WO2017012066A1 - Online transaction method, device and system - Google Patents

Online transaction method, device and system Download PDF

Info

Publication number
WO2017012066A1
WO2017012066A1 PCT/CN2015/084664 CN2015084664W WO2017012066A1 WO 2017012066 A1 WO2017012066 A1 WO 2017012066A1 CN 2015084664 W CN2015084664 W CN 2015084664W WO 2017012066 A1 WO2017012066 A1 WO 2017012066A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
buyer
seller
bank server
bank
Prior art date
Application number
PCT/CN2015/084664
Other languages
French (fr)
Chinese (zh)
Inventor
张毅
Original Assignee
深圳市银信网银科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市银信网银科技有限公司 filed Critical 深圳市银信网银科技有限公司
Priority to CA3115627A priority Critical patent/CA3115627C/en
Priority to CA2993090A priority patent/CA2993090C/en
Priority to CA3177680A priority patent/CA3177680C/en
Priority to PCT/CN2015/084664 priority patent/WO2017012066A1/en
Priority to CA3123658A priority patent/CA3123658C/en
Publication of WO2017012066A1 publication Critical patent/WO2017012066A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/403Solvency checks
    • G06Q20/4037Remote solvency checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/403Solvency checks

Definitions

  • the present invention relates to the field of Internet technologies, and in particular, to an online transaction method, apparatus, and system.
  • the online payment method mainly uses a third-party payment platform.
  • the buyer transfers the transaction funds to the third-party payment platform.
  • the third-party payment platform also stores the transaction information. After the buyer receives the goods, the third-party payment platform transfers the transaction funds to the seller, and the transaction is completed.
  • the bank server cannot achieve the effective flow of funds for the delivery of the first-hand payment, which may result in a large deviation between the flow of funds of the bank server and the actual transaction.
  • the user is exposed to the risk of capital risks, and the transaction funds and transaction information have the risk of being stolen in the third-party payment platform information, and the security is not high. It can be seen that an improved trading method is needed at this stage to reduce the risk of capital risks and improve the security of transaction information.
  • a primary object of the present invention is to provide an online transaction method, apparatus and system for reducing capital risk and improving transaction security.
  • an online transaction method comprising the steps of:
  • the commodity server after receiving the order information sent by the client, the commodity server sends a silver credit card certification request to the seller bank server according to the order information;
  • the seller bank server generates a bank letter to be valid according to the bank letter verification request, and sends it to the buyer bank server;
  • the buyer bank server obtains the buyer's payment verification information from the client and performs verification; after the verification is passed, the funds corresponding to the order amount in the buyer account are frozen, and the status of the silver credit card is Updated to the active status and sent to the seller's bank server;
  • the seller bank server updates the status of the valid silver certificate to the received certificate, and sends the received notification to the commodity server;
  • the commodity server sends the order information to the transaction intermediary server according to the received notification; [0013] the transaction intermediary server arranges delivery according to the order information, and after determining that the buyer has received the goods, Sending a receipt notification to the buyer's bank server;
  • the buyer bank server transfers the frozen funds in the buyer account to the seller account of the seller bank server.
  • an online transaction method for use in a commodity server, the method comprising the steps of:
  • an online transaction method is provided for use in a seller's bank server
  • the method includes the following steps:
  • an online transaction method is provided for use in a buyer's bank server
  • the method includes the following steps:
  • the funds frozen by the buyer account are transferred to the seller account of the seller bank server.
  • an online transaction system comprising: a client configured to generate order information according to a commodity booked by a buyer, further comprising a commodity server, a buyer bank server, a seller bank server, and a transaction intermediary server , among them:
  • the commodity server is configured to: after receiving the order information sent by the client, send a silver credit certificate request to the seller bank server; receive the received certificate sent by the seller bank server After the notification, sending the order information to the transaction intermediary server;
  • the seller bank server is configured to: after receiving the request for the bank credit certificate, generate a bank certificate to be valid and send it to the buyer bank server; receive the sent by the buyer bank server After the validated bank letter, the status of the bank letter is updated to the status of the received certificate, and the received certificate is sent to the commodity server;
  • the transaction intermediation server is configured to arrange delivery according to the order information, and send a receipt notification to the buyer bank server after determining that the buyer has received the goods;
  • the buyer bank server is configured to, after receiving the silver credit certificate in the inactive state, obtain the buyer's payment verification information from the client and perform verification; when the verification is passed, freeze the buyer account The funds corresponding to the order amount are updated, and the status of the bank letter is updated to the valid state, and sent to the seller bank server; after receiving the received goods notification, the funds frozen by the buyer account are transferred The money is in the seller's account of the seller's bank server.
  • an online transaction apparatus for use in a commodity server,
  • the device includes the following modules:
  • the first receiving module is configured to receive the order information sent by the client, and the received notification sent by the seller bank server;
  • the certificate requesting module is configured to: after receiving the order information sent by the client, send a silver credit certificate request to the seller bank server according to the order information;
  • the order information sending module is configured to send the order information to the transaction intermediary server after receiving the received notification sent by the seller bank server.
  • an online transaction apparatus for use in a seller's bank server
  • the device includes the following modules:
  • the second receiving module is configured to receive the silver credit certificate request sent by the commodity server, and the valid silver certificate sent by the buyer bank server;
  • the silver credit card generating module is configured to generate a silver credit card in a valid state according to the silver credit card verification request; [0037] a silver credit card sending module, configured to set the silver credit card to be in a valid state Sent to the buyer's bank server;
  • the received notification module is configured to update the status of the silver credit to the received status after receiving the valid silver certificate sent by the buyer's bank server, and send the status to the commodity server Notification of receipt
  • an online transaction apparatus for use in a buyer's bank server
  • the device includes the following modules:
  • a third receiving module configured to receive a silver credit card sent by the seller bank server to be in a valid state, and a received delivery notification sent by the transaction intermediary server;
  • the verification module is configured to: after receiving the silver certificate of the to-be-effective state, obtain the buyer's payment verification information from the client and perform verification;
  • a freezing module configured to freeze the funds corresponding to the order amount in the buyer account after the verification is passed, and update the status of the silver credit to be valid, and send the same to the seller bank server;
  • the payment module is configured to, after receiving the received delivery notification, transfer funds frozen by the buyer account to a seller account of the seller bank server.
  • An online transaction method, device and system provided by the present invention through a commodity server to a seller bank
  • the server sends a request for confirmation
  • the intermediary transaction server sends a receipt notification to the buyer's bank server, and completes the transaction process in the interaction between the client, the commodity server, the buyer's bank server, the seller's bank server, and the transaction intermediary server, and the transaction funds in the transaction process.
  • the transaction information is not transferred to the third-party payment platform, but flows within the banking system. This facilitates the bank to supervise the funds and improve the security of the transaction. It also facilitates the bank to supervise the credit of the transaction entity. Conducive to the establishment of a social credit system. And through the generation of the silver letter to the actual monitoring of the transaction status, so that there is no deviation between the capital flow and the actual transaction, so that the effective flow of money to deliver the goods in one hand, can effectively reduce the risk of funds and improve the transaction. Information security.
  • the digital envelope technology is used to securely transmit the communication data
  • the dynamic anti-counterfeiting technology is used to dynamically generate the symmetric key
  • the AES algorithm is used to encrypt the communication data
  • the dual-track verification technology is used to verify the data.
  • the two networks use technology to communicate, further improving the security of the transaction.
  • FIG. 1 is a flow chart of a first embodiment of an online transaction method of the present invention
  • FIG. 2 is a schematic diagram of interaction of each system in a transaction process according to an embodiment of the present invention
  • FIG. 3 is a specific flowchart of a data sender and a data receiver in a secure transmission of communication data by using a digital envelope technology in an embodiment of the present invention
  • FIG. 4 is a flow chart of a second embodiment of the online transaction method of the present invention.
  • FIG. 5 is a flow chart of a third embodiment of the online transaction method of the present invention.
  • FIG. 6 is a flow chart of a fourth embodiment of the online transaction method of the present invention.
  • FIG. 7 is a flowchart of a fifth embodiment of the online transaction method of the present invention.
  • FIG. 8 is a block diagram showing a first embodiment of an online transaction system of the present invention.
  • FIG. 9 is a schematic block diagram of an embodiment of an online transaction device applied to a client according to the present invention.
  • FIG. 10 is a block diagram showing an embodiment of an online transaction apparatus applied to a commodity server according to the present invention
  • FIG. 11 is a block diagram showing an embodiment of an online transaction apparatus applied to a seller bank server of the present invention
  • FIG. 12 is a block diagram showing an embodiment of an online transaction apparatus of the present invention applied to a buyer's bank server
  • 13 is a block diagram showing an embodiment of an online transaction apparatus applied to a transaction broker server according to the present invention
  • FIG. 14 is a block diagram showing a second embodiment of the online transaction system of the present invention.
  • FIG. 1 and FIG. 2 an embodiment of an online transaction method according to the present invention is provided.
  • the method includes the following steps.
  • S11 The client generates the order information according to the product information subscribed by the buyer, and sends the order information to the commodity server.
  • step S11 the seller inputs and stores the product information into the product server, and the buyer communicates with the product server through the client to acquire the product information from the product server.
  • the buyer selects the item to be purchased in the item information, and the client generates the order information based on the item information selected by the user, and submits the order information to the product server.
  • the commodity includes a tangible physical product and an intangible service
  • the commodity information includes information such as the price and parameters of the commodity
  • the commodity server may be a commercial computer server, or may be a computer server set up by the seller itself
  • the terminal is a communication terminal operated by the buyer, and may be a terminal device such as a mobile phone, a tablet device, or a computer.
  • S12 The commodity server sends a silver credit certificate request to the seller bank server according to the order information.
  • the buyer bank server refers to the computer server of the bank corresponding to the buyer's bank account (ie, the buyer's bank of the account), and the seller bank server refers to the bank corresponding to the seller's bank account (ie, the seller's
  • the computer server of the Seto Bank, the buyer's bank server and the seller's bank server may be the same computer server of the bank (ie the buyer's and the seller's bank of the same bank), or may be the computer servers of different banks (ie the buyer and the seller) Seto Bank is different.)
  • step S12 after receiving the order information, the commodity server knows the buyer bank server and the seller bank server according to the order information, generates a silver credit certificate request and sends it to the seller bank server.
  • the silver letter certificate is an electronic certificate that the bank credit promises to pay, which can be understood as an electronic data, which can be stored in a computer system and transmitted through the network.
  • S13 The seller bank server generates a bank letter to be valid according to the bank letter certificate request and sends it to the buyer bank server.
  • step S13 after receiving the request for the bank credit certificate, the seller bank server knows the buyer bank server, and generates a bank certificate Z1 to be validated and sends it to the buyer bank server.
  • step S14 The buyer bank server obtains the buyer's payment verification information from the client and performs verification. If the verification is passed, step S15 is performed, otherwise the process ends.
  • the buyer's bank server After receiving the silver certificate Z1 sent by the seller's bank server to be in a valid state, the buyer's bank server generates payment verification information according to the silver certificate Z1 to be in effect, and sends the payment verification information to After the client receives the payment verification information input by the buyer, it submits it to the buyer's bank server for verification.
  • the payment verification information may be a payment page, and the buyer inputs information such as verification information, payment amount, and the like on the payment page on the client.
  • the verification information includes at least a bank account and a password, and may further include information such as a verification code, an expiration date, and the like.
  • a payment page is generated, and the link address of the payment page is sent to the buyer (for example, sent to the buyer's registered mobile phone by SMS).
  • the buyer enters the link address of the payment page on the client or directly clicks the link address received by the client to open the payment page, and enters payment verification information such as verification information and payment amount on the payment page.
  • the buyer's bank server verifies the payment verification information entered by the client on the payment page.
  • S15 The buyer bank server freezes the funds corresponding to the order amount in the buyer account, and updates the status of the bank letter to the valid state, and sends it to the seller bank server.
  • the buyer bank server freezes the corresponding amount of funds in the buyer account according to the payment amount input on the payment page, and updates the status of the silver credit card, and updates the silver letter Z1 to be in effect to the already The valid bank letter Z2, and the valid bank letter Z2 will be sent to the seller's bank server.
  • S16 The seller bank server updates the status of the valid silver certificate to the received certificate, and sends the received notification to the commodity server.
  • step S16 after receiving the valid bank letter Z2, the seller bank server updates the status of the bank letter certificate, and updates the valid bank letter Z2 to the received bank letter Z3, and sends the certificate. Receive a notification to the product server.
  • step S17 The commodity server sends the order information to the transaction intermediary server according to the received notification. [0079] In step S17, after receiving the notification of the receipt of the certificate, the commodity server transmits the order information to the transaction intermediary server.
  • S18 The transaction intermediary server arranges the delivery according to the order information, and after determining that the buyer has received the goods, sends the received delivery notice to the buyer's bank server.
  • step S18 after receiving the order information, the transaction intermediary server performs the delivery according to the transaction information such as the product information and the buyer information in the order information.
  • the transaction intermediary server may notify the seller to arrange the delivery, including but not limited to any one of the following ways: sending an email notification to the seller's preset email address, sending a text message notification to the seller's preset mobile number, to the seller The preset QQ number sends a QQ message; or sends a WeChat message to the seller's preset micro-signal code.
  • the seller arranges for delivery after receiving the delivery notice.
  • the transaction intermediary server determines that the buyer has received the goods; or, the transaction intermediary server does not receive the feedback information of the client within the preset time after scheduling the delivery, By default, the buyer has received the goods after the preset time has passed.
  • the receipt notification is sent to the buyer's bank server.
  • S19 The buyer's bank server transfers the funds frozen in the buyer's account to the seller's account of the seller's bank server.
  • step S19 after the buyer's bank server receives the received delivery notification, the frozen funds in the buyer's account are transferred to the seller's account. At this point, the transaction is completed.
  • the method further includes: if the buyer bank server does not receive the receipt notification sent by the transaction intermediary server within the preset time, After setting up the room, the funds frozen by the buyer's account are transferred to the seller's account of the seller's bank server.
  • the transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, and all flow in the banking system, thereby facilitating the supervision of the funds by the bank and improving the transaction.
  • the security peers also facilitate the bank to supervise the credit of the transaction subject, which is conducive to the establishment of a social credit system. And through the generation of the silver letter to the actual monitoring of the transaction status, so that there is no deviation between the capital flow and the actual transaction, so that the effective flow of money to deliver the goods in one hand, can effectively reduce the risk of funds and improve the transaction.
  • Information security is provided to the generation of the silver letter to the actual monitoring of the transaction status, so that there is no deviation between the capital flow and the actual transaction, so that the effective flow of money to deliver the goods in one hand, can effectively reduce the risk of funds and improve the transaction.
  • the client, the commodity server, the buyer The bank server, the seller's bank server, and the transaction intermediary server use the digital envelope to securely transmit the communication data after data transmission and data reception. Thereby further improving the security of data transmission and ensuring the security of transactions.
  • the data sender generates a symmetric key, and the communication data is encrypted by using a symmetric key to form a first ciphertext.
  • the data sender randomly generates a symmetric key every time the data is sent, thereby achieving the effect of dynamic anti-counterfeiting, improving data security, and thereby ensuring transaction security.
  • the data sender After encrypting the communication data, the data sender preferably encrypts the communication data by the AES algorithm using a symmetric key to form a first ciphertext.
  • the data sender encrypts the symmetric key by using a public key of the data receiver to form a second ciphertext.
  • the data sender signs the first ciphertext and the second ciphertext respectively by using the private key of the data, and then sends the first ciphertext and the second ciphertext to the data receiver.
  • the data receiver decrypts the second ciphertext by using its own private key to obtain a symmetric key.
  • the data receiver decrypts the first ciphertext by using a symmetric key to obtain communication data.
  • the signing step in step S103 and the verifying sign step in step S104 may also be omitted.
  • the monitoring server collects the data sent by the data sender and the data received by the data receiver, and checks the consistency of the sent data and the received data, and the collected data to be collected. Compare with the received data to determine whether the two are consistent. Further ensure the security of the transaction.
  • FIG. 4 a second embodiment of the online transaction method of the present invention is proposed.
  • the method is applied to a commodity server, and includes the following steps:
  • the silver credit card is an electronic voucher for bank credit commitment payment, which can be understood as an electronic data, can be stored in a computer system and transmitted through a network, and the commodity server knows the seller bank server according to the order information, and sends the seller bank server to the seller bank server. Send a letter of credit to the card.
  • the commodity server after receiving the received notification sent by the seller's bank server, the commodity server sends the order information to the transaction intermediary server, so that the transaction intermediary server arranges the delivery according to the order information.
  • a third embodiment of the online transaction method of the present invention is proposed.
  • the method is applied to a seller bank server, and the method includes the following steps:
  • S3 After receiving the request for the silver credit card issued by the commodity server, S3 generates a bank certificate to be valid.
  • FIG. 6 a fourth embodiment of the online transaction method of the present invention is proposed.
  • the method is applied to a buyer's bank server, and includes the following steps:
  • the S4 After receiving the silver credit certificate sent by the seller's bank server and in effect, the S4 obtains the buyer's payment verification information from the client and performs verification. If the verification is passed, step S602 is performed, otherwise the process ends.
  • S51 Receive order information sent by the commodity server, and arrange delivery according to the order information.
  • the transaction intermediary server After receiving the order information, the transaction intermediary server performs the delivery according to the transaction information such as the product information and the buyer information in the order information.
  • the transaction intermediary server can notify the seller and let the seller arrange the delivery.
  • the preset micro-signal code sends a WeChat message.
  • the seller arranges the delivery after receiving the delivery notice.
  • the transaction intermediary server determines that the buyer has received the goods; or, the transaction intermediary server does not receive the feedback from the client within the preset time after scheduling the delivery.
  • the information the default buyer has received the goods after the preset time is exceeded.
  • the delivery notice is sent to the buyer's bank server.
  • the online transaction system of the embodiment is an online transaction system for implementing the online transaction method, and the online transaction system includes a client, a commodity server, and a buyer.
  • Bank server, seller bank server and transaction broker server where:
  • client configured to obtain product information from the commodity server, generate an order according to the commodity booked by the buyer, and send the order to the commodity server; send the buyer input to the buyer bank server after receiving the payment verification request sent by the buyer bank server Payment verification information.
  • the online transaction device applied to the client includes the following modules:
  • an order sending module configured to obtain product information from the commodity server, generate an order according to the commodity booked by the buyer, and send the order to the commodity server;
  • the verification information sending module is configured to send the payment verification information input by the buyer to the buyer bank server after receiving the payment verification request sent by the buyer bank server.
  • the commodity server is configured to: after receiving the order information sent by the client, send the silver credit certificate request to the seller bank server, and further set to receive the notification received by the seller bank server, and then send the notification to the transaction intermediary server. Send order information.
  • the online transaction device applied to the commodity server includes the following modules: [0123]
  • the first receiving module is configured to receive the order information sent by the client, and the received notification sent by the seller bank server;
  • the certificate requesting module is configured to: after receiving the order information sent by the client, send a request for a silver credit card to the seller bank server according to the order information;
  • the order information sending module is configured to send the order information to the transaction intermediary server after receiving the received notification sent by the seller bank server.
  • the seller bank server is configured to: after receiving the silver credit certificate request sent by the commodity server, generate a silver certificate to be valid and send it to the buyer bank server; and also set to receive the sent by the buyer bank server After the valid bank letter is issued, the status of the bank letter is updated to the status of the received certificate, and the received certificate is sent to the commodity server.
  • the online transaction device applied to the seller bank server includes the following modules: [0128]
  • the second receiving module is configured to receive the silver credit certificate request sent by the commodity server, and send the buyer bank server to send a bank letter that has entered into force;
  • the silver credit generation module is configured to generate a silver credit certificate according to the silver credit certificate request; [0130] the silver credit sending module is configured to send the silver credit to be in effect to the buyer bank [0131]
  • the received notification module is configured to update the status of the silver letter to the received status after receiving the valid silver letter sent by the buyer's bank server, and send the received notification to the commodity server.
  • Buyer Bank Server After receiving the silver letter certificate sent by the seller bank server to be valid, obtaining the payment verification information from the client and verifying; if the verification is passed, freezing the funds corresponding to the order amount in the buyer account, And update the status of the bank letter to the valid state, and send it to the seller's bank server; also set to receive the goods receipt notification sent by the transaction intermediary server, and transfer the funds frozen by the buyer account to the seller account of the seller's bank server. in.
  • the online transaction device applied to the buyer's bank server includes the following modules: [0134]
  • the third receiving module is configured to receive a silver letter certificate to be validated by the seller bank server, and a transaction intermediary Received notification sent by the server;
  • the verification module is configured to: after receiving the silver credit certificate sent by the seller bank server to be in a valid state, obtain the payment verification information of the buyer from the client and perform verification;
  • the freezing module is set to freeze the funds corresponding to the order amount in the buyer account after the verification is passed, and the silver is The status of the letter is updated to be valid and sent to the seller's bank server;
  • the payment module is configured to, after receiving the received notification sent by the transaction intermediary server, transfer the funds frozen by the buyer account to the seller account of the seller bank server.
  • the transfer module is further set to: If the received goods notification sent by the transaction intermediary server is not received within the preset time, the preset is exceeded. After the day, the funds frozen by the buyer's account are transferred to the seller's account of the seller's bank server.
  • Transaction Mediation Server Set to receive the order information sent by the commodity server, arrange the delivery according to the order information, and send the receipt notification to the buyer's bank server after determining that the buyer has received the goods.
  • the online transaction device applied to the transaction broker server includes the following modules: [0141] The fourth receiving module is configured to receive the order information sent by the commodity server;
  • the delivery arrangement module is configured to arrange delivery according to the transaction information such as the commodity information and the buyer information in the order information; specifically, the seller may be notified to arrange the delivery, including but not limited to any one or more of the following One way: send an email notification to the seller's preset email address, send a short message notification to the seller's preset mobile number, send a QQ message to the seller's preset QQ number, or send a WeChat message to the seller's preset microcode.
  • the seller arranges the delivery after receiving the delivery notice;
  • the goods receipt notification module is configured to send a receipt notification to the buyer's bank server after determining that the buyer has received the goods. Specifically, after receiving the receipt confirmation notification sent by the client, the received delivery notification module determines that the buyer has received the goods; or, the received delivery notification module does not receive the client within the preset time after scheduling the delivery. Feedback information, the buyer has received the goods by default after the preset time is exceeded.
  • the seller pre-stores the product information in the product server, and the buyer communicates with the product server through the client, acquires the product information from the product server, and selects the product to be purchased.
  • the client generates order information based on the item information selected by the buyer, and submits the order information to the product server.
  • the commodity includes a tangible physical product and an intangible service; the commodity information includes information such as the price and parameters of the commodity; the commodity server may be a commercial computer server, or may be a computer server set up by the seller itself; the client is a buyer-operated communication Terminals, including but not limited to mobile devices, tablet devices, computers and other terminal devices.
  • the buyer's bank server refers to the bank server where the buyer's bank account is located
  • the seller's bank server refers to the bank server where the seller's bank account is located
  • the buyer's bank server and the seller's bank server may be the same bank's server (ie the buyer and the seller's accountant) The same bank), or it may be The servers of different banks (ie the buyer and seller's Seto Bank are different).
  • a bank letter is an electronic certificate that a bank credit promises to pay. It can be understood as an electronic data that can be stored in a computer system and transmitted over a network.
  • the transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, and the transaction status is monitored by generating the silver credit card, so that the funds flow and There is no deviation between the actual transactions, so that the effective flow of funds to deliver the goods in one hand and the next hand is effective, reducing the risk of funds and improving the security of transaction information.
  • the client, the commodity server, the seller bank server, the buyer's bank server, and the transaction intermediary server are also set to: after data transmission and data reception, using digital envelope technology Communication data is transmitted securely. Thereby further improving the security of data transmission and ensuring the security of transactions.
  • the client When the client, the commodity server, the seller's bank server, the buyer's bank server, and the transaction broker server are used as data senders, it is also set to:
  • generating a symmetric key encrypting the communication data by using a symmetric key to form a first ciphertext; encrypting the symmetric key by using a public key of the data receiver to form a second ciphertext; using the private key of the first pair A ciphertext and a second ciphertext are signed and sent to the data receiver.
  • the data sender randomly generates a symmetric key every time the data is transmitted, thereby achieving the effect of dynamic anti-counterfeiting.
  • the data sender After encrypting the communication data, the data sender preferably encrypts the communication data with the AES algorithm using the symmetric key to form the first ciphertext.
  • the client When the client, the commodity server, the seller bank server buyer bank server, and the intermediary transaction server act as data senders, it is also set to:
  • the data sender may not sign the first ciphertext and the second ciphertext, and the corresponding data receiver does not need to perform signature verification on the first ciphertext and the second ciphertext.
  • a second embodiment of the online transaction system of the present invention is proposed.
  • the difference between this embodiment and the first embodiment is that a monitoring server is added, and the monitoring server is configured as: [0154]
  • the data transmitted by the data sender and the data received by the data receiver are collected, and the consistency of the transmitted data and the received data is verified, and the collected data and the received data are collected.
  • the data is compared to determine whether the two are consistent.
  • the embodiment adopts the dual-track verification technology to prevent data from being tampered with during the communication process, thereby further ensuring the security of the transaction.
  • this embodiment also adopts a two-network combination technology. That is, the client, the commodity server, the buyer's bank server, and the seller's bank server communicate through the public network, and the monitoring server communicates with the buyer's bank server and the seller's bank server respectively through a dedicated line. The security of the transaction is further guaranteed.
  • the storage medium may be a ROM/RAM, a magnetic disk, an optical disk, or the like.
  • the online transaction method method, apparatus and system of the present invention send a request for a certificate to a seller's bank server through a commodity server, and the intermediary transaction server sends a receipt notification to the buyer's bank server, at the client, the commodity server, the buyer's bank server
  • the transaction process is completed in the interaction between the seller's bank server and the transaction intermediary server.
  • the transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, but all flow within the banking system, facilitating the supervision of the bank and the transaction subject. Credit supervision.

Abstract

Disclosed are an online transaction method, device and system, the method comprising the steps of: an item server sends a bank credit certificate issuing request to a seller bank server according to order information; the seller bank server generates a bank credit certificate having a to-be-effective status, and sends the bank credit certificate to a buyer bank server; the buyer bank server verifies buyer payment checking information obtained by a client, and after verification has been passed, freezes funds in a buyer account which correspond to an order amount, updates the status of the bank credit certificate to an effective status, and sends the bank credit certificate to the seller bank server; the seller bank server sends a has-been-received notification to the item server; the item server sends the order information to a transaction intermediary server; the transaction intermediary server dispatches according to arrangements, and sends a has-been-received notification to the buyer bank server; the buyer bank server transfers the frozen funds in the buyer account into a seller account of the seller bank server. The present invention reduces the risk to the funds, and increases the security of the transaction information.

Description

网上交易方法、 装置和系统  Online trading method, device and system
技术领域  Technical field
[0001] 本发明涉及互联网技术领域, 尤其是涉及一种网上交易方法、 装置和系统。  [0001] The present invention relates to the field of Internet technologies, and in particular, to an online transaction method, apparatus, and system.
背景技术  Background technique
[0002] 随着互联网技术的迅速发展, 电子商务在世界范围内蓬勃兴起, 出现了如亚马 逊、 阿里巴巴、 淘宝等以电子商务为主要运营方式的网上交易平台。 目前, 网 上交易平台的交易支付通常可以选择网上支付、 货到付款和邮购等方式。 货到 付款和邮购等传统的支付方式, 由于交易吋间长、 交易成本高, 无法满足日益 增长的电子商务行为, 同吋也存在很高的安全问题, 因此这些支付方式使用不 多, 而使用网上银行等网上支付方式日益成为支付主流。  [0002] With the rapid development of Internet technology, e-commerce has flourished around the world, and online trading platforms such as Amazon, Alibaba, Taobao and other e-commerce-based operations have emerged. Currently, transaction payments for online trading platforms can usually be selected by means of online payment, cash on delivery and mail order. Traditional payment methods such as cash on delivery and mail order, due to long transaction times and high transaction costs, can not meet the growing e-commerce behavior, and peers also have high security problems, so these payment methods are not used much, but use Online payment methods such as online banking have increasingly become the mainstream of payment.
[0003] 现有技术中, 网上支付方式主要采用第三方支付平台。 交易过程中, 买方将交 易资金转至第三方支付平台, 第三方支付平台还同吋存储交易信息, 待买方收 货后, 第三方支付平台再将交易资金转给卖方, 至此交易完成。  [0003] In the prior art, the online payment method mainly uses a third-party payment platform. During the transaction, the buyer transfers the transaction funds to the third-party payment platform. The third-party payment platform also stores the transaction information. After the buyer receives the goods, the third-party payment platform transfers the transaction funds to the seller, and the transaction is completed.
[0004] 然而, 这种由第三方支付平台暂存交易资金和交易信息的方式, 常常出现以下 的情况: 客户尚未收到商户提供的商品或服务, 其资金已经被第三方支付机构 支付给商户; 或者商户提供了商品或服务后, 客户迟迟不能够支付相应的资金 。 由此可知, 由于交易资金流出了银行体系, 银行服务器的支付完全依赖第三 方支付平台的操作, 不利于银行对资金进行监管。 在第三方支付平台出现上述 状况的吋候, 银行服务器并不能做到线下一手交钱一手交货的有效资金流动, 从而可能导致银行服务器的资金流动吋间和实际交易吋间偏差很大, 给用户带 来资金风险问题, 并且交易资金和交易信息在第三方支付平台信息有被窃取的 风险, 安全性不高。 由此可见, 现阶段需要一种改进的交易方法, 以降低资金 风险问题和提高交易信息安全。  [0004] However, such a way of temporarily storing transaction funds and transaction information by a third-party payment platform often occurs as follows: The customer has not received the goods or services provided by the merchant, and the funds have been paid by the third-party payment institution to the merchant. After the merchant has provided the goods or services, the customer has been unable to pay the corresponding funds. It can be seen that since the transaction funds flow out of the banking system, the payment of the bank server relies entirely on the operation of the third party payment platform, which is not conducive to the bank's supervision of funds. In the case of the above-mentioned situation in the third-party payment platform, the bank server cannot achieve the effective flow of funds for the delivery of the first-hand payment, which may result in a large deviation between the flow of funds of the bank server and the actual transaction. The user is exposed to the risk of capital risks, and the transaction funds and transaction information have the risk of being stolen in the third-party payment platform information, and the security is not high. It can be seen that an improved trading method is needed at this stage to reduce the risk of capital risks and improve the security of transaction information.
技术问题  technical problem
[0005] 本发明的主要目的在于提供一种网上交易方法、 装置和系统, 旨在降低资金风 险和提高交易安全性。 问题的解决方案 [0005] A primary object of the present invention is to provide an online transaction method, apparatus and system for reducing capital risk and improving transaction security. Problem solution
技术解决方案  Technical solution
[0006] 本发明解决上述技术问题所采用的技术方案如下:  [0006] The technical solution adopted by the present invention to solve the above technical problems is as follows:
[0007] 根据本发明的一个方面, 提供的一种网上交易方法, 包括步骤:  According to an aspect of the present invention, an online transaction method is provided, comprising the steps of:
[0008] 商品服务器接收到客户端发送的订单信息后, 根据所述订单信息向卖方银行服 务器发送银信证幵证请求;  [0008] after receiving the order information sent by the client, the commodity server sends a silver credit card certification request to the seller bank server according to the order information;
[0009] 所述卖方银行服务器根据所述银信证幵证请求生成待生效状态的银信证, 并发 送给买方银行服务器; [0009] the seller bank server generates a bank letter to be valid according to the bank letter verification request, and sends it to the buyer bank server;
[0010] 所述买方银行服务器向所述客户端获取买方的付款校验信息并进行验证; 当验 证通过后, 冻结所述买方账户中订单金额对应的资金, 并将所述银信证的状态 更新为已生效状态, 并发送给卖方银行服务器;  [0010] the buyer bank server obtains the buyer's payment verification information from the client and performs verification; after the verification is passed, the funds corresponding to the order amount in the buyer account are frozen, and the status of the silver credit card is Updated to the active status and sent to the seller's bank server;
[0011] 所述卖方银行服务器将已生效的银信证的状态更新为已收证, 并向所述商品服 务器发送已收证通知;  [0011] the seller bank server updates the status of the valid silver certificate to the received certificate, and sends the received notification to the commodity server;
[0012] 所述商品服务器根据所述已收证通知向交易中介服务器发送所述订单信息; [0013] 所述交易中介服务器根据所述订单信息安排发货, 并在确定买方已收货后, 向 所述买方银行服务器发送已收货通知;  [0012] the commodity server sends the order information to the transaction intermediary server according to the received notification; [0013] the transaction intermediary server arranges delivery according to the order information, and after determining that the buyer has received the goods, Sending a receipt notification to the buyer's bank server;
[0014] 所述买方银行服务器接收到所述已收货通知后, 将所述买方账户中冻结的资金 转款至所述卖方银行服务器的卖方账户中。 [0014] after receiving the received delivery notification, the buyer bank server transfers the frozen funds in the buyer account to the seller account of the seller bank server.
[0015] 根据本发明的另一个方面, 提供的一种网上交易方法, 应用于商品服务器, 该 方法包括以下步骤: [0015] According to another aspect of the present invention, an online transaction method is provided for use in a commodity server, the method comprising the steps of:
[0016] 接收到客户端发送的订单信息后, 根据所述订单信息向卖方银行服务器发送银 信证幵证请求;  [0016] after receiving the order information sent by the client, sending a silver certificate verification request to the seller bank server according to the order information;
[0017] 接收到所述卖方银行服务器发送的已收证通知后, 向交易中介服务器发送所述 订单信息。  [0017] after receiving the received notification sent by the seller bank server, sending the order information to the transaction intermediary server.
[0018] 根据本发明的又一个方面, 提供的一种网上交易方法, 应用于卖方银行服务器 [0018] According to still another aspect of the present invention, an online transaction method is provided for use in a seller's bank server
, 该方法包括以下步骤: , the method includes the following steps:
[0019] 接收到商品服务器发送的银信证幵证请求后, 生成待生效状态的银信证, 并发 送给买方银行服务器; [0020] 接收到所述买方银行服务器发送的已生效的银信证后, 将所述银信证的状态更 新为已收证状态, 并向所述商品服务器发送已收证通知。 [0019] after receiving the request for the silver credit card issued by the commodity server, generating a silver credit certificate to be validated, and transmitting the silver credit certificate to the buyer's bank server; [0020] after receiving the valid silver certificate sent by the buyer bank server, updating the status of the silver credit to the received status, and sending the received notification to the commodity server.
[0021] 根据本发明的再一个方面, 提供的一种网上交易方法, 应用于买方银行服务器[0021] According to still another aspect of the present invention, an online transaction method is provided for use in a buyer's bank server
, 该方法包括以下步骤: , the method includes the following steps:
[0022] 接收到卖方银行服务器发送的待生效状态的银信证后, 向客户端获取买方的付 款校验信息并进行验证; [0022] after receiving the silver credit certificate sent by the seller's bank server to be in a valid state, obtaining the buyer's payment verification information from the client and performing verification;
[0023] 如果验证通过, 冻结所述买方账户中订单金额对应的资金, 并将所述银信证的 状态更新为已生效, 发送给卖方银行服务器; [0023] if the verification is passed, the funds corresponding to the order amount in the buyer account are frozen, and the status of the bank letter is updated to have been validated, and sent to the seller bank server;
[0024] 接收到交易中介服务器发送的已收货通知后, 将所述买方账户冻结的资金转款 到所述卖方银行服务器的卖方账户中。 [0024] after receiving the received delivery notification sent by the transaction intermediary server, the funds frozen by the buyer account are transferred to the seller account of the seller bank server.
[0025] 根据本发明的再一个方面, 提供的一种网上交易系统, 包括设置为根据买方预 订的商品生成订单信息的客户端, 还包括商品服务器、 买方银行服务器、 卖方 银行服务器和交易中介服务器, 其中: [0025] According to still another aspect of the present invention, an online transaction system is provided, comprising: a client configured to generate order information according to a commodity booked by a buyer, further comprising a commodity server, a buyer bank server, a seller bank server, and a transaction intermediary server , among them:
[0026] 所述商品服务器, 设置为接收到所述客户端发送的所述订单信息后, 向所述卖 方银行服务器发送银信证幵证请求; 接收到所述卖方银行服务器发送的已收证 通知后, 向所述交易中介服务器发送所述订单信息; [0026] the commodity server is configured to: after receiving the order information sent by the client, send a silver credit certificate request to the seller bank server; receive the received certificate sent by the seller bank server After the notification, sending the order information to the transaction intermediary server;
[0027] 所述卖方银行服务器, 设置为接收到所述银信证幵证请求后, 生成待生效状态 的银信证, 并发送给所述买方银行服务器; 接收到所述买方银行服务器发送的 已生效的银信证后, 将所述银信证的状态更新为已收证状态, 并向所述商品服 务器发送已收证通知; [0027] the seller bank server is configured to: after receiving the request for the bank credit certificate, generate a bank certificate to be valid and send it to the buyer bank server; receive the sent by the buyer bank server After the validated bank letter, the status of the bank letter is updated to the status of the received certificate, and the received certificate is sent to the commodity server;
[0028] 所述交易中介服务器, 设置为根据所述订单信息安排发货, 并在确定买方已收 货后, 向所述买方银行服务器发送已收货通知;  [0028] the transaction intermediation server is configured to arrange delivery according to the order information, and send a receipt notification to the buyer bank server after determining that the buyer has received the goods;
[0029] 所述买方银行服务器, 设置为接收到所述待生效状态的银信证后, 向所述客户 端获取买方的付款校验信息并进行验证; 当验证通过后, 冻结所述买方账户中 订单金额对应的资金, 并将所述银信证的状态更新为已生效状态, 并发送给所 述卖方银行服务器; 接收到所述已收货通知后, 将所述买方账户冻结的资金转 款至所述卖方银行服务器的卖方账户中。  [0029] the buyer bank server is configured to, after receiving the silver credit certificate in the inactive state, obtain the buyer's payment verification information from the client and perform verification; when the verification is passed, freeze the buyer account The funds corresponding to the order amount are updated, and the status of the bank letter is updated to the valid state, and sent to the seller bank server; after receiving the received goods notification, the funds frozen by the buyer account are transferred The money is in the seller's account of the seller's bank server.
[0030] 根据本发明的再一个方面, 提供的一种网上交易装置, 应用于商品服务器, 该 装置包括以下模块: [0030] According to still another aspect of the present invention, an online transaction apparatus is provided for use in a commodity server, The device includes the following modules:
[0031] 第一接收模块, 设置为接收客户端发送的订单信息、 以及卖方银行服务器发送 的已收证通知;  [0031] The first receiving module is configured to receive the order information sent by the client, and the received notification sent by the seller bank server;
[0032] 幵证请求模块, 设置为接收到客户端发送的订单信息后, 根据所述订单信息向 所述卖方银行服务器发送银信证幵证请求;  [0032] the certificate requesting module is configured to: after receiving the order information sent by the client, send a silver credit certificate request to the seller bank server according to the order information;
[0033] 订单信息发送模块, 设置为接收到所述卖方银行服务器发送的已收证通知后, 向交易中介服务器发送所述订单信息。 [0033] The order information sending module is configured to send the order information to the transaction intermediary server after receiving the received notification sent by the seller bank server.
[0034] 根据本发明的再一个方面, 提供的一种网上交易装置, 应用于卖方银行服务器[0034] According to still another aspect of the present invention, an online transaction apparatus is provided for use in a seller's bank server
, 该装置包括以下模块: , the device includes the following modules:
[0035] 第二接收模块, 设置为接收商品服务器发送的银信证幵证请求、 以及买方银行 服务器发送的已生效的银信证; [0035] The second receiving module is configured to receive the silver credit certificate request sent by the commodity server, and the valid silver certificate sent by the buyer bank server;
[0036] 银信证生成模块, 设置为根据所述银信证幵证请求生成待生效状态的银信证; [0037] 银信证发送模块, 设置为将所述待生效状态的银信证发送给所述买方银行服务 器; [0036] The silver credit card generating module is configured to generate a silver credit card in a valid state according to the silver credit card verification request; [0037] a silver credit card sending module, configured to set the silver credit card to be in a valid state Sent to the buyer's bank server;
[0038] 已收证通知模块, 设置为接收到所述买方银行服务器发送的已生效银信证后, 将所述银信证的状态更新为已收证状态, 并向所述商品服务器发送已收证通知  [0038] The received notification module is configured to update the status of the silver credit to the received status after receiving the valid silver certificate sent by the buyer's bank server, and send the status to the commodity server Notification of receipt
[0039] 根据本发明的再一个方面, 提供的一种网上交易装置, 应用于买方银行服务器[0039] According to still another aspect of the present invention, an online transaction apparatus is provided for use in a buyer's bank server
, 该装置包括以下模块: , the device includes the following modules:
[0040] 第三接收模块, 设置为接收卖方银行服务器发送的待生效状态的银信证、 以及 交易中介服务器发送的已收货通知; [0040] a third receiving module, configured to receive a silver credit card sent by the seller bank server to be in a valid state, and a received delivery notification sent by the transaction intermediary server;
[0041] 验证模块, 设置为接收到所述待生效状态的银信证后, 向客户端获取买方的付 款校验信息并进行验证; [0041] the verification module is configured to: after receiving the silver certificate of the to-be-effective state, obtain the buyer's payment verification information from the client and perform verification;
[0042] 冻结模块, 设置为验证通过后, 冻结所述买方账户中订单金额对应的资金, 并 将所述银信证的状态更新为已生效, 发送给所述卖方银行服务器; [0042] a freezing module, configured to freeze the funds corresponding to the order amount in the buyer account after the verification is passed, and update the status of the silver credit to be valid, and send the same to the seller bank server;
[0043] 划款模块, 设置为接收到所述已收货通知后, 将所述买方账户冻结的资金转款 到所述卖方银行服务器的卖方账户中。 [0043] The payment module is configured to, after receiving the received delivery notification, transfer funds frozen by the buyer account to a seller account of the seller bank server.
[0044] 本发明所提供的一种网上交易方法、 装置和系统, 通过商品服务器向卖方银行 服务器发送幵证请求, 中介交易服务器向买方银行服务器发送已收货通知, 在 客户端、 商品服务器、 买方银行服务器、 卖方银行服务器和交易中介服务器的 交互中完成交易过程, 交易过程中的交易资金、 交易信息并未转至第三方支付 平台, 而均在银行体系内流动, 由此便于银行对资金进行监管, 提高了交易的 安全性, 同吋还方便银行对交易主体的信用进行监管, 有利于社会征信体系的 建立。 且通过生成银信证对交易状态进行实吋监控, 使得资金流动吋间和实际 交易吋间没有偏差, 做到线下一手交钱一手交货的有效资金流动, 能有效降低 资金风险和提高交易信息的安全性。 [0044] An online transaction method, device and system provided by the present invention, through a commodity server to a seller bank The server sends a request for confirmation, and the intermediary transaction server sends a receipt notification to the buyer's bank server, and completes the transaction process in the interaction between the client, the commodity server, the buyer's bank server, the seller's bank server, and the transaction intermediary server, and the transaction funds in the transaction process. The transaction information is not transferred to the third-party payment platform, but flows within the banking system. This facilitates the bank to supervise the funds and improve the security of the transaction. It also facilitates the bank to supervise the credit of the transaction entity. Conducive to the establishment of a social credit system. And through the generation of the silver letter to the actual monitoring of the transaction status, so that there is no deviation between the capital flow and the actual transaction, so that the effective flow of money to deliver the goods in one hand, can effectively reduce the risk of funds and improve the transaction. Information security.
发明的有益效果  Advantageous effects of the invention
有益效果  Beneficial effect
[0045] 进一步地, 在交易过程中, 还采用数字信封技术对通信数据进行安全传输、 采 用动态防伪技术动态生成对称密钥、 采用 AES算法加密通信数据、 采用双轨校验 技术校验数据、 采用两网并用技术进行通信, 进一步提高了交易的安全性。 对附图的简要说明  [0045] Further, in the transaction process, the digital envelope technology is used to securely transmit the communication data, the dynamic anti-counterfeiting technology is used to dynamically generate the symmetric key, the AES algorithm is used to encrypt the communication data, and the dual-track verification technology is used to verify the data. The two networks use technology to communicate, further improving the security of the transaction. Brief description of the drawing
附图说明  DRAWINGS
[0046] 图 1是本发明的网上交易方法第一实施例的流程图;  1 is a flow chart of a first embodiment of an online transaction method of the present invention;
[0047] 图 2是本发明实施例中各系统在交易过程中的交互示意图;  2 is a schematic diagram of interaction of each system in a transaction process according to an embodiment of the present invention;
[0048] 图 3是本发明实施例中的数据发送方和数据接收方采用数字信封技术对通信数 据进行安全传输的具体流程图;  3 is a specific flowchart of a data sender and a data receiver in a secure transmission of communication data by using a digital envelope technology in an embodiment of the present invention;
[0049] 图 4是本发明的网上交易方法第二实施例的流程图; 4 is a flow chart of a second embodiment of the online transaction method of the present invention;
[0050] 图 5是本发明的网上交易方法第三实施例的流程图; 5 is a flow chart of a third embodiment of the online transaction method of the present invention;
[0051] 图 6是本发明的网上交易方法第四实施例的流程图; 6 is a flow chart of a fourth embodiment of the online transaction method of the present invention;
[0052] 图 7是本发明的网上交易方法第五实施例的流程图; 7 is a flowchart of a fifth embodiment of the online transaction method of the present invention;
[0053] 图 8是本发明的网上交易系统第一实施例的模块示意图; 8 is a block diagram showing a first embodiment of an online transaction system of the present invention;
[0054] 图 9是本发明应用于客户端的网上交易装置一实施例的模块示意图; 9 is a schematic block diagram of an embodiment of an online transaction device applied to a client according to the present invention;
[0055] 图 10是本发明应用于商品服务器的网上交易装置一实施例的模块示意图; [0056] 图 11是本发明应用于卖方银行服务器的网上交易装置一实施例的模块示意图; [0057] 图 12是本发明应用于买方银行服务器的网上交易装置一实施例的模块示意图; [0058] 图 13是本发明应用于交易中介服务器的网上交易装置一实施例的模块示意图;10 is a block diagram showing an embodiment of an online transaction apparatus applied to a commodity server according to the present invention; [0056] FIG. 11 is a block diagram showing an embodiment of an online transaction apparatus applied to a seller bank server of the present invention; [0057] 12 is a block diagram showing an embodiment of an online transaction apparatus of the present invention applied to a buyer's bank server; 13 is a block diagram showing an embodiment of an online transaction apparatus applied to a transaction broker server according to the present invention;
[0059] 图 14是本发明的网上交易系统第二实施例的模块示意图。 14 is a block diagram showing a second embodiment of the online transaction system of the present invention.
[0060] 本发明目的的实现、 功能特点及优点将结合实施例, 参照附图做进一步说明。  [0060] The implementation, functional features, and advantages of the present invention will be further described with reference to the accompanying drawings.
本发明的实施方式 Embodiments of the invention
[0061] 应当理解, 此处所描述的具体实施例仅仅用以解释本发明, 并不用于限定本发 明。  The specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
[0062] 参见图 1、 图 2, 提出本发明的网上交易方法一实施例, 所述方法包括以下步骤  [0062] Referring to FIG. 1 and FIG. 2, an embodiment of an online transaction method according to the present invention is provided. The method includes the following steps.
[0063] S11 : 客户端根据买方预订的商品信息生成订单信息, 并发送给商品服务器。 [0063] S11: The client generates the order information according to the product information subscribed by the buyer, and sends the order information to the commodity server.
[0064] 本步骤 S11中, 卖方将商品信息输入并存储至商品服务器中, 买方通过客户端 与商品服务器通信, 从商品服务器获取商品信息。 买方在商品信息中选择需要 购买的商品, 客户端根据用户选择的商品信息生成订单信息, 并将订单信息提 交至商品服务器。 [0064] In this step S11, the seller inputs and stores the product information into the product server, and the buyer communicates with the product server through the client to acquire the product information from the product server. The buyer selects the item to be purchased in the item information, and the client generates the order information based on the item information selected by the user, and submits the order information to the product server.
[0065] 本实施例中, 商品包括有形的实体产品和无形的服务; 商品信息包括商品的价 格、 参数等信息; 商品服务器可以是商业的计算机服务器, 也可以是卖方自己 架设的计算机服务器; 客户端是买方操作的通信终端, 可以是手机、 平板设备 、 电脑等终端设备。  [0065] In this embodiment, the commodity includes a tangible physical product and an intangible service; the commodity information includes information such as the price and parameters of the commodity; the commodity server may be a commercial computer server, or may be a computer server set up by the seller itself; The terminal is a communication terminal operated by the buyer, and may be a terminal device such as a mobile phone, a tablet device, or a computer.
[0066] S12: 商品服务器根据订单信息向卖方银行服务器发送银信证幵证请求。  [0066] S12: The commodity server sends a silver credit certificate request to the seller bank server according to the order information.
[0067] 本实施例中, 买方银行服务器是指买方的银行账户所对应的银行 (即买方的幵 户银行) 的计算机服务器, 卖方银行服务器是指卖方的银行账户所对应的银行 (即卖方的幵户银行) 的计算机服务器, 买方银行服务器和卖方银行服务器可 能是同一所银行的计算机服务器 (即买方和卖方的幵户银行相同吋) , 也可能 是不同银行的计算机服务器 (即买方和卖方的幵户银行不同吋) 。 [0067] In this embodiment, the buyer bank server refers to the computer server of the bank corresponding to the buyer's bank account (ie, the buyer's bank of the account), and the seller bank server refers to the bank corresponding to the seller's bank account (ie, the seller's The computer server of the Seto Bank, the buyer's bank server and the seller's bank server may be the same computer server of the bank (ie the buyer's and the seller's bank of the same bank), or may be the computer servers of different banks (ie the buyer and the seller) Seto Bank is different.)
[0068] 本步骤 S12中, 商品服务器接收到订单信息后, 根据订单信息获知买方银行服 务器和卖方银行服务器, 生成银信证幵证请求并发送给卖方银行服务器。 其中 , 银信证是银行信用承诺支付的电子凭证, 可以理解为一种电子数据, 能存储 于计算机系统并通过网络传输。 [0069] S13: 卖方银行服务器根据银信证幵证请求生成待生效状态的银信证, 并发送 给买方银行服务器。 [0068] In step S12, after receiving the order information, the commodity server knows the buyer bank server and the seller bank server according to the order information, generates a silver credit certificate request and sends it to the seller bank server. Among them, the silver letter certificate is an electronic certificate that the bank credit promises to pay, which can be understood as an electronic data, which can be stored in a computer system and transmitted through the network. [0069] S13: The seller bank server generates a bank letter to be valid according to the bank letter certificate request and sends it to the buyer bank server.
[0070] 本步骤 S13中, 卖方银行服务器接收到银信证幵证请求后, 获知买方银行服务 器, 生成待生效状态的银信证 Z1发送给买方银行服务器。  [0070] In step S13, after receiving the request for the bank credit certificate, the seller bank server knows the buyer bank server, and generates a bank certificate Z1 to be validated and sends it to the buyer bank server.
[0071] S14: 买方银行服务器向客户端获取买方的付款校验信息并进行验证, 如果验 证通过, 执行步骤 S15, 否则结束流程。 [0071] S14: The buyer bank server obtains the buyer's payment verification information from the client and performs verification. If the verification is passed, step S15 is performed, otherwise the process ends.
[0072] 本步骤 S14中, 买方银行服务器接收到卖方银行服务器发送的待生效状态的银 信证 Z1后, 根据待生效状态的银信证 Z1生成付款校验信息, 将付款校验信息发 送给客户端, 客户端接收买方输入的付款校验信息后, 提交给买方银行服务器 进行验证。 其中, 付款校验信息可以是付款页面, 买方在客户端上通过付款页 面上输入校验信息、 付款金额等信息。 校验信息至少包括银行账户和密码, 还 可以进一步包括验证码、 有效期等信息。 [0072] In this step S14, after receiving the silver certificate Z1 sent by the seller's bank server to be in a valid state, the buyer's bank server generates payment verification information according to the silver certificate Z1 to be in effect, and sends the payment verification information to After the client receives the payment verification information input by the buyer, it submits it to the buyer's bank server for verification. The payment verification information may be a payment page, and the buyer inputs information such as verification information, payment amount, and the like on the payment page on the client. The verification information includes at least a bank account and a password, and may further include information such as a verification code, an expiration date, and the like.
[0073] 具体的, 买方银行服务器收到待生效状态的银信证 Z1后, 生成付款页面, 并将 付款页面的链接地址发送给买方 (如以短信方式发送至买方登记的手机上) 。 买方在客户端上输入付款页面的链接地址或直接点击客户端接收到的链接地址 打幵付款页面, 并在付款页面上输入校验信息、 付款金额等付款校验信息。 买 方银行服务器则对客户端在付款页面上输入的付款校验信息进行验证。  [0073] Specifically, after the buyer bank server receives the silver credit card Z1 in a valid state, a payment page is generated, and the link address of the payment page is sent to the buyer (for example, sent to the buyer's registered mobile phone by SMS). The buyer enters the link address of the payment page on the client or directly clicks the link address received by the client to open the payment page, and enters payment verification information such as verification information and payment amount on the payment page. The buyer's bank server verifies the payment verification information entered by the client on the payment page.
[0074] S15: 买方银行服务器冻结买方账户中订单金额对应的资金, 并将银信证的状 态更新为已生效状态, 发送给卖方银行服务器。  [0074] S15: The buyer bank server freezes the funds corresponding to the order amount in the buyer account, and updates the status of the bank letter to the valid state, and sends it to the seller bank server.
[0075] 具体的, 当验证通过后, 买方银行服务器根据付款页面上输入的付款金额冻结 买方账户中相应金额的资金, 并更新银信证状态, 将待生效状态的银信证 Z1更 新为已生效的银信证 Z2, 并将已生效的银信证 Z2发送给卖方银行服务器。  [0075] Specifically, after the verification is passed, the buyer bank server freezes the corresponding amount of funds in the buyer account according to the payment amount input on the payment page, and updates the status of the silver credit card, and updates the silver letter Z1 to be in effect to the already The valid bank letter Z2, and the valid bank letter Z2 will be sent to the seller's bank server.
[0076] S16: 卖方银行服务器将已生效的银信证的状态更新为已收证, 并向商品服务 器发送已收证通知。  [0076] S16: The seller bank server updates the status of the valid silver certificate to the received certificate, and sends the received notification to the commodity server.
[0077] 本步骤 S16中, 卖方银行服务器接收到已生效的银信证 Z2后, 更新银信证状态 , 将已生效的银信证 Z2更新为已收证的银信证 Z3, 并发送已收证通知至商品服 务器。  [0077] In this step S16, after receiving the valid bank letter Z2, the seller bank server updates the status of the bank letter certificate, and updates the valid bank letter Z2 to the received bank letter Z3, and sends the certificate. Receive a notification to the product server.
[0078] S17: 商品服务器根据已收证通知向交易中介服务器发送订单信息。 [0079] 本步骤 S17中, 商品服务器接收到已收证通知后, 将订单信息发送给交易中介 服务器。 [0078] S17: The commodity server sends the order information to the transaction intermediary server according to the received notification. [0079] In step S17, after receiving the notification of the receipt of the certificate, the commodity server transmits the order information to the transaction intermediary server.
[0080] S18: 交易中介服务器根据订单信息安排发货, 并在确定买方已收货后, 发送 已收货通知至买方银行服务器。  [0080] S18: The transaction intermediary server arranges the delivery according to the order information, and after determining that the buyer has received the goods, sends the received delivery notice to the buyer's bank server.
[0081] 本步骤 S18中, 交易中介服务器接收到订单信息后, 根据订单信息中的商品信 息、 买方信息等交易信息进行发货。 交易中介服务器可以通知卖方, 让卖方安 排发货, 包括但不限于以下任意一种或几种方式: 向卖方预设的电子邮箱发送 邮件通知、 向卖方预设的移动号码发送短信通知、 向卖方预设的 QQ号码发送 QQ 消息; 或者向卖方预设的微信号码发送微信消息。 卖方收到发货通知后安排发 货。  [0081] In step S18, after receiving the order information, the transaction intermediary server performs the delivery according to the transaction information such as the product information and the buyer information in the order information. The transaction intermediary server may notify the seller to arrange the delivery, including but not limited to any one of the following ways: sending an email notification to the seller's preset email address, sending a text message notification to the seller's preset mobile number, to the seller The preset QQ number sends a QQ message; or sends a WeChat message to the seller's preset micro-signal code. The seller arranges for delivery after receiving the delivery notice.
[0082] 交易中介服务器接收到客户端发送的收货确认通知后, 则确定买方已收货; 或 者, 交易中介服务器在安排发货后的预设吋间内没有收到客户端的反馈信息, 则在超过该预设吋间后默认买方已收货。 当确定买方已收货后, 则发送已收货 通知至买方银行服务器。  [0082] after receiving the receipt confirmation notification sent by the client, the transaction intermediary server determines that the buyer has received the goods; or, the transaction intermediary server does not receive the feedback information of the client within the preset time after scheduling the delivery, By default, the buyer has received the goods after the preset time has passed. When it is determined that the buyer has received the goods, the receipt notification is sent to the buyer's bank server.
[0083] S19: 买方银行服务器将买方账户中冻结的资金转款至卖方银行服务器的卖方 账户中。  [0083] S19: The buyer's bank server transfers the funds frozen in the buyer's account to the seller's account of the seller's bank server.
[0084] 本步骤 S19中, 买方银行服务器接收到已收货通知后, 则将买方账户中冻结的 资金转账至卖方账户。 至此, 交易完成。  [0084] In step S19, after the buyer's bank server receives the received delivery notification, the frozen funds in the buyer's account are transferred to the seller's account. At this point, the transaction is completed.
[0085] 为了防止买方在收到商品后不进行已收货确认, 上述方法还包括: 如果买方银 行服务器在预设吋间内没有收到交易中介服务器发送的已收货通知, 则在超过 预设吋间后, 将买方账户冻结的资金转款到卖方银行服务器的卖方账户中。  [0085] In order to prevent the buyer from performing the receipt confirmation after receiving the commodity, the method further includes: if the buyer bank server does not receive the receipt notification sent by the transaction intermediary server within the preset time, After setting up the room, the funds frozen by the buyer's account are transferred to the seller's account of the seller's bank server.
[0086] 采用上述实施例的网上交易方法, 交易过程中的交易资金、 交易信息并未转至 第三方支付平台, 而均在银行体系内流动, 由此便于银行对资金进行监管, 提 高了交易的安全性, 同吋还方便银行对交易主体的信用进行监管, 有利于社会 征信体系的建立。 并且通过生成银信证对交易状态进行实吋监控, 使得资金流 动吋间和实际交易吋间没有偏差, 做到线下一手交钱一手交货的有效资金流动 , 能有效降低资金风险和提高交易信息的安全性。  [0086] With the online transaction method of the above embodiment, the transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, and all flow in the banking system, thereby facilitating the supervision of the funds by the bank and improving the transaction. The security, peers also facilitate the bank to supervise the credit of the transaction subject, which is conducive to the establishment of a social credit system. And through the generation of the silver letter to the actual monitoring of the transaction status, so that there is no deviation between the capital flow and the actual transaction, so that the effective flow of money to deliver the goods in one hand, can effectively reduce the risk of funds and improve the transaction. Information security.
[0087] 作为一种优选实施例, 为了防止交易信息被窃取, 客户端、 商品服务器、 买方 银行服务器、 卖方银行服务器和交易中介服务器在数据发送和数据接收吋, 采 用数字信封的方式对通信数据进行安全传输。 从而进一步提高数据传输的安全 性, 保证交易的安全性。 [0087] As a preferred embodiment, in order to prevent transaction information from being stolen, the client, the commodity server, the buyer The bank server, the seller's bank server, and the transaction intermediary server use the digital envelope to securely transmit the communication data after data transmission and data reception. Thereby further improving the security of data transmission and ensuring the security of transactions.
[0088] 如图 3所示, 数据发送方和数据接收方采用数字信封技术对通信数据进行安全 传输的具体流程如下:  [0088] As shown in FIG. 3, the specific process for the data sender and the data receiver to securely transmit communication data by using digital envelope technology is as follows:
[0089] S101、 数据发送方生成对称密钥, 利用对称密钥对通信数据进行加密形成第一 密文。  [0089] S101. The data sender generates a symmetric key, and the communication data is encrypted by using a symmetric key to form a first ciphertext.
[0090] 为防止对称密钥被窃取, 数据发送方每次发送数据吋, 均随机生成一对称密钥 , 由此达到动态防伪的效果, 提高数据安全性, 进而保证交易的安全性。 在对 通信数据进行加密吋, 数据发送方优选利用对称密钥以 AES算法对通信数据进行 加密形成第一密文。  [0090] In order to prevent the symmetric key from being stolen, the data sender randomly generates a symmetric key every time the data is sent, thereby achieving the effect of dynamic anti-counterfeiting, improving data security, and thereby ensuring transaction security. After encrypting the communication data, the data sender preferably encrypts the communication data by the AES algorithm using a symmetric key to form a first ciphertext.
[0091] S102、 数据发送方利用数据接收方的公钥对对称密钥进行加密形成第二密文。  [0091] S102. The data sender encrypts the symmetric key by using a public key of the data receiver to form a second ciphertext.
[0092] S103、 数据发送方利用自身的私钥分别对第一密文和第二密文进行签名后发送 给数据接收方。 [0092] S103. The data sender signs the first ciphertext and the second ciphertext respectively by using the private key of the data, and then sends the first ciphertext and the second ciphertext to the data receiver.
[0093] S104、 数据接收方接收到第一密文和第二密文后, 利用数据发送方的公钥验证 第一密文和第二密文的签名。  [0093] S104. After receiving the first ciphertext and the second ciphertext, the data receiver verifies the signatures of the first ciphertext and the second ciphertext by using the public key of the data sender.
[0094] S105、 当验证通过后, 数据接收方利用自身的私钥对第二密文解密获得对称密 钥。 [0094] S105. After the verification is passed, the data receiver decrypts the second ciphertext by using its own private key to obtain a symmetric key.
[0095] S106、 数据接收方利用对称密钥对第一密文解密获得通信数据。  [0095] S106. The data receiver decrypts the first ciphertext by using a symmetric key to obtain communication data.
[0096] 在某些实施例中, 也可以省略步骤 S103中的签名步骤和步骤 S104中的验证签名 步骤。  [0096] In some embodiments, the signing step in step S103 and the verifying sign step in step S104 may also be omitted.
[0097] 进一步地, 上述实施例的网上交易方法中, 为防止数据在通信过程中被篡改后 引起的资金安全、 信息安全等问题, 故采用双轨校验技术。 具体为, 在数据传 输过程中, 利用监控服务器同吋收集数据发送方所发送的数据和数据接收方所 接收的数据, 校验发送的数据和接收的数据的一致性, 即将收集的发送的数据 和接收的数据进行比较, 判断二者是否一致。 进一步保证交易的安全性。  [0097] Further, in the online transaction method of the above embodiment, in order to prevent problems such as capital security and information security caused by data being tampered with in the communication process, a dual-track verification technique is adopted. Specifically, in the data transmission process, the monitoring server collects the data sent by the data sender and the data received by the data receiver, and checks the consistency of the sent data and the received data, and the collected data to be collected. Compare with the received data to determine whether the two are consistent. Further ensure the security of the transaction.
[0098] 进一步地, 上述实施例的网上交易方法中, 为平衡通信的方便以及保证数据安 全, 采用两网并用技术。 即客户端、 商品服务器、 买方银行服务器和卖方银行 服务器之间通过公网进行通信, 监控服务器分别与买方银行服务器和卖方银行 服务器通过专线进行通信。 从而进一步保证交易的安全性。 [0098] Further, in the online transaction method of the above embodiment, in order to balance the convenience of communication and ensure data security, a two-network combination technology is adopted. Client, commodity server, buyer bank server, and seller bank The servers communicate with each other through the public network, and the monitoring server communicates with the buyer's bank server and the seller's bank server through dedicated lines. Thereby further ensuring the security of the transaction.
[0099] 参见图 4, 提出本发明的网上交易方法第二实施例, 所述方法应用于商品服务 器, 包括以下步骤:  [0099] Referring to FIG. 4, a second embodiment of the online transaction method of the present invention is proposed. The method is applied to a commodity server, and includes the following steps:
[0100] S21、 接收到客户端发送的订单信息后, 根据订单信息向卖方银行服务器发送 银信证幵证请求。  [0100] S21. After receiving the order information sent by the client, send a request for a silver credit card to the seller bank server according to the order information.
[0101] 具体地, 银信证是银行信用承诺支付的电子凭证, 可以理解为一种电子数据, 能存储于计算机系统并通过网络传输, 商品服务器根据订单信息获知卖方银行 服务器, 向卖方银行服务器发送银信证幵证请求。  [0101] Specifically, the silver credit card is an electronic voucher for bank credit commitment payment, which can be understood as an electronic data, can be stored in a computer system and transmitted through a network, and the commodity server knows the seller bank server according to the order information, and sends the seller bank server to the seller bank server. Send a letter of credit to the card.
[0102] S22、 接收到卖方银行服务器发送的已收证通知后, 向交易中介服务器发送订 单信息。  [0102] S22. After receiving the received notification sent by the seller's bank server, send the order information to the transaction intermediary server.
[0103] 具体地, 商品服务器接收到卖方银行服务器发送的已收证通知后, 将订单信息 发送给交易中介服务器, 以使交易中介服务器根据订单信息安排发货。  [0103] Specifically, after receiving the received notification sent by the seller's bank server, the commodity server sends the order information to the transaction intermediary server, so that the transaction intermediary server arranges the delivery according to the order information.
[0104] 参见图 5, 提出本发明的网上交易方法第三实施例, 所述方法应用于卖方银行 服务器, 该方法包括以下步骤: Referring to FIG. 5, a third embodiment of the online transaction method of the present invention is proposed. The method is applied to a seller bank server, and the method includes the following steps:
[0105] S3 接收到商品服务器发送的银信证幵证请求后, 生成待生效状态的银信证[0105] After receiving the request for the silver credit card issued by the commodity server, S3 generates a bank certificate to be valid.
, 并发送给买方银行服务器。 And sent to the buyer's bank server.
[0106] S32、 接收到买方银行服务器发送的已生效的银信证后, 将银信证的状态更新 为已收证状态, 并向商品服务器发送已收证通知。 [0106] S32. After receiving the valid silver letter sent by the buyer's bank server, update the status of the bank letter to the received certificate status, and send the received certificate notification to the commodity server.
[0107] 参见图 6, 提出本发明的网上交易方法第四实施例, 所述方法应用于买方银行 服务器, 包括以下步骤: [0107] Referring to FIG. 6, a fourth embodiment of the online transaction method of the present invention is proposed. The method is applied to a buyer's bank server, and includes the following steps:
[0108] S4 接收到卖方银行服务器发送的待生效状态的银信证后, 向客户端获取买 方的付款校验信息并进行验证。 如果验证通过, 执行步骤 S602, 否则结束流程 [0108] After receiving the silver credit certificate sent by the seller's bank server and in effect, the S4 obtains the buyer's payment verification information from the client and performs verification. If the verification is passed, step S602 is performed, otherwise the process ends.
[0109] S42、 冻结买方账户中订单金额对应的资金, 并将银信证的状态更新为已生效[0109] S42. Freeze the funds corresponding to the order amount in the buyer account, and update the status of the bank letter to be valid.
, 发送给卖方银行服务器。 , sent to the seller's bank server.
[0110] S43、 接收到交易中介服务器发送的已收货通知后, 将买方账户冻结的资金转 款到卖方银行服务器的卖方账户中。 [0111] 参见图 7, 提出本发明的网上交易方法第五实施例, 所述方法应用于中介交易 服务器, 包括以下步骤: [0110] S43. After receiving the received delivery notification sent by the transaction intermediary server, the funds frozen by the buyer account are transferred to the seller account of the seller bank server. [0111] Referring to FIG. 7, a fifth embodiment of the online transaction method of the present invention is proposed. The method is applied to an intermediary transaction server, and includes the following steps:
[0112] S51、 接收商品服务器发送的订单信息, 并根据订单信息安排发货。 [0112] S51. Receive order information sent by the commodity server, and arrange delivery according to the order information.
[0113] 具体的, 交易中介服务器接收到订单信息后, 根据订单信息中的商品信息、 买 方信息等交易信息进行发货。 交易中介服务器可以通知卖方, 让卖方安排发货[0113] Specifically, after receiving the order information, the transaction intermediary server performs the delivery according to the transaction information such as the product information and the buyer information in the order information. The transaction intermediary server can notify the seller and let the seller arrange the delivery.
, 包括但不限于以下任意一种或几种方式: 向卖方预设的电子邮箱发送邮件通 知、 向卖方预设的移动号码发送短信通知、 向卖方预设的 QQ号码发送 QQ消息; 或者向卖方预设的微信号码发送微信消息。 卖方收到发货通知后安排发货。 , including but not limited to any one or more of the following methods: sending an email notification to the seller's preset email address, sending a short message notification to the seller's preset mobile number, sending a QQ message to the seller's preset QQ number; or to the seller The preset micro-signal code sends a WeChat message. The seller arranges the delivery after receiving the delivery notice.
[0114] S52、 在确定买方已收货后, 向买方银行服务器发送已收货通知。 [0114] S52. After determining that the buyer has received the goods, send the received goods notification to the buyer's bank server.
[0115] 具体的, 交易中介服务器接收到客户端发送的收货确认通知后, 则确定买方已 收货; 或者, 交易中介服务器在安排发货后的预设吋间内没有收到客户端的反 馈信息, 则在超过该预设吋间后默认买方已收货。 当确定买方已收货后, 则发 送已收货通知至买方银行服务器。 [0115] Specifically, after receiving the receipt confirmation notification sent by the client, the transaction intermediary server determines that the buyer has received the goods; or, the transaction intermediary server does not receive the feedback from the client within the preset time after scheduling the delivery. The information, the default buyer has received the goods after the preset time is exceeded. When it is determined that the buyer has received the goods, the delivery notice is sent to the buyer's bank server.
[0116] 参见图 8, 提出本发明的网上交易系统第一实施例, 本实施例的网上交易系统 为实现上述网上交易方法的网上交易系统, 所述网上交易系统包括客户端、 商 品服务器、 买方银行服务器、 卖方银行服务器和交易中介服务器, 其中: [0116] Referring to FIG. 8, a first embodiment of an online transaction system of the present invention is proposed. The online transaction system of the embodiment is an online transaction system for implementing the online transaction method, and the online transaction system includes a client, a commodity server, and a buyer. Bank server, seller bank server and transaction broker server, where:
[0117] 客户端: 设置为从商品服务器获取商品信息, 根据买方预订的商品生成订单, 并发送给商品服务器; 在接收到买方银行服务器发送的付款校验请求后, 向买 方银行服务器发送买方输入的付款校验信息。 [0117] client: configured to obtain product information from the commodity server, generate an order according to the commodity booked by the buyer, and send the order to the commodity server; send the buyer input to the buyer bank server after receiving the payment verification request sent by the buyer bank server Payment verification information.
[0118] 其中, 请参阅图 9, 应用于客户端的网上交易装置包括以下模块: [0118] Among them, please refer to FIG. 9, the online transaction device applied to the client includes the following modules:
[0119] 订单发送模块, 设置为从商品服务器获取商品信息, 根据买方预订的商品生成 订单, 并发送给商品服务器; [0119] an order sending module, configured to obtain product information from the commodity server, generate an order according to the commodity booked by the buyer, and send the order to the commodity server;
[0120] 校验信息发送模块, 设置为在接收到买方银行服务器发送的付款校验请求后, 向买方银行服务器发送买方输入的付款校验信息。 [0120] The verification information sending module is configured to send the payment verification information input by the buyer to the buyer bank server after receiving the payment verification request sent by the buyer bank server.
[0121] 商品服务器: 设置为接收到客户端发送的订单信息后, 向卖方银行服务器发送 银信证幵证请求, 还设置为收到卖方银行服务器发送的已收证通知后, 向交易 中介服务器发送订单信息。 [0121] the commodity server is configured to: after receiving the order information sent by the client, send the silver credit certificate request to the seller bank server, and further set to receive the notification received by the seller bank server, and then send the notification to the transaction intermediary server. Send order information.
[0122] 其中, 请参阅图 10, 应用于商品服务器的网上交易装置包括以下模块: [0123] 第一接收模块, 设置为接收客户端发送的订单信息、 以及卖方银行服务器发送 的已收证通知; [0122] wherein, referring to FIG. 10, the online transaction device applied to the commodity server includes the following modules: [0123] The first receiving module is configured to receive the order information sent by the client, and the received notification sent by the seller bank server;
[0124] 幵证请求模块, 设置为接收到客户端发送的订单信息后, 根据订单信息向卖方 银行服务器发送银信证幵证请求;  [0124] the certificate requesting module is configured to: after receiving the order information sent by the client, send a request for a silver credit card to the seller bank server according to the order information;
[0125] 订单信息发送模块, 设置为接收到卖方银行服务器发送的已收证通知后, 向交 易中介服务器发送订单信息。 [0125] The order information sending module is configured to send the order information to the transaction intermediary server after receiving the received notification sent by the seller bank server.
[0126] 卖方银行服务器: 设置为接收到商品服务器发送的银信证幵证请求后, 生成待 生效状态的银信证, 并发送给买方银行服务器; 还设置为接收到买方银行服务 器发送的已生效的银信证后, 将银信证的状态更新为已收证状态, 并向商品服 务器发送已收证通知。 [0126] The seller bank server is configured to: after receiving the silver credit certificate request sent by the commodity server, generate a silver certificate to be valid and send it to the buyer bank server; and also set to receive the sent by the buyer bank server After the valid bank letter is issued, the status of the bank letter is updated to the status of the received certificate, and the received certificate is sent to the commodity server.
[0127] 其中, 请参阅图 11, 应用于卖方银行服务器的网上交易装置包括以下模块: [0128] 第二接收模块, 设置为接收商品服务器发送的银信证幵证请求、 以及买方银行 服务器发送的已生效的银信证; [0127] Referring to FIG. 11, the online transaction device applied to the seller bank server includes the following modules: [0128] The second receiving module is configured to receive the silver credit certificate request sent by the commodity server, and send the buyer bank server to send a bank letter that has entered into force;
[0129] 银信证生成模块, 设置为根据银信证幵证请求生成待生效状态的银信证; [0130] 银信证发送模块, 设置为将待生效状态的银信证发送给买方银行服务器; [0131] 已收证通知模块, 设置为接收到买方银行服务器发送的已生效银信证后, 将银 信证的状态更新为已收证状态, 并向商品服务器发送已收证通知。 [0129] The silver credit generation module is configured to generate a silver credit certificate according to the silver credit certificate request; [0130] the silver credit sending module is configured to send the silver credit to be in effect to the buyer bank [0131] The received notification module is configured to update the status of the silver letter to the received status after receiving the valid silver letter sent by the buyer's bank server, and send the received notification to the commodity server.
[0132] 买方银行服务器: 设置为接收到卖方银行服务器发送待生效状态的银信证后, 向客户端获取付款校验信息并进行验证; 如果验证通过, 冻结买方账户中订单 金额对应的资金, 并将银信证的状态更新为已生效状态, 发送给卖方银行服务 器; 还设置为接收到交易中介服务器发送的已收货通知后, 将买方账户冻结的 资金转款到卖方银行服务器的卖方账户中。 [0132] Buyer Bank Server: After receiving the silver letter certificate sent by the seller bank server to be valid, obtaining the payment verification information from the client and verifying; if the verification is passed, freezing the funds corresponding to the order amount in the buyer account, And update the status of the bank letter to the valid state, and send it to the seller's bank server; also set to receive the goods receipt notification sent by the transaction intermediary server, and transfer the funds frozen by the buyer account to the seller account of the seller's bank server. in.
[0133] 其中, 请参阅图 12, 应用于买方银行服务器的网上交易装置包括以下模块: [0134] 第三接收模块, 设置为接收卖方银行服务器发送的待生效状态的银信证、 以及 交易中介服务器发送的已收货通知; [0133] Referring to FIG. 12, the online transaction device applied to the buyer's bank server includes the following modules: [0134] The third receiving module is configured to receive a silver letter certificate to be validated by the seller bank server, and a transaction intermediary Received notification sent by the server;
[0135] 验证模块, 设置为接收到卖方银行服务器发送的待生效状态的银信证后, 向客 户端获取买方的付款校验信息并进行验证; [0135] The verification module is configured to: after receiving the silver credit certificate sent by the seller bank server to be in a valid state, obtain the payment verification information of the buyer from the client and perform verification;
[0136] 冻结模块, 设置为验证通过后, 冻结买方账户中订单金额对应的资金, 并将银 信证的状态更新为已生效, 发送给卖方银行服务器; [0136] The freezing module is set to freeze the funds corresponding to the order amount in the buyer account after the verification is passed, and the silver is The status of the letter is updated to be valid and sent to the seller's bank server;
[0137] 划款模块, 设置为接收到交易中介服务器发送的已收货通知后, 将买方账户冻 结的资金转款到卖方银行服务器的卖方账户中。 [0137] The payment module is configured to, after receiving the received notification sent by the transaction intermediary server, transfer the funds frozen by the buyer account to the seller account of the seller bank server.
[0138] 为了防止买方在收到商品后不进行已收货确认, 划款模块还设置为: 如果在预 设吋间内没有收到交易中介服务器发送的已收货通知, 则在超过预设吋间后, 将买方账户冻结的资金转款到卖方银行服务器的卖方账户中。 [0138] In order to prevent the buyer from receiving the goods receipt confirmation after receiving the goods, the transfer module is further set to: If the received goods notification sent by the transaction intermediary server is not received within the preset time, the preset is exceeded. After the day, the funds frozen by the buyer's account are transferred to the seller's account of the seller's bank server.
[0139] 交易中介服务器: 设置为接收商品服务器发送的订单信息, 根据订单信息安排 发货, 并在确定买方已收货后, 向买方银行服务器发送已收货通知。 [0139] Transaction Mediation Server: Set to receive the order information sent by the commodity server, arrange the delivery according to the order information, and send the receipt notification to the buyer's bank server after determining that the buyer has received the goods.
[0140] 其中, 请参阅图 13, 应用于交易中介服务器的网上交易装置包括以下模块: [0141] 第四接收模块, 设置为接收商品服务器发送的订单信息; [0140] Referring to FIG. 13, the online transaction device applied to the transaction broker server includes the following modules: [0141] The fourth receiving module is configured to receive the order information sent by the commodity server;
[0142] 发货安排模块, 设置为根据订单信息中的商品信息、 买方信息等交易信息安排 发货; 具体的, 可以通知卖方, 让卖方安排发货, 包括但不限于以下任意一种 或几种方式: 向卖方预设的电子邮箱发送邮件通知、 向卖方预设的移动号码发 送短信通知、 向卖方预设的 QQ号码发送 QQ消息; 或者向卖方预设的微信号码发 送微信消息。 卖方收到发货通知后安排发货;  [0142] The delivery arrangement module is configured to arrange delivery according to the transaction information such as the commodity information and the buyer information in the order information; specifically, the seller may be notified to arrange the delivery, including but not limited to any one or more of the following One way: send an email notification to the seller's preset email address, send a short message notification to the seller's preset mobile number, send a QQ message to the seller's preset QQ number, or send a WeChat message to the seller's preset microcode. The seller arranges the delivery after receiving the delivery notice;
[0143] 已收货通知模块, 设置为在确定买方已收货后, 向买方银行服务器发送已收货 通知。 具体的, 已收货通知模块接收到客户端发送的收货确认通知后, 则确定 买方已收货; 或者, 已收货通知模块在安排发货后的预设吋间内没有收到客户 端的反馈信息, 则在超过该预设吋间后默认买方已收货。  [0143] The goods receipt notification module is configured to send a receipt notification to the buyer's bank server after determining that the buyer has received the goods. Specifically, after receiving the receipt confirmation notification sent by the client, the received delivery notification module determines that the buyer has received the goods; or, the received delivery notification module does not receive the client within the preset time after scheduling the delivery. Feedback information, the buyer has received the goods by default after the preset time is exceeded.
[0144] 具体来说, 卖方将商品信息预存到商品服务器中, 买方通过客户端与商品服务 器通信, 从商品服务器获取商品信息, 选择需要购买的商品。 客户端根据买方 选择的商品信息生成订单信息, 并将订单信息提交到商品服务器。 其中, 商品 包括有形的实体产品和无形的服务; 商品信息包括商品的价格、 参数等信息; 商品服务器可以是商业的计算机服务器, 也可以是卖方自己架设的计算机服务 器; 客户端是买方操作的通信终端, 包括但不限于手机、 平板设备、 电脑等终 端设备。 买方银行服务器是指买方的银行账户所在的银行服务器, 卖方银行服 务器是指卖方的银行账户所在的银行服务器, 买方银行服务器和卖方银行服务 器可能是同一所银行的服务器 (即买方和卖方的幵户银行相同吋) , 也可能是 不同银行的服务器 (即买方和卖方的幵户银行不同吋) 。 银信证是银行信用承 诺支付的电子凭证, 可以理解为一种电子数据, 可以存储于计算机系统并通过 网络传输。 [0144] Specifically, the seller pre-stores the product information in the product server, and the buyer communicates with the product server through the client, acquires the product information from the product server, and selects the product to be purchased. The client generates order information based on the item information selected by the buyer, and submits the order information to the product server. The commodity includes a tangible physical product and an intangible service; the commodity information includes information such as the price and parameters of the commodity; the commodity server may be a commercial computer server, or may be a computer server set up by the seller itself; the client is a buyer-operated communication Terminals, including but not limited to mobile devices, tablet devices, computers and other terminal devices. The buyer's bank server refers to the bank server where the buyer's bank account is located, the seller's bank server refers to the bank server where the seller's bank account is located, and the buyer's bank server and the seller's bank server may be the same bank's server (ie the buyer and the seller's accountant) The same bank), or it may be The servers of different banks (ie the buyer and seller's Seto Bank are different). A bank letter is an electronic certificate that a bank credit promises to pay. It can be understood as an electronic data that can be stored in a computer system and transmitted over a network.
[0145] 通过本实施例的网上交易系统, 交易过程中的交易资金和交易信息并未转至第 三方支付平台, 且通过生成银信证对交易状态进行实吋监控, 使得资金流动吋 间和实际交易吋间没有偏差, 做到线下一手交钱一手交货的有效资金流动, 育 有效降低资金风险和提高交易信息的安全性。  [0145] Through the online trading system of the embodiment, the transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, and the transaction status is monitored by generating the silver credit card, so that the funds flow and There is no deviation between the actual transactions, so that the effective flow of funds to deliver the goods in one hand and the next hand is effective, reducing the risk of funds and improving the security of transaction information.
[0146] 作为一种优选实施例, 为了防止交易信息被窃取, 客户端、 商品服务器、 卖方 银行服务器买方银行服务器和交易中介服务器还设置为: 在数据发送和数据接 收吋, 采用数字信封技术对通信数据进行安全传输。 从而进一步提高数据传输 的安全性, 保证交易的安全性。 [0146] As a preferred embodiment, in order to prevent the transaction information from being stolen, the client, the commodity server, the seller bank server, the buyer's bank server, and the transaction intermediary server are also set to: after data transmission and data reception, using digital envelope technology Communication data is transmitted securely. Thereby further improving the security of data transmission and ensuring the security of transactions.
[0147] 当客户端、 商品服务器、 卖方银行服务器、 买方银行服务器和交易中介服务器 作为数据发送方吋, 还设置为: [0147] When the client, the commodity server, the seller's bank server, the buyer's bank server, and the transaction broker server are used as data senders, it is also set to:
[0148] 生成对称密钥, 利用对称密钥对通信数据进行加密形成第一密文; 利用数据接 收方的公钥对对称密钥进行加密形成第二密文; 利用自身的私钥分别对第一密 文和第二密文进行签名后发送给数据接收方。 [0148] generating a symmetric key, encrypting the communication data by using a symmetric key to form a first ciphertext; encrypting the symmetric key by using a public key of the data receiver to form a second ciphertext; using the private key of the first pair A ciphertext and a second ciphertext are signed and sent to the data receiver.
[0149] 为了进一步防止对称密钥被窃取, 数据发送方每次发送数据吋, 均随机动态生 成对称密钥, 由此达到动态防伪的效果。 在对通信数据进行加密吋, 数据发送 方优选利用对称密钥以 AES算法对通信数据进行加密形成第一密文。 [0149] In order to further prevent the symmetric key from being stolen, the data sender randomly generates a symmetric key every time the data is transmitted, thereby achieving the effect of dynamic anti-counterfeiting. After encrypting the communication data, the data sender preferably encrypts the communication data with the AES algorithm using the symmetric key to form the first ciphertext.
[0150] 当客户端、 商品服务器、 卖方银行服务器买方银行服务器和中介交易服务器作 为数据发送方吋, 还设置为: [0150] When the client, the commodity server, the seller bank server buyer bank server, and the intermediary transaction server act as data senders, it is also set to:
[0151] 接收到第一密文和第二密文后, 利用数据发送方的公钥验证第一密文和第二密 文的签名; 当验证通过后, 利用自身的私钥对第二密文解密获得对称密钥; 利 用对称密钥对第一密文解密获得通信数据。 [0151] after receiving the first ciphertext and the second ciphertext, verifying the signatures of the first ciphertext and the second ciphertext by using the public key of the data sender; and after verifying, using the private key of the second secret The text decryption obtains a symmetric key; the first ciphertext is decrypted by using a symmetric key to obtain communication data.
[0152] 在某些实施例中, 数据发送方也可以不用对第一密文和第二密文进行签名, 相 应的数据接收方则无需对第一密文和第二密文进行签名验证。 [0152] In some embodiments, the data sender may not sign the first ciphertext and the second ciphertext, and the corresponding data receiver does not need to perform signature verification on the first ciphertext and the second ciphertext.
[0153] 参见图 14, 提出本发明的网上交易系统第二实施例, 本实施例与第一实施例的 区别是增加了一监控服务器, 所述监控服务器设置为: [0154] 在数据传输过程中, 同吋收集数据发送方所发送的数据和数据接收方所接收的 数据, 校验发送的数据和接收的数据的一致性, 即将收集的发送的数据和接收 的数据进行比较, 判断二者是否一致。 其中, 当客户端、 商品服务器、 卖方银 行服务器、 买方银行服务器和交易中介服务器在发送数据吋为数据发送方, 在 接收数据吋为数据接收方。 从而, 本实施例采用双轨校验技术, 防止数据在通 信过程中被篡改, 进一步保证了交易的安全性。 [0153] Referring to FIG. 14, a second embodiment of the online transaction system of the present invention is proposed. The difference between this embodiment and the first embodiment is that a monitoring server is added, and the monitoring server is configured as: [0154] During the data transmission process, the data transmitted by the data sender and the data received by the data receiver are collected, and the consistency of the transmitted data and the received data is verified, and the collected data and the received data are collected. The data is compared to determine whether the two are consistent. Wherein, when the client, the commodity server, the seller bank server, the buyer bank server, and the transaction broker server send the data as the data sender, the data is received as the data receiver. Therefore, the embodiment adopts the dual-track verification technology to prevent data from being tampered with during the communication process, thereby further ensuring the security of the transaction.
[0155] 进一步地, 为平衡通信的方便以及保证数据安全, 本实施例还采用两网并用技 术。 即客户端、 商品服务器、 买方银行服务器和卖方银行服务器之间通过公网 进行通信, 监控服务器分别与买方银行服务器和卖方银行服务器通过专线进行 通信。 进一步保证了交易的安全性。  [0155] Further, in order to balance the convenience of communication and ensure data security, this embodiment also adopts a two-network combination technology. That is, the client, the commodity server, the buyer's bank server, and the seller's bank server communicate through the public network, and the monitoring server communicates with the buyer's bank server and the seller's bank server respectively through a dedicated line. The security of the transaction is further guaranteed.
[0156] 需要说明的是, 上述方法实施例中的技术特征在本系统和装置实施例中均能对 应适用, 这里不再重述。  [0156] It should be noted that the technical features in the foregoing method embodiments can be applied in both the system and the device embodiments, and are not repeated here.
[0157] 领域普通技术人员可以理解,实现上述实施例方法中的全部或部分步骤可以通过 程序来控制相关的硬件完成, 所述的程序可以存储于一计算机可读取存储介质 中, 所述的存储介质可以是 ROM/RAM、 磁盘、 光盘等。  [0157] It will be understood by those skilled in the art that all or part of the steps of the foregoing embodiments may be implemented by a program to control related hardware, and the program may be stored in a computer readable storage medium. The storage medium may be a ROM/RAM, a magnetic disk, an optical disk, or the like.
[0158] 应当理解的是, 以上仅为本发明的优选实施例, 不能因此限制本发明的专利范 围, 凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换, 或直 接或间接运用在其他相关的技术领域, 均同理包括在本发明的专利保护范围内 工业实用性  [0158] It is to be understood that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the scope of the invention, the equivalent structure or equivalent Indirect use in other related technical fields, including the industrial applicability within the scope of patent protection of the present invention.
[0159] 本发明的网上交易方法方法、 装置和系统, 通过商品服务器向卖方银行服务器 发送幵证请求, 中介交易服务器向买方银行服务器发送已收货通知, 在客户端 、 商品服务器、 买方银行服务器、 卖方银行服务器和交易中介服务器的交互中 完成交易过程, 交易过程中的交易资金、 交易信息并未转至第三方支付平台, 而均在银行体系内流动, 便于银行对资金的监管以及交易主体的信用监管。 且 通过生成银信证对交易状态进行实吋监控, 使得资金流动吋间和实际交易吋间 没有偏差, 做到线下一手交钱一手交货的有效资金流动, 能有效降低资金风险 和提高交易信息的安全性。 此外, 采用数字信封和动态防伪技术对通信数据进 行安全传输,能保证通信数据的安全性; 采用双轨校验能防止数据被篡改技术; 采用两网并用能平衡通信的方便以及安全性。 [0159] The online transaction method method, apparatus and system of the present invention send a request for a certificate to a seller's bank server through a commodity server, and the intermediary transaction server sends a receipt notification to the buyer's bank server, at the client, the commodity server, the buyer's bank server The transaction process is completed in the interaction between the seller's bank server and the transaction intermediary server. The transaction funds and transaction information in the transaction process are not transferred to the third-party payment platform, but all flow within the banking system, facilitating the supervision of the bank and the transaction subject. Credit supervision. And through the generation of the silver letter to the actual monitoring of the transaction status, so that there is no deviation between the capital flow and the actual transaction, so that the effective flow of money to deliver the goods in one hand, can effectively reduce the risk of funds and improve the transaction. Information security. In addition, digital envelopes and dynamic anti-counterfeiting technology are used to communicate data. Safe transmission of data can ensure the security of communication data; Double-track verification can prevent data from being tampered with technology; The use of two networks can balance the convenience and security of communication.

Claims

权利要求书 Claim
[权利要求 1] 一种网上交易方法, 包括步骤:  [Claim 1] An online transaction method comprising the steps of:
商品服务器接收到客户端发送的订单信息后, 根据所述订单信息向卖 方银行服务器发送银信证幵证请求;  After receiving the order information sent by the client, the commodity server sends a silver credit certificate request to the seller bank server according to the order information;
所述卖方银行服务器根据所述银信证幵证请求生成待生效状态的银信 证, 并发送给买方银行服务器;  The seller bank server generates a silver certificate to be valid according to the silver credit certificate request and sends it to the buyer bank server;
所述买方银行服务器向所述客户端获取买方的付款校验信息并进行验 证; 当验证通过后, 冻结所述买方账户中订单金额对应的资金, 并将 所述银信证的状态更新为已生效状态, 并发送给卖方银行服务器; 所述卖方银行服务器将已生效的银信证的状态更新为已收证, 并向所 述商品服务器发送已收证通知;  The buyer bank server obtains the buyer's payment verification information from the client and performs verification; after the verification is passed, the funds corresponding to the order amount in the buyer account are frozen, and the status of the bank letter is updated to In effect, and sent to the seller's bank server; the seller's bank server updates the status of the validated bank letter to the received certificate, and sends the received certificate notification to the commodity server;
所述商品服务器根据所述已收证通知向交易中介服务器发送所述订单 f π息;  The commodity server sends the order f π interest to the transaction intermediary server according to the received notification;
所述交易中介服务器根据所述订单信息安排发货, 并在确定买方已收 货后, 向所述买方银行服务器发送已收货通知; 所述买方银行服务器接收到所述已收货通知后, 将所述买方账户中冻 结的资金转款至所述卖方银行服务器的卖方账户中。  The transaction intermediary server arranges the delivery according to the order information, and after determining that the buyer has received the goods, sends the received delivery notice to the buyer's bank server; after the buyer's bank server receives the received delivery notification, The funds frozen in the buyer account are transferred to the seller account of the seller's bank server.
[权利要求 2] 根据权利要求 1所述的网上交易方法, 其中, 所述方法还包括: 所述 客户端、 商品服务器、 买方银行服务器、 卖方银行服务器和交易中介 服务器在数据发送和数据接收吋, 采用数字信封的方式对通信数据进 行安全传输。  [Claim 2] The online transaction method according to claim 1, wherein the method further comprises: the data transmission and data reception of the client, the commodity server, the buyer bank server, the seller bank server, and the transaction intermediary server The digital data envelope is used to securely transmit communication data.
[权利要求 3] 根据权利要求 2所述的网上交易方法, 其中, 所述采用数字信封的方 式对通信数据进行安全传输包括:  [Claim 3] The online transaction method according to claim 2, wherein the secure transmission of the communication data by using the digital envelope comprises:
数据发送方生成对称密钥, 利用所述对称密钥对通信数据进行加密形 成第一密文, 利用数据接收方的公钥对所述对称密钥进行加密形成第 二密文, 将所述第一密文和第二密文发送给数据接收方;  The data sender generates a symmetric key, encrypts the communication data by using the symmetric key to form a first ciphertext, and encrypts the symmetric key by using a public key of the data receiver to form a second ciphertext, A ciphertext and a second ciphertext are sent to the data receiver;
数据接收方利用自身的私钥对所述第二密文解密获得所述对称密钥, 利用所述对称密钥对所述第一密文解密获得所述通信数据。 根据权利要求 3所述的网上交易方法, 其中, 所述将所述第一密文和 第二密文发送给数据接收方的步骤之前还包括: 数据发送方利用自身 的私钥分别对所述第一密文和第二密文进行签名; The data receiver decrypts the second ciphertext by using its own private key to obtain the symmetric key, and decrypts the first ciphertext by using the symmetric key to obtain the communication data. The online transaction method according to claim 3, wherein the step of transmitting the first ciphertext and the second ciphertext to the data receiver further comprises: the data sender separately using the private key of the data The first ciphertext and the second ciphertext are signed;
所述数据接收方利用自身的私钥对所述第二密文解密获得所述对称密 钥的步骤之前还包括: 数据接收方利用数据发送方的公钥验证所述第 一密文和第二密文的签名, 当验证通过后, 进入下一步骤。 Before the step of decrypting the second ciphertext by the data receiver to obtain the symmetric key by using the private key of the data, the method further includes: the data receiver verifying the first ciphertext and the second by using a public key of the data sender The signature of the ciphertext, when the verification is passed, proceeds to the next step.
根据权利要求 3所述的网上交易方法, 其中, 所述数据发送方生成对 称密钥的具体方式为: 所述数据发送方随机动态生成对称密钥。 根据权利要求 3所述的网上交易方法, 其中, 所述利用所述对称密钥 对通信数据进行加密形成第一密文的具体方式为: 利用所述对称密钥 以 AES算法对通信数据进行加密形成第一密文。 The online transaction method according to claim 3, wherein the data sender generates a symmetric key in a specific manner: the data sender randomly generates a symmetric key. The online transaction method according to claim 3, wherein the specific manner of encrypting the communication data by using the symmetric key to form the first ciphertext is: encrypting the communication data by using the symmetric key with the AES algorithm Form the first ciphertext.
根据权利要求 1所述的网上交易方法, 其中, 所述方法还包括: 在数据传输过程中, 监控服务器同吋收集数据发送方所发送的数据和 数据接收方所接收的数据, 校验所述发送的数据和接收的数据的一致 性; The online transaction method according to claim 1, wherein the method further comprises: during the data transmission process, the monitoring server collects the data sent by the data sender and the data received by the data receiver, and verifies the data. The consistency between the transmitted data and the received data;
其中, 当所述客户端、 商品服务器、 买方银行服务器、 卖方银行服务 器或交易中介服务器在发送数据吋为数据发送方, 当所述客户端、 商 品服务器、 买方银行服务器、 卖方银行服务器或交易中介服务器在接 收数据吋为数据接收方。 Wherein, when the client, the commodity server, the buyer's bank server, the seller's bank server or the transaction intermediary server is transmitting the data as the data sender, when the client, the commodity server, the buyer's bank server, the seller's bank server or the transaction intermediary The server receives the data and becomes the data receiver.
根据权利要求 7所述的网上交易方法, 其中, 所述客户端、 商品服务 器、 买方银行服务器和卖方银行服务器之间通过公网进行通信, 所述 监控服务器分别与所述买方银行服务器和卖方银行服务器通过专线进 行通信。 The online transaction method according to claim 7, wherein the client, the commodity server, the buyer's bank server, and the seller's bank server communicate via a public network, and the monitoring server and the buyer's bank server and the seller's bank respectively The server communicates over a dedicated line.
根据权利要求 1所述的网上交易方法, 其中, 所述方法还包括: 所述交易中介服务器接收到所述客户端发送的收货确认通知后, 则确 定买方已收货; 或者, The online transaction method according to claim 1, wherein the method further comprises: after the transaction intermediary server receives the receipt confirmation notification sent by the client, determining that the buyer has received the goods; or
所述交易中介服务器在安排发货后的预设吋间内没有收到所述客户端 的反馈信息, 则在超过所述预设吋间后确定买方已收货。 [权利要求 10] —种网上交易系统, 包括设置为根据买方预订的商品生成订单信息的 客户端, 还包括商品服务器、 买方银行服务器、 卖方银行服务器和交 易中介服务器, 其中: The transaction intermediary server does not receive the feedback information of the client within the preset time after scheduling the shipment, and determines that the buyer has received the goods after exceeding the preset time. [Claim 10] An online transaction system comprising a client configured to generate order information based on a commodity booked by a buyer, further comprising a commodity server, a buyer bank server, a seller bank server, and a transaction broker server, wherein:
所述商品服务器, 设置为接收到所述客户端发送的所述订单信息后, 向所述卖方银行服务器发送银信证幵证请求; 接收到所述卖方银行服 务器发送的已收证通知后, 向所述交易中介服务器发送所述订单信息 所述卖方银行服务器, 设置为接收到所述银信证幵证请求后, 生成待 生效状态的银信证, 并发送给所述买方银行服务器; 接收到所述买方 银行服务器发送的已生效的银信证后, 将所述银信证的状态更新为已 收证状态, 并向所述商品服务器发送已收证通知; 所述交易中介服务器, 设置为根据所述订单信息安排发货, 并在确定 买方已收货后, 向所述买方银行服务器发送已收货通知;  The commodity server is configured to: after receiving the order information sent by the client, send a silver credit certificate request to the seller bank server; after receiving the received certificate notification sent by the seller bank server, Sending the order information to the transaction intermediary server, the seller bank server, configured to generate a silver credit certificate to be valid after receiving the silver credit certificate request, and send the silver credit card to the buyer bank server; After the valid silver certificate sent by the buyer's bank server is sent, the status of the silver credit is updated to the received status, and the received notification is sent to the commodity server; the transaction intermediary server, setting In order to arrange delivery according to the order information, and after determining that the buyer has received the goods, send the received delivery notice to the buyer's bank server;
所述买方银行服务器, 设置为接收到所述待生效状态的银信证后, 向 所述客户端获取买方的付款校验信息并进行验证; 当验证通过后, 冻 结所述买方账户中订单金额对应的资金, 并将所述银信证的状态更新 为已生效状态, 并发送给所述卖方银行服务器; 接收到所述已收货通 知后, 将所述买方账户冻结的资金转款至所述卖方银行服务器的卖方 账户中。  The buyer bank server is configured to: after receiving the silver credit certificate in the inactive state, obtain the buyer's payment verification information from the client and perform verification; when the verification is passed, freeze the order amount in the buyer account Corresponding funds, and updating the status of the bank letter to the valid state, and sending the status to the seller bank server; after receiving the received goods notification, transferring the funds frozen by the buyer account to the office In the seller's account of the seller's bank server.
[权利要求 11] 根据权利要求 10所述的网上交易系统, 其中, 所述客户端、 商品服务 器、 买方银行服务器、 卖方银行服务器和交易中介服务器还设置为: 在数据发送和数据接收吋, 采用数字信封技术对通信数据进行安全传 输。  [Claim 11] The online transaction system according to claim 10, wherein the client, the commodity server, the buyer bank server, the seller bank server, and the transaction intermediary server are further configured to: after data transmission and data reception, Digital envelope technology securely transmits communication data.
[权利要求 12] 根据权利要求 11所述的网上交易系统, 其中:  [Claim 12] The online transaction system according to claim 11, wherein:
当所述客户端、 商品服务器、 买方银行服务器、 卖方银行服务器或交 易中介服务器作为数据发送方吋, 设置为: 生成对称密钥, 利用所述 对称密钥对通信数据进行加密形成第一密文, 利用所述数据接收方的 公钥对所述对称密钥进行加密形成第二密文, 将所述第一密文和第二 密文发送给所述数据接收方; When the client, the commodity server, the buyer bank server, the seller bank server or the transaction broker server is used as a data sender, the method is: generating a symmetric key, and encrypting the communication data by using the symmetric key to form a first ciphertext Encrypting the symmetric key with the public key of the data recipient to form a second ciphertext, the first ciphertext and the second The ciphertext is sent to the data receiver;
当所述客户端、 商品服务器、 买方银行服务器、 卖方银行服务器或交 易中介服务器作为数据接收方吋, 设置为: 利用自身的私钥对所述第 二密文解密获得所述对称密钥, 利用所述对称密钥对所述第一密文解 密获得所述通信数据。  When the client, the commodity server, the buyer's bank server, the seller's bank server, or the transaction intermediary server is used as a data receiver, the method is: decrypting the second ciphertext by using its own private key to obtain the symmetric key, and utilizing The symmetric key decrypts the first ciphertext to obtain the communication data.
[权利要求 13] 根据权利要求 12所述的网上交易系统, 其中: [Claim 13] The online transaction system according to claim 12, wherein:
当所述客户端、 商品服务器、 买方银行服务器、 卖方银行服务器或交 易中介服务器作为数据发送方吋, 还设置为: 利用自身的私钥分别对 所述第一密文和第二密文进行签名后再发送给所述数据接收方; 当所述客户端、 商品服务器、 买方银行服务器、 卖方银行服务器或交 易中介服务器作为数据接收方吋, 还设置为: 利用所述数据发送方的 公钥验证所述第一密文和第二密文的签名, 当验证通过后, 再进行解 密操作。  When the client, the commodity server, the buyer's bank server, the seller's bank server or the transaction intermediary server is used as the data sender, the method is further configured to: sign the first ciphertext and the second ciphertext respectively by using the private key thereof And then sent to the data receiver; when the client, the commodity server, the buyer bank server, the seller bank server or the transaction intermediary server as the data receiver, is further configured to: use the data sender's public key verification The signatures of the first ciphertext and the second ciphertext are decrypted after the verification is passed.
[权利要求 14] 根据权利要求 12所述的网上交易系统, 其中, 当所述客户端、 商品服 务器、 买方银行服务器、 卖方银行服务器或交易中介服务器作为数据 发送方吋, 还设置为: 发送数据吋随机动态生成对称密钥。  [Claim 14] The online transaction system according to claim 12, wherein, when the client, the commodity server, the buyer bank server, the seller bank server, or the transaction intermediary server is used as a data sender, the method is further configured to: send data吋 Randomly generate symmetric keys.
[权利要求 15] 根据权利要求 12所述的网上交易系统, 其中, 当所述客户端、 商品服 务器、 买方银行服务器、 卖方银行服务器或交易中介服务器作为数据 发送方吋, 还设置为: 利用所述对称密钥以 AES算法对通信数据进行 加密形成第一密文。  [Claim 15] The online transaction system according to claim 12, wherein, when the client, the commodity server, the buyer's bank server, the seller's bank server, or the transaction intermediary server is used as a data sender, the method is further set as: The symmetric key encrypts the communication data by the AES algorithm to form a first ciphertext.
[权利要求 16] 根据权利要求 10所述的网上交易系统, 其中, 所述网上交易系统还包 括一监控服务器, 所述监控服务器设置为: 在数据传输过程中, 同吋 收集数据发送方所发送的数据和数据接收方所接收的数据, 校验所述 发送的数据和接收的数据的一致性;  [Claim 16] The online transaction system according to claim 10, wherein the online transaction system further comprises a monitoring server, wherein the monitoring server is configured to: in the process of data transmission, the peer data collection sender sends Data and data received by the data receiver, verifying the consistency of the transmitted data and the received data;
其中, 当所述客户端、 商品服务器、 买方银行服务器、 卖方银行服务 器或交易中介服务器发送数据吋为数据发送方, 当所述客户端、 商品 服务器、 买方银行服务器、 卖方银行服务器或交易中介服务器接收数 据吋为数据接收方。 根据权利要求 16所述的网上交易系统, 其中, 所述客户端、 商品服务 器、 买方银行服务器和卖方银行服务器之间通过公网进行通信, 所述 监控服务器分别与所述买方银行服务器和卖方银行服务器通过专线进 行通信。 Wherein, when the client, the commodity server, the buyer's bank server, the seller's bank server or the transaction intermediary server sends the data as the data sender, when the client, the commodity server, the buyer's bank server, the seller's bank server or the transaction intermediary server The received data is the data receiver. The online transaction system according to claim 16, wherein the client, the commodity server, the buyer's bank server, and the seller's bank server communicate via a public network, and the monitoring server and the buyer's bank server and the seller's bank respectively The server communicates over a dedicated line.
根据权利要求 10所述的网上交易系统, 其中, 所述交易中介服务器设 置为: The online transaction system according to claim 10, wherein said transaction intermediary server is set to:
接收到所述客户端发送的收货确认通知后, 则确定买方已收货; 或者 当在安排发货后的预设吋间内没有收到所述客户端的反馈信息吋, 则 在超过所述预设吋间后确定买方已收货。 After receiving the receipt confirmation notification sent by the client, it is determined that the buyer has received the goods; or when the feedback information of the client is not received within the preset time after the delivery is scheduled, then the After the default time, the buyer has received the goods.
一种网上交易方法, 应用于商品服务器, 该方法包括以下步骤: 接收到客户端发送的订单信息后, 根据所述订单信息向卖方银行服务 器发送银信证幵证请求; An online transaction method is applied to a commodity server, and the method comprises the following steps: after receiving the order information sent by the client, sending a silver credit certificate request to the seller bank server according to the order information;
接收到所述卖方银行服务器发送的已收证通知后, 向交易中介服务器 发送所述订单信息。 After receiving the received notification sent by the seller's bank server, the order information is sent to the transaction intermediary server.
一种网上交易装置, 应用于商品服务器, 该装置包括以下模块: 第一接收模块, 设置为接收客户端发送的订单信息、 以及卖方银行服 务器发送的已收证通知; An online transaction device is applied to a commodity server, and the device comprises the following modules: a first receiving module, configured to receive order information sent by a client, and a received notification sent by a seller bank server;
幵证请求模块, 设置为接收到客户端发送的订单信息后, 根据所述订 单信息向所述卖方银行服务器发送银信证幵证请求; The certificate requesting module is configured to: after receiving the order information sent by the client, send a silver credit certificate request to the seller bank server according to the order information;
订单信息发送模块, 设置为接收到所述卖方银行服务器发送的已收证 通知后, 向交易中介服务器发送所述订单信息。 The order information sending module is configured to send the order information to the transaction intermediary server after receiving the received certificate notification sent by the seller bank server.
一种网上交易方法, 应用于卖方银行服务器, 该方法包括以下步骤: 接收到商品服务器发送的银信证幵证请求后, 生成待生效状态的银信 证, 并发送给买方银行服务器; An online transaction method is applied to a seller's bank server. The method includes the following steps: after receiving a request for a silver credit card issued by a commodity server, generating a silver certificate to be valid and sending it to the buyer's bank server;
接收到所述买方银行服务器发送的已生效的银信证后, 将所述银信证 的状态更新为已收证状态, 并向所述商品服务器发送已收证通知。 一种网上交易装置, 应用于卖方银行服务器, 该装置包括以下模块: 第二接收模块, 设置为接收商品服务器发送的银信证幵证请求、 以及 买方银行服务器发送的已生效的银信证; After receiving the valid silver certificate sent by the buyer's bank server, the status of the silver credit is updated to the received status, and the received notification is sent to the commodity server. An online transaction device for a seller's bank server, the device comprising the following modules: a second receiving module, configured to receive a silver credit certificate request sent by the commodity server, and an activated silver letter sent by the buyer bank server;
银信证生成模块, 设置为根据所述银信证幵证请求生成待生效状态的 银信证;  a silver credit card generating module, configured to generate a silver credit card to be valid according to the silver credit card verification request;
银信证发送模块, 设置为将所述待生效状态的银信证发送给所述买方 银行服务器;  a silver letter transmitting module, configured to send the bank certificate to be in effect to the buyer bank server;
已收证通知模块, 设置为接收到所述买方银行服务器发送的已生效银 信证后, 将所述银信证的状态更新为已收证状态, 并向所述商品服务 器发送已收证通知。  The received notification notification module is configured to update the status of the silver credit card to the received certificate status after receiving the validated silver letter sent by the buyer's bank server, and send the received certificate notification to the commodity server .
[权利要求 23] —种网上交易方法, 应用于买方银行服务器, 该方法包括以下步骤: 接收到卖方银行服务器发送的待生效状态的银信证后, 向客户端获取 买方的付款校验信息并进行验证;  [Claim 23] An online transaction method, applied to a buyer's bank server, the method comprising the steps of: obtaining a payment verification information of a buyer after receiving a silver certificate to be validated by a seller's bank server; authenticating;
如果验证通过, 冻结所述买方账户中订单金额对应的资金, 并将所述 银信证的状态更新为已生效, 发送给卖方银行服务器;  If the verification is passed, the funds corresponding to the order amount in the buyer account are frozen, and the status of the silver credit card is updated to have been validated, and sent to the seller's bank server;
接收到交易中介服务器发送的已收货通知后, 将所述买方账户冻结的 资金转款到所述卖方银行服务器的卖方账户中。  After receiving the receipt notification sent by the transaction intermediary server, the funds frozen by the buyer account are transferred to the seller account of the seller bank server.
[权利要求 24] —种网上交易装置, 应用于买方银行服务器, 该装置包括以下模块: 第三接收模块, 设置为接收卖方银行服务器发送的待生效状态的银信 证、 以及交易中介服务器发送的已收货通知; [Claim 24] An online transaction device, applied to a buyer's bank server, the device comprising the following modules: a third receiving module, configured to receive a silver credit card to be validated by the seller's bank server, and a transaction intermediary server Received notice;
验证模块, 设置为接收到所述待生效状态的银信证后, 向客户端获取 买方的付款校验信息并进行验证;  The verification module is configured to: after receiving the silver certificate of the to-be-effective state, obtain the payment verification information of the buyer from the client and perform verification;
冻结模块, 设置为验证通过后, 冻结所述买方账户中订单金额对应的 资金, 并将所述银信证的状态更新为已生效, 发送给所述卖方银行服 务器;  a freezing module, configured to freeze the funds corresponding to the order amount in the buyer account after the verification is passed, and update the status of the silver credit card to have been validated and sent to the seller bank server;
划款模块, 设置为接收到所述已收货通知后, 将所述买方账户冻结的 资金转款到所述卖方银行服务器的卖方账户中。  The payment module is configured to, after receiving the received delivery notification, transfer funds frozen by the buyer account to a seller account of the seller bank server.
PCT/CN2015/084664 2015-07-21 2015-07-21 Online transaction method, device and system WO2017012066A1 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
CA3115627A CA3115627C (en) 2015-07-21 2015-07-21 Online transaction method, device and system
CA2993090A CA2993090C (en) 2015-07-21 2015-07-21 Online transaction method, device and system
CA3177680A CA3177680C (en) 2015-07-21 2015-07-21 Online transaction method, device and system
PCT/CN2015/084664 WO2017012066A1 (en) 2015-07-21 2015-07-21 Online transaction method, device and system
CA3123658A CA3123658C (en) 2015-07-21 2015-07-21 Online transaction method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/084664 WO2017012066A1 (en) 2015-07-21 2015-07-21 Online transaction method, device and system

Publications (1)

Publication Number Publication Date
WO2017012066A1 true WO2017012066A1 (en) 2017-01-26

Family

ID=57835077

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/084664 WO2017012066A1 (en) 2015-07-21 2015-07-21 Online transaction method, device and system

Country Status (2)

Country Link
CA (4) CA3177680C (en)
WO (1) WO2017012066A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111915306B (en) * 2019-05-08 2023-12-19 华控清交信息科技(北京)有限公司 Service data verification method and verification platform

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103778536A (en) * 2014-02-25 2014-05-07 上海农村商业银行股份有限公司 Implementation method and implementation system for transfer transaction
CN103827903A (en) * 2013-03-18 2014-05-28 深圳市银信网银科技有限公司 Internet payment method and system
CN103827902A (en) * 2013-03-18 2014-05-28 深圳市银信网银科技有限公司 Method and system for Intenet payment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103827903A (en) * 2013-03-18 2014-05-28 深圳市银信网银科技有限公司 Internet payment method and system
CN103827902A (en) * 2013-03-18 2014-05-28 深圳市银信网银科技有限公司 Method and system for Intenet payment
CN103778536A (en) * 2014-02-25 2014-05-07 上海农村商业银行股份有限公司 Implementation method and implementation system for transfer transaction

Also Published As

Publication number Publication date
CA2993090C (en) 2022-06-21
CA3123658C (en) 2023-01-10
CA3177680A1 (en) 2017-01-26
CA3115627C (en) 2022-06-14
CA2993090A1 (en) 2017-01-26
CA3115627A1 (en) 2017-01-26
CA3177680C (en) 2023-09-26
CA3123658A1 (en) 2017-01-26

Similar Documents

Publication Publication Date Title
WO2007092577A2 (en) A point-of-sale terminal transactions using mutating identifiers
WO2012072022A1 (en) Remote payment method
CN104143142A (en) Payment system with mobile payment unit and security payment method
TWI313845B (en) Method and system for mobile payment
WO2017012066A1 (en) Online transaction method, device and system
WO2017012064A1 (en) Online transaction method, device and system
CN114584355A (en) Security authentication method, device and system for digital currency transaction
WO2017012070A1 (en) Online transaction method, device and system
Sood et al. Cloudbank: A secure anonymous banking cloud
CA2993110C (en) Online transaction method, device and system
WO2017012063A1 (en) Online transaction method, device and system
WO2017012065A1 (en) Online transaction method, device and system
CA2993091C (en) Online transaction method, device and system
US11842338B2 (en) Payment encryption system
CA2993109C (en) Online transaction method, device and system
Kumar et al. A system model and protocol for Mobile Payment Consortia System
Wan et al. Secure mobile payment based on super set protocol
KR20060019928A (en) Electronic payment method
KR20020089842A (en) The electronic payment method using a secure electronic funds transfer and thereof apparatus
CN108737354A (en) A kind of implementation method and its system of mobile payment security protection

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15898622

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2993090

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC , EPO FORM 1205A DATED 03.04.18.

122 Ep: pct application non-entry in european phase

Ref document number: 15898622

Country of ref document: EP

Kind code of ref document: A1