WO2015014254A1 - Method for secure exchange of information related to resource transfers - Google Patents

Method for secure exchange of information related to resource transfers Download PDF

Info

Publication number
WO2015014254A1
WO2015014254A1 PCT/CN2014/083124 CN2014083124W WO2015014254A1 WO 2015014254 A1 WO2015014254 A1 WO 2015014254A1 CN 2014083124 W CN2014083124 W CN 2014083124W WO 2015014254 A1 WO2015014254 A1 WO 2015014254A1
Authority
WO
WIPO (PCT)
Prior art keywords
resource
transfer
data processing
processing server
security information
Prior art date
Application number
PCT/CN2014/083124
Other languages
French (fr)
Chinese (zh)
Inventor
万四爽
刘国宝
尹亚伟
Original Assignee
中国银联股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国银联股份有限公司 filed Critical 中国银联股份有限公司
Publication of WO2015014254A1 publication Critical patent/WO2015014254A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority

Definitions

  • the present invention relates to an information interaction method, and more particularly to a security information interaction method associated with the transfer of resources. Background technique
  • the client constructs a resource transfer request based on the user instruction, and transmits the resource transfer request to the resource provider server to complete the related resource transfer operation, wherein the resource transfer request includes Information related to the resource transfer operation (eg, type and number of resources to be transferred, transfer destination, etc.);
  • the resource provider server receives and parses the resource transfer request and provides the user with selectable data processing a list of servers; (3) jumping to an associated data processing server (eg, a payment service provider platform in the financial domain) based on the user's selection to perform a security information interaction process (eg, payment) associated with the resource transfer operation Process); (4) implementing an actual transfer (eg, completing a purchase behavior) of a resource (eg, a good or service) after the execution of the security information interaction process associated with the resource transfer operation is completed and the execution result is "successful" .
  • the prior art solution has the following problems: Since it is necessary to jump to the relevant data processing server to perform the security information interaction process associated with the resource transfer operation, the data processing efficiency is low and the operation is inconvenient.
  • a security information interaction method associated with the transfer of resources includes the following steps:
  • (A1) the resource provider server constructs a resource transfer request based on the user instruction and transmits the resource transfer request to the data processing server;
  • the data processing server generates a temporary authentication credential associated with the resource transfer request based on the received resource transfer request, and transmits the temporary authentication credential back to the resource provider server;
  • the resource provider server redirects the user to the data processing server by sending redirection information to the resource provider client to complete the resource interaction operation by the data interaction between the user and the data processing server
  • the associated security information interaction process is transferred, and the actual transfer of resources is implemented based on the execution result of the security information interaction process.
  • the resource transfer request includes information related to resource transfer and a resource provider identifier.
  • the redirection information includes the temporary authentication credential.
  • the data interaction between the user and the data processing server includes:
  • the user inputs a username and password to perform a login operation for the data processing server; (2) in the case where the user login is successful, the data processing server prompts the user to confirm information related to the resource transfer;
  • the data processing server in the case that the user has confirmed the information related to the resource transfer, the data processing server generates a verification code indicating that the verification is successful, and transmits the verification code and the temporary authentication certificate back to the resource providing Square server.
  • the step (A3) further comprises: the resource provider server requesting the data processing server to perform a resource transfer associated with the resource transfer server based on the verification code and the temporary authentication credential operating.
  • the step (A3) further comprises: After the verification of the certificate and the temporary authentication credential, the data processing server performs the operation associated with the resource transfer and transmits the execution result back to the resource provider server.
  • the step (A3) further comprises: in the case that the execution result indicates "success", the resource provider server implements an actual transfer of resources.
  • the resource provider server performs a registration operation to obtain the resource provider identifier and the resource provider key from the data processing server prior to initial operation.
  • the resource provider server encrypts the resource transfer request using the resource provider key and transmits the encrypted resource transfer request to the data processing server.
  • the security information interaction method disclosed in the present invention associated with the transfer of resources has the following advantages: Since the login operation is implemented by using the redirection method to verify the user identity without using the conventional jump mode, the data processing efficiency is relatively high. High and easy to operate. DRAWINGS
  • the security information interaction method disclosed in the present invention associated with the transfer of resources includes the following steps: (A1) A resource provider server (eg, a merchant's network platform) constructs a resource transfer request based on user instructions and The resource transfer request is transmitted to a data processing server (eg, a payment service provider server); (A2) the data processing server generates a temporary authentication credential associated with the resource transfer request based on the received resource transfer request, And transmitting the temporary authentication credential back to the resource provider server; (A3) the resource provider server redirects the user to the data processing server by sending redirection information to the resource provider client Data interaction between the user and the data processing server completes a security information interaction process associated with resource transfer, and implements actual transfer of resources (eg, goods or services) based on execution results of the security information interaction process (eg complete purchases).
  • a resource provider server eg, a merchant's network platform
  • A2 the data processing server generates a temporary authentication credential associated with the resource transfer request based on the received resource transfer request, And transmitting
  • the resource transfer request includes information related to resource transfer (eg, type and quantity of resources to be transferred, transfer destination, etc.)
  • the information related to resource transfer may include order information, commodity information, and payment amount, etc., and a resource provider identifier.
  • the redirection information includes the temporary authentication credential.
  • the data interaction operation between the user and the data processing server includes: (1) the user inputs a username and password to perform The login operation of the data processing server; (2) in the case where the user login is successful (ie, the user inputs the username and password to pass the verification), the data processing server prompts the user to confirm the information related to the resource transfer (for example, the goods to be purchased and (3) in the case where the user has confirmed the information related to the resource transfer, the data processing server generates a verification code indicating that the verification is successful, and transmits the verification code and the temporary authentication certificate Go back to the resource provider server.
  • the step (A3) further includes: the resource provider server is based on the verification code and the temporary authentication credential request
  • the data processing server performs operations associated with resource transfer (eg, debit operations)
  • the step (A3) further includes: after the verification code and the temporary authentication credential are successfully verified, the data
  • the processing server performs the operations associated with the resource transfer and transmits the execution results back to the resource provider server.
  • the step (A3) further includes: in the case that the execution result indicates "success", the resource provider The server implements the actual transfer of resources (such as goods or services) (such as completing a purchase).
  • the resource provider server performs a registration operation to obtain the resource provider identifier from the data processing server before initial operation. And resource provider key.
  • the resource provider server encrypts the resource transfer request using the resource provider key, and encrypts the resource A transfer request is transmitted to the data processing server.
  • the security information interaction method disclosed in the present invention associated with the transfer of resources has the following advantages: Since the login operation is implemented by using the redirection method to verify the user identity, instead of using the conventional jump mode, Data processing is efficient and easy to operate.

Abstract

The present invention provides a method for secure information exchange related to resource transfers, said method comprising: a resource provider server creates a resource transfer request on the basis of a user command, and sends said resource transfer request to a data processing server; on the basis of the received request, the data processing server generates temporary authentication credentials related to the request, and returns said temporary authentication credentials to the resource provider server; the resource provider server sends a redirection message to a client terminal thereof, and redirects said client to the data processing server; by means of the data exchange operations between said client and said data processing server, the secure information exchange process relating to the resource transfer is completed, and the actual transfer of resources is executed on the basis of the exchange process result. The present method for secure exchange of information related to resource transfers is operationally simple and achieves high data processing efficiencies.

Description

与资源的转移相关联的安全性信息交互方法 技术领域  Security information interaction method associated with resource transfer
本发明涉及信息交互方法, 更具体地, 涉及与资源的转移相关联的安全性 信息交互方法。 背景技术  The present invention relates to an information interaction method, and more particularly to a security information interaction method associated with the transfer of resources. Background technique
目前,随着计算机和网络应用的日益广泛以及不同领域的业务种类的日益 丰富, 与资源的转移相关联的安全性信息交互(即对安全性要求较高的信息交 互, 例如金融领域中的交易处理过程)方法(尤其是基于互联网的安全性信息 交互方法) 变得越来越重要。  At present, with the increasing popularity of computers and network applications and the growing variety of services in different fields, security information interactions associated with the transfer of resources (ie, information interactions that require high security, such as transactions in the financial field) Processes (especially Internet-based security information interaction methods) are becoming more and more important.
现有的与资源的转移相关联的安全性信息交互方法的基本工作过程如下: The basic working process of the existing security information interaction method associated with the transfer of resources is as follows:
(1)客户端 (例如商户的网络平台)基于用户指令构造资源转移请求, 并将所 述资源转移请求传送到资源提供方服务器以完成相关的资源转移操作, 其中, 所述资源转移请求包含与所述资源转移操作相关的信息 (例如待转移的资源的 类型和数量, 转移目的地等); ( 2 ) 资源提供方服务器接收并解析所述资源转 移请求并向用户提供可供选择的数据处理服务器的列表; ( 3 )基于用户的选择 跳转到相关的数据处理服务器(例如金融领域中的支付服务提供商平台)以执 行与所述资源转移操作相关联的安全性信息交互过程(例如支付过程); ( 4 ) 在所述与所述资源转移操作相关联的安全性信息交互过程执行完成并且执行 结果是 "成功"后实施资源(例如商品或服务)的实际转移(例如完成购买行 为)。 (1) The client (eg, the merchant's network platform) constructs a resource transfer request based on the user instruction, and transmits the resource transfer request to the resource provider server to complete the related resource transfer operation, wherein the resource transfer request includes Information related to the resource transfer operation (eg, type and number of resources to be transferred, transfer destination, etc.); (2) the resource provider server receives and parses the resource transfer request and provides the user with selectable data processing a list of servers; (3) jumping to an associated data processing server (eg, a payment service provider platform in the financial domain) based on the user's selection to perform a security information interaction process (eg, payment) associated with the resource transfer operation Process); (4) implementing an actual transfer (eg, completing a purchase behavior) of a resource (eg, a good or service) after the execution of the security information interaction process associated with the resource transfer operation is completed and the execution result is "successful" .
然而,现有的技术方案存在如下问题: 由于需要跳转到相关的数据处理服 务器以执行与资源转移操作相关联的安全性信息交互过程,故数据处理效率较 低并且操作不便。  However, the prior art solution has the following problems: Since it is necessary to jump to the relevant data processing server to perform the security information interaction process associated with the resource transfer operation, the data processing efficiency is low and the operation is inconvenient.
因此,存在如下需求: 提供无需跳转并且操作简便的与资源的转移相关联 的安全性信息交互方法。 发明内容 为了解决上述现有技术方案所存在的问题,本发明提出了无需跳转并且操 作简便的与资源的转移相关联的安全性信息交互方法。 Therefore, there is a need to provide a security information interaction method associated with the transfer of resources that does not require a jump and is easy to operate. Summary of the invention In order to solve the problems of the above prior art solutions, the present invention proposes a security information interaction method associated with the transfer of resources without jumping and being easy to operate.
本发明的目的是通过以下技术方案实现的:  The object of the invention is achieved by the following technical solutions:
一种与资源的转移相关联的安全性信息交互方法,所述与资源的转移相关 联的安全性信息交互方法包括下列步骤:  A security information interaction method associated with the transfer of resources, the security information interaction method associated with the transfer of resources includes the following steps:
( A1 ) 资源提供方服务器基于用户指令构造资源转移请求并将所述资源转 移请求传送到数据处理服务器;  (A1) the resource provider server constructs a resource transfer request based on the user instruction and transmits the resource transfer request to the data processing server;
( A2 )所述数据处理服务器基于接收到的所述资源转移请求生成与所述资 源转移请求相关联的临时认证凭证,并将所述临时认证凭证传送回所述资源提 供方服务器;  (A2) the data processing server generates a temporary authentication credential associated with the resource transfer request based on the received resource transfer request, and transmits the temporary authentication credential back to the resource provider server;
( A3 )所述资源提供方服务器通过向资源提供方客户端发送重定向信息而 将用户重定向到所述数据处理服务器,以便通过用户和所述数据处理服务器之 间的数据交互操作完成与资源转移相关联的安全性信息交互过程,并基于所述 安全性信息交互过程的执行结果实施资源的实际转移。  (A3) the resource provider server redirects the user to the data processing server by sending redirection information to the resource provider client to complete the resource interaction operation by the data interaction between the user and the data processing server The associated security information interaction process is transferred, and the actual transfer of resources is implemented based on the execution result of the security information interaction process.
在上面所公开的方案中,优选地, 所述资源转移请求包含与资源转移相关 的信息和资源提供方标识符。  In the solution disclosed above, preferably, the resource transfer request includes information related to resource transfer and a resource provider identifier.
在上面所公开的方案中,优选地,所述重定向信息包括所述临时认证凭证。 在上面所公开的方案中,优选地, 用户和所述数据处理服务器之间的数据 交互操作包括:  In the solution disclosed above, preferably, the redirection information includes the temporary authentication credential. In the solution disclosed above, preferably, the data interaction between the user and the data processing server includes:
( 1 )用户输入用户名和密码以执行针对所述数据处理服务器的登录操作; ( 2 )在用户登录成功的情况下, 所述数据处理服务器提示用户确认与资源 转移相关的信息;  (1) The user inputs a username and password to perform a login operation for the data processing server; (2) in the case where the user login is successful, the data processing server prompts the user to confirm information related to the resource transfer;
( 3 )在用户已确认所述与资源转移相关的信息的情况下, 所述数据处理服 务器生成指示验证成功的验证码,并将所述验证码和所述临时认证凭证传送回 所述资源提供方服务器。  (3) in the case that the user has confirmed the information related to the resource transfer, the data processing server generates a verification code indicating that the verification is successful, and transmits the verification code and the temporary authentication certificate back to the resource providing Square server.
在上面所公开的方案中, 优选地, 所述步骤(A3 )进一步包括: 所述资源 提供方服务器基于所述验证码和所述临时认证凭证请求所述数据处理服务器 执行与资源转移相关联的操作。  In the solution disclosed above, preferably, the step (A3) further comprises: the resource provider server requesting the data processing server to perform a resource transfer associated with the resource transfer server based on the verification code and the temporary authentication credential operating.
在上面所公开的方案中, 优选地, 所述步骤(A3 )进一步包括: 在所述验 证码和所述临时认证凭证验证成功后,所述数据处理服务器执行所述与资源转 移相关联的操作, 并将执行结果传送回所述资源提供方服务器。 In the solution disclosed above, preferably, the step (A3) further comprises: After the verification of the certificate and the temporary authentication credential, the data processing server performs the operation associated with the resource transfer and transmits the execution result back to the resource provider server.
在上面所公开的方案中, 优选地, 所述步骤(A3 )进一步包括: 在所述执 行结果指示 "成功" 的情况下, 所述资源提供方服务器实施资源的实际转移。  In the solution disclosed above, preferably, the step (A3) further comprises: in the case that the execution result indicates "success", the resource provider server implements an actual transfer of resources.
在上面所公开的方案中,优选地, 所述资源提供方服务器在初始运行之前 执行注册操作以从所述数据处理服务器获得所述资源提供方标识符和资源提 供方密钥。  In the solution disclosed above, preferably, the resource provider server performs a registration operation to obtain the resource provider identifier and the resource provider key from the data processing server prior to initial operation.
在上面所公开的方案中,优选地, 所述资源提供方服务器使用所述资源提 供方密钥加密所述资源转移请求,并将经加密的资源转移请求传送到所述数据 处理服务器。  In the solution disclosed above, preferably, the resource provider server encrypts the resource transfer request using the resource provider key and transmits the encrypted resource transfer request to the data processing server.
本发明所公开的与资源的转移相关联的安全性信息交互方法具有下列优 点: 由于使用重定向的方式实现登录操作以验证用户身份, 而不釆用常规的跳 转方式, 故数据处理效率较高并且操作简便。 附图说明  The security information interaction method disclosed in the present invention associated with the transfer of resources has the following advantages: Since the login operation is implemented by using the redirection method to verify the user identity without using the conventional jump mode, the data processing efficiency is relatively high. High and easy to operate. DRAWINGS
结合附图, 本发明的技术特征以及优点将会被本领域技术人员更好地理 解, 其中: 的流程图。 具体实施方式 的流程图。 如图 1所示, 本发明所公开的与资源的转移相关联的安全性信息交 互方法包括下列步骤: (A1 ) 资源提供方服务器(例如商户的网络平台)基于 用户指令构造资源转移请求并将所述资源转移请求传送到数据处理服务器(例 如支付服务提供方服务器);( A2 )所述数据处理服务器基于接收到的所述资源 转移请求生成与所述资源转移请求相关联的临时认证凭证,并将所述临时认证 凭证传送回所述资源提供方服务器; (A3 )所述资源提供方服务器通过向资源 提供方客户端发送重定向信息而将用户重定向到所述数据处理服务器,以便通 过用户和所述数据处理服务器之间的数据交互操作完成与资源转移相关联的 安全性信息交互过程, 并基于所述安全性信息交互过程的执行结果实施资源 (例如商品或服务) 的实际转移 (例如完成购买行为)。 The technical features and advantages of the present invention will be better understood by those skilled in the art from the drawings, in which: A flow chart of a specific embodiment. As shown in FIG. 1, the security information interaction method disclosed in the present invention associated with the transfer of resources includes the following steps: (A1) A resource provider server (eg, a merchant's network platform) constructs a resource transfer request based on user instructions and The resource transfer request is transmitted to a data processing server (eg, a payment service provider server); (A2) the data processing server generates a temporary authentication credential associated with the resource transfer request based on the received resource transfer request, And transmitting the temporary authentication credential back to the resource provider server; (A3) the resource provider server redirects the user to the data processing server by sending redirection information to the resource provider client Data interaction between the user and the data processing server completes a security information interaction process associated with resource transfer, and implements actual transfer of resources (eg, goods or services) based on execution results of the security information interaction process (eg complete purchases).
优选地, 在本发明所公开的与资源的转移相关联的安全性信息交互方法 中, 所述资源转移请求包含与资源转移相关的信息(例如待转移的资源的类型 和数量, 转移目的地等, 在商品交易领域内, 所述与资源转移相关的信息可以 包括订单信息、 商品信息以及支付金额等)和资源提供方标识符。  Preferably, in the security information interaction method disclosed in the present invention, the resource transfer request includes information related to resource transfer (eg, type and quantity of resources to be transferred, transfer destination, etc.) In the field of commodity transactions, the information related to resource transfer may include order information, commodity information, and payment amount, etc., and a resource provider identifier.
优选地, 在本发明所公开的与资源的转移相关联的安全性信息交互方法 中, 所述重定向信息包括所述临时认证凭证。  Preferably, in the security information interaction method disclosed in the present invention, the redirection information includes the temporary authentication credential.
优选地, 在本发明所公开的与资源的转移相关联的安全性信息交互方法 中, 用户和所述数据处理服务器之间的数据交互操作包括: ( 1 )用户输入用户 名和密码以执行针对所述数据处理服务器的登录操作; ( 2 )在用户登录成功的 情况下 (即用户输入用户名和密码验证通过 ), 所述数据处理服务器提示用户 确认与资源转移相关的信息 (例如所要购买的商品和支付金额等); (3 )在用 户已确认所述与资源转移相关的信息的情况下,所述数据处理服务器生成指示 验证成功的验证码,并将所述验证码和所述临时认证凭证传送回所述资源提供 方服务器。  Preferably, in the security information interaction method disclosed in the present invention associated with the transfer of resources, the data interaction operation between the user and the data processing server includes: (1) the user inputs a username and password to perform The login operation of the data processing server; (2) in the case where the user login is successful (ie, the user inputs the username and password to pass the verification), the data processing server prompts the user to confirm the information related to the resource transfer (for example, the goods to be purchased and (3) in the case where the user has confirmed the information related to the resource transfer, the data processing server generates a verification code indicating that the verification is successful, and transmits the verification code and the temporary authentication certificate Go back to the resource provider server.
优选地, 在本发明所公开的与资源的转移相关联的安全性信息交互方法 中, 所述步骤(A3 )进一步包括: 所述资源提供方服务器基于所述验证码和所 述临时认证凭证请求所述数据处理服务器执行与资源转移相关联的操作(例如 扣款操作  Preferably, in the security information interaction method disclosed in the present disclosure, the step (A3) further includes: the resource provider server is based on the verification code and the temporary authentication credential request The data processing server performs operations associated with resource transfer (eg, debit operations)
优选地, 在本发明所公开的与资源的转移相关联的安全性信息交互方法 中, 所述步骤(A3 )进一步包括: 在所述验证码和所述临时认证凭证验证成功 后, 所述数据处理服务器执行所述与资源转移相关联的操作, 并将执行结果传 送回所述资源提供方服务器。  Preferably, in the security information interaction method disclosed in the present disclosure, the step (A3) further includes: after the verification code and the temporary authentication credential are successfully verified, the data The processing server performs the operations associated with the resource transfer and transmits the execution results back to the resource provider server.
优选地, 在本发明所公开的与资源的转移相关联的安全性信息交互方法 中, 所述步骤(A3 )进一步包括: 在所述执行结果指示 "成功" 的情况下, 所 述资源提供方服务器实施资源(例如商品或服务)的实际转移(例如完成购买 行为)。 优选地, 在本发明所公开的与资源的转移相关联的安全性信息交互方法 中,所述资源提供方服务器在初始运行之前执行注册操作以从所述数据处理服 务器获得所述资源提供方标识符和资源提供方密钥。 Preferably, in the security information interaction method disclosed in the present disclosure, the step (A3) further includes: in the case that the execution result indicates "success", the resource provider The server implements the actual transfer of resources (such as goods or services) (such as completing a purchase). Preferably, in the security information interaction method disclosed in the present invention associated with the transfer of resources, the resource provider server performs a registration operation to obtain the resource provider identifier from the data processing server before initial operation. And resource provider key.
优选地, 在本发明所公开的与资源的转移相关联的安全性信息交互方法 中, 所述资源提供方服务器使用所述资源提供方密钥加密所述资源转移请求, 并将经加密的资源转移请求传送到所述数据处理服务器。  Preferably, in the security information interaction method associated with the transfer of resources disclosed by the present invention, the resource provider server encrypts the resource transfer request using the resource provider key, and encrypts the resource A transfer request is transmitted to the data processing server.
由上可见,本发明所公开的与资源的转移相关联的安全性信息交互方法具 有下列优点: 由于使用重定向的方式实现登录操作以验证用户身份, 而不釆用 常规的跳转方式, 故数据处理效率较高并且操作简便。  It can be seen from the above that the security information interaction method disclosed in the present invention associated with the transfer of resources has the following advantages: Since the login operation is implemented by using the redirection method to verify the user identity, instead of using the conventional jump mode, Data processing is efficient and easy to operate.
尽管本发明是通过上述的优选实施方式进行描述的,但是其实现形式并不 局限于上述的实施方式。 应该认识到: 在不脱离本发明主旨和范围的情况下,  Although the invention has been described in terms of the preferred embodiments described above, the implementations are not limited to the embodiments described above. It should be appreciated that, without departing from the spirit and scope of the invention,

Claims

权利要求 Rights request
1. 一种与资源的转移相关联的安全性信息交互方法, 所述与资源的转移 相关联的安全性信息交互方法包括下列步骤: A security information interaction method associated with the transfer of resources, the security information interaction method associated with the transfer of resources includes the following steps:
( A1 ) 资源提供方服务器基于用户指令构造资源转移请求并将所述资源转 移请求传送到数据处理服务器;  (A1) the resource provider server constructs a resource transfer request based on the user instruction and transmits the resource transfer request to the data processing server;
( A2 )所述数据处理服务器基于接收到的所述资源转移请求生成与所述资 源转移请求相关联的临时认证凭证,并将所述临时认证凭证传送回所述资源提 供方服务器;  (A2) the data processing server generates a temporary authentication credential associated with the resource transfer request based on the received resource transfer request, and transmits the temporary authentication credential back to the resource provider server;
( A3 )所述资源提供方服务器通过向资源提供方客户端发送重定向信息而 将用户重定向到所述数据处理服务器,以便通过用户和所述数据处理服务器之 间的数据交互操作完成与资源转移相关联的安全性信息交互过程,并基于所述 安全性信息交互过程的执行结果实施资源的实际转移。  (A3) the resource provider server redirects the user to the data processing server by sending redirection information to the resource provider client to complete the resource interaction operation by the data interaction between the user and the data processing server The associated security information interaction process is transferred, and the actual transfer of resources is implemented based on the execution result of the security information interaction process.
2. 根据权利要求 1所述的与资源的转移相关联的安全性信息交互方法,其 特征在于, 所述资源转移请求包含与资源转移相关的信息和资源提供方标识 符。  The security information interaction method associated with the transfer of resources according to claim 1, wherein the resource transfer request includes information related to resource transfer and a resource provider identifier.
3. 根据权利要求 2所述的与资源的转移相关联的安全性信息交互方法,其 特征在于, 所述重定向信息包括所述临时认证凭证。  3. The security information interaction method associated with the transfer of resources according to claim 2, wherein the redirection information comprises the temporary authentication credential.
4. 根据权利要求 3所述的与资源的转移相关联的安全性信息交互方法,其 特征在于, 用户和所述数据处理服务器之间的数据交互操作包括:  4. The security information interaction method associated with the transfer of resources according to claim 3, wherein the data interaction between the user and the data processing server comprises:
( 1 )用户输入用户名和密码以执行针对所述数据处理服务器的登录操作; ( 2 )在用户登录成功的情况下, 所述数据处理服务器提示用户确认与资源 转移相关的信息;  (1) The user inputs a username and password to perform a login operation for the data processing server; (2) in the case where the user login is successful, the data processing server prompts the user to confirm information related to the resource transfer;
( 3 )在用户已确认所述与资源转移相关的信息的情况下, 所述数据处理服 务器生成指示验证成功的验证码,并将所述验证码和所述临时认证凭证传送回 所述资源提供方服务器。  (3) in the case that the user has confirmed the information related to the resource transfer, the data processing server generates a verification code indicating that the verification is successful, and transmits the verification code and the temporary authentication certificate back to the resource providing Square server.
5. 根据权利要求 4所述的与资源的转移相关联的安全性信息交互方法,其 特征在于, 所述步骤(A3 )进一步包括: 所述资源提供方服务器基于所述验证 码和所述临时认证凭证请求所述数据处理服务器执行与资源转移相关联的操 作。 The security information interaction method associated with the transfer of resources according to claim 4, wherein the step (A3) further comprises: the resource provider server is based on the verification code and the temporary The authentication credential requests the data processing server to perform operations associated with resource transfer Work.
6. 根据权利要求 5所述的与资源的转移相关联的安全性信息交互方法,其 特征在于, 所述步骤(A3 )进一步包括: 在所述验证码和所述临时认证凭证验 证成功后, 所述数据处理服务器执行所述与资源转移相关联的操作, 并将执行 结果传送回所述资源提供方服务器。  The security information interaction method associated with the transfer of the resource according to claim 5, wherein the step (A3) further comprises: after the verification code and the temporary authentication credential are successfully verified, The data processing server performs the operations associated with the resource transfer and transmits the execution results back to the resource provider server.
7. 根据权利要求 6所述的与资源的转移相关联的安全性信息交互方法,其 特征在于, 所述步骤(A3 )进一步包括: 在所述执行结果指示 "成功" 的情况 下, 所述资源提供方服务器实施资源的实际转移。  The security information interaction method associated with the transfer of resources according to claim 6, wherein the step (A3) further comprises: if the execution result indicates "success", the The resource provider server implements the actual transfer of resources.
8. 根据权利要求 7所述的与资源的转移相关联的安全性信息交互方法,其 特征在于,所述资源提供方服务器在初始运行之前执行注册操作以从所述数据 处理服务器获得所述资源提供方标识符和资源提供方密钥。  8. The security information interaction method associated with the transfer of resources according to claim 7, wherein the resource provider server performs a registration operation to obtain the resource from the data processing server before initial operation. Provider identifier and resource provider key.
9. 根据权利要求 8所述的与资源的转移相关联的安全性信息交互方法,其 特征在于,所述资源提供方服务器使用所述资源提供方密钥加密所述资源转移 请求, 并将经加密的资源转移请求传送到所述数据处理服务器。  9. The security information interaction method associated with the transfer of resources according to claim 8, wherein the resource provider server encrypts the resource transfer request using the resource provider key, and An encrypted resource transfer request is transmitted to the data processing server.
PCT/CN2014/083124 2013-07-30 2014-07-28 Method for secure exchange of information related to resource transfers WO2015014254A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310324193.1 2013-07-30
CN201310324193.1A CN104348618B (en) 2013-07-30 2013-07-30 Safety information interaction method associated with the transfer of resource

Publications (1)

Publication Number Publication Date
WO2015014254A1 true WO2015014254A1 (en) 2015-02-05

Family

ID=52430992

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/083124 WO2015014254A1 (en) 2013-07-30 2014-07-28 Method for secure exchange of information related to resource transfers

Country Status (2)

Country Link
CN (1) CN104348618B (en)
WO (1) WO2015014254A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107040560B (en) * 2016-02-04 2020-09-08 阿里巴巴集团控股有限公司 Service processing method and device based on service platform
CN114006705B (en) * 2021-12-28 2022-03-18 深圳市名竹科技有限公司 Digital signature processing method and device, computer equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102004745A (en) * 2009-09-02 2011-04-06 中国银联股份有限公司 Data transfer system and method
CN102195943A (en) * 2010-03-12 2011-09-21 中国银联股份有限公司 Safety information interaction method and system
CN103164635A (en) * 2011-12-15 2013-06-19 中国银联股份有限公司 Security information interactive system, security information interactive device and security information interactive method based on spreading parameter set

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8740069B2 (en) * 2005-01-26 2014-06-03 Heng Kah Choy Fraud-free payment for internet purchases
US20090192911A1 (en) * 2008-01-29 2009-07-30 Revolution Money Inc. Payment redirection for online transactions

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102004745A (en) * 2009-09-02 2011-04-06 中国银联股份有限公司 Data transfer system and method
CN102195943A (en) * 2010-03-12 2011-09-21 中国银联股份有限公司 Safety information interaction method and system
CN103164635A (en) * 2011-12-15 2013-06-19 中国银联股份有限公司 Security information interactive system, security information interactive device and security information interactive method based on spreading parameter set

Also Published As

Publication number Publication date
CN104348618B (en) 2018-12-25
CN104348618A (en) 2015-02-11

Similar Documents

Publication Publication Date Title
JP7021291B2 (en) Offline payment methods and devices
JP6021923B2 (en) Secure authentication method and system for online transactions
TWI380663B (en) Method and system for secure binding register name identifier profile
CN102457507B (en) Cloud computing resources secure sharing method, Apparatus and system
US9166975B2 (en) System and method for secure remote access to a service on a server computer
JP2017021816A5 (en)
EP2587430A1 (en) Customer identification with automated transactions
US20130311382A1 (en) Obtaining information for a payment transaction
WO2017156004A1 (en) Encrypted password transport across untrusted cloud network
US20130036456A1 (en) Credential provision and proof system
CN112136303A (en) Secure delegation of refresh tokens for time-consuming operations
WO2014107977A1 (en) Key protection method and system
EP2495695A1 (en) Method and system for conducting a monetary transaction using a mobile communication device
CN102457509A (en) Safe access method, device and system of cloud computing resource
WO2015120694A1 (en) Registration method, device and system for third-party payment platform
JP2011519101A (en) Secure web-based transactions
JP2023505471A (en) Provisioning method and terminal equipment
WO2019210612A1 (en) Identity authentication method and apparatus
WO2020173276A1 (en) Risk payment processing method and apparatus, and device
CN110034933B (en) Cross-system user mutual trust authentication method and cross-system user mutual trust authentication system
AU2015253164B2 (en) Method and system for authentication token generation
WO2015014254A1 (en) Method for secure exchange of information related to resource transfers
TWI661707B (en) Safety information interaction method, terminal and computer program product
WO2018113508A1 (en) Ciphertext-based identity verification method
WO2019184206A1 (en) Identity authentication method and apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14832482

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 25.05.2016)

122 Ep: pct application non-entry in european phase

Ref document number: 14832482

Country of ref document: EP

Kind code of ref document: A1