WO2021143110A1 - Graphical code generation method and apparatus, and computer readable storage medium - Google Patents

Graphical code generation method and apparatus, and computer readable storage medium Download PDF

Info

Publication number
WO2021143110A1
WO2021143110A1 PCT/CN2020/107671 CN2020107671W WO2021143110A1 WO 2021143110 A1 WO2021143110 A1 WO 2021143110A1 CN 2020107671 W CN2020107671 W CN 2020107671W WO 2021143110 A1 WO2021143110 A1 WO 2021143110A1
Authority
WO
WIPO (PCT)
Prior art keywords
graphical
information
characteristic value
identity authentication
authentication data
Prior art date
Application number
PCT/CN2020/107671
Other languages
French (fr)
Chinese (zh)
Inventor
王瑞明
王钰
蒋海俭
邹震中
Original Assignee
中国银联股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国银联股份有限公司 filed Critical 中国银联股份有限公司
Publication of WO2021143110A1 publication Critical patent/WO2021143110A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/30Creation or generation of source code
    • G06F8/34Graphical or visual programming

Definitions

  • the present invention relates to a computer-readable graphical code generation method, device and computer-readable storage medium, in particular, to a mechanism for generating computer-readable graphical code using characteristic values of a local trusted execution environment .
  • QR code payment has been accepted by the vast majority of Chinese consumers.
  • consumers in overseas markets also welcome this payment method.
  • the share of overseas markets is also increasing.
  • scan code payment does not need to carry a card separately, and the account information can be seen in real time through the client, so its user experience is better.
  • scan code payment is more dependent on network quality and/or algorithm strength. Therefore, on the one hand, its user experience may be significantly deteriorated due to changes in network quality; on the other hand, security may be significantly affected due to insufficient algorithm strength.
  • the present invention provides a mechanism for obtaining computer-readable graphical codes by using the characteristic values of the local trusted execution environment.
  • a computer-readable graphical code generation method includes the following steps: sending a request message to a receiving end to request information representing the graphical code, and The request message includes the characteristic value of the local trusted execution environment; receiving the information from the receiving end and storing it; and generating the graphical code according to the information.
  • the request message further includes account information.
  • the step of receiving and storing the information from the receiving end is specifically: encrypting the information from the receiving end and storing it in the local trusted execution Environment.
  • the method further includes: generating the characteristic value according to the software and hardware information of the local trusted execution environment.
  • the method further includes: sending the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information corresponds to the identity authentication data .
  • the identity authentication data is account information.
  • the number of requested graphical codes is multiple.
  • each of the graphical codes has a serial number.
  • the request is sent again when the number of the graphical codes that have not been generated is lower than a predetermined value.
  • the predetermined value corresponds to the characteristic value.
  • each of the graphical codes has a validity period, and the request is sent again when the number of the graphical codes that are not generated within the validity period is lower than a predetermined value.
  • the predetermined value corresponds to the characteristic value.
  • the predetermined value is dynamically set according to the transmission frequency of the request message including the characteristic value.
  • a computer-readable graphical code generation method characterized in that the method includes the following steps: receiving the characteristic value of the local trusted execution environment sent by the sending end; checking whether there is The mapping relationship between the characteristic value and the identity authentication data; and if it exists, the information representing the graphical code corresponding to the identity authentication data is generated and sent to the sending end.
  • the method further includes: receiving the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and storing the characteristic value and the identity authentication data.
  • the mapping relationship of the identity authentication data is described.
  • the identity authentication data is account information.
  • the number of graphical codes is multiple, and the information includes the serial number of each graphical code.
  • a computer-readable graphical code generation method includes the steps of: sending a characteristic value of a local trusted execution environment to a receiving end to request a graphical code; And present the graphical code of the receiving end.
  • the step of receiving and presenting the graphical code from the receiving end includes encrypting and storing the graphical code in the local trusted execution environment .
  • the method further includes: generating the characteristic value according to the software and hardware information of the local trusted execution environment.
  • the method further includes: sending the characteristic value and identity authentication data to request the establishment of a mapping relationship between the two, and the graphical code corresponds to the identity Authentication data.
  • the requested number of graphical codes is multiple, and only one graphical code is generated each time.
  • each of the graphical codes has a serial number, and one of the graphical codes is sequentially generated according to the serial number.
  • the request is sent again when the number of the graphical codes that have not been generated is lower than a predetermined value.
  • a computer-readable graphical code generation method includes the following steps: receiving a characteristic value of a local trusted execution environment sent by a sending end; and verifying whether the characteristic value exists A mapping relationship with the identity authentication data; and if it exists, the graphical code corresponding to the identity authentication data is generated and sent to the sending end.
  • the method further includes: receiving the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and storing the characteristic value and the identity authentication data.
  • the mapping relationship of the identity authentication data is described.
  • the number of the graphical code is multiple, and the graphical code includes its serial number.
  • a computer-readable storage medium having instructions stored in the computer-readable storage medium, wherein, when the instructions are executed by a processor, the processor is caused to execute the above Any of the methods described in the article.
  • an apparatus for generating computer-readable graphical code comprising: a request module configured to send a request message to request information representing the graphical code, the request The message includes the characteristic value of the local trusted execution environment of the device; a receiving module configured to receive and store the information; and a rendering module configured to generate the graphical code according to the information.
  • the request message further includes account information.
  • the receiving module encrypts the information and stores it in the local trusted execution environment of the device.
  • the device further includes a generating module configured to generate the characteristic value according to software and hardware information of the local trusted execution environment of the device.
  • the request module is further configured to send the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information corresponds to the identity authentication data.
  • the identity authentication data is account information.
  • the predetermined value is dynamically set according to the transmission frequency of the request message including the characteristic value.
  • the number of the graphical codes requested by the request module is multiple.
  • each of the graphical codes has a serial number.
  • the device further includes a judging module, and when the judging module determines that the number of the graphical codes that have not been generated is lower than a predetermined value, the requesting module sends the Mentioned request.
  • the predetermined value corresponds to the characteristic value.
  • the judgment module is included in the local trusted execution environment.
  • the device further includes a judgment module, each of the graphical codes has a validity period, and when the judgment module determines that the graphical codes that are not generated within the validity period Send the request again when the number of is lower than the predetermined value.
  • the predetermined value corresponds to the characteristic value.
  • the judgment module is included in the local trusted execution environment.
  • an apparatus for generating computer-readable graphical code wherein the apparatus includes: a receiving module configured to receive a characteristic value of a local trusted execution environment sent by a sending end A verification module, which is configured to verify whether there is a mapping relationship between the characteristic value and the identity authentication data; and a sending module, which is configured to generate a representation corresponding to the identity authentication data if the mapping relationship exists The graphical code information is sent to the sending end.
  • the device further includes a storage module, wherein the receiving module is further configured to receive the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and The storage module stores the mapping relationship between the characteristic value and the identity authentication data.
  • the identity authentication data is account information.
  • the information sent by the sending module includes the serial number of each graphical code.
  • a computer-executable method includes the following steps: the processor of the mobile terminal determines to send the characteristic value of the local trusted execution environment of the mobile terminal to request the representation of the graphic The processor of the mobile terminal receives and stores the information; and the processor of the mobile terminal generates the graphical code according to the information.
  • the step of receiving and storing the information by the processor of the mobile terminal specifically includes: encrypting the information by the local trusted execution environment and storing it in In the local trusted execution environment.
  • the method further includes: generating the characteristic value by the processor of the mobile terminal according to the software and hardware information of the local trusted execution environment.
  • the method further includes: determining, by the processor of the mobile terminal, to send the characteristic value and identity authentication data to request the establishment of a mapping between the two Relationship, the information corresponds to the identity authentication data.
  • the requested number of graphical codes is multiple, and only one graphical code is generated each time.
  • each of the graphical codes has a serial number, and one of the graphical codes is sequentially generated according to the serial number.
  • the processor of the mobile terminal determines to send the request again when the number of the graphical codes that have not been generated is lower than a predetermined value.
  • a computer-executable method includes the following steps: a processor of a server determines a characteristic value of a local trusted execution environment sent by a sender; The processor verifies whether there is a mapping relationship between the characteristic value and the identity authentication data; and the processor of the server determines if it exists, and generates information corresponding to the identity authentication data representing the graphical code And sent to the sending end.
  • the method further includes: determining, by the processor of the server, to receive the characteristic value and identity authentication of the local trusted execution environment sent by the sending end Data, and store the mapping relationship between the characteristic value and the identity authentication data.
  • the number of graphical codes is multiple, and the information includes the serial number of each graphical code.
  • a mobile device includes any one of the apparatuses for generating computer-readable graphical codes as described above.
  • a service platform includes any device for generating computer-readable graphical codes as described above.
  • a mobile device including: a display; a local trusted execution environment; a memory configured to store instructions; and a processor configured to execute the instructions for: a mobile terminal
  • the processor of the mobile terminal determines to send the characteristic value of the local trusted execution environment of the mobile terminal to request information representing the graphical code; the processor of the mobile terminal receives and stores the information; The processor of the mobile terminal generates the graphical code according to the information; and the processor of the mobile terminal displays the graphical code on the display.
  • the processor is further configured to determine that the information is encrypted by the local trusted execution environment and stored in the local trusted execution environment.
  • the processor is further configured to generate the characteristic value according to software and hardware information of the local trusted execution environment.
  • the processor is further configured to determine to send the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information corresponds to the identity authentication data .
  • the requested number of graphical codes is multiple, and only one graphical code is generated each time.
  • each of the graphical codes has a serial number, and one of the graphical codes is sequentially generated according to the serial number.
  • the processor is further configured to determine to send the request again when the number of the graphical codes that have not been generated is lower than a predetermined value.
  • a server including: a memory configured to store instructions; and a processor configured to execute the instructions for: determining, by the processor of the server, the local data sent by the sender The characteristic value of the trusted execution environment; the processor of the server verifies whether there is a mapping relationship between the characteristic value and the identity authentication data; and the processor of the server determines if there is a corresponding The information representing the graphical code in the identity authentication data is sent to the sending end.
  • the processor is further configured to determine to receive the characteristic value and identity authentication data of the local trusted execution environment sent by the sending end, and store the characteristic value and the identity authentication data. The mapping relationship of identity authentication data.
  • the number of graphical codes is multiple, and the information includes the serial number of each graphical code.
  • Fig. 1 shows a schematic diagram of a payment system according to an embodiment of the present invention.
  • Fig. 2 shows a schematic diagram of a payment system according to the prior art.
  • Fig. 3 shows a schematic diagram of a payment system according to the prior art.
  • Fig. 4 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 5 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 6 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 7 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 8 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 9 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 10 shows a schematic diagram of an apparatus for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 11 shows a schematic diagram of an apparatus for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 12 shows a mobile terminal according to an embodiment of the present invention.
  • Fig. 13 shows a schematic diagram of a server according to an embodiment of the present invention.
  • Fig. 14 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 15 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • Fig. 16 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • the "characteristic value of the trusted execution environment” refers to information (for example, a set of codes) that corresponds to the trusted execution environment and can be used to distinguish the trusted execution environment (TEE) of different devices.
  • the "characteristic value of the trusted execution environment” can be a set of codes generated based on the software and hardware information of the trusted execution environment, or a set of codes designated by the factory and stored in the trusted execution environment, or It is the information sent over the air and stored in the trusted execution environment.
  • the generation mechanism of the feature value is not limited, as long as the feature value can distinguish the trusted execution environment of different devices.
  • Fig. 1 shows a schematic diagram of a payment system according to an embodiment of the present invention.
  • a mobile terminal 10 for example, a smart phone, a tablet computer, a smart wearable device, etc.
  • the mobile terminal 10 can communicate with other devices on the Internet, for example, via a wireless access device 41 (e.g., base station, AP) and a network 40 (e.g., local area network, metropolitan area network, wide area network, Internet, etc.).
  • the mobile terminal 10 runs software or service that supports scan code payment.
  • the software or service can communicate with the Internet via the communication function in the mobile terminal 10.
  • the server 30 communicates.
  • a user requests a computer-readable graphical code (for example, a barcode, a two-dimensional code, etc.)
  • the user side can initiate a request to the server 30 on the management side, and the server 30 returns payment information to the mobile terminal 10.
  • the mobile terminal 10 can generate a computer-readable graphical code according to the payment information.
  • FIG. 1 An example of the store side is also shown in FIG. 1, where the store side includes a cash register device 20 with communication capability and a scanning device 21 with a reading capability of reading computer-readable graphical codes.
  • the computer-readable graphical codes in this application include various forms of codes such as bar codes and two-dimensional codes. The information carried by these codes can be read by a reading device such as a scanning device 21 and passed through a checkout device 20. The type of computing device parses, so this type of code is computer readable.
  • the computer-readable graphical codes claimed in this application are not limited to barcodes and two-dimensional codes, but also include other forms of graphical codes that can be read by a computer, regardless of whether these forms are based on certain standards or set by themselves.
  • the cash register device 20 may communicate with other devices on the Internet in a wired transmission manner, for example.
  • the scanning device 21 can read the code and input it into the cash register device 20 for analysis.
  • the cash register device 20 then analyzes the code according to the analysis.
  • the information generated by the information is sent to the server 30 on the management side.
  • the server 30 processes the received information and judges its legality. If the received information is legal, the payment acceptance information can be returned to the cash register device 20.
  • the cash register device 20 may give a corresponding prompt (for example, output a signal of successful payment) and a response (for example, perform a checkout process) according to the payment acceptance information.
  • the server 30 can also return payment acceptance information to the mobile terminal 10 at the same time, and the user can confirm that the payment is completed accordingly.
  • the server on the management side may be a server of various forms, for example, may be a server cluster that implements different functions.
  • the cluster server can be located in one geographic location or in multiple locations.
  • Figures 2 and 3 show schematic diagrams of payment systems according to the prior art.
  • One is the online payment method, as shown in Figure 2.
  • the client every time the user needs to use the QR code to pay, the client directly obtains the payment code of the current transaction from the client backend server 3001.
  • the transaction flow of this method is roughly as follows.
  • the user opens the client that supports QR code scanning and payment on the mobile phone 10; (2) Clicks on the QR code to be scanned for payment; (3)
  • the client requests the client backend server 3001 to obtain the payment QR code used for payment (4)
  • the client background server 3001 requests the payment system server 3002 to obtain the payment QR code used for payment;
  • the payment system server 3002 sends the current payment QR code through the background method and returns to the client via the original path (6)
  • the user displays the payment QR code to the merchant cashier; (7)
  • the merchant acquiring system 2001 sends the QR code to the payment system server 3002, and the payment system server 3002 completes the payment after verifying the QR code.
  • the online payment method may be suitable for transaction scenarios that require real-time authentication, such as transaction scenarios with large transaction amounts. However, the online payment method will depend on the user's network conditions when using it. If some merchants are located on the underground floor or in a poor network environment, it may cause users to wait for a long time, thereby affecting the user's payment experience.
  • the other is an offline payment method.
  • the client every time a user needs to use a QR code to pay, the client directly obtains the payment code of the current transaction from the mobile phone 10 locally.
  • the user's usage process is as follows: (1) The user opens the client that supports QR code scanning and payment on the mobile phone 10; (2) Clicks on the QR code to be scanned and paid; (3) The client uses the local algorithm to calculate the current payment (4) The user shows the payment QR code to the cashier of the merchant; (5) The merchant acquiring system 2001 sends the QR code to the payment system server 3002; (6) The payment system server 3002 passes certain algorithms, After verifying that the QR code is a valid QR code calculated by the client, complete the payment.
  • the mobile phone 10 and the payment system server 3002 can synchronize data such as algorithms through the network 40 in a quasi-real-time or without real-time manner.
  • offline payment methods rely on the confidentiality and unbreakability of the algorithm.
  • the algorithm used in offline mode requires the mobile client and the payment system backend to be the same to calculate the same payment code. There are issues such as how to synchronize the algorithm, how to ensure the confidentiality of the algorithm, and whether the algorithm strength is sufficient, so the implementation is more complicated.
  • Fig. 4 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • the method includes step S402, in which a request message including characteristic values of a local trusted execution environment (Trust Execution Environment, TEE) is sent to request information representing graphical code; step S404, in this step Receive and store the information representing the graphical code in step S406, in which the graphical code is generated according to the information representing the graphical code.
  • TEE Threat Execution Environment
  • the characteristic value of the local trusted execution environment refers to the various types of symbols and/or values stored in the local trusted execution environment and corresponding to the local trusted execution environment for identifying the local trusted execution environment.
  • the characteristic value of the trusted execution environment may be generated based on hardware information (for example, the serial number of the hardware) and/or software information (for example, the version number of the software) of the trusted execution environment.
  • the characteristic value of the trusted execution environment can also be preset at the factory.
  • the characteristic value may not be related to the hardware information or software information of the trusted execution environment, but a set of unique information stored in the trusted execution environment According to this information, different devices that request graphical codes (or called the user side, such as smart phones, tablet computers, smart wearable devices, etc.) can be distinguished.
  • the feature value of the trusted execution environment can also be sent over the air.
  • the feature value can be sent over the air to the device (for example, smart phone, tablet computer, smart wearable device, etc.) requesting graphical code through the server on the management side.
  • the device requesting the graphical code stores the characteristic value in the trusted execution environment.
  • the feature value recorded in the management side can be sent to and stored by the device requesting the graphical code later; or it can be stored in it and preset (for example, in the case of air transmission, the server on the management side Acting as a device for sending characteristic values over the air).
  • the request information may also include account information.
  • the device requesting the graphical code may be associated with multiple account information.
  • the account information needs to be sent to the management side. It is described above that the information representing the graphical code is received and stored in step S404.
  • the information can be encrypted and stored by the client on the user side. At this time, the encrypted information will be stored in the common data storage location.
  • the information in order to further improve data security, can be encrypted by the local trusted execution environment and stored in the local trusted execution environment.
  • the stored information will be isolated from ordinary data, and the The client can read it only when allowed by the execution environment. Since in the latter aspect, the information is encrypted and stored by the local trusted execution environment, the trusted execution environment is required to decrypt the information before allowing the client to read it. According to another aspect of the present invention, the information can be encrypted by the client on the user side first, and then the encrypted information can be re-encrypted by the local trusted execution environment. At this time, the information will be double-encrypted, thereby further improving the data security. safety. Correspondingly, when the information is decrypted, the trusted execution environment and the client will sequentially decrypt the information. In other embodiments of the present invention, it can be set to allow only designated clients or services to access the information stored in the local trusted execution environment. This can be achieved by adding mobile device trusted execution environment security zone access control rules .
  • a feature value may be generated according to the software and hardware information of the local trusted execution environment (step S502).
  • the feature value in the present invention does not necessarily have to be generated based on software and hardware information.
  • the manufacturer of the mobile device or the owner of the payment system
  • the feature value is preset according to the standard or the management side rule; in other embodiments of the present invention, the management side may also send the feature value empty. Both the preset feature value and the empty feature value provide convenience for providing the feature value in a standardized format.
  • the characteristic value and the identity authentication data may be sent to request the establishment of the mapping relationship between the two (step S602).
  • the information sent from the user side to the management side may only include the characteristic value and identity authentication data, and does not include the request to "establish a mapping relationship between the two"; the management side receives the characteristic value and identity authentication at the same time
  • the two data is data, it can be determined that the user side implicitly sends the request of "establishing the mapping relationship between the two”.
  • step S602 is not an indispensable pre-step to perform the above-described embodiment.
  • the feature value and identity authentication data can be established in advance through other means, so the information representing the graphical code can be directly requested. More generally, the mapping relationship between the characteristic value and the identity authentication data can be established before the request step, and the information representing the graphical code corresponds to the identity authentication data.
  • the client can be used to input identity authentication data and request to bind to the client (or its mobile terminal). At this point, the client can request the characteristic value and send it to the management side together with the identity authentication data.
  • the management side can obtain one or more bank account information (or bank card number, the same below) according to the recorded ID card information and return it to the client.
  • One or more bank accounts that need to be bound are selected for payment.
  • the selected identity authentication data can be sent to the management side, and the management side can establish the mapping relationship between the characteristic value and the identity authentication data accordingly. Once the mapping relationship is established, the management side can immediately retrieve the associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process, more specifically, it can be bank account information (or bank card number). ) For subsequent steps.
  • step S502 is performed before step S602, that is, the feature value can be generated according to the software and hardware information of the local trusted execution environment, and then the feature value and identity authentication data can be sent to request the establishment of the mapping between the two The relationship indicates that the information of the graphical code corresponds to the identity authentication data.
  • the number of requested graphical codes is multiple, and only one graphical code is generated each time.
  • the network conditions between the user side and the management side may not always meet the needs of real-time or quasi-real-time communication; on the other hand, in some small payment scenarios, the user side may not always need Real-time or quasi-real-time interaction with the management side; of course, the basic principles of the present invention can also be applied to other application scenarios that do not require real-time or quasi-real-time interaction but require high confidentiality.
  • multiple graphical codes may be requested in one request, for example, 20 graphical codes may be requested at a time.
  • different upper limits on the number of requests may be provided for different regions, different users, etc. according to the average use frequency of users in each region, the use frequency of a single user, and the credit level of a single user.
  • different upper limits on the number of requests may also be set for payment scenarios with different amounts. For example, you can set a higher number of requests for clients or services used for commuting, and for customers who use large-value payments or general-purpose payments (that is, they can be used for both small payments and large-value payments). Set a lower number of requests on the end.
  • each graphical code may have a serial number, and a graphical code may be further generated sequentially according to the serial number.
  • the order of using multiple graphical codes may not be set, and the management side only deletes the used graphical codes, which can reduce the amount of processing tasks on the user side and the management side, and achieve rapid The purpose of payment.
  • each graphical code is numbered. If there are 20 graphical codes, they can be numbered as 01, 02, ..., 19, 20 in sequence. The graphical code number is used to manage it, and it is convenient for the management side to specify the management strategy of the graphical code.
  • the management side first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. If it is used, the management side receives the graphical code and completes the acceptance. For another example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 01 is used for payment later, the management side first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. It is cracked or stolen, so the management side can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
  • the request is sent again, and the threshold is determined by the threshold module or system. generate.
  • the threshold is determined by the threshold module or system. generate.
  • it may be set to send a request again when the number of ungenerated graphical codes is lower than a predetermined value of 6, to request, for example, another 20 graphical codes. With this setting, there can always be 5-25 graphical codes in the graphical code pool.
  • the user can determine The remaining 5 graphical codes that have not been generated will trigger the condition to send the request again, and the user side will request such as another 20 graphical codes (the numbers are for example 21, 22, ..., 39). , 40).
  • each of the graphical codes has a validity period, and the request is sent again when the number of the graphical codes that are not generated within the validity period is lower than a predetermined value.
  • the predetermined value corresponds to the characteristic value.
  • each different user-side device may have a different predetermined value.
  • artificial intelligence analysis can be performed according to the frequency of use by users, and the predetermined values of different users can be dynamically adjusted.
  • the predetermined value for user A may be 3 and user B may be 5.
  • the re-request on the user side includes the characteristic value of the local trusted execution environment, and the management side can query whether there is expected bound bank account information (or bank card number) based on the characteristic value. If there is bound bank account information (or bank card number), it can return 20 other graphical codes about the bound bank account information (or bank card number).
  • the conditions for re-sending the request can be triggered again when the graphical code numbered 16 is used for payment.
  • the trigger condition of the present invention will continue to apply until the request reaches, for example, another 20 graphical codes.
  • the request may not be sent again until the graphical code is generated next time (that is, the above example is continued, and the request is sent again when the graphical code number 16 is not required to be paid), Instead, the request can be automatically sent again at a predetermined time interval until the request reaches, for example, another 20 graphical codes.
  • Fig. 15 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • the sending end directly requests the graphical code instead of requesting information representing the graphical code.
  • the method includes step S1502, in which the characteristic value of the local trusted execution environment is sent to the receiving end to request graphical code; step S1504, the graphical code from the receiving end is received and presented.
  • step S1502 in which the characteristic value of the local trusted execution environment is sent to the receiving end to request graphical code
  • step S1504 the graphical code from the receiving end is received and presented.
  • the step of receiving and presenting the graphical code from the receiving end includes encrypting the graphical code and storing it in a local trusted execution environment.
  • it further includes generating a characteristic value according to the software and hardware information of the local trusted execution environment.
  • the method further includes sending the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the graphical code corresponds to the identity authentication data.
  • the identity authentication data may be bank account information, for example.
  • the number of requested graphical codes is multiple, and only one graphical code is generated each time.
  • each graphical code has a serial number, and a graphical code is sequentially generated according to the serial number.
  • the request is sent again when the number of graphical codes that have not been generated is lower than a predetermined value.
  • the above mainly describes the basic principle of the user side (in some cases recorded as a specific client, mobile terminal, etc.) requesting and generating computer-readable graphical code.
  • the following will introduce the working principle of the management side (in some cases recorded as a specific payment system, payment system server, etc.).
  • Fig. 8 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • the method includes step S802 receiving the characteristic value of the local trusted execution environment sent by the sending end, the characteristic value is used to request the sending of graphical code information; step S804, verifying whether there is a characteristic value and identity authentication The mapping relationship of the data, the identity authentication data is used to verify whether it matches the characteristic value; in step S806, if it exists, the information representing the graphical code corresponding to the identity authentication data is generated and sent to the sending end.
  • mapping relationship if such a mapping relationship does not exist, it is automatically ignored, no information representing the graphical code is generated, and the next feature value (for example, a feature value sent by a sending end different from the previous one) can be received.
  • the characteristic value of the local trusted execution environment sent by the sender can be generated in various ways described in detail above, and the received characteristic value can be used to verify the identity. Specifically, it can be determined whether to generate the information representing the graphical code according to whether there is identity authentication data corresponding to the received feature value.
  • the corresponding relationship between the characteristic value and the identity authentication data can be formed by pre-establishing a mapping relationship table, and the content in the table can be increased or decreased according to actual usage.
  • mapping relationship table For example, if an identity authentication data is bound to a new terminal, an entry for the correspondence between the two needs to be added to the mapping relationship table.
  • generation of graphical code is not restricted by the establishment of the mapping table. This is because the process of generating graphical code has already established the mapping table by default, and the process of generating (code-sending) graphical code does not need to be considered. How to establish the mapping relationship table and the method of graphical code generation (code issuing) itself constitutes a relatively independent scope of protection.
  • the step of receiving the characteristic value of the local trusted execution environment sent by the sending end before the step of receiving the characteristic value of the local trusted execution environment sent by the sending end, it further includes: receiving the characteristic value of the local trusted execution environment sent by the sending end. And the identity authentication data, and the mapping relationship between the characteristic value and the identity authentication data is stored (step S902).
  • the mapping relationship between the feature value and the identity authentication data (for example, ID card information, bank account information, bank card number, etc.) in the above-described embodiment can be established in advance through other means, and thus can directly request the representation of the graphical code information. More generally, the mapping relationship between the feature value and the identity authentication data can be established (stored) before the receiving step.
  • the client can be used to input identity authentication data and request to be bound to the client (or its mobile terminal). At this time, the client can request the characteristic value and send it to the management side together with the identity authentication data.
  • the management side can obtain one or more bank account information (or bank card number, the same below) according to the recorded ID card information and return it to the client. One or more bank accounts that need to be bound are selected for payment.
  • the selected identity authentication data can be sent to the management side, and the management side can establish the mapping relationship between the characteristic value and the identity authentication data accordingly. Once the mapping relationship is established, the management side can immediately retrieve the associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process. More specifically, it can be bank account information (or bank card number). ) For subsequent steps.
  • the number of graphical codes is multiple, and the information includes the serial number of each graphical code.
  • multiple graphical codes may be sent in one transmission, for example, 20 graphical codes may be sent at a time.
  • different upper limits on the number of requests may be provided for different regions, different users, etc. according to the average use frequency of users in each region, the use frequency of a single user, and the credit level of a single user.
  • different upper limits on the number of requests may also be set for payment scenarios with different amounts. For example, you can set a higher number of requests for clients or services used for commuting, and for customers who are used for large payments or general payments (that is, they can be used for both small payments and large payments) Set a lower number of requests on the end.
  • each graphical code is numbered. If there are 20 graphical codes, they can be numbered as 01, 02, ..., 19, 20 in sequence. The graphical code number is used to manage it, and it is convenient for the management side to specify the management strategy of the graphical code.
  • the management side first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. If it is used, the management side receives the graphical code and completes the acceptance. For another example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 01 is used for payment later, the management side first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. It is cracked or stolen, so the management side can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
  • Fig. 16 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
  • the sending end directly requests the graphical code instead of requesting information representing the graphical code.
  • the method includes step S1602 receiving the characteristic value of the local trusted execution environment sent by the sender, the characteristic value being used to request the sending of graphical code; step S1604, verifying whether there is a characteristic value and identity authentication data The mapping relationship, the identity authentication data is used to verify whether it matches the characteristic value; in step S1606, if it exists, a graphical code corresponding to the identity authentication data is generated and sent to the sending end.
  • the method further includes: receiving the characteristic value and identity authentication data of the local trusted execution environment sent by the sending end, and storing the mapping relationship between the characteristic value and the identity authentication data.
  • the number of graphical codes is multiple, and the graphical code includes its serial number.
  • a computer-readable storage medium is provided, and instructions are stored in the computer-readable storage medium, wherein, when the instructions are executed by a processor, the processor is caused to execute any one of the foregoing.
  • the computer-readable medium referred to in the present invention includes various types of computer storage media, and may be any available medium that can be accessed by a general-purpose or special-purpose computer.
  • the computer-readable medium may include RAM, ROM, E2PROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or can be used to carry or store desired program codes in the form of instructions or data structures
  • the unit is also any other temporary or non-transitory medium that can be accessed by a general-purpose or special-purpose computer, or a general-purpose or special-purpose processor.
  • disks and discs include compact discs (CDs), laser discs, optical discs, digital versatile discs (DVD), floppy discs, and Blu-ray discs, where discs usually copy data magnetically, and Discs use lasers to optically copy data.
  • CDs compact discs
  • DVD digital versatile discs
  • Discs use lasers to optically copy data.
  • Fig. 10 shows a schematic diagram of an apparatus for generating computer-readable graphical codes according to an embodiment of the present invention.
  • the device 10 on the user side includes a request module 1012, a receiving module 1014, and a rendering module 1016.
  • the request module 1012 is configured to send a request message including the characteristic value of the local trusted execution environment of the device 10 to request information representing the graphical code;
  • the receiving module 1014 is configured to receive the information and store it;
  • the rendering module 1016 is configured to Generate graphical code based on the information.
  • the request module 1012 is configured to send a request message including the characteristic value of the local trusted execution environment of the device 10 to request information representing the graphical code, wherein the characteristic value of the trusted execution environment may be It is generated based on hardware information (for example, the serial number of the hardware) and/or software information (for example, the version number of the software) of the trusted execution environment of the device 10.
  • the characteristic value of the trusted execution environment may also be preset at the factory. In this case, the characteristic value may not be related to the hardware information or software information of the trusted execution environment of the device 10, but a set of values stored in the trusted execution environment.
  • the unique information can be used to distinguish different devices that request graphical codes (or called the user side, for example, smart phones, tablet computers, smart wearable devices, etc.).
  • the feature value of the trusted execution environment can also be sent over the air.
  • the feature value can be sent over the air to the device 10 (for example, smart phone, tablet computer, smart wearable device, etc.) requesting graphical code through the server on the management side.
  • the device 10 stores the characteristic value in the trusted execution environment.
  • the characteristic value recorded in the management side may be sent to it by the device 10 and stored later; or it may have been stored in it and preset (for example, in the case of air transmission).
  • the request information may also include bank account information.
  • the device requesting the graphical code may be associated with multiple bank account information. At this time, in order to distinguish which bank account is used to request the graphical code, the bank account information needs to be sent to the management side.
  • the receiving module 1014 is configured to receive and store information
  • the rendering module 1016 is configured to generate graphical codes according to the information.
  • the receiving module 1014 can store the information in a storage device such as the device 10 after receiving the information.
  • a storage device such as the device 10 after receiving the information.
  • it can also be stored in the local trusted execution environment of the device 10.
  • the receiving module 1014 first encrypts the information and then stores it in the local trusted execution environment of the device 10, in this way, double insurance to ensure information security can be set.
  • the information can be encrypted by the local trusted execution environment and stored in the local trusted execution environment. At this time, the stored information will be isolated from ordinary data, and the It can be read only when permitted by the execution environment. Since in the latter aspect, the information is encrypted and stored by the local trusted execution environment, the trusted execution environment is required to decrypt the information before allowing reading.
  • the receiving module 1014 can first encrypt the information, and then the encrypted information can be encrypted by the local trusted execution environment. At this time, the information will be double-encrypted, thereby further improving the security of the data. .
  • the trusted execution environment and the receiving module 1014 will decrypt the information in turn.
  • it can be set to allow only designated clients or services to access the information stored in the local trusted execution environment. This can be achieved by adding mobile device trusted execution environment security zone access control rules . For example, the rules for access control in the secure area of the trusted execution environment define that only application A and application B are allowed to access the information stored in the local trusted execution environment.
  • the rendering module 1016 can generate graphical codes according to the information. For example, the rendering module 1016 can graphically present information, such as generating barcodes, two-dimensional codes, etc., according to national standards, industry standards, enterprise standards, or mutually negotiated standards.
  • the device 10 further includes a generating module (not shown in FIG. 10), which is configured to generate feature values according to the software and hardware information of the local trusted execution environment of the device 10.
  • a generating module (not shown in FIG. 10), which is configured to generate feature values according to the software and hardware information of the local trusted execution environment of the device 10.
  • the feature value in the present invention does not have to be generated based on software and hardware information.
  • the feature value can be preset according to the standard or management side rules when leaving the factory; in other embodiments of the present invention In the middle, the management side can also send feature values empty. Both the preset feature value and the empty feature value provide convenience for providing the feature value in a standardized format. These two methods can make up for the duplication and insufficient number of feature values that may be caused when the feature value is generated based on the software and hardware information of the local trusted execution environment.
  • the characteristic value must be non-repeatable and once the characteristic value is set, the value needs to be written into the local trusted execution environment, such as through the generation module, in this way, the uniqueness and security of the characteristic value can be guaranteed (Cannot be tampered with).
  • the request module 1012 is further configured to send the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information representing the graphical code corresponds to the identity authentication data.
  • the identity authentication data may be bank account information, for example. It should be noted that the information sent by the request module 1012 may only include the characteristic value and the identity authentication data, and does not include the request to "establish a mapping relationship between the two"; the receiver receives the characteristic value and the identity authentication data at the same time. When there are two data, it can be determined that the device 10 has implicitly sent the request of "establishing the mapping relationship between the two".
  • mapping relationship between the feature value and the identity authentication data in advance through other means, and thus can directly request the representation of the graphical code information. More generally, the mapping relationship between the feature value and the identity authentication data can be established before the request module 1012 sends the request to establish the mapping relationship between the two, and the information representing the graphical code corresponds to the identity authentication data.
  • the device 10 can be used to input identity authentication data and request to bind to the device 10. At this time, the request module 1012 can request the characteristic value and send it to the recipient together with the identity authentication data.
  • the receiver can query according to the recorded ID card information to obtain one or more bank account information (or bank card number, the same below) and return it to the device 10.
  • bank account information or bank card number, the same below
  • the selected identity authentication data can be sent to the recipient, and the recipient can establish the mapping relationship between the characteristic value and the identity authentication data based on this, and the information indicating the graphical code corresponds to all the identity authentication data.
  • the identity authentication data Once the mapping relationship is established, the recipient can immediately retrieve its associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process, more specifically, it can be bank account information (or bank card number) ) For subsequent steps.
  • the number of graphical codes requested by the request module 1012 is multiple, and the rendering module 1016 generates only one graphical code at a time.
  • the network conditions may not always meet the needs of real-time or quasi-real-time communication; on the other hand, in some small payment scenarios, real-time or quasi-real-time interaction with the management side may not always be required; of course
  • the basic principle of the present invention can also be applied to other application scenarios that do not require real-time or quasi-real-time interaction but require high confidentiality.
  • multiple graphical codes may be requested in one request, for example, 20 graphical codes may be requested at a time.
  • different upper limits on the number of requests may also be set for payment scenarios with different amounts. For example, a higher number of requests can be set for the device 10 or service used for commuting, and the device used for large payment or general payment (that is, it can be used for both small payment and large payment). 10Set a lower number of requests.
  • each graphical code has a serial number
  • the rendering module 1016 is further configured to sequentially generate a graphical code according to the serial number.
  • the order of using multiple graphical codes may not be set, and the management side only deletes the used graphical codes, which can reduce the amount of processing tasks on the user side and the management side, and achieve rapid The purpose of payment.
  • each graphical code is numbered. If there are 20 graphical codes, the rendering module 1016 can sequentially number them as 01, 02, ..., 19, and 20. The graphical code number is used to manage it, and it is convenient for the management side to specify the management strategy of the graphical code.
  • the management side first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. If it is used, the management side receives the graphical code and completes the acceptance. For another example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 01 is used for payment later, the management side first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. It is cracked or stolen, so the management side can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
  • the device further includes a judging module (not shown in FIG. 10), which requests the module 1012 to send a request again when the judging module determines that the number of graphical codes that have not been generated is lower than a predetermined value.
  • a judging module (not shown in FIG. 10), which requests the module 1012 to send a request again when the judging module determines that the number of graphical codes that have not been generated is lower than a predetermined value.
  • the re-request of the device 10 includes the characteristic value of the local trusted execution environment, and the management side can query whether there is expected bound bank account information (or bank card number) based on the characteristic value, If there is bound bank account information (or bank card number), it can return 20 other graphical codes about the bound bank account information (or bank card number). If in some cases the above-mentioned re-request fails to be sent successfully or fails to be delivered to the management side, then the conditions for re-sending the request can be triggered again when the graphical code numbered 16 is used for payment.
  • the trigger condition of the present invention will continue to apply until the request reaches, for example, another 20 graphical codes.
  • the request may not be sent again until the graphical code is generated next time (that is, the above example is continued, and the request is sent again when the graphical code number 16 is not required to be paid), Instead, the request can be automatically sent again at a predetermined time interval until the request reaches, for example, another 20 graphical codes.
  • each of the graphical codes has a validity period, and the request is sent again when the judgment module determines that the number of the graphical codes that are not generated within the validity period is lower than a predetermined value.
  • the predetermined value corresponds to the characteristic value.
  • each different user-side device may have a different predetermined value.
  • artificial intelligence analysis can be performed according to the frequency of use by users, and the predetermined values of different users can be dynamically adjusted.
  • the predetermined value for user A may be 3 and user B may be 5.
  • the judgment module of the present invention is included in the local trusted execution environment, and may also be included and executed in the general environment of the user-side device.
  • Fig. 11 shows a schematic diagram of an apparatus for generating computer-readable graphical codes according to an embodiment of the present invention.
  • the device 31 on the management side includes a receiving module 3101, a verification module 3102, and a sending module 3103.
  • the receiving module 3101 is configured to receive the characteristic value of the local trusted execution environment sent by the sending end;
  • the verification module 3102 is configured to verify whether there is a mapping relationship between the characteristic value and the identity authentication data, and the identity authentication data is used for verification. Whether it matches the characteristic value;
  • the sending module 3103 is configured to generate and send the information representing the graphical code corresponding to the identity authentication data to the sending end if the mapping relationship exists.
  • the receiving module 3101 can receive the next characteristic value (for example, a characteristic value sent by a sending end different from the last sending).
  • the characteristic value of the local trusted execution environment sent by the sender can be generated in various ways described in detail above, and the received characteristic value can be used to verify the identity. Specifically, it can be determined whether to generate the information representing the graphical code according to whether there is identity authentication data corresponding to the received feature value.
  • the corresponding relationship between the characteristic value and the identity authentication data can be formed by pre-establishing a mapping relationship table, and the content in the table can be increased or decreased according to actual usage.
  • mapping relationship table For example, if an identity authentication data is bound to a new terminal, it is necessary to add an entry for the correspondence between the two in the mapping relationship table.
  • generation of graphical code is not restricted by the establishment of the mapping table. This is because the process of generating graphical code has already established the mapping table by default, and the process of generating (code-sending) graphical code does not need to be considered. How to establish the mapping relationship table and the method of graphical code generation (code issuing) itself constitutes a relatively independent scope of protection.
  • the device 31 further includes a storage module (not shown), wherein the receiving module 3101 is further configured to receive the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and the storage module stores The mapping relationship between the characteristic value and the identity authentication data.
  • the mapping relationship between the feature value and the identity authentication data (for example, ID card information, bank account information, bank card number, etc.) in the above-described embodiment can be established in advance through other means, and thus can directly request the representation of the graphical code information. More generally, the mapping relationship between the feature value and the identity authentication data can be established (stored) before the receiving step.
  • the client can be used to input identity authentication data and request to be bound to the client (or its mobile terminal).
  • the client can request the characteristic value and send it to the device 31 together with the identity authentication data.
  • the device 31 can obtain one or more bank account information (or bank card number, the same below) according to the recorded ID card information and return it to the client.
  • One or more bank accounts that need to be bound are selected for payment.
  • the selected identity authentication data can be sent to the device 31, and the device 31 can establish the mapping relationship between the characteristic value and the identity authentication data accordingly. Once the mapping relationship is established, the device 31 can immediately retrieve its associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process. More specifically, it can be bank account information (or bank card number). ) For subsequent steps.
  • the number of graphical codes is multiple, and the information sent by the sending module 3103 includes the serial number of each graphical code.
  • the sending module 3103 can send multiple graphical codes in one transmission.
  • the sending module 3103 can send 20 graphical codes at a time.
  • different upper limits on the number of requests may be provided for different regions, different users, etc. according to the average use frequency of users in each region, the use frequency of a single user, and the credit level of a single user.
  • different upper limits on the number of requests may also be set for payment scenarios with different amounts.
  • the order of using multiple graphical codes may not be set, and the device 31 only deletes the used graphical codes, which can reduce the amount of processing tasks on the user side and the device 31 and achieve rapid The purpose of payment. More generally, in one embodiment of the present invention, the device 31 numbers each graphical code. If there are 20 graphical codes, the device 31 can sequentially number them as 01, 02, ..., 19, 20. The graphical code number is useful for managing it, so that the device 31 can specify the management strategy of the graphical code.
  • the device 31 first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. In use, the device 31 receives the graphical code and completes the acceptance. For another example, if the graphical code number 03 is used for payment first, and the graphical code number 01 is used for payment later, the device 31 first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. If it is cracked or stolen, the device 31 can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
  • a mobile device includes any device (request sender) for generating computer-readable graphical codes as described above.
  • a service platform includes any device (request receiving end) for generating computer-readable graphical codes as described above.
  • a computer-executable method is provided, which can be executed by the mobile terminal 11 shown in FIG. 12.
  • the method includes the following steps: the processor 1114 of the mobile terminal 11 determines to send a request message including the characteristic value of the local trusted execution environment 1112 of the mobile terminal 11 to request information representing the graphical code; 1114 receives the information and stores it; and the processor 1114 of the mobile terminal 11 generates graphical codes according to the information.
  • some operations performed by the processor 1114 may be performed by the processor 1114 determining some specific execution components. Other aspects of this example can be further carried out with reference to the description of the above example.
  • the request information may also include bank account information.
  • the device requesting the graphical code may be associated with multiple account information. At this time, in order to distinguish which bank account is used to request the graphical code, the account information needs to be sent to the management side.
  • the processor 1114 of the mobile terminal 11 receives the information and stores it.
  • the local trusted execution environment 1112 of the mobile terminal 11 encrypts the information and stores it in the local trusted execution environment 1112.
  • Other aspects of this example can be further carried out with reference to the description of the above example.
  • the method before the requesting step, further includes: generating the characteristic value by the processor 1114 of the mobile terminal 11 according to the software and hardware information of the local trusted execution environment 1112.
  • the method further includes: generating the characteristic value by the processor 1114 of the mobile terminal 11 according to the software and hardware information of the local trusted execution environment 1112.
  • the processor 1114 of the mobile terminal 11 determines to send the characteristic value and the identity authentication data to request the establishment of the mapping relationship between the two, and the information indicating that the graphical code corresponds to The identity authentication data.
  • the processor 1114 of the mobile terminal 11 determines to send the characteristic value and the identity authentication data to request the establishment of the mapping relationship between the two, and the information indicating that the graphical code corresponds to The identity authentication data.
  • the number of requested graphical codes is multiple, and the processor 1114 of the mobile terminal 11 generates only one graphical code at a time.
  • Other aspects of this example can be further carried out with reference to the description of the above example.
  • each graphical code has a number
  • the processor 1114 of the mobile terminal 11 generates a graphical code in sequence according to the number.
  • the processor 1114 of the mobile terminal 11 determines to send the request again when the number of graphical codes that have not been generated is lower than a predetermined value.
  • Other aspects of this example can be further carried out with reference to the description of the above example.
  • a computer-executable method is provided.
  • the method can be executed by the server 30 as shown in FIG.
  • the working memory 3016 determines the characteristic value of the local trusted execution environment sent by the sender (not shown); the processor 3014 of the server 30 checks whether there is a mapping relationship between the characteristic value and the identity authentication data, and the identity authentication data is used It is verified whether it matches the characteristic value; and the processor 3014 of the server 30 determines that if it exists, it generates the information representing the graphical code corresponding to the identity authentication data and sends it to the sending end.
  • Other aspects of this example can be further carried out with reference to the description of the above example.
  • the method before the receiving step, further includes: determining, by the processor 3014 of the server 30, the characteristic value and identity authentication data of the local trusted execution environment sent by the receiving end, and storing the characteristic value and identity authentication data The mapping relationship.
  • the number of graphical codes is multiple, and the information includes the serial number of each graphical code.
  • Other aspects of this example can be further carried out with reference to the description of the above example.
  • a mobile device 11 which includes a display 1110, a local trusted execution environment 1112, a memory 1116, and a processor 1114.
  • the display 1110 is used to display the output screen, for example, used to display the graphical code in the present application (such as the two-dimensional code shown in the figure).
  • the display 1110 also integrates a touch input function.
  • the mobile device 11 also includes a local trusted execution environment 1112 separated from the general environment 1118, where the general environment 1118 and the trusted execution environment 1112 are separated by secure hardware.
  • the general environment 1118 includes a hardware layer 1102 composed of a main processor 1114 and a memory 1116 (which can be configured to store instructions), and an operating system layer 1103 is above the hardware layer 1102.
  • the local trusted execution environment 1112 includes a secure area on the main processor 1114, which can ensure the security, confidentiality, and integrity of the code and data loaded into the environment.
  • the local trusted execution environment 1112 provides an isolated execution environment, and the security features provided include: isolated execution, integrity of trusted applications, confidentiality of trusted data, and secure storage.
  • the local trusted execution environment 1112 also includes an independent hardware layer 1104 and an operating system layer 1105.
  • the main processor 1114 is configured to execute instructions for: first, the processor 1114 of the mobile terminal 11 determines to send a request message including the characteristic value of the local trusted execution environment 1112 of the mobile terminal 11 to request a graphical code representation information.
  • the information representing the graphical code may be information transmitted in an actual physical link, for example, it may be a data packet.
  • the mobile terminal 11 can graphically present the information according to the information, national standards, industry standards, enterprise standards, or mutually negotiated standards.
  • the request information may also include account information.
  • the device requesting the graphical code may be associated with multiple account information. At this time, in order to distinguish which bank account is used to request the graphical code, the account information needs to be sent to the management side.
  • the processor 1114 of the mobile terminal 11 receives and stores the information representing the graphical code, for example, stored in the memory 1116, and in other examples of the application, it can also be stored in the local trusted execution environment 1112 to ensure data security sex.
  • the processor 1114 of the mobile terminal 11 generates graphical codes according to the information. At this time, the generated graphical code can be directly driven to the display 1110.
  • the processor 1114 of the mobile terminal 11 displays the graphical code on the display 1110.
  • the processor 1114 may be further configured to determine that the local trusted execution environment 1112 encrypts the information and stores it in the local trusted execution environment 1112, and the information stored at this time It will be isolated from ordinary data and can be read only when permitted by the trusted execution environment. Since the information is encrypted and stored by the local trusted execution environment 1112, the trusted execution environment is required to decrypt the information before allowing reading. According to another aspect of the present invention, the information can also be encrypted by the general environment 1118 (for example, the application client built in) first, and then the encrypted information can be encrypted by the local trusted execution environment 1112. At this time, the information Double encryption will further improve the security of the data.
  • the general environment 1118 for example, the application client built in
  • the trusted execution environment 1112 and the general environment 1118 will decrypt the information in turn.
  • it can be set to allow only designated clients or services in the general environment 1118 to access the information stored in the local trusted execution environment 1112. This can be achieved by increasing the mobile device 11 trusted execution environment security Regional access control rules are implemented.
  • the processor 1114 is further configured to generate characteristic values according to hardware information (for example, the serial number of the hardware) and/or software information (for example, the version number of the software) of the local trusted execution environment 1112.
  • hardware information for example, the serial number of the hardware
  • software information for example, the version number of the software
  • the feature value in the present invention does not necessarily have to be generated based on software and hardware information.
  • the manufacturer of the mobile device 11 or the owner of the payment system
  • the feature value is preset by the side rule; in other embodiments of the present invention, the management side can also send the feature value empty. Both the preset feature value and the empty feature value provide convenience for providing the feature value in a standardized format.
  • the processor 1114 is further configured to determine to send the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information representing the graphical code corresponds to the identity authentication data. It should be noted that the processor 1114 determined that the information sent may only include the characteristic value and the identity authentication data, and does not include the request to "establish a mapping relationship between the two"; the management side received the characteristic value and the identity authentication data at the same time When these two data are used, it can be determined that the user side implicitly sends the request of "establishing the mapping relationship between the two".
  • the mapping relationship between the characteristic value and the identity authentication data can be established in advance through other means, so that the information representing the graphical code can be directly requested. More generally, the mapping relationship between the feature value and the identity authentication data can be established before the request step.
  • the client can be used to input identity authentication data and request to be bound to the client (or the mobile terminal 11 to which it belongs). At this time, the client can request the characteristic value and send it to the management side together with the identity authentication data. It should be pointed out that if the information sent is ordinary ID card information, the management side can obtain one or more bank account information (or bank card number, the same below) according to the recorded ID card information and return it to the mobile terminal 11.
  • One or more bank accounts that need to be bound can be selected for payment.
  • the selected identity authentication data can be sent to the management side, and the management side can establish the mapping relationship between the characteristic value and the identity authentication data accordingly. Once the mapping relationship is established, the management side can immediately retrieve the associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process. More specifically, it can be bank account information (or bank card number). ) For subsequent steps.
  • the number of requested graphical codes is multiple, and the processor 1114 of the mobile terminal 11 generates only one graphical code at a time.
  • the network conditions may not always meet the needs of real-time or quasi-real-time communication; on the other hand, in some small payment scenarios, real-time or quasi-real-time interaction with the management side may not always be required; of course
  • the basic principle of the present invention can also be applied to other application scenarios that do not require real-time or quasi-real-time interaction but require high confidentiality.
  • multiple graphical codes may be requested in one request, for example, 20 graphical codes may be requested at a time.
  • different upper limits on the number of requests may also be set for payment scenarios with different amounts. For example, a higher number of requests can be set for the device 10 or service used for commuting, and the device used for large payment or general payment (that is, it can be used for both small payment and large payment). 10Set a lower number of requests.
  • each graphical code has a number, and the processor 1114 of the mobile terminal 11 generates a graphical code in sequence according to the number.
  • the order of using multiple graphical codes may not be set, and the management side only deletes the used graphical codes, which can reduce the amount of processing tasks on the user side and the management side, and achieve rapid The purpose of payment.
  • each graphical code is numbered. If there are 20 graphical codes, the processor 1114 of the mobile terminal 11 can sequentially number them as 01, 02,... 19, 20. The graphical code number is used to manage it, and it is convenient for the management side to specify the management strategy of the graphical code.
  • the management side first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. If it is used, the management side receives the graphical code and completes the acceptance. For another example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 01 is used for payment later, the management side first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. It is cracked or stolen, so the management side can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
  • the processor 1114 is further configured to determine to send the request again when the number of graphical codes that have not been generated is lower than a predetermined value. In this way, it can be ensured that there is always a certain amount of graphical code in the graphical code pool, so as to facilitate quick code output, such as when the network is not smooth, without affecting the user's perception. For example, it may be set to determine the sending request again when the number of graphical codes not generated by the processor 1114 is lower than the predetermined value 6, so as to request, for example, another 20 graphical codes. With this setting, there can always be 5-25 graphical codes in the graphical code pool.
  • the mobile terminal 11 can Determine the remaining 5 graphical codes that have not been generated. At this time, the condition for sending the request again will be triggered, and the mobile terminal 11 will request, for example, another 20 graphical codes (the numbers are 21, 22, ... , 39, 40).
  • the re-request of the mobile terminal 11 includes the characteristic value of the local trusted execution environment, and the management side can query whether there is expected bound bank account information (or bank card number) based on the characteristic value.
  • the request may not be sent again until the graphical code is generated next time (that is, the above example is continued, and the request is sent again when the graphical code number 16 is not required to be paid), Instead, the request can be automatically sent again at a predetermined time interval until the request reaches, for example, another 20 graphical codes.
  • a server 30 which includes a memory 3016 configured to store instructions and a processor 3014, wherein the processor 3014 is configured to execute instructions for performing the following operations:
  • the processor 3014 of 30 determines to receive the characteristic value of the local trusted execution environment sent by the sender;
  • the processor 3014 of the server 30 verifies whether there is a mapping relationship between the characteristic value and the identity authentication data, and the identity authentication data is used to verify whether the Feature value matching;
  • the processor 3014 of the server 30 determines that if it exists, it generates information representing the graphical code corresponding to the identity authentication data and sends it to the sender.
  • Other aspects of this example can be further carried out with reference to the description of the above example.
  • the processor 3014 is further configured to determine the characteristic value and identity authentication data of the local trusted execution environment sent by the receiving sender, and store the mapping relationship between the characteristic value and the identity authentication data.
  • Other aspects of this example can be further carried out with reference to the description of the above example.
  • the number of graphical codes is multiple, and the information includes the serial number of each graphical code.
  • Other aspects of this example can be further referenced to the description of the above example.
  • Fig. 14 shows a schematic diagram of a method for generating a computer-readable graphical code according to an embodiment of the present invention, which includes an opening process, a two-dimensional code acquisition process, and a two-dimensional code payment process.
  • the dotted line represents the “opening process”
  • the solid line represents the “two-dimensional code acquisition process”
  • the dotted line represents the “two-dimensional code payment process”.
  • the mobile client backend system to open the mobile phone QR code payment service, set the TEE characteristic value of the mobile device and save it in the TEE environment, the characteristic value is unique and cannot be tampered with;
  • the client background system binds the TEE feature value with the bank card that has just applied for QR code payment, establishes a mapping relationship table and saves it in the management system for the binding mapping relationship between the TEE feature value of the mobile phone and the bank card.
  • establish a payment QR code pool In the TEE environment, establish a payment QR code pool.
  • the mobile client when the number of available QR codes in the payment QR code pool is less than a certain threshold, the mobile client initiates a batch acquisition request of the payment QR code to the payment system.
  • the payment system checks the TEE feature value of the initiated mobile device and compares the mapping relationship with the bank card corresponding to the requested payment QR code. If the binding relationship is correct, it returns a certain number of payments made with the bank card to the mobile client. Dimension code, validity period and serial number of use.
  • the mobile phone client encrypts and saves the batch of payment QR codes in the secure area of the mobile phone TEE, and marks the validity period and number.
  • the client can decrypt the QR code stored in the payment QR code pool through the TEE secure area, and use the QR code according to the order of use.
  • the mobile client will display the QR code on the screen page for merchants to scan to obtain and complete the transaction.
  • the payment system proofreads the serial number and accepts QR code transactions in order. The process does not need to be connected to the Internet and can be completed in an offline environment.
  • the “threshold management system” in this embodiment can be combined with the mobile phone client, so that the mobile phone client has its own ability to manage the number of available QR codes.
  • an application TA can be added in the TEE security domain of the mobile phone device to implement a "threshold management system" and realize the ability to manage the available number of QR codes.
  • the "mobile phone device TEE feature value and bank card binding mapping relationship management system” in this embodiment can be combined with the payment system, and the payment system has the mapping relationship comparison capability.
  • the "mobile phone device TEE feature value and bank card binding mapping relationship management system" in this embodiment can be combined with the mobile phone client back-end system, and the mobile phone client back-end system has the mapping relationship comparison ability.
  • the mobile phone client encryption can be replaced with encryption in the TEE security domain of the mobile phone device after the QR code is obtained; or the encryption can be performed in the TEE security domain of the mobile phone device after the mobile phone client is encrypted.
  • the sequence number can be changed from the payment system to that provided by the mobile client or backend, and control, check, and use in sequence.
  • the sequential numbering mechanism can be eliminated, and the QR code can be used randomly or out of order.
  • the TEE feature value can be set from the mobile client to be uniformly allocated by the payment system, and the mobile TEE environment or background system can be safely stored.
  • this application provides a mechanism for generating computer-readable graphical codes using the characteristic values of the local trusted execution environment.
  • One aspect of the mechanism can ensure the reliability of the mechanism for generating graphical codes, and the other aspects can ensure the generation of graphics.
  • the convenience of the mechanism of standardized code thereby effectively improving the user's perception of use.
  • Some aspects of the application can reduce the strength requirements for algorithms such as two-dimensional codes, thereby reducing the difficulty of confidentiality. Thereby reducing implementation costs and improving implementation efficiency.
  • Some aspects of this application do not use local and background algorithm calculation and comparison methods, so systemic risks caused by algorithms can be avoided.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)
  • Storage Device Security (AREA)

Abstract

A computer-readable graphical code generation method and apparatus, and a computer readable storage medium. The method comprises the following steps: sending a request message to a receiving end to request information representing a graphical code, the request information comprising a feature value of a local trusted execution environment; receiving the information from the receiving end and storing same; and generating the graphical code according to the information.

Description

一种图形化代码生成方法、装置以及计算机可读存储介质Graphical code generation method, device and computer readable storage medium 技术领域Technical field
本发明涉及一种计算机可读的图形化代码生成方法、装置以及计算机可读存储介质,具体而言,涉及一种利用本地可信执行环境的特征值来产生计算机可读的图形化代码的机制。The present invention relates to a computer-readable graphical code generation method, device and computer-readable storage medium, in particular, to a mechanism for generating computer-readable graphical code using characteristic values of a local trusted execution environment .
背景技术Background technique
随着通信网络等基础设施的完善以及智能手机的普及,扫码支付已经为绝大多数中国消费者所接受,与此同时,海外市场的消费者也非常欢迎这种支付方式,扫码支付在海外市场的占有率也在不断提升。与传统的信用卡支付方式相比,扫码支付无需另外携带卡片,且能够通过客户端实时看到账户信息,因而其用户体验更好。但是,扫码支付较为依赖网络质量和/或算法强度,因此,一方面,其使用体验可能因网络质量的变化而显著恶化;另一方面,也可能因算法强度不足而显著影响安全性。With the improvement of communication network and other infrastructure and the popularization of smart phones, QR code payment has been accepted by the vast majority of Chinese consumers. At the same time, consumers in overseas markets also welcome this payment method. The share of overseas markets is also increasing. Compared with the traditional credit card payment method, the scan code payment does not need to carry a card separately, and the account information can be seen in real time through the client, so its user experience is better. However, scan code payment is more dependent on network quality and/or algorithm strength. Therefore, on the one hand, its user experience may be significantly deteriorated due to changes in network quality; on the other hand, security may be significantly affected due to insufficient algorithm strength.
发明内容Summary of the invention
有鉴于此,本发明提供了利用本地可信执行环境的特征值来获得计算机可读的图形化代码的机制。具体而言,根据本发明的一方面,提供一种计算机可读的图形化代码生成方法,所述方法包括如下步骤:向接收端发送请求消息以请求表示所述图形化代码的信息,所述请求消息包括本地可信执行环境的特征值;接收来自所述接收端的所述信息并存储;以及根据所述信息生成所述图形化代码。In view of this, the present invention provides a mechanism for obtaining computer-readable graphical codes by using the characteristic values of the local trusted execution environment. Specifically, according to one aspect of the present invention, a computer-readable graphical code generation method is provided, the method includes the following steps: sending a request message to a receiving end to request information representing the graphical code, and The request message includes the characteristic value of the local trusted execution environment; receiving the information from the receiving end and storing it; and generating the graphical code according to the information.
在本发明的一个实施例中,可选地,所述请求消息还包括账户信息。In an embodiment of the present invention, optionally, the request message further includes account information.
在本发明的一个实施例中,可选地,所述接收来自所述接收 端的所述信息并存储的步骤具体为:对来自所述接收端的所述信息加密并存储在所述本地可信执行环境中。In an embodiment of the present invention, optionally, the step of receiving and storing the information from the receiving end is specifically: encrypting the information from the receiving end and storing it in the local trusted execution Environment.
在本发明的一个实施例中,可选地,在所述请求步骤前还包括:根据本地可信执行环境的软硬件信息生成所述特征值。In an embodiment of the present invention, optionally, before the requesting step, the method further includes: generating the characteristic value according to the software and hardware information of the local trusted execution environment.
在本发明的一个实施例中,可选地,在所述请求步骤前还包括:发送所述特征值和身份认证数据以请求建立二者的映射关系,所述信息对应于所述身份认证数据。In an embodiment of the present invention, optionally, before the requesting step, the method further includes: sending the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information corresponds to the identity authentication data .
在本发明的一个实施例中,可选地,所述身份认证数据为账户信息。In an embodiment of the present invention, optionally, the identity authentication data is account information.
在本发明的一个实施例中,可选地,所请求的所述图形化代码的数量为多个。In an embodiment of the present invention, optionally, the number of requested graphical codes is multiple.
在本发明的一个实施例中,可选地,每个所述图形化代码具有编号。In an embodiment of the present invention, optionally, each of the graphical codes has a serial number.
在本发明的一个实施例中,可选地,当未被生成的所述图形化代码的数量低于预定值时再次发送所述请求。In an embodiment of the present invention, optionally, the request is sent again when the number of the graphical codes that have not been generated is lower than a predetermined value.
在本发明的一个实施例中,可选地,所述预定值与所述特征值相对应。In an embodiment of the present invention, optionally, the predetermined value corresponds to the characteristic value.
在本发明的一个实施例中,可选地,每个所述图形化代码具有有效期,当处于有效期内的未被生成的所述图形化代码的数量低于预定值时再次发送所述请求。In an embodiment of the present invention, optionally, each of the graphical codes has a validity period, and the request is sent again when the number of the graphical codes that are not generated within the validity period is lower than a predetermined value.
在本发明的一个实施例中,可选地,所述预定值与所述特征值相对应。In an embodiment of the present invention, optionally, the predetermined value corresponds to the characteristic value.
在本发明的一个实施例中,可选地,根据包括所述特征值的所述请求消息的发送频次动态地设定所述预定值。In an embodiment of the present invention, optionally, the predetermined value is dynamically set according to the transmission frequency of the request message including the characteristic value.
根据本发明的另一方面,提供一种计算机可读的图形化代码生成方法,其特征在于,所述方法包括如下步骤:接收发送端发送的本地可信执行环境的特征值;校验是否存在所述特征值与身份认证数据的映射关系;以及若存在的话则生成对应于所述身份 认证数据的表示所述图形化代码的信息并发送至所述发送端。According to another aspect of the present invention, there is provided a computer-readable graphical code generation method, characterized in that the method includes the following steps: receiving the characteristic value of the local trusted execution environment sent by the sending end; checking whether there is The mapping relationship between the characteristic value and the identity authentication data; and if it exists, the information representing the graphical code corresponding to the identity authentication data is generated and sent to the sending end.
在本发明的一个实施例中,可选地,在所述接收步骤前还包括:接收所述发送端发送的本地可信执行环境的特征值以及身份认证数据,并存储所述特征值与所述身份认证数据的映射关系。In an embodiment of the present invention, optionally, before the receiving step, the method further includes: receiving the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and storing the characteristic value and the identity authentication data. The mapping relationship of the identity authentication data is described.
在本发明的一个实施例中,可选地,所述身份认证数据为账户信息。In an embodiment of the present invention, optionally, the identity authentication data is account information.
在本发明的一个实施例中,可选地,所述图形化代码的数量为多个,并且所述信息中包括每个所述图形化代码的编号。In an embodiment of the present invention, optionally, the number of graphical codes is multiple, and the information includes the serial number of each graphical code.
根据本发明的另一方面,提供一种计算机可读的图形化代码生成方法,所述方法包括如下步骤:向接收端发送本地可信执行环境的特征值以请求图形化代码;以及接收来自所述接收端的所述图形化代码并呈现。According to another aspect of the present invention, a computer-readable graphical code generation method is provided. The method includes the steps of: sending a characteristic value of a local trusted execution environment to a receiving end to request a graphical code; And present the graphical code of the receiving end.
在本发明的一个实施例中,可选地,所述接收来自所述接收端的所述图形化代码并呈现的步骤包括:对所述图形化代码加密并存储在所述本地可信执行环境中。In an embodiment of the present invention, optionally, the step of receiving and presenting the graphical code from the receiving end includes encrypting and storing the graphical code in the local trusted execution environment .
在本发明的一个实施例中,可选地,在所述请求步骤前还包括:根据本地可信执行环境的软硬件信息生成所述特征值。In an embodiment of the present invention, optionally, before the requesting step, the method further includes: generating the characteristic value according to the software and hardware information of the local trusted execution environment.
在本发明的一个实施例中,可选地,在所述请求步骤前还包括:发送所述特征值和身份认证数据以请求建立二者的映射关系,所述图形化代码对应于所述身份认证数据。In an embodiment of the present invention, optionally, before the requesting step, the method further includes: sending the characteristic value and identity authentication data to request the establishment of a mapping relationship between the two, and the graphical code corresponds to the identity Authentication data.
在本发明的一个实施例中,可选地,所请求的所述图形化代码的数量为多个,并且每次仅生成一个所述图形化代码。In an embodiment of the present invention, optionally, the requested number of graphical codes is multiple, and only one graphical code is generated each time.
在本发明的一个实施例中,可选地,每个所述图形化代码具有编号,并且根据所述编号依次生成一个所述图形化代码。In an embodiment of the present invention, optionally, each of the graphical codes has a serial number, and one of the graphical codes is sequentially generated according to the serial number.
在本发明的一个实施例中,可选地,当未被生成的所述图形化代码的数量低于预定值时再次发送所述请求。In an embodiment of the present invention, optionally, the request is sent again when the number of the graphical codes that have not been generated is lower than a predetermined value.
根据本发明的另一方面,提供一种计算机可读的图形化代码生成方法,所述方法包括如下步骤:接收发送端发送的本地可信 执行环境的特征值;校验是否存在所述特征值与身份认证数据的映射关系;以及若存在的话则生成对应于所述身份认证数据的所述图形化代码并发送至所述发送端。According to another aspect of the present invention, a computer-readable graphical code generation method is provided. The method includes the following steps: receiving a characteristic value of a local trusted execution environment sent by a sending end; and verifying whether the characteristic value exists A mapping relationship with the identity authentication data; and if it exists, the graphical code corresponding to the identity authentication data is generated and sent to the sending end.
在本发明的一个实施例中,可选地,在所述接收步骤前还包括:接收所述发送端发送的本地可信执行环境的特征值以及身份认证数据,并存储所述特征值与所述身份认证数据的映射关系。In an embodiment of the present invention, optionally, before the receiving step, the method further includes: receiving the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and storing the characteristic value and the identity authentication data. The mapping relationship of the identity authentication data is described.
在本发明的一个实施例中,可选地,所述图形化代码的数量为多个,并且所述图形化代码中包括其编号。In an embodiment of the present invention, optionally, the number of the graphical code is multiple, and the graphical code includes its serial number.
根据本发明的另一方面,提供一种计算机可读存储介质,所述计算机可读存储介质中存储有指令,其特征在于,当所述指令由处理器执行时,使得所述处理器执行如上文所述的任意一种方法。According to another aspect of the present invention, there is provided a computer-readable storage medium having instructions stored in the computer-readable storage medium, wherein, when the instructions are executed by a processor, the processor is caused to execute the above Any of the methods described in the article.
根据本发明的另一方面,提供一种生成计算机可读的图形化代码的装置,所述装置包括:请求模块,其配置成发送请求消息以请求表示所述图形化代码的信息,所述请求消息包括所述装置的本地可信执行环境的特征值;接收模块,其配置成接收所述信息并存储;以及渲染模块,其配置成根据所述信息生成所述图形化代码。According to another aspect of the present invention, there is provided an apparatus for generating computer-readable graphical code, the apparatus comprising: a request module configured to send a request message to request information representing the graphical code, the request The message includes the characteristic value of the local trusted execution environment of the device; a receiving module configured to receive and store the information; and a rendering module configured to generate the graphical code according to the information.
在本发明的一个实施例中,可选地,所述请求消息还包括账户信息。In an embodiment of the present invention, optionally, the request message further includes account information.
在本发明的一个实施例中,可选地,所述接收模块对所述信息加密并存储在所述装置的所述本地可信执行环境中。In an embodiment of the present invention, optionally, the receiving module encrypts the information and stores it in the local trusted execution environment of the device.
在本发明的一个实施例中,可选地,所述装置还包括生成模块,其配置成根据所述装置的本地可信执行环境的软硬件信息生成所述特征值。In an embodiment of the present invention, optionally, the device further includes a generating module configured to generate the characteristic value according to software and hardware information of the local trusted execution environment of the device.
在本发明的一个实施例中,可选地,所述请求模块还配置成发送所述特征值和身份认证数据以请求建立二者的映射关系,所述信息对应于所述身份认证数据。In an embodiment of the present invention, optionally, the request module is further configured to send the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information corresponds to the identity authentication data.
在本发明的一个实施例中,可选地,所述身份认证数据为账户信息。In an embodiment of the present invention, optionally, the identity authentication data is account information.
在本发明的一个实施例中,可选地,根据包括所述特征值的所述请求消息的发送频次动态地设定所述预定值。In an embodiment of the present invention, optionally, the predetermined value is dynamically set according to the transmission frequency of the request message including the characteristic value.
在本发明的一个实施例中,可选地,所述请求模块所请求的所述图形化代码的数量为多个。In an embodiment of the present invention, optionally, the number of the graphical codes requested by the request module is multiple.
在本发明的一个实施例中,可选地,每个所述图形化代码具有编号。In an embodiment of the present invention, optionally, each of the graphical codes has a serial number.
在本发明的一个实施例中,可选地,所述装置还包括判断模块,当所述判断模块判定未被生成的所述图形化代码的数量低于预定值时所述请求模块再次发送所述请求。In an embodiment of the present invention, optionally, the device further includes a judging module, and when the judging module determines that the number of the graphical codes that have not been generated is lower than a predetermined value, the requesting module sends the Mentioned request.
在本发明的一个实施例中,可选地,所述预定值与所述特征值相对应。In an embodiment of the present invention, optionally, the predetermined value corresponds to the characteristic value.
在本发明的一个实施例中,可选地,所述判断模块包括在所述本地可信执行环境中。In an embodiment of the present invention, optionally, the judgment module is included in the local trusted execution environment.
在本发明的一个实施例中,可选地,所述装置还包括判断模块,每个所述图形化代码具有有效期,当所述判断模块判定处于有效期内的未被生成的所述图形化代码的数量低于预定值时再次发送所述请求。In an embodiment of the present invention, optionally, the device further includes a judgment module, each of the graphical codes has a validity period, and when the judgment module determines that the graphical codes that are not generated within the validity period Send the request again when the number of is lower than the predetermined value.
在本发明的一个实施例中,可选地,所述预定值与所述特征值相对应。在本发明的一个实施例中,可选地,所述判断模块包括在所述本地可信执行环境中。In an embodiment of the present invention, optionally, the predetermined value corresponds to the characteristic value. In an embodiment of the present invention, optionally, the judgment module is included in the local trusted execution environment.
根据本发明的另一方面,提供一种生成计算机可读的图形化代码的装置,其特征在于,所述装置包括:接收模块,其配置成接收发送端发送的本地可信执行环境的特征值;校验模块,其配置成校验是否存在所述特征值与身份认证数据的映射关系;以及发送模块,其配置成若存在所述映射关系的话则生成对应于所述身份认证数据的表示所述图形化代码的信息并发送至所述发送端。According to another aspect of the present invention, there is provided an apparatus for generating computer-readable graphical code, wherein the apparatus includes: a receiving module configured to receive a characteristic value of a local trusted execution environment sent by a sending end A verification module, which is configured to verify whether there is a mapping relationship between the characteristic value and the identity authentication data; and a sending module, which is configured to generate a representation corresponding to the identity authentication data if the mapping relationship exists The graphical code information is sent to the sending end.
在本发明的一个实施例中,可选地,所述装置还包括存储模块,其中所述接收模块还配置成接收所述发送端发送的本地可信执行环境的特征值以及身份认证数据,并且所述存储模块存储所述特征值与所述身份认证数据的映射关系。In an embodiment of the present invention, optionally, the device further includes a storage module, wherein the receiving module is further configured to receive the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and The storage module stores the mapping relationship between the characteristic value and the identity authentication data.
在本发明的一个实施例中,可选地,所述身份认证数据为账户信息。In an embodiment of the present invention, optionally, the identity authentication data is account information.
在本发明的一个实施例中,可选地,所述图形化代码的数量为多个,并且所述发送模块所发送的所述信息中包括每个所述图形化代码的编号。In an embodiment of the present invention, optionally, there are multiple graphical codes, and the information sent by the sending module includes the serial number of each graphical code.
根据本发明的另一方面,提供一种计算机可执行方法,所述方法包括如下步骤:由移动终端的处理器确定发送所述移动终端的本地可信执行环境的特征值以请求表示所述图形化代码的信息;由所述移动终端的所述处理器接收所述信息并存储;以及由所述移动终端的所述处理器根据所述信息生成所述图形化代码。According to another aspect of the present invention, a computer-executable method is provided. The method includes the following steps: the processor of the mobile terminal determines to send the characteristic value of the local trusted execution environment of the mobile terminal to request the representation of the graphic The processor of the mobile terminal receives and stores the information; and the processor of the mobile terminal generates the graphical code according to the information.
在本发明的一个实施例中,可选地,由所述移动终端的所述处理器接收所述信息并存储的步骤具体为:由所述本地可信执行环境对所述信息加密并存储在所述本地可信执行环境中。In an embodiment of the present invention, optionally, the step of receiving and storing the information by the processor of the mobile terminal specifically includes: encrypting the information by the local trusted execution environment and storing it in In the local trusted execution environment.
在本发明的一个实施例中,可选地,在所述请求步骤前还包括:由所述移动终端的所述处理器根据本地可信执行环境的软硬件信息生成所述特征值。In an embodiment of the present invention, optionally, before the requesting step, the method further includes: generating the characteristic value by the processor of the mobile terminal according to the software and hardware information of the local trusted execution environment.
在本发明的一个实施例中,可选地,在所述请求步骤前还包括:由所述移动终端的所述处理器确定发送所述特征值和身份认证数据,以请求建立二者的映射关系,所述信息对应于所述身份认证数据。In an embodiment of the present invention, optionally, before the requesting step, the method further includes: determining, by the processor of the mobile terminal, to send the characteristic value and identity authentication data to request the establishment of a mapping between the two Relationship, the information corresponds to the identity authentication data.
在本发明的一个实施例中,可选地,所请求的所述图形化代码的数量为多个,并且每次仅生成一个所述图形化代码。In an embodiment of the present invention, optionally, the requested number of graphical codes is multiple, and only one graphical code is generated each time.
在本发明的一个实施例中,可选地,每个所述图形化代码具有编号,并且根据所述编号依次生成一个所述图形化代码。In an embodiment of the present invention, optionally, each of the graphical codes has a serial number, and one of the graphical codes is sequentially generated according to the serial number.
在本发明的一个实施例中,可选地,当未被生成的所述图形化代码的数量低于预定值时由所述移动终端的所述处理器确定再次发送所述请求。In an embodiment of the present invention, optionally, the processor of the mobile terminal determines to send the request again when the number of the graphical codes that have not been generated is lower than a predetermined value.
根据本发明的另一方面,提供一种计算机可执行方法,所述方法包括如下步骤:由服务器的处理器确定接收发送端发送的本地可信执行环境的特征值;由所述服务器的所述处理器校验是否存在所述特征值与身份认证数据的映射关系;以及由所述服务器的所述处理器判定若存在的话则生成对应于所述身份认证数据的表示所述图形化代码的信息并发送至所述发送端。According to another aspect of the present invention, a computer-executable method is provided. The method includes the following steps: a processor of a server determines a characteristic value of a local trusted execution environment sent by a sender; The processor verifies whether there is a mapping relationship between the characteristic value and the identity authentication data; and the processor of the server determines if it exists, and generates information corresponding to the identity authentication data representing the graphical code And sent to the sending end.
在本发明的一个实施例中,可选地,在所述接收步骤前还包括:由所述服务器的所述处理器确定接收所述发送端发送的本地可信执行环境的特征值以及身份认证数据,并存储所述特征值与所述身份认证数据的映射关系。In an embodiment of the present invention, optionally, before the receiving step, the method further includes: determining, by the processor of the server, to receive the characteristic value and identity authentication of the local trusted execution environment sent by the sending end Data, and store the mapping relationship between the characteristic value and the identity authentication data.
在本发明的一个实施例中,可选地,所述图形化代码的数量为多个,并且所述信息中包括每个所述图形化代码的编号。In an embodiment of the present invention, optionally, the number of graphical codes is multiple, and the information includes the serial number of each graphical code.
根据本发明的另一方面,提供一种移动设备,所述移动设备包括如上文所述的任意一种生成计算机可读的图形化代码的装置。According to another aspect of the present invention, a mobile device is provided. The mobile device includes any one of the apparatuses for generating computer-readable graphical codes as described above.
根据本发明的另一方面,提供一种服务平台,所述服务平台包括如上文所述的任意一种生成计算机可读的图形化代码的装置。According to another aspect of the present invention, a service platform is provided. The service platform includes any device for generating computer-readable graphical codes as described above.
根据本发明的另一方面,提供一种移动设备,包括:显示器;本地可信执行环境;存储器,其配置成存储指令;以及处理器,其配置成执行所述指令以用于:由移动终端的处理器确定发送所述移动终端的所述本地可信执行环境的特征值以请求表示所述图形化代码的信息;由所述移动终端的所述处理器接收所述信息并存储;由所述移动终端的所述处理器根据所述信息生成所述图形化代码;以及由所述移动终端的所述处理器将所述图形化代码显示在所述显示器上。According to another aspect of the present invention, there is provided a mobile device including: a display; a local trusted execution environment; a memory configured to store instructions; and a processor configured to execute the instructions for: a mobile terminal The processor of the mobile terminal determines to send the characteristic value of the local trusted execution environment of the mobile terminal to request information representing the graphical code; the processor of the mobile terminal receives and stores the information; The processor of the mobile terminal generates the graphical code according to the information; and the processor of the mobile terminal displays the graphical code on the display.
在本发明的一个实施例中,可选地,所述处理器进一步配置成 确定由所述本地可信执行环境对所述信息加密并存储在所述本地可信执行环境中。In an embodiment of the present invention, optionally, the processor is further configured to determine that the information is encrypted by the local trusted execution environment and stored in the local trusted execution environment.
在本发明的一个实施例中,可选地,所述处理器进一步配置成根据本地可信执行环境的软硬件信息生成所述特征值。In an embodiment of the present invention, optionally, the processor is further configured to generate the characteristic value according to software and hardware information of the local trusted execution environment.
在本发明的一个实施例中,可选地,所述处理器进一步配置成确定发送所述特征值和身份认证数据,以请求建立二者的映射关系,所述信息对应于所述身份认证数据。In an embodiment of the present invention, optionally, the processor is further configured to determine to send the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information corresponds to the identity authentication data .
在本发明的一个实施例中,可选地,所请求的所述图形化代码的数量为多个,并且每次仅生成一个所述图形化代码。In an embodiment of the present invention, optionally, the requested number of graphical codes is multiple, and only one graphical code is generated each time.
在本发明的一个实施例中,可选地,每个所述图形化代码具有编号,并且根据所述编号依次生成一个所述图形化代码。In an embodiment of the present invention, optionally, each of the graphical codes has a serial number, and one of the graphical codes is sequentially generated according to the serial number.
在本发明的一个实施例中,可选地,所述处理器进一步配置成当未被生成的所述图形化代码的数量低于预定值时确定再次发送所述请求。In an embodiment of the present invention, optionally, the processor is further configured to determine to send the request again when the number of the graphical codes that have not been generated is lower than a predetermined value.
根据本发明的另一方面,提供一种服务器,包括:存储器,其配置成存储指令;以及处理器,其配置成执行所述指令以用于:由服务器的处理器确定接收发送端发送的本地可信执行环境的特征值;由所述服务器的所述处理器校验是否存在所述特征值与身份认证数据的映射关系;以及由所述服务器的所述处理器判定若存在的话则生成对应于所述身份认证数据的表示所述图形化代码的信息并发送至所述发送端。According to another aspect of the present invention, there is provided a server including: a memory configured to store instructions; and a processor configured to execute the instructions for: determining, by the processor of the server, the local data sent by the sender The characteristic value of the trusted execution environment; the processor of the server verifies whether there is a mapping relationship between the characteristic value and the identity authentication data; and the processor of the server determines if there is a corresponding The information representing the graphical code in the identity authentication data is sent to the sending end.
在本发明的一个实施例中,可选地,所述处理器进一步配置成确定接收所述发送端发送的本地可信执行环境的特征值以及身份认证数据,并存储所述特征值与所述身份认证数据的映射关系。In an embodiment of the present invention, optionally, the processor is further configured to determine to receive the characteristic value and identity authentication data of the local trusted execution environment sent by the sending end, and store the characteristic value and the identity authentication data. The mapping relationship of identity authentication data.
在本发明的一个实施例中,可选地,所述图形化代码的数量为多个,并且所述信息中包括每个所述图形化代码的编号。In an embodiment of the present invention, optionally, the number of graphical codes is multiple, and the information includes the serial number of each graphical code.
附图说明Description of the drawings
从结合附图的以下详细说明中,将会使本发明的上述和其他目的及优点更加完整清楚,其中,相同或相似的要素采用相同的标号表示。The above and other objects and advantages of the present invention will be more complete and clear from the following detailed description in conjunction with the accompanying drawings, wherein the same or similar elements are represented by the same reference numerals.
图1示出了根据本发明的一个实施例的支付系统的示意图。Fig. 1 shows a schematic diagram of a payment system according to an embodiment of the present invention.
图2示出了根据现有技术的支付系统的示意图。Fig. 2 shows a schematic diagram of a payment system according to the prior art.
图3示出了根据现有技术的支付系统的示意图。Fig. 3 shows a schematic diagram of a payment system according to the prior art.
图4示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。Fig. 4 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
图5示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。Fig. 5 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
图6示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。Fig. 6 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
图7示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。Fig. 7 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
图8示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。Fig. 8 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
图9示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。Fig. 9 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
图10示出了根据本发明的一个实施例的生成计算机可读的图形化代码的装置的示意图。Fig. 10 shows a schematic diagram of an apparatus for generating computer-readable graphical codes according to an embodiment of the present invention.
图11示出了根据本发明的一个实施例的生成计算机可读的图形化代码的装置的示意图。Fig. 11 shows a schematic diagram of an apparatus for generating computer-readable graphical codes according to an embodiment of the present invention.
图12示出了根据本发明的一个实施例的移动终端。Fig. 12 shows a mobile terminal according to an embodiment of the present invention.
图13示出了根据本发明的一个实施例的服务器的示意图。Fig. 13 shows a schematic diagram of a server according to an embodiment of the present invention.
图14示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。Fig. 14 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
图15示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。Fig. 15 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
图16示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。Fig. 16 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention.
具体实施方式Detailed ways
出于简洁和说明性目的,本文主要参考其示范实施例来描述本发明的原理。但是,本领域技术人员将容易地认识到相同的原理可等效地应用于所有类型的计算机可读的图形化代码生成方法、装置以及计算机可读存储介质,并且可以在其中实施这些相同或相似的原理,任何此类变化不背离本专利申请的真实精神和范围。For brevity and illustrative purposes, this document mainly refers to its exemplary embodiments to describe the principles of the present invention. However, those skilled in the art will readily recognize that the same principle can be equally applied to all types of computer-readable graphical code generation methods, devices, and computer-readable storage media, and these same or similar ones can be implemented therein. According to the principle, any such changes do not deviate from the true spirit and scope of this patent application.
在本发明的上下文中,“可信执行环境的特征值”是指与可信执行环境一一对应且可以用于区分不同设备的可信执行环境(TEE)的信息(例如为一组代码)。举个例子,“可信执行环境的特征值”可以是根据可信执行环境的软硬件信息而生成的一组代码,可以是出厂指定并存入可信执行环境中的一组代码,还可以是空中发送并存入可信执行环境中的信息。在本申请的一些示例中对特征值的产生机制并不限制,只要该特征值可以区分不同设备的可信执行环境即可。In the context of the present invention, the "characteristic value of the trusted execution environment" refers to information (for example, a set of codes) that corresponds to the trusted execution environment and can be used to distinguish the trusted execution environment (TEE) of different devices. . For example, the "characteristic value of the trusted execution environment" can be a set of codes generated based on the software and hardware information of the trusted execution environment, or a set of codes designated by the factory and stored in the trusted execution environment, or It is the information sent over the air and stored in the trusted execution environment. In some examples of this application, the generation mechanism of the feature value is not limited, as long as the feature value can distinguish the trusted execution environment of different devices.
图1示出了根据本发明的一个实施例的支付系统的示意图。如图所示,为了简化用户的操作以及节省学习成本,用户侧仅需要自备开通网络服务的移动终端10(例如,智能手机、平板电脑、智能穿戴设备等)。移动终端10可以例如经由无线接入设备41(例如基站、AP)和网络40(例如,局域网、城域网、广域网、因特网等)而与互联网上的其他设备进行通信。移动终端10上运行支持扫码支付的软件或服务,在一些实施例中,当用户通过生物识别验证或者其他形式的验证后,该软件或服务可以经由移动终端10中的通信功能与互联网上的服务器30通信。在一些实施例中,当用户请求计算机可读的图形化代码(例如,条形码、 二维码等)时,用户侧可以向管理侧的服务器30发起请求,服务器30再向移动终端10返回支付信息,移动终端10可以根据支付信息生成计算机可读的图形化代码。Fig. 1 shows a schematic diagram of a payment system according to an embodiment of the present invention. As shown in the figure, in order to simplify the operation of the user and save the cost of learning, the user only needs to prepare a mobile terminal 10 (for example, a smart phone, a tablet computer, a smart wearable device, etc.) that subscribes to a network service. The mobile terminal 10 can communicate with other devices on the Internet, for example, via a wireless access device 41 (e.g., base station, AP) and a network 40 (e.g., local area network, metropolitan area network, wide area network, Internet, etc.). The mobile terminal 10 runs software or service that supports scan code payment. In some embodiments, after the user passes biometric verification or other forms of verification, the software or service can communicate with the Internet via the communication function in the mobile terminal 10. The server 30 communicates. In some embodiments, when a user requests a computer-readable graphical code (for example, a barcode, a two-dimensional code, etc.), the user side can initiate a request to the server 30 on the management side, and the server 30 returns payment information to the mobile terminal 10. , The mobile terminal 10 can generate a computer-readable graphical code according to the payment information.
图1中还示出了商店侧的一个示例,其中商店侧包括具有通信能力的收银设备20和具有读取计算机可读的图形化代码读取能力的扫描设备21。本申请中的计算机可读的图形化代码包括条形码、二维码等各种形式的代码,这些代码承载的信息可以由诸如扫描设备21之类的读取设备读取并经由诸如收银设备20之类的计算设备解析,因而这类代码是计算机可读的。本申请所要求保护的计算机可读的图形化代码不限于条形码、二维码,还包括其他形式可以为计算机读取的图形化代码,无论这些形式是基于一定标准的还是自行设定的。在一些实施例中,为了保障收银设备20的网络连接的稳定性,收银设备20可以例如以有线传输的方式与互联网上的其他设备进行通信。An example of the store side is also shown in FIG. 1, where the store side includes a cash register device 20 with communication capability and a scanning device 21 with a reading capability of reading computer-readable graphical codes. The computer-readable graphical codes in this application include various forms of codes such as bar codes and two-dimensional codes. The information carried by these codes can be read by a reading device such as a scanning device 21 and passed through a checkout device 20. The type of computing device parses, so this type of code is computer readable. The computer-readable graphical codes claimed in this application are not limited to barcodes and two-dimensional codes, but also include other forms of graphical codes that can be read by a computer, regardless of whether these forms are based on certain standards or set by themselves. In some embodiments, in order to ensure the stability of the network connection of the cash register device 20, the cash register device 20 may communicate with other devices on the Internet in a wired transmission manner, for example.
在一些实施例中,当用户侧的移动终端10向商店侧呈现计算机可读的图形化代码时,扫描设备21可以读取此代码并输入到收银设备20中解析,收银设备20再根据解析后的信息生成发往管理侧的服务器30的信息。服务器30对收到的信息进行处理,并判断其合法性。若收到的信息合法则可以向收银设备20返回接受支付的信息。此时,收银设备20可以根据接受支付的信息给出相应的提示(例如,输出收款成功的信号)和响应(例如,进行结账处理)。另一方面,服务器30也可以同时向移动终端10返回接受支付的信息,用户可以依此确认完成了支付。需要说明的是,尽管图1中仅示出了一个服务器30,但是管理侧的服务器可以是各种形态的服务器,例如,可以是分别实现不同功能的服务器集群。集群服务器在地理上可以位于一处也可以位于多处。In some embodiments, when the mobile terminal 10 on the user side presents a computer-readable graphical code to the store side, the scanning device 21 can read the code and input it into the cash register device 20 for analysis. The cash register device 20 then analyzes the code according to the analysis. The information generated by the information is sent to the server 30 on the management side. The server 30 processes the received information and judges its legality. If the received information is legal, the payment acceptance information can be returned to the cash register device 20. At this time, the cash register device 20 may give a corresponding prompt (for example, output a signal of successful payment) and a response (for example, perform a checkout process) according to the payment acceptance information. On the other hand, the server 30 can also return payment acceptance information to the mobile terminal 10 at the same time, and the user can confirm that the payment is completed accordingly. It should be noted that although only one server 30 is shown in FIG. 1, the server on the management side may be a server of various forms, for example, may be a server cluster that implements different functions. The cluster server can be located in one geographic location or in multiple locations.
图2和图3示出了根据现有技术的支付系统的示意图。目前,移动二维码支付交易技术的主要有两种实现方式。一种是联机支 付方式,如图2所示,在该方式中当用户每次需要使用二维码支付时,客户端均直接从客户端后台服务器3001中获取当次交易的付款码。参见图1,以手机为例,该方式的交易流程大致如下。(1)用户在手机10上打开支持二维码被扫付款的客户端;(2)点击二维码被扫支付;(3)客户端向客户端后台服务器3001请求获取支付使用的付款二维码;(4)客户端后台服务器3001向支付系统服务器3002请求取支付使用的付款二维码;(5)支付系统服务器3002将当次付款二维码通过后台方式,经原路径返回至客户端;(6)用户将付款二维码展示给商户收银员;(7)商户收单系统2001将二维码上送支付系统服务器3002,支付系统服务器3002验证二维码后完成支付。联机支付方式可以适用于需要实时认证的交易场景中,例如交易数额较大的交易场景等。然而,通过联机支付方式将依赖于用户使用时的网络状况。若某些商户位于地下楼层或网络不佳环境,则可能会导致用户长时间等待,从而影响用户支付体验。Figures 2 and 3 show schematic diagrams of payment systems according to the prior art. Currently, there are two main ways to implement mobile QR code payment transaction technology. One is the online payment method, as shown in Figure 2. In this method, every time the user needs to use the QR code to pay, the client directly obtains the payment code of the current transaction from the client backend server 3001. Referring to Figure 1, taking a mobile phone as an example, the transaction flow of this method is roughly as follows. (1) The user opens the client that supports QR code scanning and payment on the mobile phone 10; (2) Clicks on the QR code to be scanned for payment; (3) The client requests the client backend server 3001 to obtain the payment QR code used for payment (4) The client background server 3001 requests the payment system server 3002 to obtain the payment QR code used for payment; (5) The payment system server 3002 sends the current payment QR code through the background method and returns to the client via the original path (6) The user displays the payment QR code to the merchant cashier; (7) The merchant acquiring system 2001 sends the QR code to the payment system server 3002, and the payment system server 3002 completes the payment after verifying the QR code. The online payment method may be suitable for transaction scenarios that require real-time authentication, such as transaction scenarios with large transaction amounts. However, the online payment method will depend on the user's network conditions when using it. If some merchants are located on the underground floor or in a poor network environment, it may cause users to wait for a long time, thereby affecting the user's payment experience.
另一种是脱机支付方式,以手机为例,如图3所示,当用户每次需要使用二维码支付时,客户端均直接从手机10本地获取当次交易的付款码。用户使用流程如下:(1)用户在手机10上打开支持二维码被扫付款的客户端;(2)点击二维码被扫支付;(3)客户端通过本地的算法计算出当次支付的二维码;(4)用户将付款二维码展示给商户收银员;(5)商户收单系统2001将二维码上送支付系统服务器3002;(6)支付系统服务器3002通过一定算法,验证二维码为客户端计算出的有效二维码后,完成支付。手机10与支付系统服务器3002可以通过网络40以准实时或者无需实时的方式实现算法等数据的同步。然而,脱机支付方式依赖于算法的保密性和不可破性。脱机方式使用的算法由于需要手机客户端和支付系统后台保持相同,以运算出相同付款码,存在算法如何同步、算法的保密性如何保障、算法强度是否 足够等问题,因而实现较为复杂。The other is an offline payment method. Taking a mobile phone as an example, as shown in FIG. 3, every time a user needs to use a QR code to pay, the client directly obtains the payment code of the current transaction from the mobile phone 10 locally. The user's usage process is as follows: (1) The user opens the client that supports QR code scanning and payment on the mobile phone 10; (2) Clicks on the QR code to be scanned and paid; (3) The client uses the local algorithm to calculate the current payment (4) The user shows the payment QR code to the cashier of the merchant; (5) The merchant acquiring system 2001 sends the QR code to the payment system server 3002; (6) The payment system server 3002 passes certain algorithms, After verifying that the QR code is a valid QR code calculated by the client, complete the payment. The mobile phone 10 and the payment system server 3002 can synchronize data such as algorithms through the network 40 in a quasi-real-time or without real-time manner. However, offline payment methods rely on the confidentiality and unbreakability of the algorithm. The algorithm used in offline mode requires the mobile client and the payment system backend to be the same to calculate the same payment code. There are issues such as how to synchronize the algorithm, how to ensure the confidentiality of the algorithm, and whether the algorithm strength is sufficient, so the implementation is more complicated.
图4示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。如图所示,该方法包括步骤S402,在该步骤中发送包括本地可信执行环境(Trust Execution Environment,TEE)的特征值的请求消息以请求表示图形化代码的信息;步骤S404,在该步骤中接收表示图形化代码的信息并存储;步骤S406,在该步骤中根据表示图形化代码的信息生成图形化代码。Fig. 4 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention. As shown in the figure, the method includes step S402, in which a request message including characteristic values of a local trusted execution environment (Trust Execution Environment, TEE) is sent to request information representing graphical code; step S404, in this step Receive and store the information representing the graphical code in step S406, in which the graphical code is generated according to the information representing the graphical code.
本地可信执行环境的特征值是指存储在本地可信执行环境中且与本地可信执行环境一一对应的用于识别本地可信执行环境的各种类型的符号和/或数值等,在本发明的一些实施例中,可信执行环境的特征值可以是根据可信执行环境的硬件信息(例如,硬件的序列号)和/或软件信息(例如,软件的版本号)生成的。可信执行环境的特征值还可以是出厂预置的,此时,特征值可以不与可信执行环境的硬件信息或软件信息相关,而是存储在可信执行环境中的一组独一无二的信息,可以根据该信息来区分不同的请求图形化代码的设备(或称为用户侧,例如,智能手机、平板电脑、智能穿戴设备等)。此外,可信执行环境的特征值还可以是空中发送的,例如,可以通过管理侧的服务器向请求图形化代码的设备(例如,智能手机、平板电脑、智能穿戴设备等)空中发送特征值,再由请求图形化代码的设备将该特征值存储在可信执行环境中。相应地,管理侧中记录的特征值可以是后期由请求图形化代码的设备发送至其并存储的;也可以是已经存储在其中而预置的(例如空中发送的情况下,管理侧的服务器充当了空中发送特征值的设备)。The characteristic value of the local trusted execution environment refers to the various types of symbols and/or values stored in the local trusted execution environment and corresponding to the local trusted execution environment for identifying the local trusted execution environment. In some embodiments of the present invention, the characteristic value of the trusted execution environment may be generated based on hardware information (for example, the serial number of the hardware) and/or software information (for example, the version number of the software) of the trusted execution environment. The characteristic value of the trusted execution environment can also be preset at the factory. At this time, the characteristic value may not be related to the hardware information or software information of the trusted execution environment, but a set of unique information stored in the trusted execution environment According to this information, different devices that request graphical codes (or called the user side, such as smart phones, tablet computers, smart wearable devices, etc.) can be distinguished. In addition, the feature value of the trusted execution environment can also be sent over the air. For example, the feature value can be sent over the air to the device (for example, smart phone, tablet computer, smart wearable device, etc.) requesting graphical code through the server on the management side. The device requesting the graphical code stores the characteristic value in the trusted execution environment. Correspondingly, the feature value recorded in the management side can be sent to and stored by the device requesting the graphical code later; or it can be stored in it and preset (for example, in the case of air transmission, the server on the management side Acting as a device for sending characteristic values over the air).
在本发明的一些实施例中,请求信息还可以包括账户信息。在一些情况下,请求图形化代码的设备可能与多个账户信息相关联,此时为了区分到底是利用哪个银行账户请求图形化代码还需 要向管理侧发送该账户信息。上文记载了在步骤S404中接收表示图形化代码的信息并存储。根据本发明的一个方面,可以由用户侧的客户端对信息加密并存储,此时加密后的信息将存储在普通数据存储的位置中。根据本发明的另一个方面,为进一步提高数据安全性,可以由本地可信执行环境对信息加密并存储在本地可信执行环境中,此时存储的信息将与普通数据相隔离,在得到可信执行环境的允许时客户端才可以进行读取。由于在后一个方面中,是由本地可信执行环境对信息加密并存储的,因而在允许客户端读取前需要可信执行环境先对信息进行解密。根据本发明的再一个方面,还可以先由用户侧的客户端对信息加密,再由本地可信执行环境对加密后的信息转加密,此时该信息将双重加密,从而进一步提高了数据的安全性。相应地,在解密该信息时将依次由可信执行环境和客户端对信息对该信息解密。在本发明的另一些实施例中,可以设定仅允许指定的客户端或者服务访问存储在本地可信执行环境中的信息,这可以通过增加移动设备可信执行环境安全区域访问控制规则来实现。In some embodiments of the present invention, the request information may also include account information. In some cases, the device requesting the graphical code may be associated with multiple account information. At this time, in order to distinguish which bank account is used to request the graphical code, the account information needs to be sent to the management side. It is described above that the information representing the graphical code is received and stored in step S404. According to one aspect of the present invention, the information can be encrypted and stored by the client on the user side. At this time, the encrypted information will be stored in the common data storage location. According to another aspect of the present invention, in order to further improve data security, the information can be encrypted by the local trusted execution environment and stored in the local trusted execution environment. At this time, the stored information will be isolated from ordinary data, and the The client can read it only when allowed by the execution environment. Since in the latter aspect, the information is encrypted and stored by the local trusted execution environment, the trusted execution environment is required to decrypt the information before allowing the client to read it. According to another aspect of the present invention, the information can be encrypted by the client on the user side first, and then the encrypted information can be re-encrypted by the local trusted execution environment. At this time, the information will be double-encrypted, thereby further improving the data security. safety. Correspondingly, when the information is decrypted, the trusted execution environment and the client will sequentially decrypt the information. In other embodiments of the present invention, it can be set to allow only designated clients or services to access the information stored in the local trusted execution environment. This can be achieved by adding mobile device trusted execution environment security zone access control rules .
在本发明的一个实施例中,如图5所示,在上文请求表示图形化代码的信息的步骤前还可以根据本地可信执行环境的软硬件信息生成特征值(步骤S502)。当然,如上文所述,本发明中的特征值并不一定要根据软硬件信息生成,在本发明的其他实施例中,诸如移动设备的制造商(或者支付系统的拥有者)可以在出厂时根据标准或者管理侧规则预置特征值;在本发明的另一些实施例中,管理侧还可以空发特征值。预置特征值以及空发特征值都为提供标准化格式的特征值提供了便利,此两种方式可以弥补根据本地可信执行环境的软硬件信息生成特征值时可能造成的特征值重复、数量不足等缺陷。需要指出的是,特征值必须是不可重复的且一旦设定特征值后,该值需要写入到本地可信执行环境中,以此方式可以保证特征值的唯一性和安全性(不可篡 改)。In an embodiment of the present invention, as shown in FIG. 5, before the above step of requesting information representing the graphical code, a feature value may be generated according to the software and hardware information of the local trusted execution environment (step S502). Of course, as mentioned above, the feature value in the present invention does not necessarily have to be generated based on software and hardware information. In other embodiments of the present invention, the manufacturer of the mobile device (or the owner of the payment system) can be used when leaving the factory. The feature value is preset according to the standard or the management side rule; in other embodiments of the present invention, the management side may also send the feature value empty. Both the preset feature value and the empty feature value provide convenience for providing the feature value in a standardized format. These two methods can make up for the duplication and insufficient number of feature values that may be caused when the feature value is generated based on the software and hardware information of the local trusted execution environment. And other defects. It should be pointed out that the characteristic value must be non-repeatable, and once the characteristic value is set, the value needs to be written into the local trusted execution environment. In this way, the uniqueness and security of the characteristic value can be guaranteed (non-tamperable) .
在本发明的一个实施例中,如图6所示,在上文请求表示图形化代码的信息的步骤前还可以发送特征值和身份认证数据以请求建立二者的映射关系(步骤S602)。需要说明是的是,用户侧向管理侧发送的信息可能只包括特征值和身份认证数据,并不包括“建立二者的映射关系”这样的请求;管理侧在同时接收到特征值和身份认证数据这两个数据时可以确定用户侧隐含地发送了“建立二者的映射关系”这个请求。要注意的是,步骤S602并不是执行上文介绍的实施例必不可少的前置步骤,上文介绍的实施例中特征值和身份认证数据(例如,身份证信息、银行账户信息、银行卡卡号等)的映射关系可以是通过其他途径提前建立的,因而可以直接请求表示图形化代码的信息。更一般地,可以在请求步骤之前建立特征值和身份认证数据的映射关系,表示图形化代码的信息对应于所述身份认证数据。例如,可以使用客户端输入身份认证数据并请求绑定到客户端(或者其所属移动终端)。此时,客户端可以请求特征值并连同身份认证数据一起发往管理侧。需要指出的是,若发送的是普通身份证信息,管理侧可以根据记录的身份证信息查询得到一个或者多个银行账户信息(或银行卡卡号,下同)并返回客户端,客户端可以从其中选取需要绑定的一个或者多个银行账户以用于支付。待客户端选定要绑定的银行账户后可以再将选定的身份认证数据发往管理侧,管理侧可以据此建立特征值和身份认证数据的映射关系。一旦建立了映射关系后,管理侧在后续流程中收到包含特征值的请求后可以立刻调取其关联的(映射的)身份认证数据,更具体地,可以是银行账户信息(或银行卡卡号),以用于后续的步骤。In an embodiment of the present invention, as shown in FIG. 6, before the above step of requesting information representing the graphical code, the characteristic value and the identity authentication data may be sent to request the establishment of the mapping relationship between the two (step S602). It should be noted that the information sent from the user side to the management side may only include the characteristic value and identity authentication data, and does not include the request to "establish a mapping relationship between the two"; the management side receives the characteristic value and identity authentication at the same time When the two data is data, it can be determined that the user side implicitly sends the request of "establishing the mapping relationship between the two". It should be noted that step S602 is not an indispensable pre-step to perform the above-described embodiment. In the above-described embodiment, the feature value and identity authentication data (for example, ID card information, bank account information, bank card The mapping relationship of the card number, etc.) can be established in advance through other means, so the information representing the graphical code can be directly requested. More generally, the mapping relationship between the characteristic value and the identity authentication data can be established before the request step, and the information representing the graphical code corresponds to the identity authentication data. For example, the client can be used to input identity authentication data and request to bind to the client (or its mobile terminal). At this point, the client can request the characteristic value and send it to the management side together with the identity authentication data. It needs to be pointed out that if the general ID card information is sent, the management side can obtain one or more bank account information (or bank card number, the same below) according to the recorded ID card information and return it to the client. One or more bank accounts that need to be bound are selected for payment. After the client selects the bank account to be bound, the selected identity authentication data can be sent to the management side, and the management side can establish the mapping relationship between the characteristic value and the identity authentication data accordingly. Once the mapping relationship is established, the management side can immediately retrieve the associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process, more specifically, it can be bank account information (or bank card number). ) For subsequent steps.
在本发明的一些实施例中在步骤S602之前先执行步骤S502,即,可以先根据本地可信执行环境的软硬件信息生成特征值,再发送特征值和身份认证数据以请求建立二者的映射关系,表示图 形化代码的信息对应于所述身份认证数据。In some embodiments of the present invention, step S502 is performed before step S602, that is, the feature value can be generated according to the software and hardware information of the local trusted execution environment, and then the feature value and identity authentication data can be sent to request the establishment of the mapping between the two The relationship indicates that the information of the graphical code corresponds to the identity authentication data.
在本发明的一个实施例中,所请求的图形化代码的数量为多个,并且每次仅生成一个图形化代码。在一些场景下,用户侧与管理侧之间的网络状况不一定总是能满足实时或者准实时通信的需求;另一方面,在一些小额支付的场景下,用户侧也可以不总是需要与管理侧进行实时或者准实时交互;当然,本发明的基本原理也可适用于其他无需实时或者准实时交互但对保密性要求较高的应用场景。有鉴于此,在本发明的一些实施例中可以在一次请求中请求多个图形化代码,例如,可以一次请求20个图形化代码。在本发明的一些实施例中,可以根据各个地区的用户平均使用频率、单个用户的使用频率以及单个用户的信用程度等而为不同地区、不同用户等提供不同的请求数量的上限。在本发明的一些实施例中,也可以为不同额度的支付场景设置不同的请求数量的上限。例如,可以为用于交通通勤的客户端或服务设置较高的请求数量,而为用于大额支付或者通用支付(即,既可以用于小额支付又可以用于大额支付)的客户端设置较低的请求数量。In an embodiment of the present invention, the number of requested graphical codes is multiple, and only one graphical code is generated each time. In some scenarios, the network conditions between the user side and the management side may not always meet the needs of real-time or quasi-real-time communication; on the other hand, in some small payment scenarios, the user side may not always need Real-time or quasi-real-time interaction with the management side; of course, the basic principles of the present invention can also be applied to other application scenarios that do not require real-time or quasi-real-time interaction but require high confidentiality. In view of this, in some embodiments of the present invention, multiple graphical codes may be requested in one request, for example, 20 graphical codes may be requested at a time. In some embodiments of the present invention, different upper limits on the number of requests may be provided for different regions, different users, etc. according to the average use frequency of users in each region, the use frequency of a single user, and the credit level of a single user. In some embodiments of the present invention, different upper limits on the number of requests may also be set for payment scenarios with different amounts. For example, you can set a higher number of requests for clients or services used for commuting, and for customers who use large-value payments or general-purpose payments (that is, they can be used for both small payments and large-value payments). Set a lower number of requests on the end.
在本发明的一个实施例中,若所请求的图形化代码的数量为多个,则每个图形化代码可以具有编号,并且可以进一步根据编号来依次生成一个图形化代码。在本发明的一个实施例中,可以不设置多个图形化代码的使用顺序,管理侧仅对用毕的图形化代码作删除处理,这样可以减轻用户侧和管理侧的处理任务量,达到快速支付的目的。更一般地,在本发明的一个实施例中,为每个图形化代码编号。如果有20个图形化代码,那么可以依次将其编号成01、02、......、19、20。为图形化代码编号有利用对其进行管理,方便管理侧指定图形化代码的管理策略。例如,如果在先使用了编号为03的图形化代码付款,后一次使用编号为04的图形化代码付款,管理侧先核实图形化代码的有效性,然而可 以根据编号确定图形化代码是按顺序使用的,管理侧接收该图形化代码并完成承兑。再如,如果在先使用了编号为03的图形化代码付款,后一次使用编号为01的图形化代码付款,管理侧先核实图形化代码的有效性,然后可以根据编号确定图形化代码池可能被破解或盗取,因而管理侧可以对与特征值及映射的身份认证数据所关联的设备、账户作止付处理。另外,可以进一步例如停用相关账号、将图形化代码池中剩余的图形化代码无效、追查已使用的图形化代码的使用合法性以及通知设备、账户的所有者。In an embodiment of the present invention, if the number of requested graphical codes is multiple, each graphical code may have a serial number, and a graphical code may be further generated sequentially according to the serial number. In an embodiment of the present invention, the order of using multiple graphical codes may not be set, and the management side only deletes the used graphical codes, which can reduce the amount of processing tasks on the user side and the management side, and achieve rapid The purpose of payment. More generally, in one embodiment of the present invention, each graphical code is numbered. If there are 20 graphical codes, they can be numbered as 01, 02, ..., 19, 20 in sequence. The graphical code number is used to manage it, and it is convenient for the management side to specify the management strategy of the graphical code. For example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 04 is used for the next payment, the management side first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. If it is used, the management side receives the graphical code and completes the acceptance. For another example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 01 is used for payment later, the management side first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. It is cracked or stolen, so the management side can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
在本发明的一个实施例中,参见图7,在步骤S702中进行判断,当未被生成的图形化代码的数量低于预定值(或阈值)时再次发送请求,该阈值由阈值模块或系统生成。以此方式,可以保证图形化代码池中总保有一定数量的图形化代码,以方便诸如在网络不畅时能够快速出码,不致影响用户的感知。例如,可以设置在未被生成的图形化代码的数量低于预定值6时再次发送请求,以请求诸如另外的20个图形化代码。通过这种设置,图形化代码池中可以总保有5-25个图形化代码。例如,若原图形化代码池中存在编号为01、02、......、19、20的20个图像化代码,在顺序使用直至编号为15的图形化代码付款时,用户侧可以确定剩余5个未被生成的图形化代码,此时将触发再次发送请求的条件,用户侧将请求诸如另外的20个图形化代码(其编号例如为21、22、......、39、40)。In an embodiment of the present invention, referring to FIG. 7, a judgment is made in step S702. When the number of ungenerated graphical codes is lower than a predetermined value (or threshold), the request is sent again, and the threshold is determined by the threshold module or system. generate. In this way, it can be ensured that there is always a certain amount of graphical code in the graphical code pool, so as to facilitate quick code output, such as when the network is not smooth, without affecting the user's perception. For example, it may be set to send a request again when the number of ungenerated graphical codes is lower than a predetermined value of 6, to request, for example, another 20 graphical codes. With this setting, there can always be 5-25 graphical codes in the graphical code pool. For example, if there are 20 graphical codes numbered 01, 02, ..., 19, 20 in the original graphical code pool, when the graphical code numbered 15 is used in order to pay, the user can determine The remaining 5 graphical codes that have not been generated will trigger the condition to send the request again, and the user side will request such as another 20 graphical codes (the numbers are for example 21, 22, ..., 39). , 40).
在本发明的一些实施例中,每个所述图形化代码具有有效期,当处于有效期内的未被生成的所述图形化代码的数量低于预定值时再次发送所述请求。In some embodiments of the present invention, each of the graphical codes has a validity period, and the request is sent again when the number of the graphical codes that are not generated within the validity period is lower than a predetermined value.
在本发明的一些实施例中,预定值是与特征值相对应的,换言之,每个不同的用户侧设备可以具有不同的预定值。例如,根据用户使用频次等进行人工智能分析,可以动态调整不同用户的预定值。比如,A用户的预定值可能是3而B用户可能为5。在 本发明的一个实施例中,用户侧的再次请求中包括了本地可信执行环境的特征值,管理侧可以根据该特征值查询是否存在预期绑定的银行账户信息(或银行卡卡号),若存在绑定的银行账户信息(或银行卡卡号)则可以返回关于该绑定的银行账户信息(或银行卡卡号)的诸如另外的20个图形化代码。如果在某些情况下上述的再次请求未能发送成功或者未能送达管理侧,那么可以在使用编号为16的图形化代码付款时再次触发再次发送请求的条件。本领域技术人员应当领会,若仍然不能再次发送请求,本发明的触发条件将继续适用,直至请求到诸如另外的20个图形化代码为止。在本发明的其他示例中也可以不必等到下次再生成图形化代码时才再次发送请求(即,继续上文的示例,无需得到使用编号为16的图形化代码付款时才再次发送请求),而是可以以预定时间间隔自动再次发送请求,直至请求到诸如另外的20个图形化代码为止。In some embodiments of the present invention, the predetermined value corresponds to the characteristic value. In other words, each different user-side device may have a different predetermined value. For example, artificial intelligence analysis can be performed according to the frequency of use by users, and the predetermined values of different users can be dynamically adjusted. For example, the predetermined value for user A may be 3 and user B may be 5. In an embodiment of the present invention, the re-request on the user side includes the characteristic value of the local trusted execution environment, and the management side can query whether there is expected bound bank account information (or bank card number) based on the characteristic value. If there is bound bank account information (or bank card number), it can return 20 other graphical codes about the bound bank account information (or bank card number). If in some cases the above-mentioned re-request fails to be sent successfully or fails to be delivered to the management side, then the conditions for re-sending the request can be triggered again when the graphical code numbered 16 is used for payment. Those skilled in the art should understand that if the request still cannot be sent again, the trigger condition of the present invention will continue to apply until the request reaches, for example, another 20 graphical codes. In other examples of the present invention, the request may not be sent again until the graphical code is generated next time (that is, the above example is continued, and the request is sent again when the graphical code number 16 is not required to be paid), Instead, the request can be automatically sent again at a predetermined time interval until the request reaches, for example, another 20 graphical codes.
图15示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。与图4所对应的实施例相比,发送端直接请求图形化代码,而不是请求表示图形化代码的信息。如图所示,该方法包括步骤S1502,在该步骤中向接收端发送本地可信执行环境的特征值以请求图形化代码;步骤S1504,在接收来自接收端的图形化代码并呈现。在不违背该实施例的基本构思的前提下,该实施例的其他方面可以参照图4所对应的实施例来实施。Fig. 15 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention. Compared with the embodiment corresponding to FIG. 4, the sending end directly requests the graphical code instead of requesting information representing the graphical code. As shown in the figure, the method includes step S1502, in which the characteristic value of the local trusted execution environment is sent to the receiving end to request graphical code; step S1504, the graphical code from the receiving end is received and presented. On the premise of not violating the basic idea of this embodiment, other aspects of this embodiment can be implemented with reference to the embodiment corresponding to FIG. 4.
在本发明的一个实施例中,可选地,接收来自接收端的图形化代码并呈现的步骤包括了对图形化代码加密并存储在本地可信执行环境中。在本发明的其他示例中,可选地,在请求步骤前还包括根据本地可信执行环境的软硬件信息生成特征值。在本发明的其他示例中,可选地,在请求步骤前还包括发送特征值和身份认证数据以请求建立二者的映射关系,图形化代码对应于身份 认证数据。此外,身份认证数据诸如可以为银行账户信息。在本发明的其他示例中,可选地,所请求的图形化代码的数量为多个,并且每次仅生成一个图形化代码。在本发明的其他示例中,可选地,每个图形化代码具有编号,并且根据编号依次生成一个图形化代码。在本发明的其他示例中,可选地,当未被生成的图形化代码的数量低于预定值时再次发送请求。同样地,在不违背这些实施例的基本构思的前提下,这些实施例的其他方面可以参照图5-7所对应的实施例来实施。In an embodiment of the present invention, optionally, the step of receiving and presenting the graphical code from the receiving end includes encrypting the graphical code and storing it in a local trusted execution environment. In other examples of the present invention, optionally, before the requesting step, it further includes generating a characteristic value according to the software and hardware information of the local trusted execution environment. In other examples of the present invention, optionally, before the requesting step, the method further includes sending the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the graphical code corresponds to the identity authentication data. In addition, the identity authentication data may be bank account information, for example. In other examples of the present invention, optionally, the number of requested graphical codes is multiple, and only one graphical code is generated each time. In other examples of the present invention, optionally, each graphical code has a serial number, and a graphical code is sequentially generated according to the serial number. In other examples of the present invention, optionally, the request is sent again when the number of graphical codes that have not been generated is lower than a predetermined value. Similarly, without violating the basic concept of these embodiments, other aspects of these embodiments can be implemented with reference to the embodiments corresponding to FIGS. 5-7.
以上主要描述了用户侧(在某些情况下记载为具体的客户端、移动终端等)请求并生成计算机可读的图形化代码的基本原理。以下将介绍管理侧(在某些情况下记载为具体的支付系统、支付系统服务器等)的工作原理。The above mainly describes the basic principle of the user side (in some cases recorded as a specific client, mobile terminal, etc.) requesting and generating computer-readable graphical code. The following will introduce the working principle of the management side (in some cases recorded as a specific payment system, payment system server, etc.).
图8示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。如图所示,该方法包括步骤S802接收发送端发送的本地可信执行环境的特征值,所述特征值用于请求发送图形化代码的信息;步骤S804,校验是否存在特征值与身份认证数据的映射关系,身份认证数据用于校验是否与特征值匹配;步骤S806,若存在的话则生成对应于身份认证数据的表示图形化代码的信息并发送至发送端。当然,若不存在这样的映射关系则自动忽略,不生成表示图形化代码的信息,并且可以接收下一个特征值(例如,由与上次发送不同的发送端发送的特征值)。发送端发送的本地可信执行环境的特征值可以通过上文详细描述的多种方式生成,接收到的特征值可以用于验证身份。具体而言,可以根据是否存在与接收到的特征值存在对应关系的身份认证数据来决定来是否生成表示图形化代码的信息。特征值与身份认证数据的对应关系可以通过预先建立映射关系表的形式来形成,且表中的内容可以根据实际使用情况进行增减。例如,若一个身份认证数据绑定了新的终端,则需要在映射关系表中增加二 者间的对应关系的条目。需要注意的是,图形化代码的生成并不受建立映射关系表所限制,这是因为生成图形化代码的过程默认已经建立了映射关系表,图形化代码的生成(发码)的过程无需考虑如何建立映射关系表,图形化代码的生成(发码)的方法本身构成了相对独立的保护范围。Fig. 8 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention. As shown in the figure, the method includes step S802 receiving the characteristic value of the local trusted execution environment sent by the sending end, the characteristic value is used to request the sending of graphical code information; step S804, verifying whether there is a characteristic value and identity authentication The mapping relationship of the data, the identity authentication data is used to verify whether it matches the characteristic value; in step S806, if it exists, the information representing the graphical code corresponding to the identity authentication data is generated and sent to the sending end. Of course, if such a mapping relationship does not exist, it is automatically ignored, no information representing the graphical code is generated, and the next feature value (for example, a feature value sent by a sending end different from the previous one) can be received. The characteristic value of the local trusted execution environment sent by the sender can be generated in various ways described in detail above, and the received characteristic value can be used to verify the identity. Specifically, it can be determined whether to generate the information representing the graphical code according to whether there is identity authentication data corresponding to the received feature value. The corresponding relationship between the characteristic value and the identity authentication data can be formed by pre-establishing a mapping relationship table, and the content in the table can be increased or decreased according to actual usage. For example, if an identity authentication data is bound to a new terminal, an entry for the correspondence between the two needs to be added to the mapping relationship table. It should be noted that the generation of graphical code is not restricted by the establishment of the mapping table. This is because the process of generating graphical code has already established the mapping table by default, and the process of generating (code-sending) graphical code does not need to be considered. How to establish the mapping relationship table and the method of graphical code generation (code issuing) itself constitutes a relatively independent scope of protection.
在本发明的一个实施例中,如图9所示,在上文的接收发送端发送的本地可信执行环境的特征值步骤前还包括:接收发送端发送的本地可信执行环境的特征值以及身份认证数据,并存储特征值与身份认证数据的映射关系(步骤S902)。上文介绍的实施例中特征值和身份认证数据(例如,身份证信息、银行账户信息、银行卡卡号等)的映射关系可以是通过其他途径提前建立的,因而可以直接请求表示图形化代码的信息。更一般地,可以在接收步骤之前建立(存储)特征值和身份认证数据的映射关系。例如,可以使用客户端输入身份认证数据并请求绑定到客户端(或者其所属移动终端)。此时,客户端可以请求特征值并连同身份认证数据一起发往管理侧。需要指出的是,若发送的是普通身份证信息,管理侧可以根据记录的身份证信息查询得到一个或者多个银行账户信息(或银行卡卡号,下同)并返回客户端,客户端可以从其中选取需要绑定的一个或者多个银行账户以用于支付。待客户端选定要绑定的银行账户后可以再将选定的身份认证数据发往管理侧,管理侧可以据此建立特征值和身份认证数据的映射关系。一旦建立了映射关系后,管理侧在后续流程中收到包含特征值的请求后可以立刻调取其关联的(映射的)身份认证数据,更具体地,可以是银行账户信息(或银行卡卡号),以用于后续的步骤。In an embodiment of the present invention, as shown in FIG. 9, before the step of receiving the characteristic value of the local trusted execution environment sent by the sending end, it further includes: receiving the characteristic value of the local trusted execution environment sent by the sending end. And the identity authentication data, and the mapping relationship between the characteristic value and the identity authentication data is stored (step S902). The mapping relationship between the feature value and the identity authentication data (for example, ID card information, bank account information, bank card number, etc.) in the above-described embodiment can be established in advance through other means, and thus can directly request the representation of the graphical code information. More generally, the mapping relationship between the feature value and the identity authentication data can be established (stored) before the receiving step. For example, the client can be used to input identity authentication data and request to be bound to the client (or its mobile terminal). At this time, the client can request the characteristic value and send it to the management side together with the identity authentication data. It should be pointed out that if the information sent is ordinary ID card information, the management side can obtain one or more bank account information (or bank card number, the same below) according to the recorded ID card information and return it to the client. One or more bank accounts that need to be bound are selected for payment. After the client selects the bank account to be bound, the selected identity authentication data can be sent to the management side, and the management side can establish the mapping relationship between the characteristic value and the identity authentication data accordingly. Once the mapping relationship is established, the management side can immediately retrieve the associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process. More specifically, it can be bank account information (or bank card number). ) For subsequent steps.
在本发明的一个实施例中,图形化代码的数量为多个,并且信息中包括每个图形化代码的编号。在本发明的一些实施例中可以在一次发送中发送多个图形化代码,例如,可以一次发送20 个图形化代码。在本发明的一些实施例中,可以根据各个地区的用户平均使用频率、单个用户的使用频率以及单个用户的信用程度等而为不同地区、不同用户等提供不同的请求数量的上限。在本发明的一些实施例中,也可以为不同额度的支付场景设置不同的请求数量的上限。例如,可以为用于交通通勤的客户端或服务设置较高的请求数量,而为用于大额支付或者通用支付(即,既可以用于小额支付又可以用于大额支付)的客户端设置较低的请求数量。In an embodiment of the present invention, the number of graphical codes is multiple, and the information includes the serial number of each graphical code. In some embodiments of the present invention, multiple graphical codes may be sent in one transmission, for example, 20 graphical codes may be sent at a time. In some embodiments of the present invention, different upper limits on the number of requests may be provided for different regions, different users, etc. according to the average use frequency of users in each region, the use frequency of a single user, and the credit level of a single user. In some embodiments of the present invention, different upper limits on the number of requests may also be set for payment scenarios with different amounts. For example, you can set a higher number of requests for clients or services used for commuting, and for customers who are used for large payments or general payments (that is, they can be used for both small payments and large payments) Set a lower number of requests on the end.
在本发明的一个实施例中,可以不设置多个图形化代码的使用顺序,管理侧仅对用毕的图形化代码作删除处理,这样可以减轻用户侧和管理侧的处理任务量,达到快速支付的目的。更一般地,在本发明的一个实施例中,为每个图形化代码编号。如果有20个图形化代码,那么可以依次将其编号成01、02、......、19、20。为图形化代码编号有利用对其进行管理,方便管理侧指定图形化代码的管理策略。例如,如果在先使用了编号为03的图形化代码付款,后一次使用编号为04的图形化代码付款,管理侧先核实图形化代码的有效性,然而可以根据编号确定图形化代码是按顺序使用的,管理侧接收该图形化代码并完成承兑。再如,如果在先使用了编号为03的图形化代码付款,后一次使用编号为01的图形化代码付款,管理侧先核实图形化代码的有效性,然后可以根据编号确定图形化代码池可能被破解或盗取,因而管理侧可以对与特征值及映射的身份认证数据所关联的设备、账户作止付处理。另外,可以进一步例如停用相关账号、将图形化代码池中剩余的图形化代码无效、追查已使用的图形化代码的使用合法性以及通知设备、账户的所有者。In an embodiment of the present invention, the order of using multiple graphical codes may not be set, and the management side only deletes the used graphical codes, which can reduce the amount of processing tasks on the user side and the management side, and achieve rapid The purpose of payment. More generally, in one embodiment of the present invention, each graphical code is numbered. If there are 20 graphical codes, they can be numbered as 01, 02, ..., 19, 20 in sequence. The graphical code number is used to manage it, and it is convenient for the management side to specify the management strategy of the graphical code. For example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 04 is used for the next payment, the management side first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. If it is used, the management side receives the graphical code and completes the acceptance. For another example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 01 is used for payment later, the management side first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. It is cracked or stolen, so the management side can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
图16示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图。与图8所对应的实施例相比,发送端直接请求图形化代码,而不是请求表示图形化代码的信息。如 图所示,该方法包括步骤S1602接收发送端发送的本地可信执行环境的特征值,所述特征值用于请求发送图形化代码;步骤S1604,校验是否存在特征值与身份认证数据的映射关系,身份认证数据用于校验是否与特征值匹配;步骤S1606,若存在的话则生成对应于身份认证数据的图形化代码并发送至发送端。当然,若不存在这样的映射关系则自动忽略,不生成表示图形化代码的信息,并且可以接收下一个特征值(例如,由与上次发送不同的发送端发送的特征值)。在不违背该实施例的基本构思的前提下,该实施例的其他方面可以参照图8所对应的实施例来实施。Fig. 16 shows a schematic diagram of a method for generating computer-readable graphical codes according to an embodiment of the present invention. Compared with the embodiment corresponding to FIG. 8, the sending end directly requests the graphical code instead of requesting information representing the graphical code. As shown in the figure, the method includes step S1602 receiving the characteristic value of the local trusted execution environment sent by the sender, the characteristic value being used to request the sending of graphical code; step S1604, verifying whether there is a characteristic value and identity authentication data The mapping relationship, the identity authentication data is used to verify whether it matches the characteristic value; in step S1606, if it exists, a graphical code corresponding to the identity authentication data is generated and sent to the sending end. Of course, if such a mapping relationship does not exist, it is automatically ignored, no information representing the graphical code is generated, and the next feature value (for example, a feature value sent by a sending end different from the previous one) can be received. On the premise of not violating the basic idea of this embodiment, other aspects of this embodiment can be implemented with reference to the embodiment corresponding to FIG. 8.
在本发明的一个实施例中,可选地,在接收步骤前还包括:接收发送端发送的本地可信执行环境的特征值以及身份认证数据,并存储特征值与身份认证数据的映射关系。在本发明的一个实施例中,可选地,图形化代码的数量为多个,并且图形化代码中包括其编号。同样地,在不违背这些实施例的基本构思的前提下,这些实施例的其他方面可以参照图9所对应的实施例来实施。In an embodiment of the present invention, optionally, before the receiving step, the method further includes: receiving the characteristic value and identity authentication data of the local trusted execution environment sent by the sending end, and storing the mapping relationship between the characteristic value and the identity authentication data. In an embodiment of the present invention, optionally, the number of graphical codes is multiple, and the graphical code includes its serial number. Similarly, without violating the basic concept of these embodiments, other aspects of these embodiments can be implemented with reference to the embodiment corresponding to FIG. 9.
根据本发明的另一方面,提供一种计算机可读存储介质,计算机可读存储介质中存储有指令,其特征在于,当指令由处理器执行时,使得处理器执行如上文所述的任意一种方法。本发明中所称的计算机可读介质包括各种类型的计算机存储介质,可以是通用或专用计算机能够存取的任何可用介质。举例而言,计算机可读介质可以包括RAM、ROM、E2PROM、CD-ROM或其他光盘存储器、磁盘存储器或其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码单元并能够由通用或特定用途计算机、或者通用或特定用途处理器进行存取的任何其他临时性或者非临时性介质。如本文所使用的,盘(disk)和碟(disc)包括紧致碟(CD)、激光碟、光碟、数字多用途光碟(DVD)、软盘和蓝光碟,其中盘通常磁性地复制数据,而碟则用激光来光学地复制数据。上述的组合也应当包括在计算机可 读介质的保护范围之内。According to another aspect of the present invention, a computer-readable storage medium is provided, and instructions are stored in the computer-readable storage medium, wherein, when the instructions are executed by a processor, the processor is caused to execute any one of the foregoing. Kind of method. The computer-readable medium referred to in the present invention includes various types of computer storage media, and may be any available medium that can be accessed by a general-purpose or special-purpose computer. For example, the computer-readable medium may include RAM, ROM, E2PROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or can be used to carry or store desired program codes in the form of instructions or data structures The unit is also any other temporary or non-transitory medium that can be accessed by a general-purpose or special-purpose computer, or a general-purpose or special-purpose processor. As used herein, disks and discs include compact discs (CDs), laser discs, optical discs, digital versatile discs (DVD), floppy discs, and Blu-ray discs, where discs usually copy data magnetically, and Discs use lasers to optically copy data. The above combination should also be included in the protection scope of computer readable media.
图10示出了根据本发明的一个实施例的生成计算机可读的图形化代码的装置的示意图。如图所示,处于用户侧的装置10包括请求模块1012、接收模块1014以及渲染模块1016。其中,请求模块1012被配置成发送包括装置10的本地可信执行环境的特征值的请求消息以请求表示图形化代码的信息;接收模块1014被配置成接收信息并存储;渲染模块1016被配置成根据信息生成图形化代码。Fig. 10 shows a schematic diagram of an apparatus for generating computer-readable graphical codes according to an embodiment of the present invention. As shown in the figure, the device 10 on the user side includes a request module 1012, a receiving module 1014, and a rendering module 1016. Wherein, the request module 1012 is configured to send a request message including the characteristic value of the local trusted execution environment of the device 10 to request information representing the graphical code; the receiving module 1014 is configured to receive the information and store it; the rendering module 1016 is configured to Generate graphical code based on the information.
在本发明的一些实施例中,请求模块1012被配置成发送包括装置10的本地可信执行环境的特征值的请求消息以请求表示图形化代码的信息,其中,可信执行环境的特征值可以是根据装置10的可信执行环境的硬件信息(例如,硬件的序列号)和/或软件信息(例如,软件的版本号)生成的。可信执行环境的特征值还可以是出厂预置的,此时,特征值可以不与装置10的可信执行环境的硬件信息或软件信息相关,而是存储在可信执行环境中的一组独一无二的信息,可以根据该信息来区分不同的请求图形化代码的装置(或称为用户侧,例如,智能手机、平板电脑、智能穿戴设备等)。此外,可信执行环境的特征值还可以是空中发送的,例如,可以通过管理侧的服务器向请求图形化代码的装置10(例如,智能手机、平板电脑、智能穿戴设备等)空中发送特征值,再由装置10将该特征值存储在可信执行环境中。相应地,管理侧中记录的特征值可以是后期由装置10发送至其并存储的;也可以是已经存储在其中而预置的(例如空中发送的情况)。In some embodiments of the present invention, the request module 1012 is configured to send a request message including the characteristic value of the local trusted execution environment of the device 10 to request information representing the graphical code, wherein the characteristic value of the trusted execution environment may be It is generated based on hardware information (for example, the serial number of the hardware) and/or software information (for example, the version number of the software) of the trusted execution environment of the device 10. The characteristic value of the trusted execution environment may also be preset at the factory. In this case, the characteristic value may not be related to the hardware information or software information of the trusted execution environment of the device 10, but a set of values stored in the trusted execution environment. The unique information can be used to distinguish different devices that request graphical codes (or called the user side, for example, smart phones, tablet computers, smart wearable devices, etc.). In addition, the feature value of the trusted execution environment can also be sent over the air. For example, the feature value can be sent over the air to the device 10 (for example, smart phone, tablet computer, smart wearable device, etc.) requesting graphical code through the server on the management side. Then, the device 10 stores the characteristic value in the trusted execution environment. Correspondingly, the characteristic value recorded in the management side may be sent to it by the device 10 and stored later; or it may have been stored in it and preset (for example, in the case of air transmission).
在本发明的一些实施例中,请求信息还可以包括银行账户信息。在一些情况下,请求图形化代码的设备可能与多个银行账户信息相关联,此时为了区分到底是利用哪个银行账户请求图形化代码还需要向管理侧发送该银行账户信息。In some embodiments of the present invention, the request information may also include bank account information. In some cases, the device requesting the graphical code may be associated with multiple bank account information. At this time, in order to distinguish which bank account is used to request the graphical code, the bank account information needs to be sent to the management side.
上文记载了接收模块1014被配置成接收信息并存储,渲染 模块1016被配置成根据信息生成图形化代码。接收模块1014接收到信息后可以存储在诸如装置10的存储设备中,另一方面,为了保证数据的安全性,还可以存储在装置10的本地可信执行环境中。It is stated above that the receiving module 1014 is configured to receive and store information, and the rendering module 1016 is configured to generate graphical codes according to the information. The receiving module 1014 can store the information in a storage device such as the device 10 after receiving the information. On the other hand, in order to ensure the security of the data, it can also be stored in the local trusted execution environment of the device 10.
在本发明的一个实施例中,接收模块1014先对信息加密再存储在装置10的本地可信执行环境中,以此方式可以设置保障信息安全的双重保险。根据本发明的另一个方面,为进一步提高数据安全性,可以由本地可信执行环境对信息加密并存储在本地可信执行环境中,此时存储的信息将与普通数据相隔离,在得到可信执行环境的允许时才可以进行读取。由于在后一个方面中,是由本地可信执行环境对信息加密并存储的,因而在允许读取前需要可信执行环境先对信息进行解密。In an embodiment of the present invention, the receiving module 1014 first encrypts the information and then stores it in the local trusted execution environment of the device 10, in this way, double insurance to ensure information security can be set. According to another aspect of the present invention, in order to further improve data security, the information can be encrypted by the local trusted execution environment and stored in the local trusted execution environment. At this time, the stored information will be isolated from ordinary data, and the It can be read only when permitted by the execution environment. Since in the latter aspect, the information is encrypted and stored by the local trusted execution environment, the trusted execution environment is required to decrypt the information before allowing reading.
根据本发明的再一个方面,还可以先由接收模块1014对信息加密,再由本地可信执行环境对加密后的信息转加密,此时该信息将双重加密,从而进一步提高了数据的安全性。相应地,在解密该信息时将依次由可信执行环境和接收模块1014对信息对该信息解密。在本发明的另一些实施例中,可以设定仅允许指定的客户端或者服务访问存储在本地可信执行环境中的信息,这可以通过增加移动设备可信执行环境安全区域访问控制规则来实现。例如,可信执行环境安全区域访问控制的规则定义了只允许应用A和应用B来访问存储在本地可信执行环境中的信息,若未经规则允许的应用C想要访问存储在本地可信执行环境中的信息则会遭到拒绝;若应用A请求访问存储在本地可信执行环境中的信息则会通过。等到信息被成功读取后,渲染模块1016可以根据信息生成图形化代码。例如,渲染模块1016可以国家标准、行业标准、企业标准或者相互协商的标准对信息作图形化呈现,诸如生成条形码、二维码等。According to another aspect of the present invention, the receiving module 1014 can first encrypt the information, and then the encrypted information can be encrypted by the local trusted execution environment. At this time, the information will be double-encrypted, thereby further improving the security of the data. . Correspondingly, when the information is decrypted, the trusted execution environment and the receiving module 1014 will decrypt the information in turn. In other embodiments of the present invention, it can be set to allow only designated clients or services to access the information stored in the local trusted execution environment. This can be achieved by adding mobile device trusted execution environment security zone access control rules . For example, the rules for access control in the secure area of the trusted execution environment define that only application A and application B are allowed to access the information stored in the local trusted execution environment. If the unauthorized application C wants to access the information stored in the local trusted execution environment The information in the execution environment will be rejected; if application A requests access to the information stored in the local trusted execution environment, it will pass. After the information is successfully read, the rendering module 1016 can generate graphical codes according to the information. For example, the rendering module 1016 can graphically present information, such as generating barcodes, two-dimensional codes, etc., according to national standards, industry standards, enterprise standards, or mutually negotiated standards.
在本发明的一个实施例中,装置10还包括生成模块(图10 中未示出),其配置成根据装置10的本地可信执行环境的软硬件信息生成特征值。当然,本发明中的特征值并不一定要根据软硬件信息生成,在本发明的其他实施例中,可以在出厂时根据标准或者管理侧规则预置特征值;在本发明的另一些实施例中,管理侧还可以空发特征值。预置特征值以及空发特征值都为提供标准化格式的特征值提供了便利,此两种方式可以弥补根据本地可信执行环境的软硬件信息生成特征值时可能造成的特征值重复、数量不足等缺陷。需要指出的是,特征值必须是不可重复的且一旦设定特征值后,该值需要诸如通过生成模块写入到本地可信执行环境中,以此方式可以保证特征值的唯一性和安全性(不可篡改)。In an embodiment of the present invention, the device 10 further includes a generating module (not shown in FIG. 10), which is configured to generate feature values according to the software and hardware information of the local trusted execution environment of the device 10. Of course, the feature value in the present invention does not have to be generated based on software and hardware information. In other embodiments of the present invention, the feature value can be preset according to the standard or management side rules when leaving the factory; in other embodiments of the present invention In the middle, the management side can also send feature values empty. Both the preset feature value and the empty feature value provide convenience for providing the feature value in a standardized format. These two methods can make up for the duplication and insufficient number of feature values that may be caused when the feature value is generated based on the software and hardware information of the local trusted execution environment. And other defects. It should be pointed out that the characteristic value must be non-repeatable and once the characteristic value is set, the value needs to be written into the local trusted execution environment, such as through the generation module, in this way, the uniqueness and security of the characteristic value can be guaranteed (Cannot be tampered with).
在本发明的一个实施例中,请求模块1012还配置成发送特征值和身份认证数据以请求建立二者的映射关系,表示图形化代码的信息对应于所述身份认证数据。在本发明的一些实施例中,身份认证数据可以诸如为银行账户信息。需要说明是的是,请求模块1012发送的信息可能只包括特征值和身份认证数据,并不包括“建立二者的映射关系”这样的请求;接收方在同时接收到特征值和身份认证数据这两个数据时可以确定装置10隐含地发送了“建立二者的映射关系”这个请求。上文介绍的实施例中特征值和身份认证数据(例如,身份证信息、银行账户信息、银行卡卡号等)的映射关系可以是通过其他途径提前建立的,因而可以直接请求表示图形化代码的信息。更一般地,可以在请求模块1012发送建立二者的映射关系的请求之前建立特征值和身份认证数据的映射关系,表示图形化代码的信息对应于所述身份认证数据。例如,可以使用装置10输入身份认证数据并请求绑定到装置10。此时,请求模块1012可以请求特征值并连同身份认证数据一起发往接收方。需要指出的是,若请求模块1012发送的是普通身份证信息,接收方可以根据记录的身份证信息查询得到 一个或者多个银行账户信息(或银行卡卡号,下同)并返回装置10,装置10可以从其中选取需要绑定的一个或者多个银行账户以用于支付。装置10选定要绑定的银行账户后可以再将选定的身份认证数据发往接收方,接收方可以据此建立特征值和身份认证数据的映射关系,表示图形化代码的信息对应于所述身份认证数据。一旦建立了映射关系后,接收方在后续流程中收到包含特征值的请求后可以立刻调取其关联的(映射的)身份认证数据,更具体地,可以是银行账户信息(或银行卡卡号),以用于后续的步骤。In an embodiment of the present invention, the request module 1012 is further configured to send the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information representing the graphical code corresponds to the identity authentication data. In some embodiments of the present invention, the identity authentication data may be bank account information, for example. It should be noted that the information sent by the request module 1012 may only include the characteristic value and the identity authentication data, and does not include the request to "establish a mapping relationship between the two"; the receiver receives the characteristic value and the identity authentication data at the same time. When there are two data, it can be determined that the device 10 has implicitly sent the request of "establishing the mapping relationship between the two". The mapping relationship between the feature value and the identity authentication data (for example, ID card information, bank account information, bank card number, etc.) in the above-described embodiment can be established in advance through other means, and thus can directly request the representation of the graphical code information. More generally, the mapping relationship between the feature value and the identity authentication data can be established before the request module 1012 sends the request to establish the mapping relationship between the two, and the information representing the graphical code corresponds to the identity authentication data. For example, the device 10 can be used to input identity authentication data and request to bind to the device 10. At this time, the request module 1012 can request the characteristic value and send it to the recipient together with the identity authentication data. It should be pointed out that if the request module 1012 sends ordinary ID card information, the receiver can query according to the recorded ID card information to obtain one or more bank account information (or bank card number, the same below) and return it to the device 10. 10 You can select one or more bank accounts that need to be bound for payment. After the device 10 selects the bank account to be bound, the selected identity authentication data can be sent to the recipient, and the recipient can establish the mapping relationship between the characteristic value and the identity authentication data based on this, and the information indicating the graphical code corresponds to all the identity authentication data. The identity authentication data. Once the mapping relationship is established, the recipient can immediately retrieve its associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process, more specifically, it can be bank account information (or bank card number) ) For subsequent steps.
在本发明的一个实施例中,请求模块1012所请求的图形化代码的数量为多个,并且渲染模块1016每次仅生成一个图形化代码。在一些场景下,网络状况不一定总是能满足实时或者准实时通信的需求;另一方面,在一些小额支付的场景下也可以不总是需要与管理侧进行实时或者准实时交互;当然,本发明的基本原理也可适用于其他无需实时或者准实时交互但对保密性要求较高的应用场景。有鉴于此,在本发明的一些实施例中可以在一次请求中请求多个图形化代码,例如,可以一次请求20个图形化代码。在本发明的一些实施例中,可以根据各个地区的用户平均使用频率、单个用户的使用频率以及单个用户的信用程度等而为不同地区、不同用户等提供不同的请求数量的上限,亦即,可以针对不同的装置10提供不同的请求数量的上限。在本发明的一些实施例中,也可以为不同额度的支付场景设置不同的请求数量的上限。例如,可以为用于交通通勤的装置10或服务设置较高的请求数量,而为用于大额支付或者通用支付(即,既可以用于小额支付又可以用于大额支付)的装置10设置较低的请求数量。In an embodiment of the present invention, the number of graphical codes requested by the request module 1012 is multiple, and the rendering module 1016 generates only one graphical code at a time. In some scenarios, the network conditions may not always meet the needs of real-time or quasi-real-time communication; on the other hand, in some small payment scenarios, real-time or quasi-real-time interaction with the management side may not always be required; of course The basic principle of the present invention can also be applied to other application scenarios that do not require real-time or quasi-real-time interaction but require high confidentiality. In view of this, in some embodiments of the present invention, multiple graphical codes may be requested in one request, for example, 20 graphical codes may be requested at a time. In some embodiments of the present invention, different regions, different users, etc. can be provided with different upper limit of the number of requests according to the average usage frequency of users in each region, the usage frequency of a single user, and the credit level of a single user, etc., that is, Different upper limits for the number of requests can be provided for different devices 10. In some embodiments of the present invention, different upper limits on the number of requests may also be set for payment scenarios with different amounts. For example, a higher number of requests can be set for the device 10 or service used for commuting, and the device used for large payment or general payment (that is, it can be used for both small payment and large payment). 10Set a lower number of requests.
在本发明的一个实施例中,每个图形化代码具有编号,并且渲染模块1016还配置成根据编号依次生成一个图形化代码。在 本发明的一个实施例中,可以不设置多个图形化代码的使用顺序,管理侧仅对用毕的图形化代码作删除处理,这样可以减轻用户侧和管理侧的处理任务量,达到快速支付的目的。更一般地,在本发明的一个实施例中,为每个图形化代码编号。如果有20个图形化代码,那么渲染模块1016可以依次将其编号成01、02、......、19、20。为图形化代码编号有利用对其进行管理,方便管理侧指定图形化代码的管理策略。例如,如果在先使用了编号为03的图形化代码付款,后一次使用编号为04的图形化代码付款,管理侧先核实图形化代码的有效性,然而可以根据编号确定图形化代码是按顺序使用的,管理侧接收该图形化代码并完成承兑。再如,如果在先使用了编号为03的图形化代码付款,后一次使用编号为01的图形化代码付款,管理侧先核实图形化代码的有效性,然后可以根据编号确定图形化代码池可能被破解或盗取,因而管理侧可以对与特征值及映射的身份认证数据所关联的设备、账户作止付处理。另外,可以进一步例如停用相关账号、将图形化代码池中剩余的图形化代码无效、追查已使用的图形化代码的使用合法性以及通知设备、账户的所有者。In an embodiment of the present invention, each graphical code has a serial number, and the rendering module 1016 is further configured to sequentially generate a graphical code according to the serial number. In an embodiment of the present invention, the order of using multiple graphical codes may not be set, and the management side only deletes the used graphical codes, which can reduce the amount of processing tasks on the user side and the management side, and achieve rapid The purpose of payment. More generally, in one embodiment of the present invention, each graphical code is numbered. If there are 20 graphical codes, the rendering module 1016 can sequentially number them as 01, 02, ..., 19, and 20. The graphical code number is used to manage it, and it is convenient for the management side to specify the management strategy of the graphical code. For example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 04 is used for the next payment, the management side first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. If it is used, the management side receives the graphical code and completes the acceptance. For another example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 01 is used for payment later, the management side first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. It is cracked or stolen, so the management side can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
在本发明的一个实施例中,装置还包括判断模块(图10中未示出),当所述判断模块判定未被生成的图形化代码的数量低于预定值时请求模块1012再次发送请求。以此方式,可以保证图形化代码池中总保有一定数量的图形化代码,以方便诸如在网络不畅时能够快速出码,不致影响用户的感知。例如,可以设置在未被渲染模块1016生成的图形化代码的数量低于预定值6时再次由请求模块1012发送请求,以请求诸如另外的20个图形化代码。通过这种设置,图形化代码池中可以总保有5-25个图形化代码。例如,若原图形化代码池中存在编号为01、02、......、19、20的20个图像化代码,在顺序使用直至编号为15的图形化代码付款时,装置10可以确定剩余5个未被生成的图形化代码,此 时将触发再次发送请求的条件,装置10将请求诸如另外的20个图形化代码(其编号例如为21、22、......、39、40)。在本发明的一个实施例中,装置10的再次请求中包括了本地可信执行环境的特征值,管理侧可以根据该特征值查询是否存在预期绑定的银行账户信息(或银行卡卡号),若存在绑定的银行账户信息(或银行卡卡号)则可以返回关于该绑定的银行账户信息(或银行卡卡号)的诸如另外的20个图形化代码。如果在某些情况下上述的再次请求未能发送成功或者未能送达管理侧,那么可以在使用编号为16的图形化代码付款时再次触发再次发送请求的条件。本领域技术人员应当领会,若仍然不能再次发送请求,本发明的触发条件将继续适用,直至请求到诸如另外的20个图形化代码为止。在本发明的其他示例中也可以不必等到下次再生成图形化代码时才再次发送请求(即,继续上文的示例,无需得到使用编号为16的图形化代码付款时才再次发送请求),而是可以以预定时间间隔自动再次发送请求,直至请求到诸如另外的20个图形化代码为止。In an embodiment of the present invention, the device further includes a judging module (not shown in FIG. 10), which requests the module 1012 to send a request again when the judging module determines that the number of graphical codes that have not been generated is lower than a predetermined value. In this way, it can be ensured that there is always a certain amount of graphical code in the graphical code pool, so as to facilitate quick code output, such as when the network is not smooth, without affecting the user's perception. For example, it can be set that when the number of graphical codes not generated by the rendering module 1016 is lower than the predetermined value 6, the request module 1012 sends a request again to request, for example, another 20 graphical codes. With this setting, there can always be 5-25 graphical codes in the graphical code pool. For example, if there are 20 graphical codes numbered 01, 02, ..., 19, 20 in the original graphical code pool, when the graphical code numbered 15 is used in order to pay, the device 10 can determine The remaining 5 graphical codes that have not been generated will trigger the condition to send the request again, and the device 10 will request such as another 20 graphical codes (the numbers are for example 21, 22, ..., 39). , 40). In an embodiment of the present invention, the re-request of the device 10 includes the characteristic value of the local trusted execution environment, and the management side can query whether there is expected bound bank account information (or bank card number) based on the characteristic value, If there is bound bank account information (or bank card number), it can return 20 other graphical codes about the bound bank account information (or bank card number). If in some cases the above-mentioned re-request fails to be sent successfully or fails to be delivered to the management side, then the conditions for re-sending the request can be triggered again when the graphical code numbered 16 is used for payment. Those skilled in the art should understand that if the request still cannot be sent again, the trigger condition of the present invention will continue to apply until the request reaches, for example, another 20 graphical codes. In other examples of the present invention, the request may not be sent again until the graphical code is generated next time (that is, the above example is continued, and the request is sent again when the graphical code number 16 is not required to be paid), Instead, the request can be automatically sent again at a predetermined time interval until the request reaches, for example, another 20 graphical codes.
在本发明的一些实施例中,每个所述图形化代码具有有效期,当判断模块判定处于有效期内的未被生成的所述图形化代码的数量低于预定值时再次发送所述请求。In some embodiments of the present invention, each of the graphical codes has a validity period, and the request is sent again when the judgment module determines that the number of the graphical codes that are not generated within the validity period is lower than a predetermined value.
在本发明的一些实施例中,预定值是与特征值相对应的,换言之,每个不同的用户侧设备可以具有不同的预定值。例如,根据用户使用频次等进行人工智能分析,可以动态调整不同用户的预定值。比如,A用户的预定值可能是3而B用户可能为5。In some embodiments of the present invention, the predetermined value corresponds to the characteristic value. In other words, each different user-side device may have a different predetermined value. For example, artificial intelligence analysis can be performed according to the frequency of use by users, and the predetermined values of different users can be dynamically adjusted. For example, the predetermined value for user A may be 3 and user B may be 5.
本发明的判断模块包括在本地可信执行环境中,也可以包括在用户侧设备的普通环境中并在其中执行。The judgment module of the present invention is included in the local trusted execution environment, and may also be included and executed in the general environment of the user-side device.
图11示出了根据本发明的一个实施例的生成计算机可读的图形化代码的装置的示意图。如图所示,处于管理侧的装置31包括接收模块3101、校验模块3102以及发送模块3103。其中, 接收模块3101被配置成接收发送端发送的本地可信执行环境的特征值;校验模块3102被配置成校验是否存在特征值与身份认证数据的映射关系,身份认证数据用于校验是否与特征值匹配;发送模块3103被配置成若存在所述映射关系的话则生成对应于身份认证数据的表示图形化代码的信息并发送至发送端。当然,若不存在这样的映射关系则不生成表示图形化代码的信息,并且接收模块3101可以接收下一个特征值(例如,由与上次发送不同的发送端发送的特征值)。发送端发送的本地可信执行环境的特征值可以通过上文详细描述的多种方式生成,接收到的特征值可以用于验证身份。具体而言,可以根据是否存在与接收到的特征值存在对应关系的身份认证数据来决定来是否生成表示图形化代码的信息。特征值与身份认证数据的对应关系可以通过预先建立映射关系表的形式来形成,且表中的内容可以根据实际使用情况进行增减。例如,若一个身份认证数据绑定了新的终端,则需要在映射关系表中增加二者间的对应关系的条目。需要注意的是,图形化代码的生成并不受建立映射关系表所限制,这是因为生成图形化代码的过程默认已经建立了映射关系表,图形化代码的生成(发码)的过程无需考虑如何建立映射关系表,图形化代码的生成(发码)的方法本身构成了相对独立的保护范围。Fig. 11 shows a schematic diagram of an apparatus for generating computer-readable graphical codes according to an embodiment of the present invention. As shown in the figure, the device 31 on the management side includes a receiving module 3101, a verification module 3102, and a sending module 3103. The receiving module 3101 is configured to receive the characteristic value of the local trusted execution environment sent by the sending end; the verification module 3102 is configured to verify whether there is a mapping relationship between the characteristic value and the identity authentication data, and the identity authentication data is used for verification. Whether it matches the characteristic value; the sending module 3103 is configured to generate and send the information representing the graphical code corresponding to the identity authentication data to the sending end if the mapping relationship exists. Of course, if there is no such mapping relationship, no information representing the graphical code is generated, and the receiving module 3101 can receive the next characteristic value (for example, a characteristic value sent by a sending end different from the last sending). The characteristic value of the local trusted execution environment sent by the sender can be generated in various ways described in detail above, and the received characteristic value can be used to verify the identity. Specifically, it can be determined whether to generate the information representing the graphical code according to whether there is identity authentication data corresponding to the received feature value. The corresponding relationship between the characteristic value and the identity authentication data can be formed by pre-establishing a mapping relationship table, and the content in the table can be increased or decreased according to actual usage. For example, if an identity authentication data is bound to a new terminal, it is necessary to add an entry for the correspondence between the two in the mapping relationship table. It should be noted that the generation of graphical code is not restricted by the establishment of the mapping table. This is because the process of generating graphical code has already established the mapping table by default, and the process of generating (code-sending) graphical code does not need to be considered. How to establish the mapping relationship table and the method of graphical code generation (code issuing) itself constitutes a relatively independent scope of protection.
在本发明的一个实施例中,装置31还包括存储模块(未示出),其中接收模块3101还配置成接收发送端发送的本地可信执行环境的特征值以及身份认证数据,并且存储模块存储特征值与身份认证数据的映射关系。上文介绍的实施例中特征值和身份认证数据(例如,身份证信息、银行账户信息、银行卡卡号等)的映射关系可以是通过其他途径提前建立的,因而可以直接请求表示图形化代码的信息。更一般地,可以在接收步骤之前建立(存储)特征值和身份认证数据的映射关系。例如,可以使用客户端输入身份认证数据并请求绑定到客户端(或者其所属移动终端)。 此时,客户端可以请求特征值并连同身份认证数据一起发往装置31。需要指出的是,若发送的是普通身份证信息,装置31可以根据记录的身份证信息查询得到一个或者多个银行账户信息(或银行卡卡号,下同)并返回客户端,客户端可以从其中选取需要绑定的一个或者多个银行账户以用于支付。待客户端选定要绑定的银行账户后可以再将选定的身份认证数据发往装置31,装置31可以据此建立特征值和身份认证数据的映射关系。一旦建立了映射关系后,装置31在后续流程中收到包含特征值的请求后可以立刻调取其关联的(映射的)身份认证数据,更具体地,可以是银行账户信息(或银行卡卡号),以用于后续的步骤。In an embodiment of the present invention, the device 31 further includes a storage module (not shown), wherein the receiving module 3101 is further configured to receive the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and the storage module stores The mapping relationship between the characteristic value and the identity authentication data. The mapping relationship between the feature value and the identity authentication data (for example, ID card information, bank account information, bank card number, etc.) in the above-described embodiment can be established in advance through other means, and thus can directly request the representation of the graphical code information. More generally, the mapping relationship between the feature value and the identity authentication data can be established (stored) before the receiving step. For example, the client can be used to input identity authentication data and request to be bound to the client (or its mobile terminal). At this time, the client can request the characteristic value and send it to the device 31 together with the identity authentication data. It should be pointed out that if the information sent is ordinary ID card information, the device 31 can obtain one or more bank account information (or bank card number, the same below) according to the recorded ID card information and return it to the client. One or more bank accounts that need to be bound are selected for payment. After the client selects the bank account to be bound, the selected identity authentication data can be sent to the device 31, and the device 31 can establish the mapping relationship between the characteristic value and the identity authentication data accordingly. Once the mapping relationship is established, the device 31 can immediately retrieve its associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process. More specifically, it can be bank account information (or bank card number). ) For subsequent steps.
在本发明的一个实施例中,图形化代码的数量为多个,并且发送模块3103所发送的信息中包括每个图形化代码的编号。在本发明的一些实施例中,发送模块3103可以在一次发送中发送多个图形化代码,例如,发送模块3103可以一次发送20个图形化代码。在本发明的一些实施例中,可以根据各个地区的用户平均使用频率、单个用户的使用频率以及单个用户的信用程度等而为不同地区、不同用户等提供不同的请求数量的上限。在本发明的一些实施例中,也可以为不同额度的支付场景设置不同的请求数量的上限。例如,可以为用于交通通勤的客户端或服务设置较高的请求数量,而为用于大额支付或者通用支付(即,既可以用于小额支付又可以用于大额支付)的客户端设置较低的请求数量。In an embodiment of the present invention, the number of graphical codes is multiple, and the information sent by the sending module 3103 includes the serial number of each graphical code. In some embodiments of the present invention, the sending module 3103 can send multiple graphical codes in one transmission. For example, the sending module 3103 can send 20 graphical codes at a time. In some embodiments of the present invention, different upper limits on the number of requests may be provided for different regions, different users, etc. according to the average use frequency of users in each region, the use frequency of a single user, and the credit level of a single user. In some embodiments of the present invention, different upper limits on the number of requests may also be set for payment scenarios with different amounts. For example, you can set a higher number of requests for clients or services used for commuting, and for customers who use large-value payments or general-purpose payments (that is, they can be used for both small payments and large-value payments). Set a lower number of requests on the end.
在本发明的一个实施例中,可以不设置多个图形化代码的使用顺序,装置31仅对用毕的图形化代码作删除处理,这样可以减轻用户侧和装置31的处理任务量,达到快速支付的目的。更一般地,在本发明的一个实施例中,装置31为每个图形化代码编号。如果有20个图形化代码,那么装置31可以将其依次将其编号成01、02、......、19、20。为图形化代码编号有利用对其进行管理,方便装置31指定图形化代码的管理策略。例如,如果 在先使用了编号为03的图形化代码付款,后一次使用编号为04的图形化代码付款,装置31先核实图形化代码的有效性,然而可以根据编号确定图形化代码是按顺序使用的,装置31接收该图形化代码并完成承兑。再如,如果在先使用了编号为03的图形化代码付款,后一次使用编号为01的图形化代码付款,装置31先核实图形化代码的有效性,然后可以根据编号确定图形化代码池可能被破解或盗取,因而装置31可以对与特征值及映射的身份认证数据所关联的设备、账户作止付处理。另外,可以进一步例如停用相关账号、将图形化代码池中剩余的图形化代码无效、追查已使用的图形化代码的使用合法性以及通知设备、账户的所有者。In an embodiment of the present invention, the order of using multiple graphical codes may not be set, and the device 31 only deletes the used graphical codes, which can reduce the amount of processing tasks on the user side and the device 31 and achieve rapid The purpose of payment. More generally, in one embodiment of the present invention, the device 31 numbers each graphical code. If there are 20 graphical codes, the device 31 can sequentially number them as 01, 02, ..., 19, 20. The graphical code number is useful for managing it, so that the device 31 can specify the management strategy of the graphical code. For example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 04 is used for the next payment, the device 31 first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. In use, the device 31 receives the graphical code and completes the acceptance. For another example, if the graphical code number 03 is used for payment first, and the graphical code number 01 is used for payment later, the device 31 first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. If it is cracked or stolen, the device 31 can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
根据本发明的另一方面,提供一种移动设备,所述移动设备包括如上文所述的任意一种生成计算机可读的图形化代码的装置(请求发送端)。According to another aspect of the present invention, a mobile device is provided. The mobile device includes any device (request sender) for generating computer-readable graphical codes as described above.
根据本发明的另一方面,提供一种服务平台,所述服务平台包括如上文所述的任意一种生成计算机可读的图形化代码的装置(请求接收端)。According to another aspect of the present invention, a service platform is provided. The service platform includes any device (request receiving end) for generating computer-readable graphical codes as described above.
根据本发明的一方面,提供一种计算机可执行方法,其可以由图12所示出的移动终端11来执行。所述方法包括如下步骤:由移动终端11的处理器1114确定发送包括移动终端11的本地可信执行环境1112的特征值的请求消息以请求表示图形化代码的信息;由移动终端11的处理器1114接收信息并存储;以及由移动终端11的处理器1114根据信息生成图形化代码。在本发明的一些方面中,处理器1114执行的一些操作可以是处理器1114确定某些具体的执行部件来操作的。该示例的其他方面可以进一步参照上文示例的描述进行。According to an aspect of the present invention, a computer-executable method is provided, which can be executed by the mobile terminal 11 shown in FIG. 12. The method includes the following steps: the processor 1114 of the mobile terminal 11 determines to send a request message including the characteristic value of the local trusted execution environment 1112 of the mobile terminal 11 to request information representing the graphical code; 1114 receives the information and stores it; and the processor 1114 of the mobile terminal 11 generates graphical codes according to the information. In some aspects of the present invention, some operations performed by the processor 1114 may be performed by the processor 1114 determining some specific execution components. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一些实施例中,请求信息还可以包括银行账户信息。在一些情况下,请求图形化代码的设备可能与多个账户信息 相关联,此时为了区分到底是利用哪个银行账户请求图形化代码还需要向管理侧发送该账户信息。In some embodiments of the present invention, the request information may also include bank account information. In some cases, the device requesting the graphical code may be associated with multiple account information. At this time, in order to distinguish which bank account is used to request the graphical code, the account information needs to be sent to the management side.
在本发明的一个实施例中,由移动终端11的处理器1114接收信息并存储具体为由移动终端11的本地可信执行环境1112对信息加密并存储在本地可信执行环境1112中。该示例的其他方面可以进一步参照上文示例的描述进行。In an embodiment of the present invention, the processor 1114 of the mobile terminal 11 receives the information and stores it. Specifically, the local trusted execution environment 1112 of the mobile terminal 11 encrypts the information and stores it in the local trusted execution environment 1112. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一个实施例中,在请求步骤前还包括:由移动终端11的处理器1114根据本地可信执行环境1112的软硬件信息生成特征值。该示例的其他方面可以进一步参照上文示例的描述进行。In an embodiment of the present invention, before the requesting step, the method further includes: generating the characteristic value by the processor 1114 of the mobile terminal 11 according to the software and hardware information of the local trusted execution environment 1112. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一个实施例中,在请求步骤前还包括:由移动终端11的处理器1114确定发送特征值和身份认证数据,以请求建立二者的映射关系,表示图形化代码的信息对应于所述身份认证数据。该示例的其他方面可以进一步参照上文示例的描述进行。In an embodiment of the present invention, before the requesting step, it further includes: the processor 1114 of the mobile terminal 11 determines to send the characteristic value and the identity authentication data to request the establishment of the mapping relationship between the two, and the information indicating that the graphical code corresponds to The identity authentication data. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一个实施例中,所请求的图形化代码的数量为多个,并且移动终端11的处理器1114每次仅生成一个图形化代码。该示例的其他方面可以进一步参照上文示例的描述进行。In an embodiment of the present invention, the number of requested graphical codes is multiple, and the processor 1114 of the mobile terminal 11 generates only one graphical code at a time. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一个实施例中,每个图形化代码具有编号,并且移动终端11的处理器1114根据编号依次生成一个图形化代码。该示例的其他方面可以进一步参照上文示例的描述进行。In an embodiment of the present invention, each graphical code has a number, and the processor 1114 of the mobile terminal 11 generates a graphical code in sequence according to the number. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一个实施例中,当未被生成的图形化代码的数量低于预定值时由移动终端11的处理器1114确定再次发送请求。该示例的其他方面可以进一步参照上文示例的描述进行。In an embodiment of the present invention, the processor 1114 of the mobile terminal 11 determines to send the request again when the number of graphical codes that have not been generated is lower than a predetermined value. Other aspects of this example can be further carried out with reference to the description of the above example.
根据本发明的另一方面,提供一种计算机可执行方法,该方法可以由如图13所示的服务器30来执行,该方法包括由服务器30的处理器3014(图中还示出了与其一起工作的存储器3016)确定接收发送端(未示出)发送的本地可信执行环境的特征值;由服务器30的处理器3014校验是否存在特征值与身份认证数据 的映射关系,身份认证数据用于校验是否与特征值匹配;以及由服务器30的处理器3014判定若存在的话则生成对应于身份认证数据的表示图形化代码的信息并发送至发送端。该示例的其他方面可以进一步参照上文示例的描述进行。According to another aspect of the present invention, a computer-executable method is provided. The method can be executed by the server 30 as shown in FIG. The working memory 3016) determines the characteristic value of the local trusted execution environment sent by the sender (not shown); the processor 3014 of the server 30 checks whether there is a mapping relationship between the characteristic value and the identity authentication data, and the identity authentication data is used It is verified whether it matches the characteristic value; and the processor 3014 of the server 30 determines that if it exists, it generates the information representing the graphical code corresponding to the identity authentication data and sends it to the sending end. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一个实施例中,在接收步骤前还包括:由服务器30的处理器3014确定接收发送端发送的本地可信执行环境的特征值以及身份认证数据,并存储特征值与身份认证数据的映射关系。该示例的其他方面可以进一步参照上文示例的描述进行。In an embodiment of the present invention, before the receiving step, the method further includes: determining, by the processor 3014 of the server 30, the characteristic value and identity authentication data of the local trusted execution environment sent by the receiving end, and storing the characteristic value and identity authentication data The mapping relationship. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一个实施例中,图形化代码的数量为多个,并且信息中包括每个图形化代码的编号。该示例的其他方面可以进一步参照上文示例的描述进行。In an embodiment of the present invention, the number of graphical codes is multiple, and the information includes the serial number of each graphical code. Other aspects of this example can be further carried out with reference to the description of the above example.
参见图12,根据本发明的另一方面,提供一种移动设备11,其包括用于显示器1110、本地可信执行环境1112、存储器1116以及处理器1114。其中,显示器1110用于显示输出的画面,例如用于显示本申请中的图形化代码(诸如图中所示出的二维码),在一些示例中,显示器1110还集成了触摸输入功能。移动设备11还包括了与通用环境1118所区隔的本地可信执行环境1112,其中,通用环境1118与可信执行环境1112被安全硬件(secure hardware)所隔离。通用环境1118包括主处理器1114和存储器1116(其可以配置成存储指令)等构成的硬件层1102,硬件层1102之上为操作系统层1103。本地可信执行环境1112包括主处理器1114上的一个安全区域,可以保证加载到该环境内部的代码和数据的安全性、机密性以及完整性。本地可信执行环境1112提供一个隔离的执行环境,提供的安全特征包含:隔离执行、可信应用的完整性、可信数据的机密性、安全存储等。本地可信执行环境1112也包括了独立的硬件层1104和操作系统层1105。Referring to FIG. 12, according to another aspect of the present invention, a mobile device 11 is provided, which includes a display 1110, a local trusted execution environment 1112, a memory 1116, and a processor 1114. Wherein, the display 1110 is used to display the output screen, for example, used to display the graphical code in the present application (such as the two-dimensional code shown in the figure). In some examples, the display 1110 also integrates a touch input function. The mobile device 11 also includes a local trusted execution environment 1112 separated from the general environment 1118, where the general environment 1118 and the trusted execution environment 1112 are separated by secure hardware. The general environment 1118 includes a hardware layer 1102 composed of a main processor 1114 and a memory 1116 (which can be configured to store instructions), and an operating system layer 1103 is above the hardware layer 1102. The local trusted execution environment 1112 includes a secure area on the main processor 1114, which can ensure the security, confidentiality, and integrity of the code and data loaded into the environment. The local trusted execution environment 1112 provides an isolated execution environment, and the security features provided include: isolated execution, integrity of trusted applications, confidentiality of trusted data, and secure storage. The local trusted execution environment 1112 also includes an independent hardware layer 1104 and an operating system layer 1105.
此外,主处理器1114配置成执行指令以用于:首先,由移动终端11的处理器1114确定发送包括移动终端11的本地可信 执行环境1112的特征值的请求消息以请求表示图形化代码的信息。在本申请中,表示图形化代码的信息可以是实际物理链路中传输的信息,例如可以数据分组。由移动终端11可以根据该信息以及国家标准、行业标准、企业标准或者相互协商的标准对信息作图形化呈现。In addition, the main processor 1114 is configured to execute instructions for: first, the processor 1114 of the mobile terminal 11 determines to send a request message including the characteristic value of the local trusted execution environment 1112 of the mobile terminal 11 to request a graphical code representation information. In this application, the information representing the graphical code may be information transmitted in an actual physical link, for example, it may be a data packet. The mobile terminal 11 can graphically present the information according to the information, national standards, industry standards, enterprise standards, or mutually negotiated standards.
在本发明的一些实施例中,请求信息还可以包括账户信息。在一些情况下,请求图形化代码的设备可能与多个账户信息相关联,此时为了区分到底是利用哪个银行账户请求图形化代码还需要向管理侧发送该账户信息。In some embodiments of the present invention, the request information may also include account information. In some cases, the device requesting the graphical code may be associated with multiple account information. At this time, in order to distinguish which bank account is used to request the graphical code, the account information needs to be sent to the management side.
其次,由移动终端11的处理器1114接收表示图形化代码的信息并存储,例如,存储在存储器1116中,在申请的其他示例中还可以存储在本地可信执行环境1112中以确保数据的安全性。再次,由移动终端11的处理器1114根据信息生成图形化代码。此时,生成的图形化代码可以直接被驱动到显示器1110上。最后,由移动终端11的处理器1114将图形化代码显示在显示器1110上。在本发明的一个实施例中,为进一步提高数据安全性,处理器1114可以进一步配置成确定由本地可信执行环境1112对信息加密并存储在本地可信执行环境1112中,此时存储的信息将与普通数据相隔离,在得到可信执行环境的允许时才可以进行读取。由于是由本地可信执行环境1112对信息加密并存储的,因而在允许读取前需要可信执行环境先对信息进行解密。根据本发明的再一个方面,还可以先由通用环境1118(例如,构建在其中的应用客户端)对信息加密,再由本地可信执行环境1112对加密后的信息转加密,此时该信息将双重加密,从而进一步提高了数据的安全性。相应地,在解密该信息时将依次由可信执行环境1112和通用环境1118对信息对该信息解密。在本发明的另一些实施例中,可以设定仅允许通用环境1118中的指定客户端或者服务访问存储在本地可信执行环境1112中的信息,这可以通 过增加移动设备11可信执行环境安全区域访问控制规则来实现。Secondly, the processor 1114 of the mobile terminal 11 receives and stores the information representing the graphical code, for example, stored in the memory 1116, and in other examples of the application, it can also be stored in the local trusted execution environment 1112 to ensure data security sex. Third, the processor 1114 of the mobile terminal 11 generates graphical codes according to the information. At this time, the generated graphical code can be directly driven to the display 1110. Finally, the processor 1114 of the mobile terminal 11 displays the graphical code on the display 1110. In an embodiment of the present invention, in order to further improve data security, the processor 1114 may be further configured to determine that the local trusted execution environment 1112 encrypts the information and stores it in the local trusted execution environment 1112, and the information stored at this time It will be isolated from ordinary data and can be read only when permitted by the trusted execution environment. Since the information is encrypted and stored by the local trusted execution environment 1112, the trusted execution environment is required to decrypt the information before allowing reading. According to another aspect of the present invention, the information can also be encrypted by the general environment 1118 (for example, the application client built in) first, and then the encrypted information can be encrypted by the local trusted execution environment 1112. At this time, the information Double encryption will further improve the security of the data. Correspondingly, when the information is decrypted, the trusted execution environment 1112 and the general environment 1118 will decrypt the information in turn. In other embodiments of the present invention, it can be set to allow only designated clients or services in the general environment 1118 to access the information stored in the local trusted execution environment 1112. This can be achieved by increasing the mobile device 11 trusted execution environment security Regional access control rules are implemented.
在本发明的一个实施例中,处理器1114进一步配置成根据本地可信执行环境1112的硬件信息(例如,硬件的序列号)和/或软件信息(例如,软件的版本号)生成特征值。当然,本发明中的特征值并不一定要根据软硬件信息生成,在本发明的其他实施例中,诸如移动设备11的制造商(或者支付系统的拥有者)可以在出厂时根据标准或者管理侧规则预置特征值;在本发明的另一些实施例中,管理侧还可以空发特征值。预置特征值以及空发特征值都为提供标准化格式的特征值提供了便利,此两种方式可以弥补根据本地可信执行环境1112的软硬件信息生成特征值时可能造成的特征值重复、数量不足等缺陷。需要指出的是,特征值必须是不可重复的且一旦设定特征值后,该值需要写入到本地可信执行环境1112中,以此方式可以保证特征值的唯一性和安全性(不可篡改)。In an embodiment of the present invention, the processor 1114 is further configured to generate characteristic values according to hardware information (for example, the serial number of the hardware) and/or software information (for example, the version number of the software) of the local trusted execution environment 1112. Of course, the feature value in the present invention does not necessarily have to be generated based on software and hardware information. In other embodiments of the present invention, the manufacturer of the mobile device 11 (or the owner of the payment system) can be based on standards or management at the factory. The feature value is preset by the side rule; in other embodiments of the present invention, the management side can also send the feature value empty. Both the preset feature value and the empty feature value provide convenience for providing the feature value in a standardized format. These two methods can compensate for the duplication and quantity of feature values that may be caused when the feature value is generated based on the software and hardware information of the local trusted execution environment 1112. Insufficiency and other defects. It should be pointed out that the characteristic value must be non-repeatable and once the characteristic value is set, the value needs to be written into the local trusted execution environment 1112. In this way, the uniqueness and security of the characteristic value (non-tamperable) ).
在本发明的一个实施例中,处理器1114进一步配置成确定发送特征值和身份认证数据,以请求建立二者的映射关系,表示图形化代码的信息对应于所述身份认证数据。需要说明是的是,处理器1114确定发送的信息可能只包括特征值和身份认证数据,并不包括“建立二者的映射关系”这样的请求;管理侧在同时接收到特征值和身份认证数据这两个数据时可以确定用户侧隐含地发送了“建立二者的映射关系”这个请求。特征值和身份认证数据(例如,身份证信息、银行账户信息、银行卡卡号等)的映射关系可以是通过其他途径提前建立的,因而可以直接请求表示图形化代码的信息。更一般地,可以在请求步骤之前建立特征值和身份认证数据的映射关系。例如,可以使用客户端输入身份认证数据并请求绑定到客户端(或者其所属移动终端11)。此时,客户端可以请求特征值并连同身份认证数据一起发往管理侧。需要指出的是,若发送的是普通身份证信息,管理侧可以根据记录 的身份证信息查询得到一个或者多个银行账户信息(或银行卡卡号,下同)并返回移动终端11,移动终端11可以从其中选取需要绑定的一个或者多个银行账户以用于支付。待移动终端11选定要绑定的银行账户后可以再将选定的身份认证数据发往管理侧,管理侧可以据此建立特征值和身份认证数据的映射关系。一旦建立了映射关系后,管理侧在后续流程中收到包含特征值的请求后可以立刻调取其关联的(映射的)身份认证数据,更具体地,可以是银行账户信息(或银行卡卡号),以用于后续的步骤。In an embodiment of the present invention, the processor 1114 is further configured to determine to send the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information representing the graphical code corresponds to the identity authentication data. It should be noted that the processor 1114 determined that the information sent may only include the characteristic value and the identity authentication data, and does not include the request to "establish a mapping relationship between the two"; the management side received the characteristic value and the identity authentication data at the same time When these two data are used, it can be determined that the user side implicitly sends the request of "establishing the mapping relationship between the two". The mapping relationship between the characteristic value and the identity authentication data (for example, ID card information, bank account information, bank card number, etc.) can be established in advance through other means, so that the information representing the graphical code can be directly requested. More generally, the mapping relationship between the feature value and the identity authentication data can be established before the request step. For example, the client can be used to input identity authentication data and request to be bound to the client (or the mobile terminal 11 to which it belongs). At this time, the client can request the characteristic value and send it to the management side together with the identity authentication data. It should be pointed out that if the information sent is ordinary ID card information, the management side can obtain one or more bank account information (or bank card number, the same below) according to the recorded ID card information and return it to the mobile terminal 11. One or more bank accounts that need to be bound can be selected for payment. After the mobile terminal 11 selects the bank account to be bound, the selected identity authentication data can be sent to the management side, and the management side can establish the mapping relationship between the characteristic value and the identity authentication data accordingly. Once the mapping relationship is established, the management side can immediately retrieve the associated (mapped) identity authentication data after receiving the request containing the characteristic value in the subsequent process. More specifically, it can be bank account information (or bank card number). ) For subsequent steps.
在本发明的一个实施例中,所请求的图形化代码的数量为多个,并且移动终端11的处理器1114每次仅生成一个图形化代码。在一些场景下,网络状况不一定总是能满足实时或者准实时通信的需求;另一方面,在一些小额支付的场景下也可以不总是需要与管理侧进行实时或者准实时交互;当然,本发明的基本原理也可适用于其他无需实时或者准实时交互但对保密性要求较高的应用场景。有鉴于此,在本发明的一些实施例中可以在一次请求中请求多个图形化代码,例如,可以一次请求20个图形化代码。在本发明的一些实施例中,可以根据各个地区的用户平均使用频率、单个用户的使用频率以及单个用户的信用程度等而为不同地区、不同用户等提供不同的请求数量的上限,亦即,可以针对不同的装置10提供不同的请求数量的上限。在本发明的一些实施例中,也可以为不同额度的支付场景设置不同的请求数量的上限。例如,可以为用于交通通勤的装置10或服务设置较高的请求数量,而为用于大额支付或者通用支付(即,既可以用于小额支付又可以用于大额支付)的装置10设置较低的请求数量。In an embodiment of the present invention, the number of requested graphical codes is multiple, and the processor 1114 of the mobile terminal 11 generates only one graphical code at a time. In some scenarios, the network conditions may not always meet the needs of real-time or quasi-real-time communication; on the other hand, in some small payment scenarios, real-time or quasi-real-time interaction with the management side may not always be required; of course The basic principle of the present invention can also be applied to other application scenarios that do not require real-time or quasi-real-time interaction but require high confidentiality. In view of this, in some embodiments of the present invention, multiple graphical codes may be requested in one request, for example, 20 graphical codes may be requested at a time. In some embodiments of the present invention, different regions, different users, etc. can be provided with different upper limit of the number of requests according to the average usage frequency of users in each region, the usage frequency of a single user, and the credit level of a single user, etc., that is, Different upper limits for the number of requests can be provided for different devices 10. In some embodiments of the present invention, different upper limits on the number of requests may also be set for payment scenarios with different amounts. For example, a higher number of requests can be set for the device 10 or service used for commuting, and the device used for large payment or general payment (that is, it can be used for both small payment and large payment). 10Set a lower number of requests.
在本发明的一个实施例中,每个图形化代码具有编号,并且移动终端11的处理器1114根据编号依次生成一个图形化代码。在本发明的一个实施例中,可以不设置多个图形化代码的使用顺序,管理侧仅对用毕的图形化代码作删除处理,这样可以减轻用 户侧和管理侧的处理任务量,达到快速支付的目的。更一般地,在本发明的一个实施例中,为每个图形化代码编号。如果有20个图形化代码,那么移动终端11的处理器1114可以依次将其编号成01、02、......、19、20。为图形化代码编号有利用对其进行管理,方便管理侧指定图形化代码的管理策略。例如,如果在先使用了编号为03的图形化代码付款,后一次使用编号为04的图形化代码付款,管理侧先核实图形化代码的有效性,然而可以根据编号确定图形化代码是按顺序使用的,管理侧接收该图形化代码并完成承兑。再如,如果在先使用了编号为03的图形化代码付款,后一次使用编号为01的图形化代码付款,管理侧先核实图形化代码的有效性,然后可以根据编号确定图形化代码池可能被破解或盗取,因而管理侧可以对与特征值及映射的身份认证数据所关联的设备、账户作止付处理。另外,可以进一步例如停用相关账号、将图形化代码池中剩余的图形化代码无效、追查已使用的图形化代码的使用合法性以及通知设备、账户的所有者。In an embodiment of the present invention, each graphical code has a number, and the processor 1114 of the mobile terminal 11 generates a graphical code in sequence according to the number. In an embodiment of the present invention, the order of using multiple graphical codes may not be set, and the management side only deletes the used graphical codes, which can reduce the amount of processing tasks on the user side and the management side, and achieve rapid The purpose of payment. More generally, in one embodiment of the present invention, each graphical code is numbered. If there are 20 graphical codes, the processor 1114 of the mobile terminal 11 can sequentially number them as 01, 02,... 19, 20. The graphical code number is used to manage it, and it is convenient for the management side to specify the management strategy of the graphical code. For example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 04 is used for the next payment, the management side first verifies the validity of the graphical code, but the graphical code can be determined according to the serial number. If it is used, the management side receives the graphical code and completes the acceptance. For another example, if the graphical code numbered 03 is used for payment first, and the graphical code numbered 01 is used for payment later, the management side first verifies the validity of the graphical code, and then can determine the graphical code pool according to the serial number. It is cracked or stolen, so the management side can stop payment processing on the device and account associated with the characteristic value and the mapped identity authentication data. In addition, it is possible to further deactivate related accounts, invalidate the remaining graphical codes in the graphical code pool, track the legality of the used graphical codes, and notify the owners of devices and accounts.
在本发明的一个实施例中,处理器1114进一步配置成当未被生成的图形化代码的数量低于预定值时确定再次发送请求。以此方式,可以保证图形化代码池中总保有一定数量的图形化代码,以方便诸如在网络不畅时能够快速出码,不致影响用户的感知。例如,可以设置在未被处理器1114生成的图形化代码的数量低于预定值6时再次确定发送请求,以请求诸如另外的20个图形化代码。通过这种设置,图形化代码池中可以总保有5-25个图形化代码。例如,若原图形化代码池中存在编号为01、02、......、19、20的20个图像化代码,在顺序使用直至编号为15的图形化代码付款时,移动终端11可以确定剩余5个未被生成的图形化代码,此时将触发再次发送请求的条件,移动终端11将请求诸如另外的20个图形化代码(其编号例如为21、22、......、39、40)。在本发明的一个实施例中,移动终端11的再次请求中包 括了本地可信执行环境的特征值,管理侧可以根据该特征值查询是否存在预期绑定的银行账户信息(或银行卡卡号),若存在绑定的银行账户信息(或银行卡卡号)则可以返回关于该绑定的银行账户信息(或银行卡卡号)的诸如另外的20个图形化代码。如果在某些情况下上述的再次请求未能发送成功或者未能送达管理侧,那么可以在使用编号为16的图形化代码付款时再次触发再次发送请求的条件。本领域技术人员应当领会,若仍然不能再次发送请求,本发明的触发条件将继续适用,直至请求到诸如另外的20个图形化代码为止。在本发明的其他示例中也可以不必等到下次再生成图形化代码时才再次发送请求(即,继续上文的示例,无需得到使用编号为16的图形化代码付款时才再次发送请求),而是可以以预定时间间隔自动再次发送请求,直至请求到诸如另外的20个图形化代码为止。In an embodiment of the present invention, the processor 1114 is further configured to determine to send the request again when the number of graphical codes that have not been generated is lower than a predetermined value. In this way, it can be ensured that there is always a certain amount of graphical code in the graphical code pool, so as to facilitate quick code output, such as when the network is not smooth, without affecting the user's perception. For example, it may be set to determine the sending request again when the number of graphical codes not generated by the processor 1114 is lower than the predetermined value 6, so as to request, for example, another 20 graphical codes. With this setting, there can always be 5-25 graphical codes in the graphical code pool. For example, if there are 20 graphical codes numbered 01, 02, ..., 19, 20 in the original graphical code pool, when the graphical code numbered 15 is used in sequence to pay, the mobile terminal 11 can Determine the remaining 5 graphical codes that have not been generated. At this time, the condition for sending the request again will be triggered, and the mobile terminal 11 will request, for example, another 20 graphical codes (the numbers are 21, 22, ... , 39, 40). In an embodiment of the present invention, the re-request of the mobile terminal 11 includes the characteristic value of the local trusted execution environment, and the management side can query whether there is expected bound bank account information (or bank card number) based on the characteristic value. If there is bound bank account information (or bank card number), you can return 20 other graphical codes about the bound bank account information (or bank card number). If in some cases the above-mentioned re-request fails to be sent successfully or fails to be delivered to the management side, then the conditions for re-sending the request can be triggered again when the graphical code numbered 16 is used for payment. Those skilled in the art should understand that if the request still cannot be sent again, the trigger condition of the present invention will continue to apply until the request reaches, for example, another 20 graphical codes. In other examples of the present invention, the request may not be sent again until the graphical code is generated next time (that is, the above example is continued, and the request is sent again when the graphical code number 16 is not required to be paid), Instead, the request can be automatically sent again at a predetermined time interval until the request reaches, for example, another 20 graphical codes.
根据本发明的另一方面,如图13所示,提供一种服务器30,其包括配置成存储指令存储器3016和处理器3014,其中处理器3014配置成执行指令以用于执行以下操作:由服务器30的处理器3014确定接收发送端发送的本地可信执行环境的特征值;由服务器30的处理器3014校验是否存在特征值与身份认证数据的映射关系,身份认证数据用于校验是否与特征值匹配;以及由服务器30的处理器3014判定若存在的话则生成对应于身份认证数据的表示图形化代码的信息并发送至发送端。该示例的其他方面可以进一步参照上文示例的描述进行。According to another aspect of the present invention, as shown in FIG. 13, a server 30 is provided, which includes a memory 3016 configured to store instructions and a processor 3014, wherein the processor 3014 is configured to execute instructions for performing the following operations: The processor 3014 of 30 determines to receive the characteristic value of the local trusted execution environment sent by the sender; the processor 3014 of the server 30 verifies whether there is a mapping relationship between the characteristic value and the identity authentication data, and the identity authentication data is used to verify whether the Feature value matching; and the processor 3014 of the server 30 determines that if it exists, it generates information representing the graphical code corresponding to the identity authentication data and sends it to the sender. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一个实施例中,处理器3014进一步配置成确定接收发送端发送的本地可信执行环境的特征值以及身份认证数据,并存储特征值与身份认证数据的映射关系。该示例的其他方面可以进一步参照上文示例的描述进行。In an embodiment of the present invention, the processor 3014 is further configured to determine the characteristic value and identity authentication data of the local trusted execution environment sent by the receiving sender, and store the mapping relationship between the characteristic value and the identity authentication data. Other aspects of this example can be further carried out with reference to the description of the above example.
在本发明的一个实施例中,图形化代码的数量为多个,并且信息中包括每个图形化代码的编号。该示例的其他方面可以进一 步参照上文示例的描述进行。In an embodiment of the present invention, the number of graphical codes is multiple, and the information includes the serial number of each graphical code. Other aspects of this example can be further referenced to the description of the above example.
图14示出了根据本发明的一个实施例的生成计算机可读的图形化代码的方法的示意图,其中包括了开通过程、二维码获取过程和二维码支付过程。图14中虚线表示“开通过程”、实线表示“二维码获取过程”、点虚线表示“二维码支付过程”。Fig. 14 shows a schematic diagram of a method for generating a computer-readable graphical code according to an embodiment of the present invention, which includes an opening process, a two-dimensional code acquisition process, and a two-dimensional code payment process. In FIG. 14, the dotted line represents the “opening process”, the solid line represents the “two-dimensional code acquisition process”, and the dotted line represents the “two-dimensional code payment process”.
开通过程Pass through
在手机客户端根据支付系统要求,向手机客户端后台系统申请开通手机二维码支付业务,设置手机设备的TEE特征值并保存在TEE环境中,该特征值具有唯一性、且不可篡改;手机客户端后台系统将TEE特征值与刚申请开通二维码支付的银行卡进行绑定,建立映射关系表并保存在手机设备TEE特征值与银行卡绑定映射关系管理系统中。在TEE环境中,建立付款二维码池。According to the requirements of the payment system on the mobile phone client, apply to the mobile client backend system to open the mobile phone QR code payment service, set the TEE characteristic value of the mobile device and save it in the TEE environment, the characteristic value is unique and cannot be tampered with; The client background system binds the TEE feature value with the bank card that has just applied for QR code payment, establishes a mapping relationship table and saves it in the management system for the binding mapping relationship between the TEE feature value of the mobile phone and the bank card. In the TEE environment, establish a payment QR code pool.
二维码获取过程QR code acquisition process
根据阀值管理系统的控制,当付款二维码池内的可用二维码数量少于一定阀值,手机客户端向支付系统发起付款二维码的批量获取请求。支付系统检查发起的手机设备的TEE特征值与请求付款二维码对应的银行卡进行映射关系比对,若绑定关系正确,则向手机客户端返回一定数量的使用该银行卡支付的付款二维码、有效期及使用顺序编号。手机客户端将该批付款二维码加密保存在手机TEE安全区域,并标注有效期及编号。According to the control of the threshold management system, when the number of available QR codes in the payment QR code pool is less than a certain threshold, the mobile client initiates a batch acquisition request of the payment QR code to the payment system. The payment system checks the TEE feature value of the initiated mobile device and compares the mapping relationship with the bank card corresponding to the requested payment QR code. If the binding relationship is correct, it returns a certain number of payments made with the bank card to the mobile client. Dimension code, validity period and serial number of use. The mobile phone client encrypts and saves the batch of payment QR codes in the secure area of the mobile phone TEE, and marks the validity period and number.
二维码支付过程QR code payment process
当用户打开手机客户端,需使用付款二维码时,客户端可通过TEE安全区域对存在付款二维码池内的二维码进行解密,根据使用顺序编号,依次进行使用。手机客户端将二维码展示在屏幕页面,供商户扫描获取,完成交易。支付系统对编号进行校对,按序承兑二维码交易。该过程无需联网,在脱机环境中即可完成。When the user opens the mobile client and needs to use the payment QR code, the client can decrypt the QR code stored in the payment QR code pool through the TEE secure area, and use the QR code according to the order of use. The mobile client will display the QR code on the screen page for merchants to scan to obtain and complete the transaction. The payment system proofreads the serial number and accepts QR code transactions in order. The process does not need to be connected to the Internet and can be completed in an offline environment.
在本申请的其他示例中,可以将本实施例中的“阀值管理系 统”与手机客户端合并,使手机客户端具备自身的二维码可用数量管理能力。在本申请的其他示例中,可以在手机设备TEE安全域内增加应用TA以用于实现“阀值管理系统”,实现二维码可用数量管理能力。在本申请的其他示例中,可以将本实施例中的“手机设备TEE特征值与银行卡绑定映射关系管理系统”与支付系统合并,由支付系统具备映射关系比对能力。在本申请的其他示例中,可以将本实施例中的“手机设备TEE特征值与银行卡绑定映射关系管理系统”与手机客户端后台系统合并,由手机客户端后台系统具备映射关系比对能力。在本申请的其他示例中,可以在获取二维码后将手机客户端加密替换为在手机设备TEE安全域内加密;或者可以在手机客户端加密后在手机设备TEE安全域内进行转加密。在本申请的其他示例中,可以增加手机TEE安全区域访问控制规则,限定为“某指定手机客户端”访问。只有限定的客户端才能进行加密存储二维码。在本申请的其他示例中,可以使用顺序编号由支付系统改为手机客户端或后台提供,并控制、检查,依次使用。在本申请的其他示例中,可以去除使用顺序编号机制,二维码可随机或乱序使用。在本申请的其他示例中,可以将TEE特征值由手机客户端设置改为由支付系统统一分配,手机TEE环境或后台系统安全保存。In other examples of this application, the “threshold management system” in this embodiment can be combined with the mobile phone client, so that the mobile phone client has its own ability to manage the number of available QR codes. In other examples of this application, an application TA can be added in the TEE security domain of the mobile phone device to implement a "threshold management system" and realize the ability to manage the available number of QR codes. In other examples of this application, the "mobile phone device TEE feature value and bank card binding mapping relationship management system" in this embodiment can be combined with the payment system, and the payment system has the mapping relationship comparison capability. In other examples of this application, the "mobile phone device TEE feature value and bank card binding mapping relationship management system" in this embodiment can be combined with the mobile phone client back-end system, and the mobile phone client back-end system has the mapping relationship comparison ability. In other examples of this application, the mobile phone client encryption can be replaced with encryption in the TEE security domain of the mobile phone device after the QR code is obtained; or the encryption can be performed in the TEE security domain of the mobile phone device after the mobile phone client is encrypted. In other examples of this application, it is possible to add mobile phone TEE security zone access control rules to limit access to "a designated mobile phone client". Only limited clients can encrypt and store the QR code. In other examples of this application, the sequence number can be changed from the payment system to that provided by the mobile client or backend, and control, check, and use in sequence. In other examples of this application, the sequential numbering mechanism can be eliminated, and the QR code can be used randomly or out of order. In other examples of this application, the TEE feature value can be set from the mobile client to be uniformly allocated by the payment system, and the mobile TEE environment or background system can be safely stored.
鉴于以上,本申请提供了利用本地可信执行环境的特征值来产生计算机可读的图形化代码的机制,其中的一方面可以保证产生图形化代码的机制的可靠性,其他方面可以保证产生图形化代码的机制的便捷性,从而有效提高了用户的使用感知。本申请的一些方面可以减少了对诸如二维码的算法的强度要求,从而降低了保密性难度。从而降低实施成本,提升实施效率。本申请的一些方面没有采用本地、后台算法计算对比方式,因此能避免因算法造成的系统性风险。In view of the above, this application provides a mechanism for generating computer-readable graphical codes using the characteristic values of the local trusted execution environment. One aspect of the mechanism can ensure the reliability of the mechanism for generating graphical codes, and the other aspects can ensure the generation of graphics. The convenience of the mechanism of standardized code, thereby effectively improving the user's perception of use. Some aspects of the application can reduce the strength requirements for algorithms such as two-dimensional codes, thereby reducing the difficulty of confidentiality. Thereby reducing implementation costs and improving implementation efficiency. Some aspects of this application do not use local and background algorithm calculation and comparison methods, so systemic risks caused by algorithms can be avoided.
需要说明的是,附图中所示的一些方框图是功能实体,不一 定必须与物理或逻辑上独立的实体相对应。可以采用软件形式来实现这些功能实体,或者在一个或多个硬件模块或集成电路中实现这些功能实体,或者在不同网络和/或处理器装置和/或微控制器装置中实现这些功能实体。It should be noted that some of the block diagrams shown in the drawings are functional entities, and may not necessarily correspond to physically or logically independent entities. These functional entities may be implemented in the form of software, or implemented in one or more hardware modules or integrated circuits, or implemented in different networks and/or processor devices and/or microcontroller devices.
以上例子主要说明了本发明的计算机可读的图形化代码生成方法、装置以及计算机可读存储介质。尽管只对其中一些本发明的实施方式进行了描述,但是本领域普通技术人员应当了解,本发明可以在不偏离其主旨与范围内以许多其他的形式实施。因此,所展示的例子与实施方式被视为示意性的而非限制性的,在不脱离如所附各权利要求所定义的本发明精神及范围的情况下,本发明可能涵盖各种的修改与替换。The above examples mainly illustrate the computer-readable graphical code generation method, device, and computer-readable storage medium of the present invention. Although only some of the embodiments of the present invention have been described, those of ordinary skill in the art should understand that the present invention can be implemented in many other forms without departing from its spirit and scope. Therefore, the examples and implementations shown are regarded as illustrative rather than restrictive. The present invention may cover various modifications without departing from the spirit and scope of the present invention as defined by the appended claims. And replace.

Claims (41)

  1. 一种计算机可读的图形化代码生成方法,其特征在于,所述方法包括如下步骤:A computer-readable graphical code generation method, characterized in that the method includes the following steps:
    向接收端发送请求消息以请求表示所述图形化代码的信息,所述请求消息包括本地可信执行环境的特征值;Sending a request message to the receiving end to request information representing the graphical code, the request message including the characteristic value of the local trusted execution environment;
    接收来自所述接收端的所述信息并存储;以及Receive and store the information from the receiving end; and
    根据所述信息生成所述图形化代码。The graphical code is generated according to the information.
  2. 根据权利要求1所述的方法,其特征在于,所述请求消息还包括账户信息。The method according to claim 1, wherein the request message further includes account information.
  3. 根据权利要求1所述的方法,其特征在于,所述接收来自所述接收端的所述信息并存储的步骤具体为:对来自所述接收端的所述信息加密并存储在所述本地可信执行环境中。The method according to claim 1, wherein the step of receiving and storing the information from the receiving end is specifically: encrypting the information from the receiving end and storing it in the local trusted execution Environment.
  4. 根据权利要求1所述的方法,其特征在于,在所述请求步骤前还包括:根据本地可信执行环境的软硬件信息生成所述特征值。The method according to claim 1, characterized in that, before the requesting step, it further comprises: generating the characteristic value according to the software and hardware information of the local trusted execution environment.
  5. 根据权利要求1所述的方法,其特征在于,在所述请求步骤前还包括:发送所述特征值和身份认证数据以请求建立二者的映射关系,所述信息对应于所述身份认证数据。The method according to claim 1, characterized in that, before the requesting step, it further comprises: sending the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information corresponds to the identity authentication data .
  6. 根据权利要求5所述的方法,其特征在于,所述身份认证数据为账户信息。The method according to claim 5, wherein the identity authentication data is account information.
  7. 根据权利要求1所述的方法,其特征在于,所请求的所述图形化代码的数量为多个。The method according to claim 1, wherein the requested number of graphical codes is multiple.
  8. 根据权利要求7所述的方法,其特征在于,每个所述图形化 代码具有编号。The method according to claim 7, wherein each of the graphical codes has a serial number.
  9. 根据权利要求7或8所述的方法,其特征在于,当未被生成的所述图形化代码的数量低于预定值时再次发送所述请求。The method according to claim 7 or 8, wherein the request is sent again when the number of the graphical codes that have not been generated is lower than a predetermined value.
  10. 根据权利要求9所述的方法,其特征在于,所述预定值与所述特征值相对应。The method according to claim 9, wherein the predetermined value corresponds to the characteristic value.
  11. 根据权利要求7或8所述的方法,其特征在于,每个所述图形化代码具有有效期,当处于有效期内的未被生成的所述图形化代码的数量低于预定值时再次发送所述请求。The method according to claim 7 or 8, wherein each of the graphical codes has a validity period, and when the number of the graphical codes that are not generated within the validity period is lower than a predetermined value, the graphical codes are sent again ask.
  12. 根据权利要求11所述的方法,其特征在于,所述预定值与所述特征值相对应。The method according to claim 11, wherein the predetermined value corresponds to the characteristic value.
  13. 根据权利要求12所述的方法,其特征在于,根据包括所述特征值的所述请求消息的发送频次动态地设定所述预定值。The method according to claim 12, wherein the predetermined value is dynamically set according to the transmission frequency of the request message including the characteristic value.
  14. 一种计算机可读的图形化代码生成方法,其特征在于,所述方法包括如下步骤:A computer-readable graphical code generation method, characterized in that the method includes the following steps:
    接收发送端发送的本地可信执行环境的特征值;Receive the characteristic value of the local trusted execution environment sent by the sender;
    校验是否存在所述特征值与身份认证数据的映射关系;以及Verifying whether there is a mapping relationship between the characteristic value and the identity authentication data; and
    若存在的话则生成对应于所述身份认证数据的表示所述图形化代码的信息并发送至所述发送端。If it exists, the information representing the graphical code corresponding to the identity authentication data is generated and sent to the sending end.
  15. 根据权利要求14所述的方法,其特征在于,在所述接收步骤前还包括:接收所述发送端发送的本地可信执行环境的特征值以及身份认证数据,并存储所述特征值与所述身份认证数据的映射关系。The method according to claim 14, characterized in that, before the receiving step, it further comprises: receiving the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and storing the characteristic value and the identity authentication data. The mapping relationship of the identity authentication data is described.
  16. 根据权利要求15所述的方法,其特征在于,所述身份认证数据为账户信息。The method according to claim 15, wherein the identity authentication data is account information.
  17. 根据权利要求14所述的方法,其特征在于,所述图形化代码的数量为多个,并且所述信息中包括每个所述图形化代码的编号。The method according to claim 14, wherein the number of the graphical codes is multiple, and the information includes the serial number of each of the graphical codes.
  18. 一种计算机可读的图形化代码生成方法,其特征在于,所述方法包括如下步骤:A computer-readable graphical code generation method, characterized in that the method includes the following steps:
    向接收端发送本地可信执行环境的特征值以请求图形化代码;以及Send the characteristic value of the local trusted execution environment to the receiving end to request graphical code; and
    接收来自所述接收端的所述图形化代码并呈现。Receiving and presenting the graphical code from the receiving end.
  19. 一种计算机可读的图形化代码生成方法,其特征在于,所述方法包括如下步骤:A computer-readable graphical code generation method, characterized in that the method includes the following steps:
    接收发送端发送的本地可信执行环境的特征值;Receive the characteristic value of the local trusted execution environment sent by the sender;
    校验是否存在所述特征值与身份认证数据的映射关系;以及Verifying whether there is a mapping relationship between the characteristic value and the identity authentication data; and
    若存在的话则生成对应于所述身份认证数据的所述图形化代码并发送至所述发送端。If it exists, the graphical code corresponding to the identity authentication data is generated and sent to the sending end.
  20. 一种计算机可读存储介质,所述计算机可读存储介质中存储有指令,其特征在于,当所述指令由处理器执行时,使得所述处理器执行如权利要求1-19中任一项所述的方法。A computer-readable storage medium having instructions stored in the computer-readable storage medium, wherein when the instructions are executed by a processor, the processor is caused to execute any one of claims 1-19 The method described.
  21. 一种生成计算机可读的图形化代码的装置,其特征在于,所述装置包括:A device for generating computer-readable graphical code, characterized in that the device comprises:
    请求模块,其配置成发送请求消息以请求表示所述图形化代码的信息,所述请求消息包括所述装置的本地可信执行环境的特征值;A request module configured to send a request message to request information representing the graphical code, the request message including the characteristic value of the local trusted execution environment of the device;
    接收模块,其配置成接收所述信息并存储;以及A receiving module configured to receive and store the information; and
    渲染模块,其配置成根据所述信息生成所述图形化代码。The rendering module is configured to generate the graphical code according to the information.
  22. 根据权利要求21所述的装置,其特征在于,所述请求消息还包括账户信息。The apparatus according to claim 21, wherein the request message further includes account information.
  23. 根据权利要求21所述的装置,其特征在于,所述接收模块对所述信息加密并存储在所述装置的所述本地可信执行环境中。The device according to claim 21, wherein the receiving module encrypts the information and stores it in the local trusted execution environment of the device.
  24. 根据权利要求21所述的装置,其特征在于,所述装置还包括生成模块,其配置成根据所述装置的本地可信执行环境的软硬件信息生成所述特征值。The device according to claim 21, wherein the device further comprises a generating module configured to generate the characteristic value according to software and hardware information of the local trusted execution environment of the device.
  25. 根据权利要求21所述的装置,其特征在于,所述请求模块还配置成发送所述特征值和身份认证数据以请求建立二者的映射关系,所述信息对应于所述身份认证数据。The device according to claim 21, wherein the request module is further configured to send the characteristic value and the identity authentication data to request the establishment of a mapping relationship between the two, and the information corresponds to the identity authentication data.
  26. 根据权利要求25所述的装置,其特征在于,所述身份认证数据为账户信息。The device according to claim 25, wherein the identity authentication data is account information.
  27. 根据权利要求21所述的装置,其特征在于,所述请求模块所请求的所述图形化代码的数量为多个。The device according to claim 21, wherein the number of the graphical codes requested by the request module is multiple.
  28. 根据权利要求27所述的装置,其特征在于,每个所述图形化代码具有编号。The device according to claim 27, wherein each of the graphical codes has a serial number.
  29. 根据权利要求27或28所述的装置,其特征在于,所述装置还包括判断模块,当所述判断模块判定未被生成的所述图形化代码的数量低于预定值时所述请求模块再次发送所述请求。The device according to claim 27 or 28, wherein the device further comprises a judgment module, and when the judgment module judges that the number of the graphical codes that have not been generated is lower than a predetermined value, the request module again Send the request.
  30. 根据权利要求29所述的装置,其特征在于,所述预定值与所述特征值相对应。The device according to claim 29, wherein the predetermined value corresponds to the characteristic value.
  31. 根据权利要求30所述的装置,其特征在于,根据包括所述 特征值的所述请求消息的发送频次动态地设定所述预定值。The apparatus according to claim 30, wherein the predetermined value is dynamically set according to the transmission frequency of the request message including the characteristic value.
  32. 根据权利要求29所述的装置,其特征在于,所述判断模块包括在所述本地可信执行环境中。The device according to claim 29, wherein the judgment module is included in the local trusted execution environment.
  33. 根据权利要求27或28所述的装置,其特征在于,所述装置还包括判断模块,每个所述图形化代码具有有效期,当所述判断模块判定处于有效期内的未被生成的所述图形化代码的数量低于预定值时再次发送所述请求。The device according to claim 27 or 28, wherein the device further comprises a judgment module, each of the graphical codes has a validity period, and when the judgment module determines that the graphical codes are not generated within the validity period The request is sent again when the number of conversion codes is lower than a predetermined value.
  34. 根据权利要求32所述的装置,其特征在于,所述预定值与所述特征值相对应。The device according to claim 32, wherein the predetermined value corresponds to the characteristic value.
  35. 根据权利要求33所述的装置,其特征在于,所述判断模块包括在所述本地可信执行环境中。The device according to claim 33, wherein the judgment module is included in the local trusted execution environment.
  36. 一种生成计算机可读的图形化代码的装置,其特征在于,所述装置包括:A device for generating computer-readable graphical code, characterized in that the device comprises:
    接收模块,其配置成接收发送端发送的本地可信执行环境的特征值;A receiving module, which is configured to receive the characteristic value of the local trusted execution environment sent by the sender;
    校验模块,其配置成校验是否存在所述特征值与身份认证数据的映射关系;以及A verification module configured to verify whether there is a mapping relationship between the characteristic value and the identity authentication data; and
    发送模块,其配置成若存在所述映射关系的话则生成对应于所述身份认证数据的表示所述图形化代码的信息并发送至所述发送端。The sending module is configured to generate and send the information representing the graphical code corresponding to the identity authentication data to the sending end if the mapping relationship exists.
  37. 根据权利要求36所述的装置,其特征在于,所述装置还包括存储模块,其中The device according to claim 36, wherein the device further comprises a storage module, wherein
    所述接收模块还配置成接收所述发送端发送的本地可信执行环境的特征值以及身份认证数据,并且The receiving module is further configured to receive the characteristic value of the local trusted execution environment and the identity authentication data sent by the sending end, and
    所述存储模块存储所述特征值与所述身份认证数据的映射关系。The storage module stores the mapping relationship between the characteristic value and the identity authentication data.
  38. 根据权利要求37所述的装置,其特征在于,所述身份认证数据为账户信息。The device according to claim 37, wherein the identity authentication data is account information.
  39. 根据权利要求36所述的装置,其特征在于,所述图形化代码的数量为多个,并且所述发送模块所发送的所述信息中包括每个所述图形化代码的编号。The device according to claim 36, wherein the number of the graphical codes is multiple, and the information sent by the sending module includes the serial number of each of the graphical codes.
  40. 一种移动设备,其特征在于,所述移动设备包括如权利要求21-35中任一项所述的生成计算机可读的图形化代码的装置。A mobile device, characterized in that the mobile device comprises the apparatus for generating computer-readable graphical code according to any one of claims 21-35.
  41. 一种服务平台,其特征在于,所述服务平台包括如权利要求36-39中任一项所述的生成计算机可读的图形化代码的装置。A service platform, characterized in that the service platform comprises the device for generating computer-readable graphical codes according to any one of claims 36-39.
PCT/CN2020/107671 2020-01-17 2020-08-07 Graphical code generation method and apparatus, and computer readable storage medium WO2021143110A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010053669.2 2020-01-17
CN202010053669.2A CN111522541B (en) 2020-01-17 2020-01-17 Graphical code generation method and device and computer readable storage medium

Publications (1)

Publication Number Publication Date
WO2021143110A1 true WO2021143110A1 (en) 2021-07-22

Family

ID=71900831

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/107671 WO2021143110A1 (en) 2020-01-17 2020-08-07 Graphical code generation method and apparatus, and computer readable storage medium

Country Status (3)

Country Link
CN (1) CN111522541B (en)
TW (1) TWI759838B (en)
WO (1) WO2021143110A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI835491B (en) 2022-04-25 2024-03-11 大陸商中國銀聯股份有限公司 A device interconnection security authentication system, method, device, server and media

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160283928A1 (en) * 2015-03-25 2016-09-29 Intel Corporation Secure transactions with connected peripherals
CN109559105A (en) * 2018-11-05 2019-04-02 深圳市恒达移动互联科技有限公司 Digital wallet generation method and system based on TEE and encryption chip
CN109657764A (en) * 2018-10-22 2019-04-19 北京握奇智能科技有限公司 The method and system of two dimensional code are generated under a kind of TEE environment
CN110677261A (en) * 2019-09-29 2020-01-10 四川虹微技术有限公司 Credible two-dimensional code generation method and device, electronic equipment and storage medium

Family Cites Families (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7841000B2 (en) * 2006-10-16 2010-11-23 Lenovo (Singapore) Pte. Ltd. Authentication password storage method and generation method, user authentication method, and computer
US9258296B2 (en) * 2010-07-29 2016-02-09 Nirmal Juthani System and method for generating a strong multi factor personalized server key from a simple user password
US9143501B2 (en) * 2010-09-03 2015-09-22 Microsoft Technology Licensing, Llc Reauthentication to a web service without disruption
WO2013126037A1 (en) * 2012-02-01 2013-08-29 Hewlett-Packard Development Company, L.P. Mobile authentication for enabling host device functions
EP2747363A1 (en) * 2012-12-24 2014-06-25 Orange Transaction validation method using a communications device
US10366391B2 (en) * 2013-08-06 2019-07-30 Visa International Services Association Variable authentication process and system
CN104063790B (en) * 2013-09-18 2017-07-07 腾讯科技(深圳)有限公司 The method and system for authorizing are provided by mobile terminal
CN105450411B (en) * 2014-08-14 2019-01-08 阿里巴巴集团控股有限公司 The method, apparatus and system of authentication are carried out using card feature
CN105590198B (en) * 2014-10-30 2020-12-15 中国银联股份有限公司 Two-dimensional code payment method and payment system
CN104794613B (en) * 2015-04-27 2018-05-01 上海摩镶数据科技有限公司 A kind of mobile device authentication method based on point-of-sale terminal
CN106355105B (en) * 2016-08-30 2018-12-28 安徽易联众信息技术有限公司 Unionpay's social security card personal information encryption method
CN110494842A (en) * 2017-01-27 2019-11-22 肖恩·哈钦森 Safety certification and Financial Attribute service
CN109086592A (en) * 2018-06-29 2018-12-25 深圳市买买提信息科技有限公司 Method, server and the system of user information and account information binding
CN109583181B (en) * 2018-11-29 2020-07-03 新华三技术有限公司 Authentication method, authentication device and machine-readable storage medium
CN110399714B (en) * 2019-04-10 2023-08-08 中国银联股份有限公司 Method for verifying authenticity of trusted user interface of terminal and system thereof
CN110046532A (en) * 2019-04-25 2019-07-23 深圳左邻永佳科技有限公司 All-purpose card two dimensional code generates and read method
CN110336807A (en) * 2019-06-28 2019-10-15 苏州浪潮智能科技有限公司 A kind of identity identifying method based on Web service, equipment and storage medium
CN110519294B (en) * 2019-09-12 2021-08-31 创新先进技术有限公司 Identity authentication method, device, equipment and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160283928A1 (en) * 2015-03-25 2016-09-29 Intel Corporation Secure transactions with connected peripherals
CN109657764A (en) * 2018-10-22 2019-04-19 北京握奇智能科技有限公司 The method and system of two dimensional code are generated under a kind of TEE environment
CN109559105A (en) * 2018-11-05 2019-04-02 深圳市恒达移动互联科技有限公司 Digital wallet generation method and system based on TEE and encryption chip
CN110677261A (en) * 2019-09-29 2020-01-10 四川虹微技术有限公司 Credible two-dimensional code generation method and device, electronic equipment and storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI835491B (en) 2022-04-25 2024-03-11 大陸商中國銀聯股份有限公司 A device interconnection security authentication system, method, device, server and media

Also Published As

Publication number Publication date
TWI759838B (en) 2022-04-01
TW202129490A (en) 2021-08-01
CN111522541B (en) 2023-08-01
CN111522541A (en) 2020-08-11

Similar Documents

Publication Publication Date Title
US11928678B2 (en) Variable authentication process and system
JP7407254B2 (en) Authentication system and method using location matching
US6898577B1 (en) Methods and systems for single sign-on authentication in a multi-vendor e-commerce environment and directory-authenticated bank drafts
US6820199B2 (en) Sending electronic transaction message, digital signature derived therefrom, and sender identity information in AADS system
US20230146705A1 (en) Federated closed-loop system
US11182783B2 (en) Electronic payment method and electronic device using ID-based public key cryptography
JP6585038B2 (en) Systems and methods for encryption
US8924309B2 (en) Method of providing assured transactions by watermarked file display verification
AU2011241796A1 (en) Secure and shareable payment system using trusted personal device
KR20110056997A (en) Identity management server, system and method using the same
US11716200B2 (en) Techniques for performing secure operations
CN112970234B (en) Account assertion
WO2021143110A1 (en) Graphical code generation method and apparatus, and computer readable storage medium
KR20050091114A (en) Method and system for providing contents using coupon
CN116232594A (en) Token processing system and method
US20230298009A1 (en) Rapid cryptocurrency transaction processing
US20230052901A1 (en) Method and system for point of sale payment using a mobile device
US20220311627A1 (en) Systems and methods for transaction card-based authentication
CN115766052A (en) System and method for authentication, storage and instant query based on block chain data
CN117997560A (en) Enterprise identity verification method and equipment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20914752

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20914752

Country of ref document: EP

Kind code of ref document: A1