform 14 may exchange information with a Trusted Service Manager (TSM) 16. The trusted service management platform 16 may interact with the user terminal 11 for information.

The user terminal 11 may include, but is not limited to, a mobile phone, a tablet computer, a wearable device, and other devices having a payment function. A payment application may be installed in the user terminal 11, and the user may perform payment by operating the user terminal.

The payment device 12 may include a point of sale (POS) device or the like. The payment device 12 may support Near Field Communication (NFC) payment function, scanning payment function, card payment function, and the like, but is not limited thereto.

Information exchange system 13 is located between payment device 12 and authentication rights platform 14 to enable the interaction of information between payment device 12 and authentication rights platform 14. In some examples, the information exchange system 13 may include, without limitation, an order taking device 131, an online server 132, an information exchange server 133, and the like. The online server 132 and the order receiving device 131 may be directly connected to the payment device 12 to obtain the transaction information of the order receiving device 131. The information of the payment device 12 may be transmitted to the authentication authority platform 14 through the acquiring device 131, the online server 132, and the information exchange server 133 in sequence.

The authentication authority Platform 14 may be a Platform integrating a Token Service Platform (TSP) function and an authentication determination function, and may also include an authentication Service Platform and an authentication determination Platform, which are not limited herein. Where authentication authority platform 14 includes a TSP and an authentication decision platform, the authentication decision platform may interact with the TSP for information.

The payment processing platform 15 may include, but is not limited to, a back-office server of a bank or other financial institution, etc. The information of the payment processing platform 15 may be transmitted to the payment apparatus 12 through the information exchange server 133, the online server 132, and the acquiring apparatus 131 in sequence. The authentication authority platform 14 may perform information interaction with the payment processing platform 15 through the information exchange server 133.

The following describes a payment method applied to the authentication authority platform and the user terminal, respectively.

The application provides a payment method which is applied to an authentication authority platform. The authentication authority platform may specifically be the authentication authority platform 14 in the above embodiment. Fig. 2 is a flowchart of an embodiment of a payment method applied to an authentication authority platform provided in the present application. As shown in fig. 2, the payment method may include steps S201 to S203.

In step S201, transaction information of target payment transmitted by the payment device through the information exchange system is received.

The target payment is the current payment. The transaction information is obtained by the payment device interacting with the user terminal whose payment function is invoked. That is, the payment function of the user terminal is invoked, so that the user terminal can interact with the payment device to provide transaction information to the payment device. The payment equipment sends the acquired transaction information to the information exchange system, and the information exchange system sends the transaction information to the authentication authority platform.

The information related to payment provided by the transaction information to the user terminal may include payer information of the target payment, and the payer information may include payment card information of the user, such as payment identifier Token, personalization data, and the like, which is not limited herein. The transaction information may also include payment content information, payee information, etc., without limitation.

In step S202, authentication judgment information of the target payment is acquired based on the transaction information.

The authentication determination information may be used to make an authentication-free security determination. The authentication decision information may include, but is not limited to, one or more of payer account information, payee information, transaction content information.

The payer account information is associated with the payer. For example, the payer account information may include a payment identification Token. The payment identifier Token is an identifier for making a payment. The payment identifier Token is an alternative value of the payer account and can be composed of 13 to 19 digits, and the payment using the payment identifier Token can improve the security of the payment.

The payee information is related to the payee. For example, where the payee is a merchant, the payee information may include, but is not limited to, information related to the size, credit, amount registered, type of registration, etc. of the merchant.

The payment content information is related to the payment. For example, the payment content information may include, but is not limited to, information related to the amount of money paid this time, goods, and the like.

In the case where the authentication determination information includes payer account information, step S202 may be specifically subdivided into: acquiring a payment identifier Token from the transaction information; carrying out de-identification processing on the payment identifier Token to obtain a payer account corresponding to the payment identifier Token; payer account information corresponding to the payer account is acquired.

The payment identifier Token is obtained by identifying the account number of the payer account. And (4) carrying out de-identification processing on the payment identifier Token to obtain an account number of the payer account so as to determine the payer account. After determining the payer account, payer account information corresponding to the payer account may be obtained.

In some examples, the payer account information may include, but is not limited to, transaction history data for the payer account and/or a credit rating for the payer account. The transaction history data of the payer account may include, but is not limited to, a historical payment number, a historical payment amount, etc. of the payer account. The credit rating of the payer account may be determined based on the behavior of the payer account, historical data, and the like. A higher credit rating for a payer account indicates a higher credit for the payer account.

Payee information is information related to the payee. The payee may be a merchant or an individual, but is not limited thereto. In some examples, the payee information includes one or more of payee registration information, payee activity area, payee credit rating. Payee registration information is information provided by the payee at the registration and may include, but is not limited to, payee name, payee type, payee address, payee registered funds, payee extent. The payee active area may be a set of locations where the payee is located during the payment process, and may be determined from location information of the payee's payment device. The payee credit rating may be determined based on the payee's behavior, historical data, etc. A higher credit rating for the payee indicates a higher credit for the payee.

The transaction content information characterizes the content of the payment. In some examples, the transaction content information may include a transaction amount and/or a transaction merchandise type. The transaction commodity type is a type of commodity obtained by payment, and the commodity may be an object or a service, and is not limited herein. For example, the transaction merchandise types may include a food class, an apparel class, a luxury class, a recharge class, a travel class, and the like.

In step S203, in the case that the authentication determination information satisfies the preset authentication-free security condition, the user identity authentication of the user terminal is avoided, and the target payment is completed through the information exchange system and the payment processing platform.

The authentication-free safety condition is used for judging that the safety of target payment reaches a safety standard. The authentication judgment information meets the authentication-free safety condition, and the safety of target payment reaches the safety standard, namely the safety of the target payment is approved, so that the process of carrying out user identity authentication on the user terminal is omitted, and the subsequent process of payment can be directly carried out.

The authentication-free security condition may be set according to specific scenarios and requirements, and is not limited herein. The authentication-free security condition may include one or more of the following conditions, but it should be noted that the authentication-free security condition in the embodiment of the present application is not limited to the following conditions.

The first condition is as follows: the transaction history data characterizes the number of payments by the payer account within a first preset length of time exceeding a first number threshold.

The transaction history data includes data related to historical transactions of the payer account, such as payment time, payment amount, and the like. The fact that the payment times of the payer account in the first preset time length exceed the first time threshold indicates that the payer account has made payment in a period of time before the target payment, and the payment frequency is stable, so that the target payment is considered to be high in safety and low in risk.

The first preset time period may be set according to a specific scenario and a requirement, and is not limited herein. For example, the first preset duration may be 1 month. The first time threshold may be set according to specific scenarios and requirements, and is not limited herein. For example, the first count threshold is 2 times.

And a second condition: the transaction history data represents that the payment times within a second preset time length from the target payment initiating time do not reach a second time threshold value.

The transaction history data includes data related to historical transactions of the payer account, such as payment time, payment amount, and the like. When the number of payments within the second preset time from the target payment initiation time reaches the second time threshold, the payment is frequently and continuously carried out by the account of the payer, so that the fraudulent payment caused by the loss of the user terminal is possible, the target payment is possibly unsafe payment, and the risk is high. On the contrary, the payment times within the second preset time from the target payment initiating time do not reach the second time threshold value, which indicates that the frequent continuous payment of the account of the payer does not occur, and the target payment is considered to be safer and the risk is lower.

The second preset time period may be set according to a specific scenario and a requirement, and is not limited herein. But the second preset time period may be set to a shorter time period in order to be able to accurately recognize the frequent consecutive payments. The second preset time is shorter than the first preset time. For example, the second preset time period may be 1 hour. The second threshold may be set according to specific scenarios and requirements, and is not limited herein. For example, the second decimal threshold may be 3.

And (3) carrying out a third condition: the transaction history data characterizes that an amount of the payment exempted from the user identity authentication accumulates to not reach a first safe amount threshold.

The transaction history data comprises relevant data of the historical transaction of the account of the payer, such as payment time, payment amount, whether the historical transaction is authentication-free payment or not and the like. The first safety amount threshold is a safety standard for limiting the accumulated amount, and may be set according to a specific scene and a specific demand, or may be set according to an accumulated time length, which is not limited herein.

The payment sum of the payer account free of the user identity authentication reaches a first safety sum threshold, which indicates that the sum of the payment sum of the payer account is larger, the payment safety is reduced, and the risk is larger. And otherwise, the accumulated amount of the payment of the payer account, which is exempted from the user identity authentication, does not reach the first safety amount threshold value, which indicates that the accumulated amount of the payment of the payer account is not large, the payment is considered to be safe, and the risk is small.

The amount of the payment exempted from the user authentication may be specifically an amount of the payment exempted from the user authentication accumulated over a period of time, and the period of time is not limited herein.

And a fourth condition: the credit rating of the payer account is higher than the user's standard credit rating.

The user standard credit rating is a credit rating that defines a security standard, and may be set according to a scene and a demand, and is not limited herein. The credit rating of the payer account is higher than the user standard credit rating, which indicates that the credit of the payer account is better, and the payment of the payer account is considered to be higher in safety and lower in risk.

And a fifth condition: the payee registration information includes payee names in a preset payee white list.

The white list of the payee may be predetermined. The payee names in the payee white list are the payees with higher security. The payee name is in the payee white list, indicating that the security of the payee who pays is high, and considering that the payment related to the payee is safe and the risk is low.

And a sixth condition: the payee registration information includes payee registration funds above the secure registration funds threshold.

The safe registration fund threshold is a registration fund value defining a safety standard, and may be set according to a specific scenario and a requirement, and is not limited herein. The payee registered funds are above the secure registered funds threshold, indicating that the payee credits are high and that the payment associated with the payee is considered to be secure and less risky.

A seventh condition: the payee registration information includes payee operation range in the preset operation range white list.

The operation range of the payee can represent the commodity category, variety and service item operated by the payee. The operation range white list can be preset, and the operation range included in the operation range white list is an operation range with higher safety. The operation range of the payee is in the preset operation range white list, which indicates that the security of the payee is higher, and the payment related to the payee is considered to be safer and has less risk.

And the eighth condition: the payee active area is a fixed area.

The payee or the general activity area is a floating area, i.e. the payee has an indefinite location and may be a floating merchant, indicating that the security of the payee is low, and that the security of the payment associated with the payee is considered to be low and the risk is high. On the contrary, the payee is a fixed area, i.e. the payee is located at a fixed location, e.g. a fixed merchant indicates that the security of the payee is high, and the payment related to the payee is considered to be safe and the risk is low.

The conditions are nine: the payee credit rating is higher than the payee standard credit rating.

The payee standard credit rating is a credit rating that defines a security standard, and may be set according to a scene and a demand, and is not limited herein. The payee credit rating is higher than the payee standard credit rating, indicating that the payee's credit is better, and that the payment associated with the payee is considered safer and less risky.

And (2) a condition of ten: the transaction amount paid by the target is below a second safe amount threshold.

The second safety amount threshold is a safety standard for limiting the transaction amount of a single payment, and may be set according to specific scenarios and requirements, and is not limited herein. The transaction amount is lower than the second safe amount threshold value, which indicates that the payment is small payment, and the payment is considered to be safe and the risk is small.

The condition eleven: the transaction commodity type is in a preset commodity type white list.

The white list of merchandise types may be predetermined. The commodity types in the commodity type white list are the commodity types with higher safety. The transaction commodity type is in the commodity type white list, which shows that the payment is safe and the risk is low.

The above conditions may be used singly or in combination, and are not limited herein. In the case of using the above-mentioned at least two conditions in combination, it is necessary to satisfy the at least two conditions at the same time to dispense with the user authentication of the user terminal.

For example, the authentication-exempt security condition includes the above-described condition nine and condition ten, and the second security amount threshold is 300 dollars. And in the case that the payee credit level of a certain payment is higher than the payee standard credit level, and the transaction amount of the certain payment is lower than 300 yuan, the user identity authentication of the user terminal by the certain payment is avoided. In case that a payee credit rating of a certain payment is higher than a payee standard credit rating, but the transaction amount of the payment is higher than 300 yuan, the payment needs to be authenticated as a user identity of the user terminal.

For another example, the authentication-exempt security condition includes the above condition ten and condition eleven, and the second security amount threshold value is 1 ten-thousand dollars. Under the condition that the transaction amount paid for a certain time is lower than 1 ten-thousand yuan and the transaction commodity type trip class paid for the time is in the preset commodity type white list, the user identity authentication of the payment for the user terminal can be avoided. In the case where the transaction amount of a certain payment is higher than 1 ten-thousand dollars and/or the transaction goods type luxury class of the certain payment is not in the preset goods type white list, the payment needs to be authenticated by the user identity of the user terminal.

For another example, the authentication-free security condition includes the above condition two and condition ten, the second preset time length is 1 hour, the second time threshold is 3, and the second security amount threshold is 1000 yuan. And under the condition that the transaction amount of a certain payment is less than 1000 yuan, the payment times within 1 hour before the payment is 0 and is less than the second time threshold value, the user identity authentication of the payment to the user terminal can be avoided. And under the condition that the transaction amount paid for a certain time is lower than 1000 yuan, but the payment times within 1 hour before the payment is 3 times and the second time threshold value is reached, the payment needs to carry out user identity authentication on the user terminal.

This is not illustrated here. The condition combination is used as the authentication-free safety condition, so that the flexibility of authentication-free safety judgment is improved, the compatibility of payment in various fields is also improved, and the method can be adapted to application fields such as bank cards and bus cards.

Specifically, in the case of exempting the user identity authentication of the user terminal, the authentication authority platform may send a payment notification to the information exchange system, and the information exchange system may send the payment notification to the payment processing platform, so that the payment processing platform completes the deduction of the account of the payer. The payment processing platform can also transmit the payment result to the payment equipment through the information exchange system to prompt that the payment is finished.

In the embodiment of the application, the user terminal is enabled to provide transaction information to the payment device by calling up the payment function of the user terminal. The transaction information can be transmitted to the authentication authority platform through the information exchange system. And under the condition that the authentication authority platform determines that the authentication judgment information meets the preset authentication-free safety condition, the user terminal avoids user identity authentication. The authentication judgment information is obtained by the authentication authority platform according to the transaction information and contains safety risk factors for safety risk judgment. The authentication judgment information meets the authentication-free safety condition, the target payment is represented as the payment with higher safety and smaller risk, and the user identity authentication is not needed, so that the flexible and safe payment is realized.

Moreover, under the condition that the authentication judgment information meets the authentication-free safety condition, namely the target payment is considered to be the payment with higher safety and smaller risk, the user identity authentication is avoided, namely the flow of the user identity authentication is omitted, the payment process can be simplified on the basis of ensuring the payment safety, and the payment efficiency is improved.

In other embodiments, in the case of low payment security and high risk, in order to ensure the payment security, user identity authentication of the user terminal needs to be performed. Fig. 3 is a flowchart of another embodiment of a payment method applied to an authentication authority platform provided in the present application. Fig. 3 differs from fig. 2 in that the payment method shown in fig. 3 may further include step S204 and/or step S205.

In step S204, when the authentication determination information does not satisfy the authentication-exempt security condition, an authentication request is sent to the trusted service management platform, and whether to complete the target payment is determined according to the authentication result of the user identity authentication.

The authentication judgment information does not meet the authentication-free safety condition, which means that the safety of the target payment does not meet the safety standard, i.e. the safety of the target payment is low and the risk is high, and in order to ensure the payment safety, the user identity authentication of the user terminal still needs to be carried out.

The authentication request is used for indicating the trusted service management platform to request the user identity authentication from the user terminal. After the user terminal performs user identity authentication, the user terminal transmits an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform. The authentication authority platform can determine whether to continue the subsequent process of target payment according to the authentication record.

And under the condition that the authentication authority platform determines that the authentication judgment information does not meet the preset authentication-free safety condition, the user terminal performs user identity authentication. The authentication judgment information is obtained by the authentication authority platform according to the transaction information and contains safety risk factors for safety risk judgment. The authentication judgment information does not meet the authentication-free safety condition, the target payment is represented as the payment with lower safety and higher risk, and the user identity authentication is required to realize the flexible and safe payment.

In step S205, when the user identity authentication of the user terminal in the last payment of the target payment fails, an authentication request is sent to the trusted service management platform, and whether the target payment is completed is determined according to an authentication result of the user identity authentication.

The authentication authority platform can record whether the user identity authentication is carried out on each payment and whether the user identity authentication is successful. The user identity authentication of the user terminal in the last payment of the target payment fails, which indicates that a embezzlement behavior caused by the loss of the mobile phone may exist, and the target payment has low security and high risk, so the user identity authentication of the user terminal is required. The trusted service management platform may request the user identity authentication from the user terminal by sending an authentication request to the trusted service management platform. After the user terminal performs user identity authentication, the user terminal transmits an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform. The authentication authority platform can determine whether to continue the subsequent process of target payment according to the authentication record.

In the above embodiments, the authentication result may characterize authentication success or authentication failure. Successful authentication means that the user identity authentication is passed. Authentication failure indicates that the user authentication failed. The authentication authority platform can receive an authentication result acquired by the trusted service management platform from the user terminal. And under the condition that the authentication result represents that the authentication is successful, continuously executing the target payment through the information exchange system and the payment processing platform. For specific contents of continuing to perform the target payment, reference may be made to the related description in the above embodiments, and details are not described herein again. And under the condition that the authentication result represents that the authentication fails, terminating the target payment so as to avoid malicious payment and ensure the payment safety.

Step S203, step S204 and step S205 in the above embodiments are independent of each other, and each may be combined with step S201 and step S202, and is not limited herein.

The application provides a payment method which can be applied to a user terminal. The user terminal may specifically be the user terminal 11 in the above embodiment. Fig. 4 is a flowchart of an embodiment of a payment method applied to a user terminal according to the present application. As shown in fig. 4, the payment method may include step S301 and step S302.

In step S301, in response to the payment function being invoked, transaction information is provided to the payment device, so that the payment device transmits the transaction information to the authentication authority platform through the information exchange system.

In some examples, the payment function may include, but is not limited to, an NFC payment function and/or a graphic code payment function. The user terminal can provide transaction information to the payment device through an NFC mode or a mode of providing a graphic code.

Specifically, the user terminal may determine a payment function supported by the user terminal in response to the call-out operation, call the payment function supported by the user terminal, and interact with the payment device to provide transaction information. The manner of invoking the payment function of the user terminal is not limited herein. Correspondingly, the call-up operation includes, but is not limited to, approaching the user terminal to the payment device, a predetermined operation performed on a predetermined structure of the user terminal, an operation on a payment application installed in the user terminal, or the like.

In some examples, the payment function of the user terminal is invoked upon bringing the user terminal close to the payment device. For example, the payment device is a POS device, when the user terminal approaches the POS device, the NFC function of the user terminal is automatically invoked, and the user terminal may display a payment function interface, thereby implementing invocation of the NFC payment function.

In other examples, the user terminal receives a predetermined operation of a predetermined structure of the user terminal by a user, and in response to the predetermined operation, a payment function of the user terminal is invoked. For example, in a case where the user terminal receives a double-click operation of the user on a power key of the user terminal, the NFC function of the user terminal is automatically woken up to display a payment function interface, or the user terminal automatically displays a payment function interface including a payment graphic code.

In still other examples, the user terminal receives an operation of a payment application installed in the user terminal, in response to which a payment function of the user terminal is invoked. For example, a user opens a payment application installed in a user terminal, and when a click operation of a payment function button in the payment application by the user is received, the NFC function of the user terminal is automatically woken up to display a payment function interface, or the user terminal automatically displays the payment function interface including a payment graphic code.

Before the user terminal provides the transaction information to the payment device, the account of the payer for performing the target payment can be selected through a selection operation. The payer account may include, but is not limited to, a bank card, a bus card, etc. The selection operation may be omitted if a default payer account is used for payment.

For example, the payment function includes an NFC payment function. After the user terminal is close to the payment device and the NFC payment function of the user terminal is aroused, the user terminal can be far away from the payment device to carry out selection operation, and after a payer account for payment is selected, the user terminal is close to the payment device to provide transaction information.

As another example, the payment function includes a graphic code payment function. After the graphic code payment function of the user terminal is invoked, the payment party account can be changed on the payment function interface, and after the payment party account for payment is selected, the payment graphic code related to the payment party account is generated and displayed.

For the details of the transaction information and the information exchange system, reference may be made to the related description in the above embodiments, which is not repeated herein.

In step S302, the authentication authority platform eliminates the user identity authentication when determining that the authentication determination information satisfies the preset authentication-free security condition.

The authentication determination information is obtained by the authentication authority platform according to the transaction information, and specific contents may refer to relevant descriptions in the above embodiments, which are not described herein again.

In some examples, the payer account information may include, but may not be limited to, transaction history data for the payer account and/or a credit rating for the payer account.

Payee information may include, but is not limited to, one or more of payee registration information, payee activity area, payee credit rating.

The transaction content information may include, but is not limited to, transaction amount and/or transaction merchandise type.

In some examples, the authentication-free security condition may include, but is not limited to, one or more of:

the transaction history data represents that the payment times of the payer account in a first preset time length exceed a first time threshold;

the transaction historical data represents that the payment times within a second preset time from the target payment initiating time do not reach a second time threshold value, and the second preset time is smaller than the first preset time;

the transaction historical data represents that the accumulated amount of the payment for avoiding the user identity authentication does not reach a first safe amount threshold value;

the credit rating of the payer account is higher than the user's standard credit rating;

the name of the payee included in the payee registration information is in a preset payee white list;

the payee registration information includes payee registration funds that are above the secure registration funds threshold;

the operation range of the payee included in the payee registration information is in a preset operation range white list;

the payee active area is a fixed area;

the payee credit rating is higher than the payee standard credit rating;

the transaction amount paid by the target is lower than the second safe amount threshold;

the transaction commodity type is in a preset commodity type white list.

For the details of the payer account information, the payee information, the transaction content information, the authentication-exempt security condition, and whether the authentication determination information satisfies the preset authentication-exempt security condition determined by the authentication authority platform, reference may be made to the relevant description in the above embodiments, and details are not repeated here.

The user identity authentication method may be set according to specific scenarios and requirements, and is not limited herein. In some examples, user identity authentication may include, but is not limited to, biometric authentication and/or personal identification password authentication. The biometric authentication may include one or more of face recognition authentication, fingerprint recognition authentication, voice print recognition authentication, palm print recognition authentication, iris recognition authentication, and the like. The Identification password used in the Personal Identification password authentication may be a Personal Identification Number (PIN) or other password.

In the embodiment of the application, in response to the payment function being invoked, the user terminal is enabled to provide transaction information to the payment device by invoking the payment function of the user terminal. And under the condition that the authentication authority platform determines that the authentication judgment information does not meet the preset authentication-free safety condition, the user terminal performs user identity authentication. The authentication judgment information is obtained by the authentication authority platform according to the transaction information and contains safety risk factors for safety risk judgment. The authentication judgment information does not meet the authentication-free safety condition, the target payment is represented as the payment with lower safety and higher risk, and the user identity authentication is required to realize the flexible and safe payment.

In other embodiments, in the case of low payment security and high risk, in order to ensure the payment security, user identity authentication of the user terminal needs to be performed. Fig. 5 is a flowchart of another embodiment of a payment method applied to a user terminal according to the present application. Fig. 5 is different from fig. 4 in that the payment method shown in fig. 5 may further include step S303 and step S304.

In step S303, when the authentication authority platform determines that the authentication determination information does not satisfy the preset authentication-free security condition, the user identity authentication request sent by the trusted service management platform is received, the user identity authentication is performed in response to the user identity authentication request, and an authentication result of the user identity authentication is transmitted to the authentication authority platform through the trusted service management platform, so that the authentication authority platform determines whether to continue to execute the target payment.

The user identity authentication request indicates the user terminal to perform user identity authentication. The user identity authentication request may be a request generated by the trusted service management platform according to the authentication request sent by the authentication authority platform, or may be an authentication request sent by the authentication authority platform, which is not limited herein.

For specific contents of the authentication determination information not meeting the preset authentication-exempting security condition and the continuation or termination of the target payment, reference may be made to the relevant description in the above embodiments, and details are not described herein again.

In step S304, under the condition that the user identity authentication of the user terminal in the last payment of the target payment fails, the user identity authentication request sent by the trusted service management platform is received, the user identity authentication is performed in response to the user identity authentication request, and the authentication result of the user identity authentication is transmitted to the authentication authority platform through the trusted service management platform, so that the authentication authority platform determines whether to continue to execute the target payment.

The content of the user identity authentication request can refer to the related description in step S303, and is not described herein again.

For details of the failure of the user identity authentication of the user terminal in the last payment of the target payment and the continuation or termination of the target payment, reference may be made to the relevant description in the above embodiments, and details are not described herein again.

The authentication result in the above embodiment represents authentication success or authentication failure. In case the authentication result indicates that the authentication is successful, the target payment may be continued to be executed. In case the authentication result characterizes an authentication failure, the target payment is terminated.

Step S302, step S303 and step S304 in the above embodiments are independent of each other, and each may be combined with step S301, and is not limited herein.

For convenience of description, the following describes an example of a payment process in which the information exchange system includes an order receiving device, an online server, an information exchange server, and a payment function, which is an NFC payment function. Fig. 6 is a flowchart of an example of a payment process provided in an embodiment of the present application. As shown in fig. 6, the payment process may include steps S401 to S426.

In step S401, the user terminal receives a user call-up operation.

In step S402, the user terminal responds to the call operation and calls the NFC payment function; if the user uses the non-default card to pay, executing step S403; the user makes a payment using the default card, step S405 is performed.

In step S403, the user terminal receives a card selection operation of the user.

In step S404, the user terminal selects a payment card in response to the card selection operation, and step S405 is performed.

In step S405, the user terminal provides transaction information to the payment device.

In step S406, the payment device transmits the transaction information to the order taking device.

In step S407, the order receiving device transmits the transaction information to the online server.

In step S408, the online server transmits the transaction information to the information exchange server.

In step S409, the information exchange server transmits the transaction information to the authentication authority platform.

In step S410, the authentication authority platform obtains the payment identifier Token from the transaction information, and performs de-identification on the payment identifier Token to obtain the account of the payer.

In step S411, the authentication authority platform determines whether to release the user identity authentication of the user terminal according to the information of the payer account and other information in the transaction information; step S412 is executed without user identity authentication; step S420 is performed without user authentication.

In step S412, the authentication authority platform sends an authentication request to the trusted service management platform.

In step S413, the trusted service management platform sends an authentication request to the user terminal.

In step S414, the user terminal initiates authentication to the user and receives an authentication input from the user.

In step S415, the user terminal performs user identity authentication according to the authentication input, and obtains an authentication result.

In step S416, the user terminal sends the authentication result to the trusted service management platform.

In step S417, the trusted service management platform sends the authentication result to the authentication authority platform.

In step S418, the authentication authority platform determines an authentication result; the authentication result represents authentication failure, the payment is terminated, and step S419 is executed; the authentication result indicates that the authentication is successful, and step S420 is executed.

In step S419, the authentication authority platform sends a payment failure message to the payment device.

In step S420, the authentication authority platform sends a transaction execution message to the information exchange server, and continues to execute the payment.

In step S421, the information exchange server transmits the transaction information to the payment processing platform in response to the transaction execution message.

In step S422, the payment processing platform deducts money according to the transaction information.

In step S423, the payment processing platform sends a payment success message to the information exchange server.

In step S424, the payment processing platform sends a payment success message to the online server.

In step S425, the online server sends a payment success message to the order taking device.

In step S426, the order taking device sends a payment success message to the payment device.

The details of the steps S401 to S426 can refer to the related descriptions in the above embodiments, and are not repeated herein.

The present application provides a server, which can be regarded as the authentication authority platform in the above embodiments. Fig. 7 is a schematic structural diagram of an embodiment of a server provided in the present application. As shown in fig. 7, the server 500 may include a receiving module 501, an information obtaining module 502, and a security determination module 503.

The receiving module 501 may be configured to receive transaction information of target payment transmitted by the payment device through the information exchange system.

The transaction information is obtained by the payment device interacting with the user terminal whose payment function is invoked.

The information obtaining module 502 may be configured to obtain authentication determination information of the target payment according to the transaction information.

The authentication judgment information includes one or more of payer account information, payee account information, and transaction content information.

In some examples, the payer account information includes transaction history data for the payer account and/or a credit rating for the payer account.

The payee information includes one or more of payee registration information, payee activity area, payee credit rating.

The transaction content information includes a transaction amount and/or a transaction commodity type.

The security determination module 503 may be configured to, in a case that the authentication determination information satisfies a predetermined authentication-free security condition, avoid user identity authentication for the user terminal, so as to complete target payment through the information exchange system and the payment processing platform.

The authentication-free safety condition is used for judging that the safety of target payment reaches a safety standard.

In some examples, the authentication-exempt security condition includes one or more of:

the payee active area is a fixed area;

the payee credit rating is higher than the payee standard credit rating;

the transaction commodity type is in a preset commodity type white list.

In the embodiment of the application, the user terminal is enabled to provide transaction information to the payment device by calling up the payment function of the user terminal. The transaction information can be transmitted to the server, namely the authentication authority platform, through the information exchange system. And under the condition that the server determines that the authentication judgment information meets the preset authentication-free safety condition, the user terminal avoids user identity authentication. The authentication judgment information is obtained by the server according to the transaction information and contains a safety risk factor for safety risk judgment. The authentication judgment information meets the authentication-free safety condition, the target payment is represented as the payment with higher safety and smaller risk, and the user identity authentication is not needed, so that the flexible and safe payment is realized.

In some examples, the authentication decision information includes payer account information.

The information obtaining module 502 may be configured to: acquiring a payment identifier Token from the transaction information; carrying out de-identification processing on the payment identifier Token to obtain a payer account corresponding to the payment identifier Token; payer account information corresponding to the payer account is acquired.

Fig. 8 is a schematic structural diagram of another embodiment of a server provided in the present application. Fig. 8 is different from fig. 7 in that the server shown in fig. 8 may further include a transmitting module 504 and a processing module 505.

In some examples, the sending module 504 may be configured to send the authentication request to the trusted service management platform if the authentication determination information does not satisfy the authentication-exempt security condition.

The authentication request is used for indicating the trusted service management platform to request the user identity authentication from the user terminal.

The processing module 505 may be configured to determine whether to complete the target payment according to an authentication result of the user identity authentication.

In some examples, the sending module 504 may be configured to send the authentication request to the trusted service management platform in case that the user identity authentication of the user terminal fails in the last payment of the target payment.

The processing module 505 may be configured to determine whether to complete the target payment according to an authentication result of the user identity authentication when the user identity authentication of the user terminal in the last payment of the target payment fails.

In some examples, the receiving module 501 may further be configured to receive an authentication result obtained by the trusted service management platform from the user terminal.

The processing module 505 may be configured to continue to execute the target payment through the information exchange system and the payment processing platform if the authentication result represents that the authentication is successful; and terminating the target payment if the authentication result represents that the authentication fails.

In this embodiment of the application, the server 500 may include the receiving module 501, the information obtaining module 502, the sending module 504, and the processing module 505 in the above embodiments, which is not limited herein.

The application provides a user terminal. Fig. 9 is a schematic structural diagram of an embodiment of a user terminal provided in the present application. As shown in fig. 9, the user terminal 600 may include an output module 601 and an authentication module 602.

The output module 601 may be configured to provide transaction information to the payment device in response to the payment function being invoked, so that the payment device transmits the transaction information to the authentication authority platform through the information exchange system.

The authentication module 602 may be configured to avoid user identity authentication when the authentication authority platform determines that the authentication determination information satisfies the predetermined authentication-free security condition.

The authentication judgment information is obtained by the authentication authority platform according to the transaction information and can comprise one or more items of payer account information, payee information and transaction content information.

the payee active area is a fixed area;

the payee credit rating is higher than the payee standard credit rating;

the transaction commodity type is in a preset commodity type white list.

In the embodiment of the application, the user terminal is enabled to provide transaction information to the payment device by calling up the payment function of the user terminal. The transaction information can be transmitted to the authentication authority platform, namely the server, through the information exchange system. And under the condition that the authentication authority platform determines that the authentication judgment information meets the preset authentication-free safety condition, the user terminal avoids user identity authentication. The authentication judgment information is obtained by the authentication authority platform according to the transaction information and contains safety risk factors for safety risk judgment. The authentication judgment information meets the authentication-free safety condition, the target payment is represented as the payment with higher safety and smaller risk, and the user identity authentication is not needed, so that the flexible and safe payment is realized.

In some examples, the output module 601 may be to: determining a payment function supported by the user terminal in response to the call-up operation; and evoking a payment function supported by the user terminal, and interacting with the payment device to provide transaction information.

The payment function comprises a near field communication payment function and/or a graphic code payment function. The call-up operation includes approaching the user terminal to the payment apparatus, a predetermined operation on a predetermined structure of the user terminal, or an operation on a payment application installed in the user terminal.

Fig. 10 is a schematic structural diagram of another embodiment of a user terminal according to a fourth aspect of the present application. Fig. 10 is different from fig. 9 in that the user terminal 600 shown in fig. 10 may further include a receiving module 603 and a transmitting module 604.

In some examples, the receiving module 603 may be configured to receive a user identity authentication request sent by the trusted service management platform, where the authentication authority platform determines that the authentication determination information does not satisfy the preset authentication-free security condition.

The authentication module 602 may be further configured to perform user identity authentication in response to the user identity authentication request.

The sending module 604 may be configured to transmit an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform, so that the authentication authority platform determines whether to continue to perform the target payment.

In some examples, the receiving module 603 may be configured to receive the user identity authentication request sent by the trusted service management platform in a case that the user identity authentication of the user terminal in the last payment of the target payment fails.

The authentication module 602 may be further configured to perform user identity authentication in response to the user identity authentication request when the user identity authentication of the user terminal in the last payment of the target payment fails.

The sending module 604 may be configured to, in a case that the user identity authentication of the user terminal in the last payment of the target payment fails, transmit an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform, so that the authentication authority platform determines whether to continue to execute the target payment.

In some examples, the authentication result may characterize an authentication success or an authentication failure.

In some examples, user identity authentication may include biometric authentication and/or personal identification password authentication.

The application provides a server. Fig. 11 is a schematic hardware structure diagram of an embodiment of a server provided in the present application. As shown in fig. 11, server 700 includes a memory 701, a processor 702, and computer program instructions stored on memory 701 and executable on processor 702.

In one example, the processor 702 may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured to implement one or more Integrated circuits of the embodiments of the present Application.

The Memory 701 may include Read-Only Memory (ROM), Random Access Memory (RAM), magnetic disk storage media devices, optical storage media devices, flash Memory devices, electrical, optical, or other physical/tangible Memory storage devices. Thus, in general, the memory includes one or more tangible (non-transitory) computer-readable storage media (e.g., a memory device) encoded with software comprising computer-executable instructions and when the software is executed (e.g., by one or more processors), it is operable to perform operations described with reference to payment methods in accordance with the application.

The processor 702 runs computer program instructions corresponding to executable program codes by reading the executable program codes stored in the memory 701, for implementing the payment method applied to the authentication authority platform in the above-described embodiment.

In one example, server 700 may also include a communication interface 703 and a bus 704. As shown in fig. 11, the memory 701, the processor 702, and the communication interface 703 are connected by a bus 704 to complete mutual communication.

The communication interface 703 is mainly used for implementing communication between modules, apparatuses, units and/or devices in this embodiment of the application. Input devices and/or output devices may also be accessed through communications interface 703.

Bus 704 includes hardware, software, or both to couple the components of server 700 to one another. By way of example and not limitation, Bus 704 may include an Accelerated Graphics Port (AGP) or other Graphics Bus, an Enhanced Industry Standard Architecture (EISA) Bus, a Front-Side Bus (Front Side Bus, FSB), a HyperTransport (HT) Interconnect, an Industry Standard Architecture (ISA) Bus, an infiniband Interconnect, a Low Pin Count (LPC) Bus, a memory Bus, a MicroChannel Architecture (MCA) Bus, a Peripheral Component Interconnect (PCI) Bus, a PCI-Express (PCI-X) Bus, a Serial Advanced Technology Attachment (Serial Advanced Technology Attachment, SATA) Bus, a Local Video Association (vldeo) Bus, or a combination of two or more of these buses, as appropriate. Bus 704 may include one or more buses, where appropriate. Although specific buses are described and shown in the embodiments of the application, any suitable buses or interconnects are contemplated by the application.

A sixth aspect of the present application provides a user terminal. Fig. 12 is a schematic hardware structure diagram of an embodiment of a user terminal provided in the present application. As shown in fig. 12, the user terminal 800 includes a memory 801, a processor 802, and computer program instructions stored on the memory 801 and executable on the processor 802.

In one example, the processor 802 may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured to implement one or more Integrated circuits of the embodiments of the present Application.

The Memory 801 may include Read-Only Memory (ROM), Random Access Memory (RAM), magnetic disk storage media devices, optical storage media devices, flash Memory devices, electrical, optical, or other physical/tangible Memory storage devices. Thus, in general, the memory includes one or more tangible (non-transitory) computer-readable storage media (e.g., a memory device) encoded with software comprising computer-executable instructions and when the software is executed (e.g., by one or more processors), it is operable to perform operations described with reference to payment methods in accordance with the application.

The processor 802 runs computer program instructions corresponding to executable program codes by reading the executable program codes stored in the memory 801 for implementing the payment method applied to the user terminal in the above-described embodiment.

In one example, the user terminal 800 may also include a communication interface 803 and a bus 804. As shown in fig. 12, the memory 801, the processor 802, and the communication interface 803 are connected by a bus 804 to complete communication therebetween.

The communication interface 803 is mainly used for implementing communication between modules, apparatuses, units and/or devices in the embodiments of the present application. Input devices and/or output devices may also be accessed through communication interface 803.

The bus 804 comprises hardware, software, or both that couple the components of the user terminal 800 to one another. By way of example, and not limitation, Bus 804 may include an Accelerated Graphics Port (AGP) or other Graphics Bus, an Enhanced Industry Standard Architecture (EISA) Bus, a Front-Side Bus (Front Side Bus, FSB), a HyperTransport (HT) Interconnect, an Industry Standard Architecture (ISA) Bus, an infiniband Interconnect, a Low Pin Count (LPC) Bus, a memory Bus, a MicroChannel Architecture (MCA) Bus, a Peripheral Component Interconnect (PCI) Bus, a PCI-Express (PCI-X) Bus, a Serial Advanced Technology Attachment (Serial Advanced Technology Attachment, SATA) Bus, a Local Video Association (vldeo) Bus, or a combination of two or more of these buses, as appropriate. Bus 804 may include one or more buses, where appropriate. Although specific buses are described and shown in the embodiments of the application, any suitable buses or interconnects are contemplated by the application.

A seventh aspect of the present application provides a payment system. The payment system may include the server and the user terminal in the above embodiments, where the server may be regarded as the authentication authority platform in the above embodiments. In some examples, the payment system may further include the information exchange system and the payment device in the above embodiments. Specifically, the information exchange system may include an order receiving device, an online server, an information exchange server, and the like, which are not limited herein. For specific contents of each component in the payment system, reference may be made to the relevant description in the above embodiments, and details are not repeated here.

An eighth aspect of the present application provides a computer-readable storage medium. The computer readable storage medium stores computer program instructions, and the computer program instructions, when executed by the processor, can implement the payment method in the above embodiments and achieve the same technical effects, and are not described herein again to avoid repetition. The computer-readable storage medium may include a non-transitory computer-readable storage medium, such as a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and the like, which is not limited herein.

It should be clear that the embodiments in this specification are described in a progressive manner, and the same or similar parts in the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. For server embodiments, user terminal embodiments, system embodiments, and computer-readable storage medium embodiments, reference may be made to the description of the method embodiments for relevant points. The present application is not limited to the particular steps and structures described above and shown in the drawings. Those skilled in the art may make various changes, modifications and additions or change the order between the steps after appreciating the spirit of the present application. Also, a detailed description of known process techniques is omitted herein for the sake of brevity.

Aspects of the present application are described above with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, enable the implementation of the functions/acts specified in the flowchart and/or block diagram block or blocks. Such a processor may be, but is not limited to, a general purpose processor, a special purpose processor, an application specific processor, or a field programmable logic circuit. It will also be understood that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware for performing the specified functions or acts, or combinations of special purpose hardware and computer instructions.

It will be appreciated by persons skilled in the art that the above embodiments are illustrative and not restrictive. Different features which are present in different embodiments may be combined to advantage. Other variations to the disclosed embodiments can be understood and effected by those skilled in the art upon studying the drawings, the specification, and the claims. In the claims, the term "comprising" does not exclude other means or steps; the word "a" or "an" does not exclude a plurality; the terms "first" and "second" are used to denote a name and not to denote any particular order. Any reference signs in the claims shall not be construed as limiting the scope. The functions of the various parts appearing in the claims may be implemented by a single hardware or software module. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.

Claims

1. A payment method is applied to a user terminal, and comprises the following steps:

providing transaction information of target payment to a payment device in response to the payment function being invoked, so that the payment device transmits the transaction information to an authentication authority platform through an information exchange system;

receiving a user identity authentication request sent by a trusted service management platform under the condition that the authentication authority platform determines that authentication judgment information does not meet a preset authentication-free safety condition, responding to the user identity authentication request, performing user identity authentication, and transmitting an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform so that the authentication authority platform determines whether to continuously execute the target payment,

the authentication judgment information is obtained by the authentication authority platform according to the transaction information and comprises one or more of payer account information, payee information and transaction content information.

2. The method of claim 1, further comprising:

and under the condition that the authentication authority platform determines that the authentication judgment information meets the authentication-free safety condition, the user identity authentication is avoided.

3. The method according to claim 1 or 2,

the payer account information includes transaction history data for the payer account and/or a credit rating for the payer account;

the payee information comprises one or more of payee registration information, payee activity area, payee credit rating;

4. The method of claim 3, wherein the authentication-free security condition comprises one or more of:

the transaction historical data represents that the payment times within a second preset time from the target payment initiating time do not reach a second time threshold value, and the second preset time is shorter than the first preset time;

the transaction history data represents that the accumulated amount of the payment exempting the user identity authentication does not reach a first safety amount threshold value;

the credit rating of the payer account is higher than a user standard credit rating;

the payee registration information includes payee registration funds that are above a secure registration funds threshold;

the payee registration information comprises payee operation ranges in a preset operation range white list;

the payee active area is a fixed area;

the payee credit rating is higher than a payee standard credit rating;

the transaction amount of the target payment is below a second safe amount threshold;

the transaction commodity type is in a preset commodity type white list.

5. The method of claim 1, further comprising:

and under the condition that the user identity authentication of the user terminal fails in the last payment of the target payment, receiving a user identity authentication request sent by the trusted service management platform, responding to the user identity authentication request, performing user identity authentication, and transmitting an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform so that the authentication authority platform determines whether to continuously execute the target payment.

6. The method according to claim 1 or 5, wherein the authentication result characterizes an authentication success or an authentication failure.

7. The method of claim 1, wherein providing transaction information to a payment device in response to the payment function being invoked comprises:

in response to a call-out operation, determining a payment function supported by the user terminal;

evoking a payment function supported by the user terminal, interacting with a payment device to provide the transaction information,

the payment function comprises a near field communication payment function and/or a graphic code payment function, and the evoking operation comprises the approaching of the user terminal to the payment equipment, the predetermined operation of a predetermined structure of the user terminal or the operation of a payment application installed in the user terminal.

8. The method of claim 1, 2 or 5, wherein the user identity authentication comprises biometric authentication and/or personal identification password authentication.

9. A payment method is applied to a user terminal, and comprises the following steps:

providing transaction information to a payment device in response to a payment function being invoked, such that the payment device transmits the transaction information to an authentication authority platform via an information exchange system;

and under the condition that the authentication authority platform determines that authentication judgment information meets a preset authentication-free safety condition, user identity authentication is avoided, wherein the authentication judgment information is obtained by the authentication authority platform according to the transaction information and comprises one or more items of payment party account information, payee party information and transaction content information.

10. The method of claim 9, further comprising:

and under the condition that the authentication authority platform determines that the authentication judgment information does not meet the authentication-free safety condition, receiving a user identity authentication request sent by a trusted service management platform, responding to the user identity authentication request, performing user identity authentication, and transmitting an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform so that the authentication authority platform determines whether to continuously execute the target payment.

11. The method according to claim 9 or 10 or the method,

12. The method of claim 11, wherein the authentication-free security condition comprises one or more of:

the payee active area is a fixed area;

the payee credit rating is higher than a payee standard credit rating;

the transaction commodity type is in a preset commodity type white list.

13. The method of claim 9, further comprising:

and under the condition that the user identity authentication of the user terminal fails in the last payment of the target payment, receiving a user identity authentication request sent by a trusted service management platform, responding to the user identity authentication request, performing user identity authentication, and transmitting an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform so that the authentication authority platform determines whether to continuously execute the target payment.

14. The method according to claim 10 or 13, wherein the authentication result characterizes an authentication success or an authentication failure.

15. The method of claim 9, wherein providing transaction information to a payment device in response to the payment function being invoked comprises:

16. The method of claim 9, 10 or 13, wherein the user identity authentication comprises biometric authentication and/or personal identification password authentication.

17. A payment method is applied to an authentication authority platform and comprises the following steps:

receiving transaction information of target payment transmitted by payment equipment through an information exchange system, wherein the transaction information is obtained by interaction between the payment equipment and a user terminal with a payment function being called;

acquiring authentication judgment information of the target payment according to the transaction information, wherein the authentication judgment information comprises one or more of payer account information, payee information and transaction content information;

and sending an authentication request to a trusted service management platform under the condition that the authentication judgment information does not meet the preset authentication-free safety condition, wherein the authentication request is used for indicating the trusted service management platform to request user identity authentication from the user terminal, and determining whether the target payment is finished or not according to the authentication result of the user identity authentication, and the authentication-free safety condition is used for judging that the safety of the target payment reaches the safety standard.

18. The method of claim 17, further comprising:

and under the condition that the authentication judgment information meets the preset authentication-free safety condition, the user identity authentication of the user terminal is avoided, and the target payment is completed through the information exchange system and the payment processing platform.

19. The method of claim 17, wherein the authentication decision information includes the payer account information,

the obtaining of the authentication judgment information of the target payment according to the transaction information includes:

acquiring a payment identifier Token from the transaction information;

carrying out de-identification processing on the payment identifier Token to obtain a payer account corresponding to the payment identifier Token;

and acquiring the payer account information corresponding to the payer account.

20. The method of claim 17 or 18,

21. The method of claim 20, wherein the authentication-free security condition comprises one or more of:

the payee active area is a fixed area;

the payee credit rating is higher than a payee standard credit rating;

the transaction commodity type is in a preset commodity type white list.

22. The method of claim 17, further comprising:

and under the condition that the user identity authentication of the user terminal fails in the last payment of the target payment, sending the authentication request to a trusted service management platform, and determining whether the target payment is finished or not according to the authentication result of the user identity authentication.

23. The method according to claim 17 or 22, wherein before the determining whether the target payment is completed according to the authentication result of the user identity authentication, the method further comprises:

receiving the authentication result acquired by the trusted service management platform from the user terminal;

the determining whether the target payment is completed according to the authentication result of the user identity authentication includes:

under the condition that the authentication result represents that the authentication is successful, the target payment is continuously executed through the information exchange system and the payment processing platform;

terminating the target payment if the authentication result characterizes an authentication failure.

24. A payment method is applied to an authentication authority platform and comprises the following steps:

and under the condition that the authentication judgment information meets the preset authentication-free safety condition, the user identity authentication of the user terminal is avoided, the target payment is completed through the information exchange system and the payment processing platform, and the authentication-free safety condition is used for judging that the safety of the target payment reaches the safety standard.

25. The method of claim 24, further comprising:

and sending an authentication request to a trusted service management platform under the condition that the authentication judgment information does not meet the authentication-free safety condition, wherein the authentication request is used for indicating the trusted service management platform to request user identity authentication from the user terminal, and determining whether the target payment is finished or not according to an authentication result of the user identity authentication.

26. The method of claim 24, wherein the authentication decision information includes the payer account information,

acquiring a payment identifier Token from the transaction information;

and acquiring the payer account information corresponding to the payer account.

27. The method of claim 24 or 25,

28. The method of claim 27, wherein the authentication-free security condition comprises one or more of:

the payee active area is a fixed area;

the payee credit rating is higher than a payee standard credit rating;

the transaction commodity type is in a preset commodity type white list.

29. The method of claim 24, further comprising:

and sending an authentication request to a trusted service management platform under the condition that the user identity authentication of the user terminal fails in the last payment of the target payment, and determining whether the target payment is finished or not according to an authentication result of the user identity authentication.

30. The method according to claim 25 or 29, wherein before the determining whether the target payment is completed according to the authentication result of the user identity authentication, the method further comprises:

31. A user terminal, comprising:

the payment device comprises an output module, a payment authorization platform and an information exchange system, wherein the output module is used for responding to the awakening of the payment function and providing transaction information to the payment device so that the payment device transmits the transaction information to the authentication authorization platform through the information exchange system;

the receiving module is used for receiving a user identity authentication request sent by a trusted service management platform under the condition that the authentication authority platform determines that the authentication judgment information does not meet the preset authentication-free safety condition;

the authentication module is used for responding to the user identity authentication request and performing user identity authentication;

a sending module, configured to transmit an authentication result of the user identity authentication to the authentication authority platform through the trusted service management platform, so that the authentication authority platform determines whether to continue to execute the target payment,

32. A user terminal, comprising:

and the authentication module is used for avoiding user identity authentication under the condition that the authentication authority platform determines that authentication judgment information meets a preset authentication-free safety condition, wherein the authentication judgment information is obtained by the authentication authority platform according to the transaction information and comprises one or more items of payment party account information, payee party information and transaction content information.

33. A server, comprising:

the payment system comprises a receiving module, a payment module and a payment module, wherein the receiving module is used for receiving transaction information of target payment transmitted by payment equipment through an information exchange system, and the transaction information is obtained by interaction between the payment equipment and a user terminal with a payment function being called;

the information acquisition module is used for acquiring authentication judgment information of the target payment according to the transaction information, wherein the authentication judgment information comprises one or more of payer account information, payee information and transaction content information;

the sending module is used for sending an authentication request to a trusted service management platform under the condition that the authentication judgment information does not meet the preset authentication-free safety condition, wherein the authentication request is used for indicating the trusted service management platform to request user identity authentication from the user terminal, and the authentication-free safety condition is used for judging that the safety of target payment reaches a safety standard;

and the processing module is used for determining whether the target payment is finished or not according to the authentication result of the user identity authentication.

34. A server, comprising:

and the safety judgment module is used for avoiding the user identity authentication of the user terminal under the condition that the authentication judgment information meets the preset authentication-free safety condition, finishing the target payment through the information exchange system and the payment processing platform, and judging that the safety of the target payment meets the safety standard under the authentication-free safety condition.

35. A user terminal, comprising: a processor and a memory storing computer program instructions;

the processor, when executing the computer program instructions, implements a payment method as claimed in any one of claims 1 to 16.

36. A server, comprising: a processor and a memory storing computer program instructions;

the processor, when executing the computer program instructions, implements a payment method as claimed in any one of claims 17 to 30.

37. A payment system comprising a user terminal as claimed in claim 35 and a server as claimed in claim 36.

38. A computer readable storage medium having computer program instructions stored thereon which, when executed by a processor, implement a payment method as claimed in any one of claims 1 to 30.