TWI619042B - System and method for online transaction security, SIM card, mobile phone and online transaction system realized by the method - Google Patents
System and method for online transaction security, SIM card, mobile phone and online transaction system realized by the method Download PDFInfo
- Publication number
- TWI619042B TWI619042B TW105135993A TW105135993A TWI619042B TW I619042 B TWI619042 B TW I619042B TW 105135993 A TW105135993 A TW 105135993A TW 105135993 A TW105135993 A TW 105135993A TW I619042 B TWI619042 B TW I619042B
- Authority
- TW
- Taiwan
- Prior art keywords
- transaction
- security
- mobile phone
- dimensional code
- module
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 86
- 238000012790 confirmation Methods 0.000 claims abstract description 186
- 238000004891 communication Methods 0.000 claims description 59
- 238000012545 processing Methods 0.000 claims description 15
- 238000010295 mobile communication Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 10
- 238000012546 transfer Methods 0.000 description 10
- 238000005516 engineering process Methods 0.000 description 4
- 238000011161 development Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Computer Security & Cryptography (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Telephone Function (AREA)
Abstract
本發明公開了一種通過手機確認網上交易安全的方法與系統,所述方法包括:二維碼生成步驟用於基於網上交易生成的交易資料與請求,生成二維碼,並在客戶端顯示二維碼;二維碼獲取步驟用於通過手機APP掃描客戶端顯示的二維碼,獲取並發送二維碼;交易安全確認步驟用於接收並解析手機APP發送的二維碼,還原交易資料與請求,通過手機STK選單對交易資料與請求進行確認,生成交易確認結果;交易安全操作步驟用於採用手機智慧卡安全模組功能對交易確認結果進行數位簽名;交易完成步驟將簽名確認結果發送到系統平台,完成整個網上交易。 The invention discloses a method and a system for confirming the safety of online transactions through a mobile phone. The method includes: a two-dimensional code generating step for generating transaction data and requests based on online transactions, generating a two-dimensional code, and displaying the two-dimensional code on a client. Two-dimensional code; The two-dimensional code acquisition step is used to scan the two-dimensional code displayed on the client through the mobile APP to obtain and send the two-dimensional code; the transaction security confirmation step is used to receive and analyze the two-dimensional code sent by the mobile app to restore transaction data And request, confirm the transaction information and request through the mobile STK menu to generate the transaction confirmation result; the transaction security operation steps are used to digitally sign the transaction confirmation result using the function of the mobile phone smart card security module; the transaction completion step sends the signature confirmation result Go to the system platform and complete the entire online transaction.
Description
本發明係關於網上交易安全領域,尤其關於一種通過手機確認網上交易安全的方法及其系統。 The invention relates to the field of online transaction security, in particular to a method and system for confirming online transaction security through a mobile phone.
隨著智慧網路終端技術的發展,手機掃描二維碼由於其使用方便快捷、使用者體驗好,因而應用場合越來越廣泛。並且,隨著IC技術的不斷演進,藍牙(Bluetooth)通訊等許多無線通訊技術被整合到手機SIM卡等智慧卡中,從而在傳統資料短訊通道之外,還打通了行動網路終端與智慧卡之間的機卡高速資料通道,使得手機SIM卡不僅提供電信功能,還可支持各種新業務新應用程式的下載和運行。此外,手機SIM卡等智慧卡中還提供安全模組(SE Security Element)的硬體用於資料加密/解密、簽名/驗證簽名等安全操作,實現金融級別的安全性,從而構成安全智慧卡。 With the development of smart network terminal technology, mobile phone scanning QR codes are more and more widely used due to its convenient and fast use and good user experience. In addition, with the continuous evolution of IC technology, many wireless communication technologies such as Bluetooth communication have been integrated into smart cards such as mobile phone SIM cards, thereby opening up mobile network terminals and wisdom in addition to traditional data messaging channels. The high-speed data channel between the cards enables the mobile phone SIM card not only to provide telecommunication functions, but also to support the download and operation of various new business and new applications. In addition, smart cards such as mobile phone SIM cards also provide hardware of a security module (SE Security Element) for data encryption / decryption, signing / verification of signatures and other security operations to achieve financial-level security, thereby forming a secure smart card.
目前的現有技術中,在網路終端上普遍使用獨立的智慧密碼鑰匙(USBKey)完成交易顯示、數位簽名和使用者確認等功能,即完成所謂“二代KEY”的功能。但該種在網路終端上配套使用單獨的智慧密碼鑰匙的技術具有很多的缺點,如以下等缺點。 In the current prior art, an independent smart key (USBKey) is generally used on a network terminal to perform functions such as transaction display, digital signature, and user confirmation, that is, to complete the so-called "second-generation KEY" function. However, this technology of using a separate smart password key on a network terminal has many disadvantages, such as the following.
1)使用者使用不方便,在網路終端進行交易的過程中必須插拔USBKey,才能進行網上交易認證。 1) The user is inconvenient to use. In the process of conducting transactions on the network terminal, the USBKey must be inserted and removed in order to perform online transaction authentication.
2)安全性低,單獨的智慧密碼鑰匙容易忘記攜帶,並且容易丟失後被他人盜取,造成了使用者賬戶的隱患。 2) The security is low. The separate smart password key is easy to forget to carry, and it is easy to be stolen by others after being lost.
本發明期望提供一種通過手機確認網上交易安全的方法及其系統,能通過採用手機STK(SIM Tool Kit,使用者識別應用發展工具)選單確認網上交易安全,既保證網路終端網上交易的安全性,又便於隨時攜帶,方便使用者使用。 The present invention hopes to provide a method and system for confirming the security of online transactions through a mobile phone, which can confirm the security of online transactions by using a mobile phone STK (SIM Tool Kit, user identification application development tool) menu, which guarantees online transactions on a network terminal Safety, easy to carry at any time, and convenient for users to use.
本發明實施例的技術方案是這樣實現的。 The technical solution of the embodiment of the present invention is implemented in this way.
本發明提供一種通過手機確認網上交易安全的系統,包括:客戶端:用於進行網上交易,所述客戶端根據所述網上交易生成交易資料與請求;系統平台:用於進行所述網上交易的相關後台業務處理,基於所述交易資料與請求生成二維碼,並將所述二維碼發送給所述客戶端進行顯示;手機APP:用於通過掃描所述客戶端顯示的所述二維碼,獲取並發送所述二維碼;交易安全確認模組:用於接收並解析所述手機APP發送的所述二維碼,還原所述交易資料與請求,通過手機STK選單對所述交易資料與請求進行確認,生成交易確認結果;交易安全操作模組:用於採用手機智慧卡安全模組功能對所述交易確認結果進行數位簽名;主控模組:用於對所述交易安全操作模組進行中央控制,並將數位簽名的所述交易確認結果經由所述交易安 全確認模組發送到所述系統平台,完成網上交易,或所述主控模組將數位簽名的所述交易確認結果經由所述手機APP發送到所述系統平台,完成網上交易。 The invention provides a system for confirming the security of online transactions through a mobile phone, including: a client: for performing online transactions, the client generates transaction data and requests according to the online transactions; a system platform: for performing the Related background business processing of online transactions, generating a two-dimensional code based on the transaction data and request, and sending the two-dimensional code to the client for display; mobile phone APP: used to scan the display of the client The two-dimensional code is used to obtain and send the two-dimensional code; a transaction security confirmation module is configured to receive and analyze the two-dimensional code sent by the mobile phone APP, restore the transaction data and requests, and pass the mobile phone STK menu Confirming the transaction information and request to generate a transaction confirmation result; a transaction security operation module: for digitally signing the transaction confirmation result by using a mobile phone smart card security module function; a main control module: for The transaction security operation module performs central control, and digitally signs the transaction confirmation result via the transaction security The full confirmation module is sent to the system platform to complete the online transaction, or the main control module sends the digitally signed transaction confirmation result to the system platform via the mobile phone APP to complete the online transaction.
本發明還提供一種通過手機確認網上交易安全的系統,包括:客戶端:用於進行網上交易,所述客戶端根據所述網上交易生成交易資料與請求,生成並顯示二維碼;系統平台:用於進行所述網上交易的相關後台業務處理;手機APP:用於通過掃描所述客戶端顯示的所述二維碼,獲取並發送所述二維碼;交易安全確認模組:用於接收並解析所述手機APP發送的所述二維碼,還原所述交易資料與請求,通過手機STK選單對所述交易資料與請求進行確認,生成交易確認結果;交易安全操作模組:用於採用手機智慧卡安全模組功能對所述交易確認結果進行數位簽名;主控模組:用於對所述交易安全操作模組進行中央控制,並將數位簽名的所述交易確認結果經由所述交易安全確認模組發送到所述系統平台,完成網上交易,或所述主控模組將數位簽名的所述交易確認結果經由所述手機APP發送到所述系統平台,完成網上交易。 The present invention also provides a system for confirming the security of online transactions through a mobile phone, including: a client: for performing online transactions, the client generates transaction data and requests according to the online transactions, and generates and displays a two-dimensional code; System platform: used to perform related background business processing of the online transaction; mobile phone APP: used to obtain and send the two-dimensional code by scanning the two-dimensional code displayed by the client; transaction security confirmation module : For receiving and analyzing the two-dimensional code sent by the mobile APP, restoring the transaction data and requests, confirming the transaction data and requests through a mobile STK menu, and generating a transaction confirmation result; a transaction security operation module : Used for digitally signing the transaction confirmation result by using the function of the mobile phone smart card security module; main control module: used for centrally controlling the transaction security operation module and digitally signing the transaction confirmation result Send to the system platform via the transaction security confirmation module to complete the online transaction, or the main control module will digitally sign the transaction confirmation If sent via the mobile phone to the APP platform, complete the online transaction.
本發明還提供一種通過手機確認網上交易安全的方法,應用於如上所述通過手機確認網上交易安全的系統,所述系統包括:客戶端、系統平台、手機APP、交易安全確認模組、交易安全操作模組及主控模組,所述方法包括:二維碼生成步驟,用於基於網上交易生成的交易資料與請求,生成二維碼,並在所述客戶端顯示所述二維碼;二維 碼獲取步驟,用於通過所述手機APP掃描所述客戶端顯示的所述二維碼,獲取並發送所述二維碼;交易安全確認步驟,用於接收並解析所述手機APP發送的所述二維碼,還原所述交易資料與請求,通過手機STK選單對所述交易資料與請求進行確認,生成交易確認結果;交易安全操作步驟,用於採用手機智慧卡安全模組功能對所述交易確認結果進行數位簽名;交易完成步驟,所述交易安全確認模組將簽名的所述交易確認結果發送給所述系統平台,所述系統平台基於簽名的所述交易確認結果決定是否繼續交易,如果繼續交易則所述系統平台執行交易請求,完成整個網上交易。 The invention also provides a method for confirming the security of online transactions through a mobile phone, which is applied to the system for confirming the security of online transactions through a mobile phone as described above. The system includes: a client, a system platform, a mobile phone APP, a transaction security confirmation module, The transaction security operation module and the main control module. The method includes a two-dimensional code generating step for generating a two-dimensional code based on transaction data and requests generated by online transactions, and displaying the two codes on the client. Dimensional code A code obtaining step is used to scan the two-dimensional code displayed on the client through the mobile phone APP to obtain and send the two-dimensional code; a transaction security confirmation step is used to receive and analyze all the data sent by the mobile phone app. The two-dimensional code is used to restore the transaction data and request, and the transaction data and request are confirmed through the mobile phone STK menu to generate a transaction confirmation result. The transaction security operation steps are used to use the mobile smart card security module function to verify the transaction data and request. The transaction confirmation result is digitally signed; in the transaction completion step, the transaction security confirmation module sends the signed transaction confirmation result to the system platform, and the system platform decides whether to continue the transaction based on the signed transaction confirmation result, If the transaction is continued, the system platform executes a transaction request and completes the entire online transaction.
如上所述通過手機確認網上交易安全的方法,所述二維碼生成步驟包括:客戶端二維碼生成步驟,所述客戶端根據所述網上交易生成交易資料與請求,直接生成並顯示二維碼;或系統平台二維碼生成步驟,基於所述交易資料與請求生成二維碼,將所述二維碼發送給所述客戶端進行顯示。 The method for confirming the security of online transactions through a mobile phone as described above, the step of generating a two-dimensional code includes the step of generating a two-dimensional code of a client, and the client generates transaction data and requests according to the online transaction, and directly generates and displays the same. A two-dimensional code; or a system platform two-dimensional code generating step, generating a two-dimensional code based on the transaction data and a request, and sending the two-dimensional code to the client for display.
如上所述通過手機確認網路終端網上交易安全的方法,所述二維碼獲取步驟包括:二維碼掃描步驟,使用所述手機APP掃描在所述網路終端的客戶端上顯示的與所述交易資料與請求相應的所述二維碼;二維碼發送步驟,所述手機APP將所述二維碼傳遞給所述交易安全確認模組。 As described above, the method for confirming the security of online transactions on a network terminal through a mobile phone, the step of obtaining a two-dimensional code includes the step of scanning a two-dimensional code, using the mobile phone APP to scan and display on the client terminal of the network terminal. The two-dimensional code corresponding to the transaction data and the request; in the two-dimensional code sending step, the mobile phone APP transmits the two-dimensional code to the transaction security confirmation module.
如上所述通過手機確認網上交易安全的方法,所述二維碼發送步驟,包括:行動網路發送步驟,所述手機APP 將所述二維碼通過行動網路發送給所述系統平台,所述系統平台再通過資料短訊將所述二維碼下發給所述交易安全確認模組;或通訊通道發送步驟,所述手機APP將所述二維碼通過手機與SIM卡之間的資料通道發送給所述SIM卡,所述交易安全確認模組從所述SIM卡獲取所述二維碼。 The method for confirming the security of online transactions through a mobile phone as described above, the sending step of the two-dimensional code includes a mobile network sending step, and the mobile phone APP Sending the two-dimensional code to the system platform through a mobile network, and the system platform then sends the two-dimensional code to the transaction security confirmation module through a data message; or a communication channel sending step, all The mobile phone APP sends the two-dimensional code to the SIM card through a data channel between the mobile phone and the SIM card, and the transaction security confirmation module obtains the two-dimensional code from the SIM card.
如上所述通過手機確認網上交易安全的方法,所述交易安全確認步驟包括:二維碼解析步驟,所述交易安全確認模組通過解析所述二維碼,獲得待簽名確認的所述交易資料與請求;交易確認步驟,所述交易安全確認模組中彈出STK選單顯示所述待簽名確認的交易資料與請求,等待使用者在所述STK選單中對交易進行確認,生成交易確認結果。 The method for confirming the security of online transactions through a mobile phone as described above, the transaction security confirmation step includes a two-dimensional code analysis step, and the transaction security confirmation module obtains the transaction to be signed for confirmation by analyzing the two-dimensional code. Data and request; transaction confirmation step, a STK menu pops up in the transaction security confirmation module to display the transaction data and request to be signed for confirmation, and waits for the user to confirm the transaction in the STK menu to generate a transaction confirmation result.
如上所述通過手機確認網上交易安全的方法,所述交易安全操作步驟包括:簽名步驟,如果使用者確認交易,則所述交易安全操作模組使用SIM卡上安全模組功能進行所述交易確認結果簽名。 The method for confirming the security of online transactions through a mobile phone as described above. The transaction security operation steps include a signature step. If the user confirms the transaction, the transaction security operation module uses the security module function on the SIM card to perform the transaction. Confirm the result signature.
如上所述的通過手機確認網上交易安全的方法,所述交易完成步驟包括:短訊交易完成步驟,所述交易安全確認模組直接將簽名的所述交易確認結果通過資料短訊返回給所述系統平台;或通訊通道交易完成步驟,所述交易安全確認模組將簽名的所述交易確認結果通過手機與SIM卡之間的資料通道發送給所述手機APP,所述手機APP通過行動網路發送給所述系統平台。 The method for confirming the security of an online transaction through a mobile phone as described above, the transaction completion step includes: a short message transaction completion step, and the transaction security confirmation module directly returns the signed transaction confirmation result to the agency via a text message. The system platform; or the communication channel transaction completion step, the transaction security confirmation module sends the signed transaction confirmation result to the mobile APP through the data channel between the mobile phone and the SIM card, and the mobile APP passes the mobile network Way to the system platform.
本發明還提供一種基於通過手機確認網上交易安全的 方法實現的SIM卡,採用如上所述通過手機確認網上交易安全的方法,所述SIM卡包括:卡端通訊模組,用於與手機進行資料通訊;交易安全操作模組,用於採用手機智慧卡安全模組功能對網上交易的交易確認結果進行數位簽名;主控模組,用於對所述卡端通訊模組與所述交易安全操作模組進行中央控制與處理,將數位簽名的所述交易確認結果經由手機發送到系統平台,完成網上交易。 The invention also provides a method for confirming the security of online transactions through a mobile phone. The SIM card implemented by the method adopts the method for confirming the security of online transactions through a mobile phone as described above. The SIM card includes: a card-end communication module for data communication with the mobile phone; and a transaction security operation module for using the mobile phone. The smart card security module function digitally signs the transaction confirmation results of online transactions; the main control module is used to centrally control and process the card-side communication module and the transaction security operation module to digitally sign The result of the transaction confirmation is sent to the system platform via a mobile phone to complete the online transaction.
本發明還提供一種基於通過手機確認網上交易安全的方法實現的手機,採用如上所述通過手機確認網上交易安全的方法,所述手機包括:手機端通訊模組,用於與SIM卡進行資料通訊;手機APP,用於通過掃描客戶端顯示的二維碼,獲取所述二維碼並通過所述手機端通訊模組發送所述二維碼;交易安全確認模組,用於接收並解析所述手機APP發送的所述二維碼,還原網上交易的交易資料與請求,通過手機STK選單對所述交易資料與請求進行確認,生成交易確認結果。 The present invention also provides a mobile phone implemented based on a method for confirming the security of online transactions through a mobile phone. The method for confirming online transaction security by using a mobile phone as described above is provided. The mobile phone includes a mobile phone communication module for communicating with a SIM card. Data communication; mobile phone APP for scanning the two-dimensional code displayed on the client to obtain the two-dimensional code and sending the two-dimensional code through the mobile phone communication module; transaction security confirmation module for receiving and Parse the two-dimensional code sent by the mobile APP, restore transaction data and requests for online transactions, confirm the transaction data and requests through the mobile STK menu, and generate transaction confirmation results.
本發明還提供一種基於通過手機確認網上交易安全的方法實現的網上交易系統,採用如上所述通過手機確認網上交易安全的方法,所述網上交易系統包括:客戶端,用於進行網上交易,所述客戶端根據所述網上交易生成交易資料與請求;系統平台,用於進行所述網上交易的相關後台業務處理,基於所述交易資料與請求生成二維碼,並將所述二維碼發送給所述客戶端進行顯示;手機系統,用於通過掃描所述客戶端顯示的所述二維碼,獲取所述二維 碼,解析所述二維碼,還原所述交易資料與請求,通過手機STK選單對所述交易資料與請求進行確認,生成交易確認結果;SIM卡,用於採用手機智慧卡安全模組功能對所述交易確認結果進行數位簽名,將數位簽名的所述交易確認結果經由所述手機系統發送到所述系統平台,完成整個網上交易。 The present invention also provides an online transaction system implemented based on a method for confirming the security of online transactions through a mobile phone. The method for confirming the security of online transactions through a mobile phone as described above is adopted. The online transaction system includes: a client for conducting For online transactions, the client generates transaction data and requests based on the online transactions; a system platform for performing related background business processing of the online transactions, generates a two-dimensional code based on the transaction data and requests, and Sending the two-dimensional code to the client for display; a mobile phone system for acquiring the two-dimensional code by scanning the two-dimensional code displayed by the client Code, parses the two-dimensional code, restores the transaction data and request, confirms the transaction data and request through the mobile STK menu, and generates a transaction confirmation result; a SIM card is used to use the mobile smart card security module function to The transaction confirmation result is digitally signed, and the digitally signed transaction confirmation result is sent to the system platform via the mobile phone system to complete the entire online transaction.
本發明還提供一種基於通過手機確認網上交易安全的方法實現的網上交易系統,採用如上所述通過手機確認網上交易安全的方法,所述網上交易系統包括:客戶端,用於進行網上交易,所述客戶端根據所述網上交易生成交易資料與請求,生成並顯示二維碼;系統平台,用於進行所述網上交易的相關後台業務處理;手機系統,用於通過掃描所述客戶端顯示的所述二維碼,獲取所述二維碼,解析所述二維碼,還原所述交易資料與請求,通過手機STK選單對所述交易資料與請求進行確認,生成交易確認結果;SIM卡,用於採用手機智慧卡安全模組功能對所述交易確認結果進行數位簽名,將數位簽名的所述交易確認結果經由所述手機系統發送到所述系統平台,完成整個網上交易。 The present invention also provides an online transaction system implemented based on a method for confirming the security of online transactions through a mobile phone. The method for confirming the security of online transactions through a mobile phone as described above is adopted. The online transaction system includes: For online transactions, the client generates transaction data and requests based on the online transactions, and generates and displays a two-dimensional code; a system platform for performing related background business processing of the online transactions; a mobile phone system for Scan the two-dimensional code displayed by the client, obtain the two-dimensional code, parse the two-dimensional code, restore the transaction data and requests, confirm the transaction data and requests through the mobile STK menu, and generate Transaction confirmation result; SIM card for digitally signing the transaction confirmation result with the function of the mobile phone smart card security module, and sending the digitally signed transaction confirmation result to the system platform via the mobile phone system, completing the entire Online Trading.
如上所述基於通過手機確認網上交易安全的方法實現的網上交易系統,所述手機系統,包括:手機端通訊模組,用於與所述SIM卡進行資料通訊;手機APP,用於通過掃描所述客戶端顯示的所述二維碼,獲取並通過所述手機端通訊模組發送所述二維碼;交易安全確認模組,用於接收並解析所述手機APP發送的所述二維碼,還原所述交易資 料與請求,通過手機STK選單對所述交易資料與請求進行確認,生成交易確認結果。 The online transaction system implemented based on the method for confirming the security of online transactions through a mobile phone as described above, the mobile phone system includes: a mobile phone communication module for data communication with the SIM card; a mobile phone APP for Scanning the two-dimensional code displayed on the client to obtain and send the two-dimensional code through the mobile phone communication module; a transaction security confirmation module for receiving and analyzing the second code sent by the mobile phone APP Dimension code, restore the transaction data Material and request, confirm the transaction information and request through the mobile phone STK menu, and generate a transaction confirmation result.
如上所述基於通過手機確認網上交易安全的方法實現的網上交易系統,所述SIM卡,包括:卡端通訊模組,用於與所述手機系統進行資料通訊;交易安全操作模組,用於採用手機智慧卡安全模組功能對所述交易確認結果進行數位簽名;主控模組,用於對所述卡端通訊模組與所述交易安全操作模組進行中央控制與處理,將數位簽名的所述交易確認結果經由手機發送到系統平台,完成網上交易。 As described above, the online transaction system implemented based on the method for confirming the security of online transactions through a mobile phone, the SIM card includes: a card-end communication module for data communication with the mobile phone system; a transaction security operation module, It is used for digitally signing the transaction confirmation result by using the function of the mobile phone smart card security module; the main control module is used to centrally control and process the card-side communication module and the transaction security operation module, and The digitally signed transaction confirmation result is sent to the system platform via a mobile phone to complete an online transaction.
本發明實施例所提供的一種通過手機確認網上交易安全的方法及其系統,利用手機掃描客戶端上顯示的二維碼,獲得待簽名確認的交易資料與請求,利用STK選單對交易進行安全確認,使用安全智慧卡上的安全模組對待簽名確認的交易資料與請求進行數位簽名。本發明使得帶安全智慧卡的智慧手機具備網路終端網上交易“二代Key”功能,既保證網路終端網上交易的安全性,又便於隨時攜帶,方便使用者使用。 A method and a system for confirming the security of online transactions through a mobile phone provided by embodiments of the present invention. The mobile phone scans a two-dimensional code displayed on a client to obtain transaction data and requests for signature confirmation, and uses a STK menu to secure transactions. Confirmation: Use the security module on the security smart card to digitally sign the transaction data and request for signature confirmation. The invention enables a smart phone with a secure smart card to have a "second-generation Key" function for online transactions on a network terminal, which not only ensures the security of online transactions on the network terminal, but also is convenient to carry at any time and is convenient for users.
本發明具有以下有益效果。 The present invention has the following beneficial effects.
1)使用簡便,本發明系統使使用者在網路終端進行交易的過程中不需要插拔USBKey,而是通過二維碼進行交易的確認。 1) Easy to use. The system of the present invention enables users to confirm the transaction through a two-dimensional code without the need to plug and unplug the USBKey during the transaction process on the network terminal.
2)安全性高,本發明二維碼交易確認方式不易丟失並被他人盜取,極大提高了使用者賬戶的安全性。 2) The security is high. The two-dimensional code transaction confirmation method of the present invention is not easy to be lost and stolen by others, which greatly improves the security of user accounts.
1‧‧‧客戶端 1‧‧‧client
2‧‧‧系統平台 2‧‧‧system platform
3‧‧‧手機APP 3‧‧‧Mobile APP
4‧‧‧交易安全確認模組 4‧‧‧Transaction Security Confirmation Module
5‧‧‧交易安全操作模組 5‧‧‧Transaction Security Operation Module
6‧‧‧主控模組 6‧‧‧Master Control Module
10‧‧‧卡端通訊模組 10‧‧‧Card-side communication module
11‧‧‧交易安全操作模組 11‧‧‧Transaction Security Operation Module
12‧‧‧主控模組 12‧‧‧Master Control Module
21‧‧‧手機端通訊模組 21‧‧‧Mobile communication module
22‧‧‧手機APP 22‧‧‧Mobile APP
23‧‧‧交易安全確認模組 23‧‧‧Transaction Security Confirmation Module
31‧‧‧客戶端 31‧‧‧Client
32‧‧‧系統平台 32‧‧‧system platform
33‧‧‧手機系統 33‧‧‧Mobile phone system
331‧‧‧手機端通訊模組 331‧‧‧Mobile communication module
332‧‧‧手機APP 332‧‧‧Mobile APP
333‧‧‧交易安全確認模組 333‧‧‧Transaction Security Confirmation Module
34‧‧‧SIM卡 34‧‧‧SIM card
341‧‧‧卡端通訊模組 341‧‧‧Card-side communication module
342‧‧‧交易安全操作模組 342‧‧‧Transaction Security Operation Module
343‧‧‧主控模組 343‧‧‧Master Control Module
S1‧‧‧二維碼生成步驟 S1‧‧‧Two-dimensional code generation steps
S2‧‧‧二維碼獲取步驟 S2‧‧‧ QR code acquisition steps
S3‧‧‧交易安全確認步驟 S3‧‧‧Transaction Security Confirmation Steps
S4‧‧‧交易安全操作步驟 S4‧‧‧Transaction security operation steps
S5‧‧‧交易完成步驟 S5‧‧‧Transaction Completion Steps
S11‧‧‧客戶端二維碼生成步驟 S11‧‧‧Client QR code generation steps
S12‧‧‧系統平台二維碼生成步驟 S12‧‧‧System platform QR code generation steps
S21‧‧‧二維碼掃描步驟 S21‧‧‧ QR code scanning steps
S22‧‧‧二維碼發送步驟 S22‧‧‧ QR code sending steps
S221‧‧‧行動網路發送步驟 S221‧‧‧ Mobile network sending steps
S222‧‧‧通訊通道發送步驟 S222‧‧‧Communication channel sending steps
S31‧‧‧二維碼解析步驟 S31‧‧‧Two-dimensional code analysis steps
S32‧‧‧交易確認步驟 S32‧‧‧Transaction Confirmation Steps
S41‧‧‧簽名步驟 S41‧‧‧Signing steps
S50~S60‧‧‧步驟 S50 ~ S60‧‧‧step
S501‧‧‧短訊交易完成步驟 S501‧‧‧SMS completion steps
S502‧‧‧通訊通道交易完成步驟 S502‧‧‧Communication channel transaction completion steps
圖1為本發明通過手機確認網上交易安全的系統邏輯方塊圖。 FIG. 1 is a logic block diagram of a system for confirming online transaction security through a mobile phone according to the present invention.
圖2為本發明通過手機確認網上交易安全的方法流程示意圖。 FIG. 2 is a schematic flowchart of a method for confirming online transaction security through a mobile phone according to the present invention.
圖3~圖5為本發明通過手機確認網上交易安全的方法詳細流程示意圖。 3 to 5 are detailed flowcharts of a method for confirming the security of online transactions through a mobile phone according to the present invention.
圖6為本發明方法具體實施例流程示意圖。 FIG. 6 is a schematic flowchart of a specific embodiment of a method according to the present invention.
圖7為本發明基於通過手機確認網上交易安全的方法實現的SIM卡邏輯方塊圖。 FIG. 7 is a logic block diagram of a SIM card implemented based on a method for confirming online transaction security through a mobile phone according to the present invention.
圖8為本發明基於通過手機確認網上交易安全的方法實現的手機邏輯方塊圖。 FIG. 8 is a logic block diagram of a mobile phone implemented based on a method for confirming online transaction security through a mobile phone according to the present invention.
圖9為本發明基於通過手機確認網上交易安全的方法實現的網上交易系統邏輯方塊圖。 FIG. 9 is a logic block diagram of an online transaction system implemented by a method for confirming online transaction security through a mobile phone according to the present invention.
為了更清楚地說明本發明實施例和技術方案,下面將結合圖式及實施例對本發明的技術方案進行更詳細的說明,顯然,所描述的實施例是本發明的一部分實施例,而不是全部實施例。基於本發明的實施例,所屬技術領域中具有通常知識者在不逸離本發明精神的前提下所獲得的所有其他實施例,都屬於本發明保護的範圍。 In order to explain the embodiments and technical solutions of the present invention more clearly, the technical solutions of the present invention will be described in more detail with reference to the drawings and the embodiments. Obviously, the described embodiments are part of the present invention, but not all of them. Examples. Based on the embodiments of the present invention, all other embodiments obtained by those with ordinary knowledge in the technical field without departing from the spirit of the present invention belong to the protection scope of the present invention.
本發明提供一種通過手機確認網上交易安全的系統,圖1為本發明通過手機確認網上交易安全的系統邏輯方塊圖,如圖1所示,本發明系統,包括: The present invention provides a system for confirming the security of online transactions through a mobile phone. FIG. 1 is a logic block diagram of a system for confirming the security of online transactions through a mobile phone. As shown in FIG. 1, the system of the present invention includes:
客戶端1:用於進行網上交易,客戶端根據網上交易 生成交易資料與請求。 Client 1: used for online transactions, the client is based on online transactions Generate transaction information and requests.
系統平台2:用於進行網上交易的相關後台業務處理,基於交易資料與請求生成二維碼,並將二維碼發送給客戶端進行顯示。 System platform 2: It is used to perform related background business processing of online transactions, generate a QR code based on transaction data and requests, and send the QR code to the client for display.
手機APP 3:用於通過掃描客戶端顯示的二維碼,獲取並發送二維碼。 Mobile APP 3: It is used to obtain and send the QR code by scanning the QR code displayed on the client.
交易安全確認模組4:用於接收並解析手機APP 3發送的二維碼,還原交易資料與請求,通過手機STK選單對交易資料與請求進行確認,生成交易確認結果。 Transaction security confirmation module 4: It is used to receive and analyze the QR code sent by mobile APP 3, restore transaction data and requests, confirm transaction data and requests through the mobile STK menu, and generate transaction confirmation results.
交易安全操作模組5:用於採用智慧卡安全模組功能對交易確認結果進行數位簽名。 Transaction security operation module 5: Used to digitally sign the transaction confirmation result using the smart card security module function.
主控模組6:用於對交易安全操作模組5進行中央控制,將數位簽名的交易確認結果經由交易安全確認模組4發送到系統平台2,完成網上交易,或主控模組6將數位簽名的交易確認結果經由手機APP 3發送到系統平台2,完成網上交易。 Main control module 6: It is used to centrally control the transaction security operation module 5 and send the digitally signed transaction confirmation results to the system platform 2 via the transaction security confirmation module 4 to complete online transactions, or the main control module 6 The digitally signed transaction confirmation result is sent to the system platform 2 via the mobile APP 3 to complete the online transaction.
本發明系統另一具體實施例中,圖1為本發明通過手機確認網上交易安全的系統邏輯方塊圖,如圖1所示,本發明系統,包括: In another specific embodiment of the system of the present invention, FIG. 1 is a logic block diagram of a system for confirming the security of online transactions through a mobile phone according to the present invention. As shown in FIG. 1, the system of the present invention includes:
客戶端1用於進行網上交易,客戶端1根據網上交易生成交易資料與請求,生成並顯示二維碼。 Client 1 is used for online transactions. Client 1 generates transaction data and requests based on online transactions, and generates and displays a QR code.
系統平台2:用於進行網上交易的相關後台業務處理。 System platform 2: Used for related background business processing of online transactions.
手機APP 3:用於通過掃描客戶端顯示的二維碼,獲取並發送二維碼。 Mobile APP 3: It is used to obtain and send the QR code by scanning the QR code displayed on the client.
交易安全確認模組4:用於接收並解析手機APP 3發送的二維碼,還原交易資料與請求,通過手機STK選單對交易資料與請求進行確認,生成交易確認結果。 Transaction security confirmation module 4: It is used to receive and analyze the QR code sent by mobile APP 3, restore transaction data and requests, confirm transaction data and requests through the mobile STK menu, and generate transaction confirmation results.
交易安全操作模組5:用於採用智慧卡安全模組功能對交易確認結果進行數位簽名。 Transaction security operation module 5: Used to digitally sign the transaction confirmation result using the smart card security module function.
主控模組6:用於對交易安全操作模組5進行中央控制,將數位簽名的交易確認結果經由交易安全確認模組4發送到系統平台2,完成網上交易,或主控模組6將數位簽名的交易確認結果經由手機APP 3發送到系統平台2,完成網上交易。 Main control module 6: It is used to centrally control the transaction security operation module 5 and send the digitally signed transaction confirmation results to the system platform 2 via the transaction security confirmation module 4 to complete online transactions, or the main control module 6 The digitally signed transaction confirmation result is sent to the system platform 2 via the mobile APP 3 to complete the online transaction.
交易安全操作模組提供加解密和數位簽名服務等安全功能。 The transaction security operation module provides security functions such as encryption and decryption and digital signature services.
將交易簽名確認結果發送到所述系統平台的工作,分兩種情況: There are two cases of sending the transaction signature confirmation result to the system platform:
1、由交易確認模組完成 1. Completed by the transaction confirmation module
交易確認模組通過主控模組調用交易操作模組進行簽名後,由主控模組將交易簽名確認結果返回給交易確認模組,由交易確認模組通過資料短訊發送到系統平台。 After the transaction confirmation module calls the transaction operation module for signature through the main control module, the main control module returns the transaction signature confirmation result to the transaction confirmation module, and the transaction confirmation module sends the data to the system platform through data messaging.
2、由APP完成 2. Completed by APP
交易確認模組通過主控模組調用交易操作模組簽名後,由主控模組將交易簽名確認結果通過機卡高速資料通道返回給APP,APP通過行動網路發送到系統平台。 After the transaction confirmation module calls the transaction operation module signature through the main control module, the main control module returns the transaction signature confirmation result to the APP through the machine card high-speed data channel, and the APP sends it to the system platform through the mobile network.
本發明客戶端為可支持網上交易且帶顯示螢幕的個人設備或自助終端,包括但不限於PC、IPAD、手機、ATM 機等。 The client of the present invention is a personal device or a self-service terminal with a display screen that can support online transactions, including but not limited to PC, IPAD, mobile phone, ATM Machine and so on.
本方案中的STK(Sim Tool Kit)選單是由SIM或系統平台觸發的系統功能調用,手機中的惡意程式無法介入和改變STK中的顯示和輸入,這時使用者在STK選單中看到的交易情況,是由系統平台通過資料短訊傳遞過來的二維碼解析出來的待簽名確認的交易資料與請求,或者是由APP通過機卡高速資料通道傳遞過來的二維碼解析出來的待簽名確認的交易資料與請求,如果使用者希望繼續交易,則在STK選單中對交易進行“確認”,否則“取消”交易。在STK選單中獲得人工確認操作結果後,利用SIM中的安全模組提供的安全功能對交易進行簽名等操作。 The STK (Sim Tool Kit) menu in this solution is a system function call triggered by the SIM or the system platform. Malicious programs in the phone cannot intervene and change the display and input in the STK. At this time, the user sees the transaction in the STK menu. The situation is the transaction data and request for signature confirmation that is parsed by the system platform through the QR code sent by the data message, or the signature confirmation that is parsed by the QR code that is transmitted by the APP through the high-speed data channel of the machine card Transaction information and requests, if the user wishes to continue the transaction, the transaction is "confirmed" in the STK menu, otherwise the transaction is "canceled". After obtaining the manual confirmation operation result in the STK menu, use the security function provided by the security module in SIM to sign the transaction and other operations.
本發明所述機卡高速資料通道,可以是手機與智慧卡之間可具備的任何通訊方式,如藍牙、WiFi、Zigbee等通訊方式。典型的,機卡高速資料通道為手機與智慧卡之間的藍牙通道,也就是說,採用本發明所述方法,可使得藍牙SIM具備“二代Key”安全功能,從而使得帶藍牙SIM的智慧手機可具備網路終端網上交易“二代Key”安全功能,可用於替代網路終端網上交易中使用的USBKey,保證網路終端網上交易的安全性。 The high-speed data channel of the machine card according to the present invention may be any communication method that can be provided between a mobile phone and a smart card, such as Bluetooth, WiFi, Zigbee and other communication methods. Typically, the high-speed data channel of the machine card is the Bluetooth channel between the mobile phone and the smart card. That is, using the method of the present invention can make the Bluetooth SIM have the "second-generation Key" security function, so that the wisdom with the Bluetooth SIM The mobile phone can have the "second-generation Key" security function for online transactions on the network terminal, which can be used to replace the USBKey used in online transactions on the network terminal to ensure the security of online transactions on the network terminal.
本發明所述安全智慧卡,指整合有安全模組(SE)或安全元件硬體的智慧卡,包括但不限於標準SIM、UIM、USIM、MicroSIM、NanoSIM等各種形態和尺寸的通訊智慧卡。 The security smart card in the present invention refers to a smart card that integrates security module (SE) or secure element hardware, including but not limited to communication smart cards of various forms and sizes, such as standard SIM, UIM, USIM, MicroSIM, NanoSIM and the like.
本發明所述系統平台,指進行交易業務處理的遠程服 務器平台。 The system platform according to the present invention refers to a remote server that performs transaction service processing. Server platform.
圖2為本發明通過手機確認網上交易安全的方法流程示意圖,如圖2所示,本發明還提供一種通過手機確認網上交易安全的方法,應用於如上所述通過手機確認網上交易安全的系統,所述系統包括:客戶端、系統平台、手機APP、交易安全確認模組、交易安全操作模組及主控模組,該方法,包括: FIG. 2 is a schematic flowchart of a method for confirming online transaction security through a mobile phone according to the present invention. As shown in FIG. 2, the present invention also provides a method for confirming online transaction security through a mobile phone, which is applied to confirm online transaction security through a mobile phone as described above The system includes a client, a system platform, a mobile phone APP, a transaction security confirmation module, a transaction security operation module, and a main control module. The method includes:
二維碼生成步驟S1:用於基於網上交易生成的交易資料與請求,生成二維碼,並在客戶端顯示二維碼;在客戶端交易過程中,客戶端生成待簽名確認的交易資料與請求。 Step S1 for generating a two-dimensional code: generating a two-dimensional code based on the transaction data and requests generated by the online transaction, and displaying the two-dimensional code on the client; during the client transaction, the client generates transaction data to be signed for confirmation With request.
二維碼獲取步驟S2:用於通過手機APP掃描客戶端顯示的二維碼,獲取並發送二維碼。 Step S2 for obtaining a two-dimensional code: It is used to scan the two-dimensional code displayed on the client through the mobile phone APP, and obtain and send the two-dimensional code.
交易安全確認步驟S3:用於接收並解析手機APP發送的二維碼,還原交易資料與請求,通過手機STK選單對交易資料與請求進行確認,生成交易確認結果。 Transaction security confirmation step S3: It is used to receive and analyze the QR code sent by the mobile phone APP, restore the transaction data and requests, confirm the transaction data and requests through the mobile STK menu, and generate a transaction confirmation result.
交易安全操作步驟S4:用於採用智慧卡安全模組功能對交易確認結果進行數位簽名。 Transaction security operation step S4: It is used to digitally sign the transaction confirmation result using the smart card security module function.
交易完成步驟S5:交易安全確認模組將簽名的交易確認結果發送給系統平台,系統平台基於簽名的交易確認結果決定是否繼續交易,如果繼續交易則系統平台執行交易請求,完成整個網上交易。 Transaction completion step S5: The transaction security confirmation module sends the signed transaction confirmation result to the system platform. The system platform decides whether to continue the transaction based on the signed transaction confirmation result. If the transaction is continued, the system platform executes the transaction request and completes the entire online transaction.
圖3~圖5為本發明通過手機確認網上交易安全的方法詳細流程示意圖,如圖3所示,其中,二維碼生成步驟S1包括: FIG. 3 to FIG. 5 are detailed flowcharts of a method for confirming the security of online transactions through a mobile phone according to the present invention, as shown in FIG. 3, where the two-dimensional code generating step S1 includes:
客戶端二維碼生成步驟S11:客戶端根據網上交易生成交易資料與請求,直接生成並顯示二維碼。 The client QR code generation step S11: The client generates transaction data and requests based on online transactions, and directly generates and displays the QR code.
或者,系統平台二維碼生成步驟S12:基於交易資料與請求生成二維碼,將二維碼發送給客戶端進行顯示。 Alternatively, the system platform two-dimensional code generating step S12: generating a two-dimensional code based on the transaction data and the request, and sending the two-dimensional code to the client for display.
如果由客戶端生成二維碼,則客戶端基於所述待簽名確認的交易資料與請求,生成二維碼,再將二維碼通過網路發送給系統平台。 If the client generates a two-dimensional code, the client generates a two-dimensional code based on the transaction data and request to be signed for confirmation, and then sends the two-dimensional code to the system platform through the network.
如圖3所示,其中,二維碼獲取步驟S2包括: As shown in FIG. 3, where the two-dimensional code obtaining step S2 includes:
二維碼掃描步驟S21:使用手機APP掃描在網路終端的客戶端上顯示的與交易資料與請求相應的二維碼。 Step S21 for scanning a two-dimensional code: Use a mobile phone APP to scan a two-dimensional code corresponding to transaction data and requests displayed on a client terminal of a network terminal.
二維碼發送步驟S22:手機APP將二維碼傳遞給交易安全確認模組。 Step S22 of sending the two-dimensional code: The mobile phone APP transmits the two-dimensional code to the transaction security confirmation module.
如圖4所示,其中,二維碼發送步驟S22,包括: As shown in FIG. 4, where the two-dimensional code sending step S22 includes:
行動網路發送步驟S221:所述手機APP將所述二維碼通過行動網路發送給所述系統平台,所述系統平台再通過資料短訊將所述二維碼下發給所述交易安全確認模組。 Mobile network sending step S221: The mobile phone APP sends the two-dimensional code to the system platform through the mobile network, and the system platform sends the two-dimensional code to the transaction security through a data message. Confirm the module.
或者,通訊通道發送步驟S222:手機APP將二維碼通過手機與SIM卡之間的資料通道發送給SIM卡,交易安全確認模組從SIM卡獲取二維碼。 Alternatively, the communication channel sends step S222: the mobile phone APP sends the two-dimensional code to the SIM card through the data channel between the mobile phone and the SIM card, and the transaction security confirmation module obtains the two-dimensional code from the SIM card.
其中,如圖3所示,交易安全確認步驟S3,包括: Among them, as shown in FIG. 3, the transaction security confirmation step S3 includes:
二維碼解析步驟S31:交易安全確認模組通過解析二維碼,獲得待簽名確認的交易資料與請求。 Step S31 for analyzing the two-dimensional code: The transaction security confirmation module obtains transaction data and requests for signature confirmation by analyzing the two-dimensional code.
交易確認步驟S32:交易安全確認模組中彈出STK選單顯示待簽名確認的交易資料與請求,等待使用者在STK 選單中對交易進行確認,生成交易確認結果。 Transaction confirmation step S32: The STK menu pops up in the transaction security confirmation module to display the transaction data and request for signature confirmation, waiting for the user to wait for STK Confirm the transaction in the menu to generate the transaction confirmation result.
其中,如圖3所示,交易安全操作步驟S4,包括: Among them, as shown in FIG. 3, the transaction security operation step S4 includes:
簽名步驟S41:如果使用者確認交易,則交易安全操作模組使用SIM卡上安全模組功能進行交易確認結果簽名。 Signature step S41: If the user confirms the transaction, the transaction security operation module uses the security module function on the SIM card to sign the transaction confirmation result.
其中,如圖5所示,交易完成步驟S5,包括: As shown in FIG. 5, the transaction completion step S5 includes:
短訊交易完成步驟S501:交易安全確認模組直接將簽名的交易確認結果通過資料短訊返回給系統平台。 The short message transaction completion step S501: The transaction security confirmation module directly returns the signed transaction confirmation result to the system platform through a data message.
或者,通訊通道交易完成步驟S502:交易安全確認模組將簽名的交易確認結果通過手機與SIM卡之間的資料通道發送給手機APP,手機APP通過行動網路發送給系統平台。 Alternatively, the communication channel transaction completion step S502: The transaction security confirmation module sends the signed transaction confirmation result to the mobile phone APP through the data channel between the mobile phone and the SIM card, and the mobile phone APP sends the system platform through the mobile network.
圖6為本發明具體實施例通過手機確認網上交易安全的方法流程示意圖,如圖6所示。 FIG. 6 is a schematic flowchart of a method for confirming online transaction security through a mobile phone according to a specific embodiment of the present invention, as shown in FIG. 6.
以手機網上銀行轉帳為例,對所述通過手機確認網上交易安全的方法進一步說明如下。 Taking mobile phone online bank transfer as an example, the method for confirming the security of online transactions through a mobile phone is further explained as follows.
本發明具體實施例中客戶端為可支持網上交易且帶顯示螢幕的個人設備或自助終端,包括但不限於PC、IPAD、手機、ATM機等。 In the specific embodiment of the present invention, the client is a personal device or a self-service terminal with a display screen that can support online transactions, including, but not limited to, a PC, an IPAD, a mobile phone, and an ATM machine.
步驟S50:在客戶端網上交易過程中,客戶端生成待簽名確認的交易資料與轉帳請求。例如在客戶端的網銀轉帳頁面中提示使用者輸入交易資料,如:對方賬號、轉帳金額等。 Step S50: During the online transaction process of the client, the client generates transaction data and a transfer request to be signed for confirmation. For example, on the client's online banking transfer page, the user is prompted to enter transaction information, such as: counterparty account number, transfer amount, and so on.
步驟S51:系統平台生成二維碼:客戶端將待簽名確 認的交易資料與轉帳請求通過網路發送給系統平台,系統平台基於所述待簽名確認的交易資料與轉帳請求,生成相應的二維碼,再將二維碼通過網路發送給客戶端;或者客戶端生成二維碼:客戶端基於所述待簽名確認的交易資料與轉帳請求,生成相應的二維碼,再將二維碼通過網路發送給系統平台。 Step S51: the system platform generates a two-dimensional code: the client will confirm the signature The recognized transaction information and the transfer request are sent to the system platform via the network, and the system platform generates a corresponding two-dimensional code based on the transaction data and the transfer request to be signed for confirmation, and then sends the two-dimensional code to the client through the network; Or the client generates a two-dimensional code: The client generates a corresponding two-dimensional code based on the transaction data to be signed and the transfer request, and then sends the two-dimensional code to the system platform through the network.
步驟S52:客戶端顯示二維碼:客戶端在交易確認頁面上顯示待簽名確認的交易資料與轉帳請求、以及相應的二維碼。 Step S52: The client terminal displays the QR code: the client terminal displays the transaction data to be signed for confirmation and the transfer request, and the corresponding QR code on the transaction confirmation page.
步驟S53:使用者使用手機APP掃描客戶端上的二維碼。 Step S53: The user scans the QR code on the client using the mobile phone APP.
步驟S54:APP將二維碼傳遞給手機系統:APP將二維碼通過行動網路發送給系統平台,系統平台再通過資料短訊將二維碼下發給手機系統;或者當具有機卡藍牙通道時,APP將二維碼通過機卡藍牙通道發送給SIM,SIM解析二維碼獲得待簽名資料與請求,手機系統再從SIM獲取二維碼/待簽名資料與請求,其中手機系統從SIM獲取二維碼/待簽名資料與請求的具體方式如下。 Step S54: The APP transmits the two-dimensional code to the mobile phone system: The APP sends the two-dimensional code to the system platform through the mobile network, and the system platform sends the two-dimensional code to the mobile phone system through a data message; During the channel, the APP sends the QR code to the SIM through the Bluetooth channel of the SIM card. The SIM parses the QR code to obtain the information and requests to be signed, and the mobile phone system obtains the QR code / to-be-signed data and requests from the SIM. The specific methods for obtaining QR code / material to be signed and request are as follows.
(1)APP通過手機端藍牙模組將二維碼發送給SIM卡後,APP通知系統平台向手機發送特定的資料短訊,觸發手機系統從SIM上去獲取二維碼/待簽名資料與請求。 (1) After the APP sends the QR code to the SIM card through the Bluetooth module on the mobile phone, the APP notifies the system platform to send a specific data message to the mobile phone, triggering the mobile phone system to obtain the QR code / material to be signed and request from the SIM.
和/或(2)SIM通過卡端藍牙模組接收到二維碼後,SIM在隨後的7816正常命令回應中設置特定應答狀態字的方式,通知手機系統來獲取卡上的二維碼/待簽名資料與 請求。手機系統在得到SIM的“讀資料”通知後,通過指定命令從SIM獲取二維碼/待簽名資料與請求,例如:手機系統可通過Fetch命令從SIM獲取二維碼/待簽名資料與請求。 And / or (2) After the SIM receives the QR code through the card-side Bluetooth module, the SIM sets a specific response status word in the subsequent 7816 normal command response to notify the mobile phone system to obtain the QR code / waiting on the card. Signature information and request. The mobile phone system obtains the QR code / material to be signed and request from the SIM by specifying the command after receiving the “Reading Material” notification from the SIM. For example, the mobile phone system can obtain the QR code / material to be signed and request from the SIM through the Fetch command.
所述行動網路包括但不限於運營商提供的行動資料網路和/或WiFi無線網路。 The mobile network includes, but is not limited to, a mobile data network and / or a WiFi wireless network provided by an operator.
步驟S55:手機系統解析二維碼獲得待簽名確認資料與轉帳請求、或者從SIM獲取到待簽名資料與請求,然後彈出STK選單顯示待簽名確認的交易資料與轉帳請求,等待使用者在STK選單中對交易進行確認。 Step S55: The mobile phone system parses the QR code to obtain the to-be-signed confirmation data and transfer request, or obtains the to-be-signed signature data and request from the SIM, and then pops up the STK menu to display the to-be-signed confirmation transaction data and transfer request, waiting for the user to wait in the STK menu Confirm the transaction.
步驟S56:使用者在STK選單中對交易進行確認。使用者在STK選單上選擇“確認”或“取消”等操作對交易進行人工確認。 Step S56: The user confirms the transaction in the STK menu. The user selects "confirm" or "cancel" on the STK menu to manually confirm the transaction.
步驟S57:若使用者確認繼續交易,則手機系統使用卡上安全模組提供的安全功能進行交易簽名等安全操作。 Step S57: If the user confirms to continue the transaction, the mobile phone system uses the security function provided by the security module on the card to perform security operations such as transaction signature.
步驟S58:手機系統直接將簽名確認結果通過資料短訊返回給系統平台;或者當具有機卡藍牙通道時,手機系統將簽名確認結果通過機卡藍牙通道返回給APP,APP再通過行動網路發送給系統平台。 Step S58: The mobile phone system directly returns the result of the signature confirmation to the system platform through a text message; or when there is a Bluetooth channel of the mobile phone card, the mobile phone system returns the signature confirmation result to the APP through the mobile phone's Bluetooth channel, and the APP sends it through the mobile network To the system platform.
步驟S59:系統平台接收到簽名確認結果後,根據使用者簽名確認結果決定是否繼續進行後續交易流程。如果系統平台判定繼續交易,則系統平台執行該交易請求,然後通過網路將交易結果發送給客戶端。 Step S59: After the system platform receives the signature confirmation result, it determines whether to continue the subsequent transaction process according to the user signature confirmation result. If the system platform determines to continue the transaction, the system platform executes the transaction request, and then sends the transaction result to the client through the network.
步驟S60:客戶端收到交易結果後顯示出來供使用者 查看。 Step S60: After receiving the transaction result, the client terminal displays it for the user. Check it out.
本發明還提供一種基於通過手機確認網上交易安全的方法實現的SIM卡,採用如上所述通過手機確認網上交易安全的方法,圖7為本發明基於通過手機確認網上交易安全的方法實現的SIM卡邏輯方塊圖,如圖7所示,SIM卡端至少包括卡端通訊模組10、交易安全操作模組11、主控模組12。卡端通訊模組10用於與手機端通訊模組21進行藍牙連接和通訊,傳遞二維碼以及簽名確認結果等資訊;主控模組12用於卡端流程的安全控制和處理;交易安全操作模組11用於數位簽名等安全操作,安全模組可以是卡上獨立的模組,也可以與安全主控模組整合在一個模組內。 The present invention also provides a SIM card implemented based on a method for confirming the security of online transactions through a mobile phone, which uses the method for confirming the security of online transactions through a mobile phone as described above. As shown in FIG. 7, the SIM card logic block diagram includes at least a card-side communication module 10, a transaction security operation module 11, and a main control module 12. The card-side communication module 10 is used for Bluetooth connection and communication with the mobile-phone-side communication module 21, and transmits information such as two-dimensional codes and signature confirmation results; the main control module 12 is used for security control and processing of card-side processes; transaction security The operation module 11 is used for security operations such as digital signatures. The security module can be an independent module on the card or integrated with the security master control module in one module.
SIM卡包括: The SIM card includes:
卡端通訊模組10:用於與手機進行資料通訊。 Card-side communication module 10: used for data communication with mobile phones.
交易安全操作模組11:用於採用智慧卡安全模組功能對網上交易的交易確認結果進行數位簽名。 Transaction security operation module 11: It is used to digitally sign the transaction confirmation result of online transactions using the function of the smart card security module.
主控模組12:用於對卡端通訊模組與交易安全操作模組進行中央控制與處理,將數位簽名的交易確認結果經由手機發送到系統平台,完成網上交易。 Main control module 12: It is used to centrally control and process the card-end communication module and transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
本發明還提供一種基於通過手機確認網上交易安全的方法實現的手機,圖8為本發明基於通過手機確認網上交易安全的方法實現的手機邏輯方塊圖,如圖8所示,採用如上所述通過手機確認網上交易安全的方法,手機包括: The present invention also provides a mobile phone implemented based on a method for confirming online transaction security through a mobile phone. FIG. 8 is a logic block diagram of a mobile phone implemented based on a method for confirming online transaction security through a mobile phone. As shown in FIG. Describes the method of confirming the security of online transactions through a mobile phone. The mobile phone includes:
手機端通訊模組21:用於與SIM卡進行資料通訊。 Mobile phone communication module 21: used for data communication with SIM card.
手機APP 22:用於通過掃描客戶端顯示的二維碼,獲 取所述二維碼並通過所述手機端通訊模組發送所述二維碼; Mobile APP 22: used to scan the QR code displayed on the client to obtain Taking the two-dimensional code and sending the two-dimensional code through the mobile phone communication module;
交易安全確認模組23:用於接收並解析所述手機APP發送的所述二維碼,還原網上交易的交易資料與請求,通過手機STK選單對所述交易資料與請求進行確認,生成交易確認結果。 Transaction security confirmation module 23: used to receive and parse the two-dimensional code sent by the mobile phone APP, restore transaction data and requests for online transactions, confirm the transaction data and requests through the mobile STK menu, and generate transactions verify results.
手機APP 22負責完成二維碼的掃描和處理;手機端通訊模組21用於與SIM卡端藍牙模組進行藍牙連接和通訊,傳遞二維碼以及簽名確認結果等資訊;交易安全確認模組23用於解析二維碼,彈出STK選單顯示待簽名資料和交易請求,並接受使用者的確認輸入等。 The mobile phone APP 22 is responsible for scanning and processing of the two-dimensional code; the mobile phone communication module 21 is used to perform Bluetooth connection and communication with the SIM card-side Bluetooth module, and transmit information such as the two-dimensional code and signature confirmation results; the transaction security confirmation module 23 is used to parse the QR code, pop up the STK menu to display the data to be signed and the transaction request, and accept the user's confirmation input.
本發明還提供一種基於通過手機確認網上交易安全的方法實現的網上交易系統,採用如上所述通過手機確認網上交易安全的方法,圖9為本發明基於通過手機確認網上交易安全的方法實現的網上交易系統邏輯方塊圖,如圖9所示,網上交易系統包括: The present invention also provides an online transaction system implemented based on a method for confirming the security of online transactions through a mobile phone, which uses the method for confirming the security of online transactions through a mobile phone as described above. The logic block diagram of the online trading system implemented by the method is shown in Figure 9. The online trading system includes:
客戶端31:用於進行網上交易,客戶端31根據所述網上交易生成交易資料與請求。 Client 31: It is used for online transactions. Client 31 generates transaction data and requests according to the online transactions.
系統平台32:用於進行網上交易的相關後台業務處理,基於交易資料與請求生成二維碼,並將二維碼發送給所述客戶端進行顯示。 System platform 32: It is used to perform related background business processing of online transactions, generate a two-dimensional code based on transaction data and requests, and send the two-dimensional code to the client for display.
手機系統33:用於通過掃描所述客戶端顯示的所述二維碼,獲取所述二維碼,解析所述二維碼,還原所述交易資料與請求,通過手機STK選單對所述交易資料與請求進 行確認,生成交易確認結果。 Mobile phone system 33: used to scan the two-dimensional code displayed on the client to obtain the two-dimensional code, parse the two-dimensional code, restore the transaction data and requests, and conduct the transaction through the mobile phone STK menu Information and Requests Line confirmation to generate transaction confirmation results.
SIM卡34:用於採用智慧卡安全模組功能對所述交易確認結果進行數位簽名,將數位簽名的交易確認結果經由手機系統發送到所述系統平台,完成整個網上交易。 SIM card 34: It is used to digitally sign the transaction confirmation result by using a smart card security module function, and send the digitally signed transaction confirmation result to the system platform via a mobile phone system to complete the entire online transaction.
本發明另一具體實施例中,還提供一種基於通過手機確認網上交易安全的方法實現的網上交易系統,採用如上所述通過手機確認網上交易安全的方法,圖9為本發明基於通過手機確認網上交易安全的方法實現的網上交易系統邏輯方塊圖,如圖9所示,網上交易系統包括: In another specific embodiment of the present invention, an online transaction system implemented based on a method for confirming the security of online transactions through a mobile phone is also provided. The method for confirming the security of online transactions through a mobile phone as described above is adopted. FIG. The logical block diagram of the online transaction system implemented by the method of confirming the security of online transactions with a mobile phone, as shown in FIG. 9, the online transaction system includes:
客戶端31用於進行網上交易,客戶端31根據網上交易生成交易資料與請求,生成並顯示二維碼。 The client 31 is used for online transactions. The client 31 generates transaction data and requests according to the online transactions, and generates and displays a two-dimensional code.
系統平台32:用於進行網上交易的相關後台業務處理。 System platform 32: related background business processing for online transactions.
手機系統33:用於通過掃描所述客戶端顯示的所述二維碼,獲取所述二維碼,解析所述二維碼,還原所述交易資料與請求,通過手機STK選單對所述交易資料與請求進行確認,生成交易確認結果。 Mobile phone system 33: used to scan the two-dimensional code displayed on the client to obtain the two-dimensional code, parse the two-dimensional code, restore the transaction data and requests, and conduct the transaction through the mobile phone STK menu The data is confirmed with the request, and the transaction confirmation result is generated.
SIM卡34:用於採用智慧卡安全模組功能對所述交易確認結果進行數位簽名,將數位簽名的交易確認結果經由手機系統發送到所述系統平台,完成整個網上交易。 SIM card 34: It is used to digitally sign the transaction confirmation result by using a smart card security module function, and send the digitally signed transaction confirmation result to the system platform via a mobile phone system to complete the entire online transaction.
其中,如圖9所示,手機系統33,包括: As shown in FIG. 9, the mobile phone system 33 includes:
手機端通訊模組331:用於與SIM卡進行資料通訊。 Mobile phone communication module 331: used for data communication with SIM card.
手機APP 332:用於通過掃描客戶端顯示的二維碼,獲取並通過手機端通訊模組發送二維碼。 Mobile phone APP 332: used to scan the QR code displayed on the client to obtain and send the QR code through the mobile phone's communication module.
交易安全確認模組333:用於接收並解析手機APP發送的二維碼,還原交易資料與請求,通過手機STK選單對交易資料與請求進行確認,生成交易確認結果。 Transaction security confirmation module 333: It is used to receive and analyze the QR code sent by the mobile APP, restore transaction data and requests, confirm transaction data and requests through the mobile STK menu, and generate transaction confirmation results.
其中,如圖9所示,SIM卡34,包括: As shown in FIG. 9, the SIM card 34 includes:
卡端通訊模組341:用於與手機系統進行資料通訊。 Card-side communication module 341: used for data communication with the mobile phone system.
交易安全操作模組342:用於採用智慧卡安全模組功能對交易確認結果進行數位簽名。 Transaction security operation module 342: It is used to digitally sign the transaction confirmation result by using the function of the smart card security module.
主控模組343:用於對卡端通訊模組與交易安全操作模組進行中央控制與處理,將數位簽名的交易確認結果經由手機發送到系統平台,完成網上交易。 Main control module 343: It is used to centrally control and process the card-side communication module and transaction security operation module, and send the digitally signed transaction confirmation result to the system platform via the mobile phone to complete the online transaction.
綜上所述,本發明所述通過手機確認網上交易安全的方法及其系統,可使得帶安全智慧卡的智慧手機具備網上交易“二代Key”功能,使用者無需使用專門的智慧密碼鑰匙(USBKey)而是使用本發明所述帶安全智慧卡的智慧手機,既可保證網上交易的安全性,又便於隨時攜帶,使用者使用更加方便。 In summary, the method and system for confirming online transaction security through a mobile phone according to the present invention can enable a smart phone with a secure smart card to have a "second-generation Key" function for online transactions, and the user does not need to use a special smart password. The key (USBKey) is a smart phone with a security smart card according to the present invention, which can ensure the security of online transactions, and is convenient to carry at any time, which is more convenient for users.
以上所述,僅為本發明的較佳實施例而已,並非用於限定本發明的保護範圍。 The above description is only the preferred embodiments of the present invention, and is not intended to limit the protection scope of the present invention.
S1‧‧‧二維碼生成步驟 S1‧‧‧Two-dimensional code generation steps
S2‧‧‧二維碼獲取步驟 S2‧‧‧ QR code acquisition steps
S3‧‧‧交易安全確認步驟 S3‧‧‧Transaction Security Confirmation Steps
S4‧‧‧交易安全操作步驟 S4‧‧‧Transaction security operation steps
S5‧‧‧交易完成步驟 S5‧‧‧Transaction Completion Steps
Claims (15)
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510761063.3A CN106682899A (en) | 2015-11-10 | 2015-11-10 | Method for confirming online transaction safety through mobile phone and system thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TW201717081A TW201717081A (en) | 2017-05-16 |
| TWI619042B true TWI619042B (en) | 2018-03-21 |
Family
ID=58694437
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW105135993A TWI619042B (en) | 2015-11-10 | 2016-11-04 | System and method for online transaction security, SIM card, mobile phone and online transaction system realized by the method |
Country Status (3)
| Country | Link |
|---|---|
| CN (1) | CN106682899A (en) |
| TW (1) | TWI619042B (en) |
| WO (1) | WO2017080355A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107508685B (en) * | 2017-10-13 | 2021-03-16 | 吉林工程技术师范学院 | Method for implementing application electronic signature service system in cloud computing environment |
| TWI657399B (en) * | 2017-11-17 | 2019-04-21 | 匯智通訊有限公司 | Method for performing anti-counterfeiting authentication on transaction voucher by using ultrasonic verification code and transaction verification method |
| CN108664621B (en) * | 2018-05-11 | 2021-09-07 | 哈尔滨工业大学 | Design method of display system based on Labview and STK |
| CN110245938B (en) * | 2019-06-06 | 2021-02-09 | 深圳市维京城信息技术有限公司 | Electronic commerce platform transaction safety payment method based on Internet of things |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110099107A1 (en) * | 2009-10-23 | 2011-04-28 | Infosys Technologies Limited | Method for money transfer using a mobile device |
| CN102289893A (en) * | 2011-04-29 | 2011-12-21 | 中国联合网络通信集团有限公司 | Method for earmarking electronic wallet and device and system |
| CN102449651A (en) * | 2011-01-21 | 2012-05-09 | 深圳市年年卡网络科技有限公司 | Short-distance payment system and payment procedure based on graphs |
| CN103854170A (en) * | 2012-12-07 | 2014-06-11 | 海尔集团公司 | Payment system and payment method based on two-dimension code |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1308454A (en) * | 2001-02-12 | 2001-08-15 | 深圳市众力讯电脑应用技术有限公司 | Hand set paying method |
| CN101742504A (en) * | 2008-11-24 | 2010-06-16 | 国民技术股份有限公司 | Method for carrying out identity authentication by utilizing short messages |
| CN103150650A (en) * | 2011-12-07 | 2013-06-12 | 中兴通讯股份有限公司 | Processing method, mobile terminal and system for remote payment |
-
2015
- 2015-11-10 CN CN201510761063.3A patent/CN106682899A/en active Pending
-
2016
- 2016-10-24 WO PCT/CN2016/103047 patent/WO2017080355A1/en active Application Filing
- 2016-11-04 TW TW105135993A patent/TWI619042B/en not_active IP Right Cessation
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110099107A1 (en) * | 2009-10-23 | 2011-04-28 | Infosys Technologies Limited | Method for money transfer using a mobile device |
| CN102449651A (en) * | 2011-01-21 | 2012-05-09 | 深圳市年年卡网络科技有限公司 | Short-distance payment system and payment procedure based on graphs |
| CN102289893A (en) * | 2011-04-29 | 2011-12-21 | 中国联合网络通信集团有限公司 | Method for earmarking electronic wallet and device and system |
| CN103854170A (en) * | 2012-12-07 | 2014-06-11 | 海尔集团公司 | Payment system and payment method based on two-dimension code |
Also Published As
| Publication number | Publication date |
|---|---|
| TW201717081A (en) | 2017-05-16 |
| WO2017080355A1 (en) | 2017-05-18 |
| CN106682899A (en) | 2017-05-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10475015B2 (en) | Token-based security processing | |
| US8990909B2 (en) | Out-of-band challenge question authentication | |
| CN105260886B (en) | Payment processing method and device, NFC portable terminal and wearable terminal | |
| TWI619042B (en) | System and method for online transaction security, SIM card, mobile phone and online transaction system realized by the method | |
| CN103778728A (en) | Method and system for realizing transaction without bank card through automatic teller machine | |
| WO2015096800A1 (en) | Data processing method, intermediate server and system | |
| CN103747012A (en) | Security verification method, device and system of network transaction | |
| CN101916478A (en) | Method for automatically acquiring, verifying and inputting dynamic password in normal short message by client | |
| CN107733838A (en) | A kind of mobile terminal client terminal identity identifying method, device and system | |
| CN104348802A (en) | Quick registration method, device, and system, cell phone, and register server | |
| CN105989485B (en) | Service management method and device | |
| CN104253689A (en) | User identity module card generated dynamic password authentication method and system based on QR (quick response) code | |
| US20230281594A1 (en) | Authentication for third party digital wallet provisioning | |
| CN103839160A (en) | Network transaction digital signing method and device | |
| US20210357946A1 (en) | Method, apparatus, and system for transmitting and receiving information by using qr code | |
| US9836618B2 (en) | System and method of authentication of a first party respective of a second party aided by a third party | |
| CN111539713B (en) | Mobile payment account end user certificate generation and conversion method, system and storage medium | |
| WO2017076173A1 (en) | Mobile terminal, trade confirmation method and apparatus therefor, and smart card | |
| US11257063B2 (en) | Telephone call purchase with payment using mobile payment device | |
| CN107172718B (en) | Information processing method and electronic equipment | |
| CN105447690B (en) | Method for interaction between terminals and mobile terminal | |
| CN105405010B (en) | Transaction device, transaction system using the same and transaction method | |
| CN110210831B (en) | Office examination and approval method and system based on data short message technology | |
| US20200202325A1 (en) | Information display method and apparatus, storage medium, and electronic device | |
| CN109801050B (en) | Mobile payment SDK and payment method for online mall |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| MM4A | Annulment or lapse of patent due to non-payment of fees |