AU2015251467B2 - Secure data interaction method and system - Google Patents

Abstract

Provided are a secure data interaction method and system, the method comprising: a terminal scans an intelligent cryptographic device within signal coverage, and acquires the identifier information of the scanned intelligent cryptographic device; a background system server acquires the identifier information of the intelligent cryptographic device, and completes the authentication of the intelligent cryptographic device; after the background system server completes the authentication of the intelligent cryptographic device, the terminal acquires user information corresponding to the intelligent cryptographic device; and the terminal stores the user information in a pre-established current user list. By using the method, the terminal first reads the identifier information of the intelligent cryptographic device, and then utilizes the identifier information of the intelligent cryptographic device to obtain the user information corresponding to the intelligent cryptographic device, such that a customer makes payment without the use of a wallet, a credit card, a mobile phone or other methods, thus simplifying the interactive operation between the customer and a merchant, and improving user experience.

Description

SECURE DATA INTERACTIVE METHOD AND SYSTEM

FIELD

The present disclosure relates to the information security field, and more particularly, to a secure data interactive method and system.

BACKGROUND

Mobile payment is a service that allows a user to pay for consumed goods or services via a mobile terminal (such as a smart phone, a PDA, a tablet computer and a laptop). An organization or an individual may directly or indirectly send a payment instruction to a banking financial institution via the mobile terminal, the Internet or near distance sensing technology to generate monetary payment and fund flow, so as to realize the mobile payment. The mobile payment combines the mobile terminal, the Internet, the application provider and the financial institution to provide the user with financial services, like monetary payment and fee payment.

The mobile payment includes remote payment and near field payment. The remote payment refers to that the user logs in a bank website via the mobile terminal to implement payment and account operations, and is mainly applied to shopping and consumption on online e-commerce websites; the near field payment refers to that a consumer pays the merchant in real time via the mobile terminal when purchasing goods or services, and the payment is processed on the spot, which is an offline operation with no need for a mobile network but may realize local communication with either a vending machine or a POS through radio frequency (e.g. NFC), infrared ray and Bluetooth of the mobile terminal.

During the entire mobile payment, participants involved in the payment process include the consumer, the merchant, a mobile operator, a third party service provider and a bank. The consumer and the merchant are service objects of the system; the mobile operator provides network support, the bank provides banking services, and the third party service provider provides a payment platform; various parties are combined to realize the business. Computerization and mobilization of the payment means are inevitable trends of development, but security issues concerning the mobile payment system are core issues of mobile e-commerce security.

The problem to be solved is how to guarantee the security of data interaction during the mobile payment.

SUMMARY

Embodiments of the present disclosure seek to solve at least one of the problems described above.

Accordingly, a first objective of the present disclosure is to provide a secure data interactive method. A second objective of the present disclosure is to provide a secure data interactive system.

In order to achieve the above objectives, technical solutions of the present disclosure are specifically realized in the following ways.

Embodiments of a first aspect of the present disclosure provide a secure data interactive method for electronic payment, comprising: scanning, by a terminal at a merchant’s store, a cipher token in a signal coverage range and obtaining identification information of the cipher token; obtaining, by a background system server, the identification information of the cipher token and completing an authentication to the cipher token, wherein the user identification information comprises at least one of a photo, a name and an account of the user; obtaining, by the terminal, user identification information corresponding to the cipher token after the background system server completes the authentication to the cipher token; and storing, by the terminal, the user identification information into a pre-established current user list, wherein the pre-established current user list updated when the cipher tokens varies constantly due to customer flow change in the merchant’s store where the terminal is, and the user identification information of the pre-established current user list is used for electronic payment.

Additionally, obtaining by a background system server the identification information of the cipher token and completing an authentication to the cipher token includes: generating, by the terminal, first information to be signed; sending, by the terminal, the first information to be signed and an authentication instruction to the cipher token; signing, by the cipher token, the first information to be signed by using a private key of the cipher token to obtain first signature information, after the cipher token receives the first information to be signed and the authentication instruction; sending, by the cipher token, the first signature information and a cipher token certificate to the terminal; sending, by the terminal, authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate to the background system server, after the terminal receives the first signature information and the cipher token certificate; verifying, by the background system server, whether the cipher token certificate is legitimate by using a pre-stored root certificate corresponding to the cipher token certificate, after the background system server receives the authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate; verifying, by the background system server, the first signature information by using a public key of the cipher token after the cipher token certificate is verified to be legitimate; and completing, by the background system server, the authentication to the cipher token after the first signature information is successfully verified.

Additionally, obtaining by a background system server the identification information of the cipher token and completing an authentication to the cipher token includes: sending, by the terminal, the identification information of the cipher token to the background system server; generating, by the background system server, first information to be signed and sending the first information to be signed to the terminal, after the background system server receives the identification information of the cipher token; sending, by the terminal, the first information to be signed and an authentication instruction to the cipher token after the terminal receives the first information to be signed; signing, by the cipher token, the first information to be signed by using a private key of the cipher token to obtain first signature information, after the cipher token receives the first information to be signed and the authentication instruction; sending, by the cipher token, the first signature information and a cipher token certificate to the terminal; sending, by the terminal, authentication request information, the first signature information and the cipher token certificate to the background system server, after the terminal receives the first signature information and the cipher token certificate; verifying, by the background system server, whether the cipher token certificate is legitimate by using a pre-stored root certificate corresponding to the cipher token certificate, after the background system server receives the authentication request information, the first signature information and the cipher token certificate; verifying, by the background system server, the first signature information by using a public key of the cipher token after the cipher token certificate is verified to be legitimate; and completing, by the background system server, the authentication to the cipher token after the first signature information is verified successfully.

Additionally, obtaining by the terminal user identification information corresponding to the cipher token includes: sending, by the terminal, the identification information of the cipher token and a user identification information reading request to the background system server; obtaining, by the background system server, the user identification information corresponding to the cipher token based on the identification information of the cipher token, after the background system server receives the identification information of the cipher token and the user identification information reading request; obtaining, by the background system server, response information of the user identification information reading request based on the user identification information and sending the response information of the user identification information reading request to the terminal; and obtaining, by the terminal, the user identification information based on the response information of the user identification information reading request, after the terminal receives the response information of the user identification information reading request.

Additionally, obtaining by the terminal user identification information corresponding to the cipher token includes: sending, by the terminal, a user identification information reading request to the cipher token; obtaining, by the cipher token, pre-stored user identification information, obtaining response information of the user identification information reading request based on the pre-stored user identification information, and sending the response information of the user identification information reading request to the terminal; and obtaining, by the terminal, the user identification information based on the response information of the user identification information reading request, after the terminal receives the response information of the user identification information reading request.

Additionally, completing an authentication to the cipher token includes: sending, by the background system server, the user identification information corresponding to the cipher token to the terminal; and obtaining by the terminal user identification information corresponding to the cipher token includes: receiving, by the terminal, the user identification information corresponding to the cipher token sent by the background system server.

Additionally, after scanning by a terminal a cipher token in a signal coverage range and obtaining identification information of the cipher token, the method further includes: generating, by the terminal, a real-time identification list, after the terminal obtains identification information of all cipher tokens in the signal coverage range of the terminal; comparing, by the terminal, each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval; executing, by the terminal, the step of obtaining user identification information corresponding to a scanned cipher token respectively based on identification information included in the real-time identification list but not included in the pre-established current user list; deleting, from the pre-established current user list, user identification information corresponding to each cipher token with the identification information included in the pre-established current user list but not included in the real-time identification list.

Additionally, after scanning by a terminal a cipher token in a signal coverage range and obtaining identification information of the cipher token, the method further includes: generating, by the terminal, a real-time identification list, after the terminal obtains identification information of all cipher tokens in the signal coverage range of the terminal; comparing, by the terminal, each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval; executing, by the terminal, the step of obtaining user identification information corresponding to a scanned cipher token respectively based on identification information included in the real-time identification list but not included in the pre-established current user list, and storing obtained user identification information into the real-time identification list; copying the user identification information corresponding to each cipher token with the identification information included in the real-time identification list and included in the pre-established current user list from the pre-established current user list to the real-time identification list; and taking the real-time identification list as an updated current user list.

Additionally, signing by the cipher token the first information to be signed by using a private key of the cipher token to obtain first signature information after the cipher token receives the first information to be signed and the authentication instruction includes: turning, by the cipher token, a sleep state into an awakened state after the cipher token receives the first information to be signed and the authentication instruction; and signing, by the cipher token in the awaked state, the first information to be signed by using the private key of the cipher token to obtain the first signature information.

Additionally, after obtaining by a background system server the identification information of the cipher token, the method further includes: judging, by the background system server, whether the identification information of the cipher token is included in a cipher token abnormality list pre-stored in the background system server; obtaining, by the background system server, a cipher token locking instruction, signing the cipher token locking instruction by using a private key of the background system server to generate second signature information and sending the cipher token locking instruction and the second signature information to the cipher token via the terminal, after the background system server judges that the identification information of the cipher token is included in the cipher token abnormality list; verifying, by the cipher token, the second signature information by using a public key in a pre-stored background system server certificate, after the cipher token receives the cipher token locking instruction and the second signature information; and executing, by the cipher token, a cipher token locking operation based on the cipher token locking instruction, after the second signature information is successfully verified.

Additionally, the method further includes: receiving and checking, by the background system server, a cipher token registration application; sending, by the background system server, a cipher token key pair generating instruction to the cipher token, after the cipher token registration application is successfully checked; generating, by the cipher token, a cipher token key pair after the cipher token receives the cipher token key pair generating instruction; sending, by the cipher token, a public key in the cipher token key pair to the background system server; generating, by the background system server, a cipher token certificate and sending the cipher token certificate to the cipher token, after the background system server receives the public key in the cipher token key pair; and storing, by the cipher token, the cipher token certificate.

Additionally, the method further includes: obtaining, by the cipher token, a cipher token cancellation application, signing the cipher token cancellation application by using a private key of the cipher token to generate third signature information, and sending the cipher token cancellation application and the third signature information to the background system server; verifying, by the background system server, the third signature information by using a public key in the pre-stored cipher token certificate, after the background system server receives the cipher token cancellation application and the third signature information; deleting, by the background system server, the pre-stored cipher token certificate, generating cipher token cancellation completion information and sending the cipher token cancellation completion information to the cipher token, after the third signature information is successfully verified; deleting, by the cipher token, the private key of the cipher token after the cipher token receives the cipher token cancellation completion information.

Additionally, after the background system server receives the identification information of the cipher token and the user identification information reading request, and before the background system server sends the response information of the user identification information reading request to the terminal, the method further includes: sending, by the background system server, user authorization request information to the cipher token via the terminal; generating, by the cipher token, authorization information and sending the authorization information to the background system server via the terminal, after the cipher token receives the user authorization request information; executing, by the background system server, the step of sending the response information of the user identification information reading request to the terminal, after the background system server receives the authorization information.

Additionally, generating by the cipher token authorization information after the cipher token receives the user authorization request information includes: turning, by the cipher token, a sleep state into an awakened state after the cipher token receives the user authorization request information; and generating, by the cipher token in the awakened state, the authorization information.

Additionally, before scanning by a terminal a cipher token in a signal coverage range and obtaining identification information of the cipher token, the method further includes: entering a scannable state for the cipher token.

Embodiments of a second aspect of the present disclosure provide a secure data interactive system for electronic payment, comprising: a terminal, a background system server and a cipher token; wherein the terminal is configured to: scan the cipher token in a signal coverage range and obtain identification information of the cipher token, obtain user identification information corresponding to the cipher token after the background system server completes an authentication to the cipher token, and store the user identification information into a pre-established current user list, wherein the user identification information comprises at least one of a photo, a name and an account of the user, wherein the pre-established current user list updated when the cipher tokens varies constantly due to customer flow change in the merchant’s store where the terminal is, and the user identification information of the pre-established current user list is used for electronic payment; and the background system server is configured to: obtain the identification information of the cipher token and complete the authentication to the cipher token.

Additionally, the terminal is further configured to: generate first information to be signed; send the first information to be signed and an authentication instruction to the cipher token; receive first signature information and a cipher token certificate sent by the cipher token; and send authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate to the background system server; the cipher token is further configured to: receive the first information to be signed and the authentication instruction sent by the terminal; sign the first information to be signed by using a private key of the cipher token to obtain the first signature information; and send the first signature information and the cipher token certificate to the terminal; and the background system server is further configured to: receive the authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate; verify whether the cipher token certificate is legitimate by using a pre-stored root certificate corresponding to the cipher token certificate; verify the first signature information by using a public key of the cipher token after the cipher token certificate is verified to be legitimate; and complete the authentication to the cipher token after the first signature information is successfully verified.

Additionally, the terminal is further configured to: send the identification information of the cipher token to the background system server; receive first information to be signed sent by the background system server; send the first information to be signed and an authentication instruction to the cipher token; receive first signature information and a cipher token certificate sent by the cipher token; and send authentication request information, the first signature information and the cipher token certificate to the background system server; the background system server is further configured to: receive the identification information of the cipher token sent by the terminal; generate the first information to be signed; send the first information to be signed to the terminal; receive the authentication request information, the first signature information and the cipher token certificate sent by the terminal; verify whether the cipher token certificate is legitimate by using a pre-stored root certificate corresponding to the cipher token certificate; verify the first signature information by using a public key of the cipher token after the cipher token certificate is verified to be legitimate; and complete the authentication to the cipher token after the first signature information is verified successfully; and the cipher token is further configured to: receive the first information to be signed and the authentication instruction sent by the terminal; sign the first information to be signed by using a private key of the cipher token to obtain the first signature information; and send the first signature information and the cipher token certificate to the terminal.

Additionally, the terminal is further configured to: send the identification information of the cipher token and a user identification information reading request to the background system server, receive response information of the user identification information reading request sent by the background system server, and obtain the user identification information based on the response information of the user identification information reading request; and the background system server is further configured to: receive the identification information of the cipher token and the user identification information reading request sent by the terminal, and obtain the user identification information corresponding to the cipher token based on the identification information of the cipher token; and obtain the response information of the user identification information reading request based on the user identification information, and send the response information of the user identification information reading request to the terminal.

Additionally, the terminal is further configured to: send a user identification information reading request to the cipher token; receive response information of the user identification information reading request sent by the cipher token, and obtain the user identification information based on the response information of the user identification information reading request; the cipher token is further configured to: obtain pre-stored user identification information, obtain the response information of the user identification information reading request based on the pre-stored user identification information, and send the response information of the user identification information reading request to the terminal.

Additionally, the background system server is further configured to send the user identification information corresponding to the cipher token to the terminal; the terminal is further configured to receive the user identification information corresponding to the cipher token sent by the background system server.

Additionally, after scanning the cipher token in the signal coverage range and obtaining the identification information of the cipher token, the terminal is further configured to: obtain identification information of all cipher tokens in the signal coverage range of the terminal and generate a real-time identification list; compare each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval; obtain user identification information corresponding to each scanned cipher token based on the identification information included in the real-time identification list but not included in the pre-established current user list; delete, from the pre-established current user list, user identification information corresponding to each cipher token with the identification information included in the pre-established current user list but not included in the real-time identification list.

Additionally, after scanning the cipher token in the signal coverage range and obtaining identification information of the cipher token, the terminal is further configured to: obtain identification information of all cipher tokens in the signal coverage range of the terminal and generate a real-time identification list; compare each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval; obtain user identification information corresponding to each scanned cipher token based on the identification information included in the real-time identification list but not included in the pre-established current user list, and store the obtained user identification information into the real-time identification list; copy user identification information corresponding to each cipher token with the identification information included in the real-time identification list and included in the pre-established current user list from the pre-established current user list to the real-time identification list; and take the real-time identification list as an updated current user list.

Additionally, the cipher token is further configured to: turn a sleep state into an awakened state after receiving the first information to be signed and the authentication instruction, and sign and calculate the first information to be signed in the awaked state by using the private key of the cipher token to obtain the first signature information.

Additionally, after obtaining the identification information of the cipher token, the background system server is further configured to: judge whether the identification information of the cipher token is included in a cipher token abnormality list pre-stored in the background system server; obtain a cipher token locking instruction, sign the cipher token locking instruction by using a private key of the background system server to generate second signature information, and send the cipher token locking instruction and the second signature information to the cipher token via the terminal, after judging that the identification information of the cipher token is included in the cipher token abnormality list; and the cipher token is further configured to: receive the cipher token locking instruction and the second signature information sent by the background system server via the terminal; verify the second signature information by using a public key in a pre-stored background system server certificate; execute a cipher token locking operation based on the cipher token locking instruction, after the second signature information is successfully verified.

Additionally, the background system server is further configured to: receive and check a cipher token registration application; send a cipher token key pair generating instruction to the cipher token, after the cipher token registration application is successfully checked; receive a public key in the cipher token key pair sent by the cipher token, generate a cipher token certificate and send the cipher token certificate to the cipher token; the cipher token is further configured to: receive the cipher token key pair generating instruction sent by the background system server and generate the cipher token key pair; send the public key in the cipher token key pair to the background system server; store the cipher token certificate.

Additionally, the cipher token is further configured to: obtain a cipher token cancellation application, sign the cipher token cancellation application by using a private key of the cipher token to generate third signature information, and send the cipher token cancellation application and the third signature information to the background system server; receive cipher token cancellation completion information sent by the background system server, and delete the private key of the cipher token; the background system server is further configured to: receive the cipher token cancellation application and the third signature information sent by the cipher token, verify the third signature information by using a public key in the cipher token certificate pre-stored; delete the cipher token certificate pre-stored, generate the cipher token cancellation completion information and send the cipher token cancellation completion information to the cipher token, after the third signature information is successfully verified.

Additionally, the background system server is further configured to: send user authorization request information to the cipher token via the terminal; receive authorization information sent by the cipher token via the terminal and send the response information of the user identification information reading request to the terminal; the cipher token is further configured to: receive the user authorization request information sent by the background system server via the terminal, generate the authorization information, and send the authorization information to the background system server via the terminal.

Additionally, the cipher token is further configured to: turn a sleep state into an awakened state after receiving the user authorization request information, and generate the authorization information in the awakened state.

Additionally, the cipher token is further configured to enter a scannable state before being scanned by the terminal.

As known from the above technical solutions of the present disclosure, the terminal of the merchant may first read the identification information of the cipher token, and then obtain the user identification information corresponding to the cipher token by using the identification information of the cipher token. Thus, the customer can pay for goods with no need for purses, credit cards, or mobile phones, which simplifies interactive operations between the customer and the merchant and upgrades user experience.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings used for description of embodiments will be introduced briefly in order to illustrate technical solutions of embodiments of the present disclosure more clearly. Obviously, the accompanying drawings described below are only part of embodiments of the present disclosure, and those skilled in the art may obtain other drawings based on these drawings without any creative effort.

Fig. 1 is a schematic diagram of a secure data interactive system according to the present disclosure; and

Fig. 2 is a flow chart of a secure data interactive method according to the present disclosure.

DETAILED DESCRIPTION

Technical solutions of embodiments of the present disclosure will be described clearly and completely with reference to the drawings, and obviously, only part of embodiments are described herein. All other embodiments may be obtained by those skilled in the art based on the embodiments described, without any creative effort, and belong to the protection scope of the present disclosure.

In the present invention, it should be noted that, unless specified or limited otherwise, the terms “mounted,” “connected,” and “coupled” and the like are used broadly, and may be, for example, fixed connections, detachable connections, or integral connections; may also be mechanical or electrical connections; may also be direct connections or indirect connections via intervening structures; may also be inner communications of two elements, which can be understood by those skilled in the art according to specific situations. In addition, terms such as “first” and “second” are used herein for purposes of description and are not intended to indicate or imply relative importance or significance.

Embodiments of the present disclosure will be further described in detail with reference to the drawings. A secure data interactive method according to the present disclosure may be applied to a system that is constructed as shown in Fig. 1 and includes a background system server, a terminal and a cipher token.

The background system server may complete management of the cipher token, and storage and transmission of user identification information, for example, management of registration, cancellation, locking and authentication of the cipher token. The background system server may provide financial services, like banking services and payment platform services. The background system server and may include one of a payment server, an authentication server and a management server, or a combination thereof.

The terminal may be a terminal at a merchant’s store, configured to initiate a mobile payment, and maintain the user identification information, etc.. The terminal may automatically scan the cipher token in a signal coverage range thereof, establish communication with the cipher token, and obtain the user identification information corresponding to the cipher token. The terminal (like a POS) of the present disclosure is additionally provided with a wireless communication module, and the background and the terminal employ a dedicated network connection there between, so as to guarantee security.

The cipher token has a secure payment (e.g. an electronic signature and generation of a one-time password) function. The cipher token has a wireless communication module (such as Bluetooth, infrared ray, RFID, NFC, light, sound wave, thermal energy, vibration, Wi-Fi, etc.) and may communicate with terminal through the wireless communication module. Certainly, the cipher token may further include a wired interface (such as an audio interface, a USB interface and a serial interface, etc.) and communicate with the terminal via the wired interface. Additionally, the cipher token may have a connection-available function, and if a user does not turn on this function, the terminal cannot obtain identification information of the cipher token and the corresponding user identification information. For example, the cipher token may enter a scannable state, such that the terminal is able to scan the cipher token. The connection-available function of the cipher token may be turned on by a hardware switch provided on the cipher token or by a piece of software in the cipher token.

As shown in Fig. 2, the secure data interactive method includes step 1 to step 7.

Step 1: the cipher token registers with the background system server.

The background system server receives and checks a cipher token registration application. Specifically, a user in possession of the cipher token may apply for the cipher token registration at the bank counter or through the Internet, and the background system server will check the legitimacy of the user identity after receiving the cipher token registration application.

The background system server sends a cipher token key pair generating instruction to the cipher token, after the cipher token registration application is checked successfully (i.e., the check of the cipher token registration application passes). Specifically, the background system server agrees to register the cipher token of the user after the check of the legitimacy of the user identity passes, and meanwhile send the cipher token key pair generating instruction to the cipher token to indicate generation of a cipher token key pair which includes a pair of public and private keys.

The cipher token generates the cipher token key pair after receiving the cipher token key pair generating instruction. Specifically, a key pair generation scheme may be preset in the cipher token, and the cipher token generates the cipher token key pair (i.e. generating the pair of public and private keys) based on the preset key pair generation scheme after receiving the cipher token key pair generating instruction.

The cipher token sends a public key in the cipher token key pair to the background system server. Specifically, the cipher token may send the public key in the cipher token key pair to the background system server through a reliable communication link, to ensure that the public key is safely sent by the cipher token, or may send the public key in the cipher token key pair to the background system server via the Internet to improve convenience of the transmission of the public key of the cipher token.

The background system server generates a cipher token certificate and sends the cipher token certificate to the cipher token, after receiving the public key in the cipher token key pair. Specifically, the background system server may calculate information of the user and the public key of the cipher token by using the private key of the background system server, so as to generate the cipher token certificate; the background system server may include the CA server, and calculate the information of the user and the public key of the cipher token by using the private key of the CA server, so as to generate the cipher token certificate; the background system server may send the information of the user and the public key of the cipher token to the CA server, and then the CA server calculates the information of the user and the public key of the cipher token by using the private key of the CA server to generate the cipher token certificate which is sent to the cipher token via the background system server.

The cipher token stores the cipher token certificate. Specifically, the cipher token stores the cipher token certificate into a storage area for performing safety functions, after receiving the cipher token certificate sent by the background system server. Certainly, regarding different background system servers, the cipher token may store different cipher token certificates sent by different background system servers.

Certainly, the terminal may register with the background system server.

Step 2: the terminal scans the cipher token in the signal coverage range and obtains the identification information of the cipher token.

Specifically, the terminal may send an inquiry signal (e.g. a serial number of the terminal may be included in it) at regular time intervals to inquire the cipher token in a certain wireless signal coverage range.

The cipher token monitors (inquiry scanning) the inquiry of the terminal, and when the cipher token enters the signal coverage range of the terminal, the identification information of the cipher token is sent to the terminal, such that the terminal scans and obtains the identification information of the cipher token.

Provided hereinafter are two methods for obtaining the identification information of the cipher token by the terminal. (1) The terminal may inquire the cipher token in the certain wireless signal coverage range via an inquiry access code (IAC).

The cipher token monitors (inquiry scanning) the inquiry of the terminal, and when the cipher token enters the signal coverage range of the terminal, address and clock information of the cipher token is sent to the terminal. The cipher token monitors paging information from the terminal and conducts paging scan. The terminal pages the cipher token inquired. The cipher token sends a device access code (DAC) of the cipher token to the terminal after receiving the paging information. (2) The terminal sends the inquiry signal to inquire the cipher token in the certain wireless signal coverage range.

The cipher token monitors (inquiry scanning) the inquiry signal of the terminal, and when the cipher token enters the signal coverage range of the terminal, the address of the cipher token is sent to the terminal.

Certainly, the present disclosure uses the above two examples to illustrate how the terminal obtains the identification information of the cipher token, but is not limited thereby. Based on the two methods for obtaining the identification information of the cipher token, if the cipher token receives any information sent by the terminal, the cipher token may take the information as a wake-up signal, and turn a sleep state into an awakened state (i.e. a normal working mode) according to the wake-up signal. Meanwhile, the cipher token may return to the sleep state automatically after the completion of any command execution. The cipher token enters the sleep state to save energy thereof, thus lengthening service life.

Before the step of scanning the cipher token by the terminal, the cipher token needs to enter the scannable state, such that the cipher token may be scanned by the terminal, in which the implementation of entering the scannable state may be realized by the hardware switch provided on the cipher token or by a piece of software in the cipher token.

Step 3: the background system server authenticates the cipher token.

The terminal generates first information to be signed. Specifically, the terminal may generate, by a random number generator, a random number as the first information to be signed, or may take its own serial number, a MAC address or other identification information as the first information to be signed, or may take the combination of the random number and the identification information as the first information to be signed. Any information may be taken as the first information to be signed, as long as the information is capable of being signed by the cipher token, such that signature information returned by the cipher token may be sent to the background system server, so as to make the background system server authenticate the cipher token. The random number may be one of a figure, a letter and a special character, or a combination thereof.

The terminal sends the first information to be signed and an authentication instruction to the cipher token. Specifically, the terminal may send the first information to be signed and the authentication instruction to the cipher token via a wireless communication link to guarantee convenience of information transmission, or may send the first information to be signed and the authentication instruction to the cipher token via the wired interface to improve security of the information transmission.

The cipher token signs and calculates the first information to be signed by using a private key of the cipher token to obtain first signature information, after receiving the first information to be signed and the authentication instruction.

Additionally, in the step of signing by the cipher token, the first information to be signed by using the private key of the cipher token to obtain the first signature information after receiving the first information to be signed and the authentication instruction, the cipher token may further turn the sleep state to the awakened state after receiving the first information to be signed and the authentication instruction, and sign the first information to be signed in the awakened state by using the private key of the cipher token to obtain the first signature information. The cipher token turns from the sleep state into the awakened state to complete the normal work, and turns back to the sleep state after the completion of work to reduce energy consumption and prolong the service life.

The cipher token sends the first signature information and the cipher token certificate to the terminal.

The terminal sends authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate to the background system server, after the terminal receives the first signature information and the cipher token certificate. Specifically, in this step, the terminal only servers to transfer data so as to improve the data transmission efficiency.

The background system server verifies whether the cipher token certificate is legitimate by using a pre-stored root certificate corresponding to the cipher token certificate, after receiving the authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate. Specifically, the background system server further needs to obtain the root certificate corresponding to the cipher token certificate, to verify legitimacy of the cipher token.

In order to guarantee the security of data interaction and the legitimacy of the cipher token, the background system server further judges whether the identification information of the cipher token is included in a cipher token abnormality list pre-stored in the background system server, after receiving the authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate. After the background system server judges that the identification information of the cipher token is included in the cipher token abnormality list, the background system server obtains a cipher token locking instruction, signs the cipher token locking instruction by using the private key of the background system server to generate second signature information, and sends the cipher token locking instruction and the second signature information to the cipher token via the terminal. The cipher token verifies the second signature information by using the public key in the pre-stored background system server certificate, after receiving the cipher token locking instruction and the second signature information. The cipher token executes a cipher token locking operation based on the cipher token locking instruction, after the second signature information is successfully verified.

Specifically, the cipher token abnormality list may be a list representing cipher tokens having illegitimate identities, such as a blacklist, a loss list and an expired list. If the identification information of the cipher token is included in the cipher token abnormality list, the cipher token is illegitimate. In such a case, the background system server sends the cipher token locking instruction to the illegitimate cipher token via the terminal to lock the illegitimate cipher token, so as to guarantee the security, and the background system server also signs the cipher token locking instruction to ensure a legitimate source of the instruction, so as to avoid malicious operations of locking the cipher token illegitimately.

Certainly, the present disclosure is not limited thereby; for practical applications, it is acceptable as long as the illegitimate cipher token is locked legitimately.

Additionally, the background system server may only send the cipher token locking instruction to the illegitimate cipher token to lock the illegitimate cipher token, without signing the cipher token locking instruction.

The cipher token may execute the cipher token locking operation based on the cipher token locking instruction in such a manner that the cipher token refuses to execute any request, destroys certificates stored therein or the like.

Certainly, the background system server may refuse to execute any request from the illegitimate cipher token after sends the cipher token locking instruction.

Therefore, if the user losses the cipher token, the user may report the loss to the background system server, and then the background system server records a device identification code of the cipher token into the loss list; or if any account abnormality occurs and is reported, the background system server will record the cipher token into the blacklist.

The devices in the above lists are recorded as abnormal devices in the abnormality list. Before every transaction, the background system server verifies the cipher token - comparing the device identification with the abnormality list, and locks the cipher token if the device identification is recorded in the abnormality list. With this method, if someone else embezzles the cipher token and intends for transfer account to steal money illegally, since the background system server verifies the cipher token before each transaction occurs, the background system server may lock the cipher token remotely, such that the user account may be protected from loss even if the cipher token is embezzled by someone else.

The background system server verifies the first signature information by using the public key of the cipher token after the cipher token certificate is verified to be legitimate.

The background system server completes the authentication to the cipher token after the first signature information is verified successfully. Specifically, the background system server further generates an authentication completion message after the verification of the first signature information passes, and sends the authentication completion message to the terminal to inform the terminal of the completion of authentication.

Based on the authentication to the cipher token implemented by the background system server, it is possible to ensure the legitimacy of the cipher token and improve security of subsequent processing. Meanwhile, it is possible to prevent phishing risks, tampering with information transmitted, remote hijacking and man-in-the-middle attacks, so as to effectively guarantee the account fund security of the owner of the cipher token.

Step 4: the user identification information is obtained by the terminal.

Specifically, in this step, the terminal obtains the user identification information (for example, a photo, name and an account of the user) corresponding to the cipher token based on the identification information of the cipher token scanned; the user identification information corresponding to the cipher token may be obtained specifically in but not limited to the following ways.

First way: the terminal obtains the user identification information corresponding to the cipher token from the background system server.

The terminal sends the identification information of the cipher token and a user identification information reading request to the background system server. Specifically, the terminal may directly send the identification information of the cipher token and the user identification information reading request to the background system server.

The background system server obtains the user identification information corresponding to the cipher token based on the identification information of the cipher token, after receiving the identification information of the cipher token and the user identification information reading request. Specifically, the background system server pre-stores the user identification information corresponding to each registered cipher token, so as to obtain the user identification information corresponding to the cipher token based on the received identification information of the cipher token.

Moreover, in order to guarantee the security of the user identification information, the background system server further needs to be authorized by the user in possession of the cipher token before sending the user identification information corresponding to the cipher token to the terminal. The background system server sends user authorization request information (e.g. a random number) to the cipher token via the terminal. The cipher token generates authorization information (e.g. information obtained by signing the random number) after receiving the user authorization request information, and sends the authorization information to the background system server via the terminal. The background system server executes a step of sending response information of the user identification information reading request to the terminal, after receiving the authorization information. Certainly, the background system server may sign the user authorization request information by using the private key of the background system server, and then sends it to the cipher token via the terminal; the cipher token verifies the signature after receiving the signature information; after the verification passes, the user authorization request information is considered to come from a legitimate background system server, and the request is confirmed to authorize the background system server. The cipher token may sign the authorization information by using the private key of the cipher token and then sends it to the background system server via the terminal; the background system server verifies the signature after receiving the signature information; after the verification passes, the authorization information is considered to come from a right cipher token, and subsequent operations are implemented based on the authorization information. The present disclosure is not limited to the above ways of requesting the cipher token for authorization of the background system server, and all kinds of combinations of the above ways fall into the protection scope of the present disclosure.

Certainly, the cipher token may turn from the sleep state into the awakened state after receiving the user authorization request information, and generate the authorization information in the awakened state, so as to save energy and prolong service life of the cipher token.

The background system server obtains the response information of the user identification information reading request based on the user identification information, and sends the response information of the user identification information reading request to the terminal.

The terminal obtains the user identification information based on the response information of the user identification information reading request, after receiving the response information of the user identification information reading request.

Second way: the terminal obtains the user identification information corresponding to the cipher token from the cipher token.

The terminal sends the user identification information reading request to the cipher token.

The cipher token obtains the pre-stored user identification information, obtains the response information of the user identification information reading request based on the pre-stored user identification information, and sends the response information of the user identification information reading request to the terminal.

The terminal obtains the user identification information based on the response information of the user identification information reading request, after receiving the response information of the user identification information reading request.

Additionally, if the user in possession of the cipher token refuses to send the user identification information, a reject message may be sent to the terminal through a button provided on the cipher token or through a piece of software, to guarantee the security of the user identification information.

Third way: the background system server directly sends to the cipher token the user identification information corresponding to the cipher token via the terminal at the same time of completing the authentication.

When the background system server completes the authentication to the cipher token, the background system server also sends the user identification information corresponding to the cipher token to the terminal. Specifically, the background system server may send the authentication completion message to the terminal at the end of the authentication to the cipher token, to inform the terminal that the authentication to the cipher token by the background system server is finished. When sending the authentication completion message to the terminal, the background system server may obtain the pre-stored user identification information corresponding to the cipher token based on the identification information of the cipher token, so as to send the user identification information corresponding to the cipher token to the terminal.

The terminal obtains the user identification information corresponding to the cipher token, that is, the terminal directly obtains the user identification information corresponding to the cipher token from information sent by the background system server.

The terminal stores the user identification information into a pre-established current user list. Specifically, the cipher tokens scanned varies constantly due to the staff turnover and the customer flow rate change in the shop where the terminal is. In such a case, the pre-established current user list may be updated in but not limited to the following modes.

First update mode:

The terminal generates a real-time identification list, after obtaining identification information of all the cipher tokens in the signal coverage range of the terminal.

The terminal compares each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval.

The step of obtaining user identification information corresponding to a scanned cipher token by the terminal respectively based on the identification information included in the pre-established current user list but not included in the real-time identification list is executed, the user identification information corresponding to each cipher token whose identification information is included in the pre-established current user list but not included in the real-time identification list is deleted from the pre-established current user list.

If the pre-established current user list is updated in this mode, it is possible to ensure that the user identification information corresponding to the cipher token(s) in the signal coverage range of the terminal is updated to the pre-established current user list, and the user identification information corresponding to the cipher token(s) leaving the signal coverage range is deleted from the pre-established current user list, thereby guaranteeing security.

Second update mode:

The terminal generates a real-time identification list, after obtaining identification information of all the cipher tokens in the signal coverage range of the terminal.

The terminal compares each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval.

The step of obtaining user identification information corresponding to a scanned cipher token by the terminal respectively based on the identification information included in the real-time identification list but not included in the pre-established current user list is executed, and the obtained user identification information is stored into the real-time identification list; the user identification information corresponding to each cipher token with the identification information included in the real-time identification list and included in the pre-established current user list is copied from the pre-established current user list to the real-time identification list.

The real-time identification list is taken as an updated current user list.

If the pre-established current user list is updated in this mode, it is possible to only update the user identification information corresponding to the cipher token(s) in the signal coverage range of the terminal timely, so as to improve update efficiency. In this mode, when obtaining the user identification information, the terminal may copy the user identification information corresponding to the original cipher token(s) in the shop from the pre-established current user list into the real-time identification list, and obtain the user identification information corresponding to new customers going into the shop by making the user identification information reading request to the background system server or the cipher token.

Therefore, when the customer flow rate in the shop where the terminal is located changes, the pre-established current user list may be updated automatically with no need for operations by the merchant, so it is convenient for store clerks to manage and maintain the customer information.

Additionally, the terminal may display the user identification information corresponding to the cipher token stored in the current user list, such that the user in possession of the cipher token may check the user identification information to guarantee the validity of the transaction.

In the prior art, the transaction process needs a device with an account storage function, for example, a SIM card and a smart card, and the user needs to swipe card or tap the mobile phone, such that the merchant may obtain account information of the user.

Compared with the prior art, in the present disclosure, the terminal of the merchant may first read the identification information of the cipher token and then obtain the user identification information corresponding to the cipher token based on the identification information of the cipher token. Thus, the customer can pay for goods without need for the purse, the credit card and the mobile phone, thereby simplifying interactive operations between the customer and the merchant and improving the user experience.

Step 5: the transaction information is processed.

The terminal generates the transaction information based on the user identification information corresponding to the cipher token involved in the transaction, and obtains transaction request information based on the transaction information. Specifically, the transaction information may contain transaction amount, account information of payer and payee, identification information of the payer and payee; the transaction information may further include an electronic statement of account, based on which the user may check transaction details, such as specific transaction time, transaction number, transaction amount and goods purchased.

The terminal sends the transaction request information to the cipher token. Specifically, the terminal may send the transaction request information in but not limited to the following ways. The terminal sends the transaction request information via an acoustic signal after encoding it; or the terminal graphically encodes the transaction request information and displays it for image collection by the cipher token; or the terminal sends the transaction request information via a communication interface of the terminal matching the cipher token.

The cipher token obtains the transaction information based on the transaction request information after receiving the transaction request information.

In order to save energy of the cipher token and prolong the service life thereof, the cipher token may further turn the sleep state into the awakened state after receiving the transaction request information. The cipher token obtains the transaction information in the awakened state based on the transaction request information.

The cipher token prompts the transaction information. Specifically, the cipher token may display the transaction information on a display screen, or broadcast it in the form of speech via a loudspeaker. Certainly, the cipher token may prompt the user in other manners to obtain authentic transaction information so as to guarantee the security of the transaction. Additionally, the cipher token may extract key information from the transaction information after obtaining the transaction information, and only prompt the key information, in which the specific prompting manner may refer to the prompting manner of the transaction information.

The cipher token receives a confirmation instruction and generates transaction confirmation information. Specifically, the cipher token may receive the confirmation instruction by detecting information which is sent when a confirmation key provided on the cipher token is pressed down; or may receive the confirmation instruction by detecting information which is sent when a virtual confirmation key on a touch screen is clicked; or take biological features (like voice, fingerprint and iris) as the confirmation instruction. Further, the cipher token may generate the transaction confirmation information in but not limited to the following ways. The cipher token signs the transaction information by using the private key of the cipher token, generates transaction signature information as the transaction confirmation information; or cipher token generates a one-time password as the transaction confirmation information. Certainly, in order to prevent repeated transactions and guarantee the user account security, every time the cipher token generates the transaction confirmation information, it also generates single transaction identification and signs the transaction information and the single transaction identification by using the private key of the cipher token, to obtain the transaction signature information as the transaction confirmation information, or it generates the single transaction identification, signs the single transaction identification by using the private key of the cipher token to obtain signature information of the single transaction identification, generates the one-time password, and takes the signature information of the single transaction identification and the one-time password as the transaction confirmation information, so as to ensure that a transaction will be successfully executed only once, in which the single transaction identification may be a random number. Because the wireless network transmission line is unstable, it is possible that the cipher token does not receive any receipt. If the single transaction identification is not provided, the user in possession of the cipher token may need to implement confirmation signing operations repeatedly when the terminal does not receive the signature information of the cipher token. That is, the cipher token sends the signature information to the terminal repeatedly, so it is possible that the terminal generates several transaction data packets from several signature values and sends the packets to the background system server, which causes repeated deductions on an account corresponding to the cipher token. However, if the single transaction identification is provided, when the wireless network transmission line is unstable, the cipher token will sign the transaction information and the same single transaction identification and then send them to the terminal, until the cipher token receives successful transaction receipt information. The terminal generates the transaction data packet by using the signature sent from the cipher token; the background system server makes a judgment on whether the single transaction identification contained in the transaction data packet; if the single transaction identification has been stored in a transaction log, that is, the transaction has been performed, the transaction data packet will not be processed, so as to avoid several or repeated deductions and thus protect the account fund security of the user in possession of the cipher token.

The terminal receives the transaction confirmation information. Specifically, the terminal may receive the transaction confirmation information in but not limited to the following ways. The terminal receives the acoustic signal sent by the cipher token and decodes the acoustic signal to obtain the transaction confirmation information (e.g. the acoustic signal may be identified by an acoustic identification device and decoded by an acoustic decoder, so as to obtain the transaction confirmation information); or the terminal collects image information (e.g. a 2-dimensional code, a barcode, etc.) displayed by the cipher token and decodes the image information to obtain the transaction confirmation information (e.g. the image information is collected by an image collection device and decoded by a decoder to obtain the transaction confirmation information); or the terminal receives the transaction confirmation information via the communication interface of the terminal matching the cipher token; or the terminal obtains the transaction confirmation information from the information inputted at the terminal.

The terminal obtains the transaction data packet based on the transaction confirmation information, and sends the transaction data packet to the background system server. Specifically, the transaction data packet may include other information besides the transaction information. The transaction information may contain the transaction amount, the account information of payer and payee, the identification information of the payer and payee; the transaction information may further include the electronic statement of account, based on which the user may check transaction details, such as specific transaction time, transaction number, transaction amount and goods purchased.

The background system server obtains the transaction confirmation information based on the transaction data packet after receiving the transaction data packet.

The background system server verifies the transaction confirmation information and executes the transaction after the verification passes. Specifically, it proves that the transaction is confirmed by the legitimate cipher token only after the verification of the transaction confirmation information by the background system server passes, and then the transaction is executed based on the confirmed result. Certainly, in order to ensure that the owner of the cipher token is informed of the completion of the transaction, the background system server may send the successful transaction receipt information to the cipher token via the terminal. The cipher token prompts the successful transaction receipt information after receiving it, and the successful transaction receipt information includes the electronic statement of account, based on which the user may check transaction details, such as specific transaction time, transaction number, transaction amount and goods purchased. The background system server may send the successful transaction receipt information to the terminal to inform the terminal of the completion of the transaction. The successful transaction receipt information may be sent to the cipher token via the terminal after the background system server signs the information with the private key of the background system server; the cipher token prompts the user after verification of the signed information by the cipher token passes.

Step 6: refund

When the customer asks for a refund, a refunding operation may be realized in but not limited to the following ways.

First way: the terminal sends refund information to the cipher token. Specifically, the refund information may include account numbers of both parties involved in the refund, refund amount, refund transaction number, and identification information of the both parties, or any combination thereof. The refund information may further include an electronic statement of account, based on which the user may check refund details, such as specific refund time, the refund transaction number, the refund amount and goods refunded. The terminal may further send the refund information in but not limited to the following ways. The terminal sends the refund information via the acoustic signal after encoding it; or the terminal graphically encodes the refund information and displays it for image collection by the cipher token; or the terminal sends the refund information via the communication interface of the terminal matching the cipher token.

The cipher token prompts the refund information after receiving it. Specifically, the cipher token informs the user of the refund information by voice broadcasting or displaying on the display screen, after receiving the refund information, such that the user confirms that the refund information is authentic.

In order to save energy of the cipher token and prolong the service life thereof, the cipher token may further turn the sleep state into the awakened state after receiving the refund information, and prompt the refund information in the awakened state.

The cipher token receives a refund confirmation instruction, signs the refund information by using the private key of the cipher token, and generates refund confirmation information. Specifically, the user makes confirmation through a physical key or a virtual key of the cipher token, after the refund information is considered to be authentic. The cipher token turns the awakened state into the sleep state, after sending the refund confirmation information to the terminal (for example, after sending the acoustic signal corresponding to the refund confirmation information, or after displaying image information corresponding to the refund confirmation information for a predetermined time).

The terminal receives the refund confirmation information, and sends the refund confirmation information to the background system server. Specifically, the terminal may receive the refund confirmation information in but not limited to the following ways. The terminal receives the acoustic signal sent by the cipher token and decodes the acoustic signal to obtain the refund confirmation information (e.g. the acoustic signal may be identified by the acoustic identification device and decoded by the acoustic decoder, so as to obtain the refund confirmation information); or the terminal collects image information (e.g. a 2-dimensional code, a barcode, etc.) displayed by the cipher token and decodes the image information to obtain the refund confirmation information (e.g. the image information is collected by the image collection device and decoded by the decoder to obtain the refund confirmation information); or the terminal receives the refund confirmation information via the communication interface of the terminal matching the cipher token. Meanwhile, the terminal may send the refund confirmation information to the background system server via a secure dedicated network.

The background system server receives and verifies the refund confirmation information, and executes a refund operation after the verification passes.

Regarding the first way, provided an application scene of the refund, but the present disclosure is not limited thereby.

The terminal generates the refund information (which may be obtained by searching recorded transaction information, or may be re-generated, or may be in other forms) based on the refund intention of the customer.

The cipher token turns the sleep state into the awakened state after receiving the refund information, and displays the refund information to the customer for confirmation.

The customer confirms the refund information to be right, and presses down the confirmation key on the cipher token to confirm; after receiving the refund confirmation instruction, the cipher token signs the refund information by using the private key of the cipher token to obtain the refund confirmation information, and sends the refund confirmation information to the terminal.

The terminal sends the refund confirmation information to the background system server after receiving it.

The background system server verifies the refund confirmation information by using the public key of the cipher token after receiving the refund confirmation information, executes the refund operation after verification passes, and sends the successful refund receipt information to the terminal and/or the cipher token.

Second way: the difference from the first way lies in that the terminal further receives a refund request sent by the cipher token and generates the refund information based on the refund request, before sending the refund information to the cipher token. Specifically, the refund request may be generated in such a manner that the customer presses down a key on the cipher token; the cipher token sends the refund request to the terminal after receiving it. The refund information may further include the electronic statement of account, based on which the user may check refund details, such as specific refund time, the refund transaction number, the refund amount and goods refunded. Certainly, any implementation where the cipher token may be triggered to generate the refund request falls into the protection scope of the present disclosure.

In order to save energy of the cipher token and prolong the service life thereof, the cipher token may further turn the sleep state into the awakened state before sending the refund request to the terminal, send the refund request to the terminal in the awakened state, and then turn the awakened state into the sleep state after sending the refund request. The cipher token turns the sleep state into the awakened state after receiving the refund information sent by the terminal, and executes operations of prompting the refund information and generating the refund confirmation information in the awakened state. The cipher token turns the awakened state into the sleep state after sending the refund confirmation information to the terminal (e.g. after sending the acoustic signal corresponding to the refund confirmation information or after displaying the image information corresponding to the refund confirmation information for a predetermined time).

Third way: the cipher token sends the refund request to the terminal. Specifically, the refund request may be generated in such a manner that the customer presses down the key on the cipher token; the cipher token sends the refund request to the terminal after receiving it. Certainly, any implementation where the cipher token may be triggered to generate the refund request falls into the protection scope of the present disclosure.

In order to save energy of the cipher token and prolong the service life thereof, the cipher token may further turn the sleep state into the awakened state before sending the refund request to the terminal, and send the refund request to the terminal in the awakened state.

The terminal generates refund request identification, and sends the refund request identification to the cipher token. Specifically, the terminal may generate a random number and takes the random number as the refund request identification, in which the random number is offered to the cipher token to generate the refund information.

The cipher token generates the refund information after receiving the refund request identification, signs the refund information by using the private key of the cipher token to obtain the refund confirmation information, and sends the refund confirmation information to the terminal. Specifically, the cipher token generates the refund information by using the refund request identification, the refund amount and the refund account; the refund information may include any combination of the refund transaction number and the identification information of the both parties involved in the refund. The refund amount may be input via a key on the cipher token, and certainly may be input in other manners (like voice input). The refund account may be input via a key on the cipher token, and may be input by reading refund accounts pre-stored in the cipher token. Certainly, it is also possible to store the transaction information into the cipher token after the transaction is completed and then search the transaction information to obtain the refund amount and the refund account. The cipher token may send the refund information in but not limited to the following ways. The cipher token sends the refund information via the acoustic signal after encoding it; or the cipher token graphically encodes the refund information and displays it for image collection by the terminal; or the cipher token sends the refund information via the communication interface of the cipher token matching the terminal.

In order to save energy of the cipher token and prolong the service life thereof, the cipher token may turn the awakened state into the sleep state after sending the refund confirmation information to the terminal (e.g. after sending the acoustic signal corresponding to the refund confirmation information or after displaying the image information corresponding to the refund confirmation information for a predetermined time).

The terminal receives the refund confirmation information and sends the refund confirmation information to the background system server. Specifically, the terminal may receive the refund confirmation information in but not limited to the following ways. The terminal receives the acoustic signal sent by the cipher token and decodes the acoustic signal to obtain the refund confirmation information (e.g. the acoustic signal may be identified by the acoustic identification device and decoded by the acoustic decoder, so as to obtain the refund confirmation information); or the terminal collects image information (e.g. a 2-dimensional code, a barcode, etc.) displayed by the cipher token and decodes the image information to obtain the refund confirmation information (e.g. the image information is collected by the image collection device and decoded by the decoder to obtain the refund confirmation information); or the terminal receives the refund confirmation information via the communication interface of the terminal matching the cipher token. Additionally, the terminal sends the refund confirmation information to the background system server via the dedicated network.

The background system server verifies the refund confirmation information after receiving the refund confirmation information, and executes the refund operation after the verification passes. Specifically, the background system server verifies the refund confirmation information by using the public key of the cipher token.

Regarding the third way, provided an application scene of the refund, but the present disclosure is not limited thereby.

The cipher token turns the sleep state into the awakened state. For example, the cipher token enters the awakened state through the key-pressing operation from the customer in possession of the cipher token.

The customer may press down the key on the cipher token to generate the refund request, and the cipher token sends the refund request to the terminal after receiving it.

The terminal may generate a random number R, take the random number R as the refund request identification, and send the refund request identification to the cipher token.

The cipher token generates the refund information, signs the refund information by using the private key of the cipher token to obtain the refund confirmation information, and sends the refund confirmation information to the terminal, in which the refund information at least includes the refund request identification, the refund amount and the refund account. The refund amount and the refund account may be input by the customer via a key on the cipher token; or the refund amount may be input by the customer via a key on the cipher token, while the refund account may be obtained by reading information pre-stored in the cipher token; or the refund amount and the refund account both may be obtained by reading the information pre-stored in the cipher token.

The terminal sends the refund confirmation information to the background system server after receiving it.

The background system server verifies the refund confirmation information by using the public key of the cipher token after receiving the refund confirmation information. If the verification passes, the refund operation is executed, and the successful refund receipt information is sent to the terminal and/or the cipher token.

For the above three refunding ways, the refund confirmation information may further include single refund identification which may be a random number to ensure that a refund may be successfully executed only once. Certainly, the single refund identification may be generated by the terminal or by the cipher token, or may be signed by the cipher token in the refund confirmation information.

Certainly, the background system server may further send the successful refund receipt information to the terminal and/or the cipher token after executing the refund operation, such that the shop and/or the customer may be informed that the refund has succeeded.

Therefore, through the above refund flow path, operations of the customer in the refund process may be simplified considerably, and relevant security functions of the cipher token may guarantee the security of the refund process, which brings about seamless user experience.

Step 7: cancellation

The term cancellation in embodiments of the present disclosure includes terminal cancellation and cipher token cancellation, and only the cipher token cancellation will be exemplified.

The cipher token obtains a cipher token cancellation application, signs the cipher token cancellation application by using the private key of the cipher token to generate third signature information, and sends the cipher token cancellation application and the third signature information to the background system server. Specifically, the third signature information may be sent via the terminal or processed manually.

The background system server verifies the third signature information by using the public key in the pre-stored cipher token certificate, after receiving the cipher token cancellation application and the third signature information.

After verification of the third signature information passes, the background system server deletes the pre-stored cipher token certificate, generates cipher token cancellation completion information and sends the cipher token cancellation completion information to the cipher token. Specifically, during the cipher token cancellation, the background system server may put the information corresponding to the cipher token into a cancellation list preset in the background system server or perform other cancellation operations, apart from the deletion of the pre-stored cipher token certificate.

The cipher token deletes the private key of the cipher token after receiving the cipher token cancellation completion information. Specifically, the cipher token may verify the signature information, and execute the deletion operation after the verification passes.

The background system server ensures the legitimacy of the cipher token, and avoids financial loss due to illegal embezzlement of the cipher token, by managing the registration, cancellation, authentication and locking of the cipher token.

It shall be noted that steps 1 to 7 are not necessarily executed sequentially, and perhaps only several steps need to be completed; and steps 1 to 7 are not necessarily implemented in one application scenes, that is, implementations in any kinds of application scenes fall into the protection scope of the present disclosure, as long as any one of steps 1 to 7 is used to complete the transaction safely.

An example application scene of the present disclosure is presented below.

In this application scene, a cipher token is integrated with a wireless communication module and a state control module to form a novel cipher token for secure payment according to the present disclosure. The cipher token includes a wireless communication module which may be a Bluetooth communication module or a Wi-Fi communication module, and the wireless communication module may scan other devices by inquiring and paging and may exchange signals and data with other wireless devices. Meanwhile, the cipher token also includes a state control module configured to control working states of the wireless communication module and the host. The cipher token according to the present disclosure has two states, namely, a sleep state and an awakened state; in the sleep state, only a transceiver (i.e. the wireless communication module) and the state control module are working, while CPU is closed and cannot implement instruction operations (e.g. signing, and receiving and sending data), such that the cipher token is in a low-consumption state. When other wireless devices send an application instruction to this cipher token, the state control module may identify these signals, and generate a wake-up signal to awaken the CPU, such that the CPU starts executing the application instruction in the awakened state. After the instruction is executed, the CPU enters the sleep state again.

In the following, a complete transaction process of the present disclosure will be illustrated briefly. A cipher token is in the sleep state; a user brings the cipher token into a wireless signal coverage range of a terminal; the cipher token and the terminal complete interactive recognition suitable for wireless devices; that is, the terminal is able to know that the cipher token enters the shop where the terminal is and to establish connection with the cipher token.

After the connection between the terminal and the cipher token is established, the terminal sends a device authentication request to the cipher token; the cipher token receives the request and the state control module sends the wake-up signal, such that the CPU is awakened and the cipher token enters the awakened state to execute corresponding operations.

The cipher token returns to the sleep state after completing corresponding operations, and remains interactive recognition with the terminal, such that the terminal may judge whether the owner of the cipher token leaves the shop.

The terminal puts forward a user identification information reading request to the background system server, and the background system server makes a user authorization information inputting request, in which case the terminal sends a user authorization request to the cipher token.

The cipher token in the sleep state enters the awakened state upon receiving the user authorization request from the terminal. The cipher token displays the request from the terminal and prompts the user to judge whether to authorize.

The user judges whether to authorize based on the displayed request sent by the terminal; if the request is allowed, the user presses down a confirmation key on the cipher token, such that the cipher token generates authorization information, send the authorization information to the terminal, and enters the sleep state; otherwise, the cipher token stops executing instructions and directly enters the sleep state.

For settlement of transaction, the terminal sends a user transaction confirmation request instruction to the cipher token in the sleep state; the cipher token in the sleep state enters the awakened state upon receiving the instruction, and displays the transaction information received to the user for confirmation; if the transaction information is right, the user presses down the confirmation key to make the cipher token sign the transaction information and send the information back to the terminal; otherwise, execution of operations is stopped, and the cipher token enters the sleep state.

In the following, another application scene of the present discourse is provided.

The terminal established a current user list in a local server, and the current user list may be used to store the user identification information corresponding to cipher tokens owned by customers in the shop at present.

The local server of the terminal monitors the cipher tokens in the wireless signal coverage range of the terminal in a wireless manner (for example, via a wireless detection device).

The customer takes a cipher token having a wireless communication function (in the sleep state) with him when shopping; the cipher token may be searched by the terminal and establish wireless connection with the terminal when the customer goes into the wireless signal coverage range of the terminal.

The terminal sends a random number R1 to the cipher token, and sends an authentication instruction to the cipher token.

The cipher token in the sleep state is awakened after receiving the authentication instruction from the terminal, and enters the awakened state.

The cipher token summarizes R1 and encrypts a summary with its private key to generate a signature S, and sends the signature S and a cipher token certificate to the terminal.

The terminal sends the signature S, the cipher token certificate, the random number R1 generated before, and the obtained identification information of the cipher token to the background system server, after receiving the signature S and the cipher token certificate.

The background system server verifies the legitimacy of the cipher token certificate by using a root certificate corresponding to the cipher token certificate; the process is ended if the verification of the cipher token certificate fails.

If the verification of the cipher token certificate passes, the background system server verifies the signature S by using the public key of the cipher token; if the verification of the signature S fails, the process is ended.

If the verification of the signature S passes, the background system server sends the user identification information (like user account) to the terminal after the cipher token is verified successfully.

The terminal stores the user identification information into the current user list after receiving the user identification information sent by the background system server.

The customer settles the transaction at the cashier after shopping.

The terminal settles the transaction amount and chooses, from the current user list, an account corresponding to the cipher token owned by the customer.

The terminal generates the transaction information from any combinations of the purchased goods, the transaction amount, the accounts of the payer and the payee, the identification information of the payer and the payee, and sends the transaction information to the cipher token.

The cipher token turns into the awakened state after receiving the transaction information, and displays the transaction information on the screen to be confirmed by the user.

The customer confirms the transaction information; if any problem, a cancellation key is pressed down and the transaction is suspended. The cipher token turns into the sleep state.

If the customer confirms that the transaction information is right, the customer presses down a confirmation key disposed on the cipher token; the cipher token generates the random number as the single transaction identification; the cipher token signs the transaction information and the single transaction identification.

The cipher token sends the signature information to the terminal, and the terminal sends a transfer request and the signature information to the background system server.

The background system server verifies the signature after receiving the transfer request and the signature information; after the verification of the signature passes, the background system server completes the transfer and sends payment completion information which represents successful transfer to the terminal; certainly, the background system server may send the payment completion information to the cipher token via the terminal, such that the customer may know that the transaction is completed.

The terminal receives the payment completion information, the goods are delivered to the customer, and the transaction is completed.

Through the authentication to the cipher token by the background system server, in the case that the cipher token is verified to be reliable, the transaction security of the cipher token may be ensured by manual confirmation of the information displayed on the cipher token during the transaction.

With the secure data interactive method according to the present disclosure, the customer does not need any account carrier devices, for example mobile phones, bank cards or financial IC cards, to finish the payment, when transacting in the shop. In the prior art, the payment process needs a device with the account storage function, for example, a SIM card or a smart card, and the user needs to swipe card or tap the mobile phone, so as to complete the transaction. However, with the method according to the present disclosure, the customer can finish the payment without need for the purse, the credit card and the mobile phone, thereby simplifying interactive operations between the customer and the merchant, improving the payment efficiency, and upgrading the user experience during near-field payment; meanwhile, the security features of the cipher token may ensure the security of the customer payment process.

When the customer chooses goods and pays for them, the terminal may obtain the user identification information without swiping cards or tapping mobile phones manually, because the user identification information has been stored in the current user list of the terminal when the customer just enters the shop. In such a case, the customer only needs to offer his name when paying for goods, and the terminal may directly send the transaction information (including the settlement amount) to the cipher token of the customer and display the transaction information thereon, such that the customer only needs to confirm the transaction information through the cipher token and outputs the transaction confirmation information; the terminal generates the transaction data packet and sends it to the background system server; the background system server conducts the transfer after verifying that the transaction data packet is right. In such a way, the payment process may be completed.

When the customer walks out of the signal coverage range of the shop, the network connection between the cipher token and the terminal will break off automatically, and the user identification information disappears from the current user list corresponding to the shop. If the customer walks into another shop, the user identification information will be recorded in the current user list corresponding to the other shop, and another shopping begins. In such a way, the customer does not need any operations, as long as the customer takes a small cipher token with him. The present disclosure can bring about the seamless user experience.

Any process or method described in a flow chart or described herein in other ways may be understood to include one or more modules, segments or portions of codes of executable instructions for achieving specific logical functions or steps in the process, and the scope of a preferred embodiment of the present disclosure includes other implementations, in which the order of execution is different from that which is depicted or discussed, including executing functions in a substantially simultaneous manner or in an opposite order according to the related functions. This should be understood by those skilled in the art to which embodiments of the present disclosure belong.

It should be understood that each part of the present disclosure may be realized by the hardware, software, firmware or their combination. In the above embodiments, a plurality of steps or methods may be realized by the software or firmware stored in the memory and executed by the appropriate instruction execution system. For example, if it is realized by the hardware, likewise in another embodiment, the steps or methods may be realized by one or a combination of the following techniques known in the art: a discrete logic circuit having a logic gate circuit for realizing a logic function of a data signal, an application-specific integrated circuit having an appropriate combination logic gate circuit, a programmable gate array (PGA), a field programmable gate array (FPGA), etc.

Those skilled in the art shall understand that all or parts of the steps in the above exemplifying method of the present disclosure may be achieved by commanding the related hardware with programs. The programs may be stored in a computer readable storage medium, and the programs comprise one or a combination of the steps in the method embodiments of the present disclosure when run on a computer.

In addition, each function cell of the embodiments of the present disclosure may be integrated in a processing module, or these cells may be separate physical existence, or two or more cells are integrated in a processing module. The integrated module may be realized in a form of hardware or in a form of software function modules. When the integrated module is realized in a form of software function module and is sold or used as a standalone product, the integrated module may be stored in a computer readable storage medium.

The storage medium mentioned above may be read-only memories, magnetic disks, CD, etc.

Reference throughout this specification to “an embodiment,” “some embodiments,” “an example,” “a specific example,” or “some examples,” means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present disclosure. The appearances of the phrases throughout this specification are not necessarily referring to the same embodiment or example of the present disclosure. Furthermore, the particular features, structures, materials, or characteristics may be combined in any suitable manner in one or more embodiments or examples.

Although explanatory embodiments have been shown and described, it would be appreciated by those skilled in the art that the above embodiments cannot be construed to limit the present disclosure, and changes, alternatives, and modifications can be made in the embodiments without departing from spirit, principles and scope of the present disclosure.

Mere reference to background art herein should not be construed as an admission that such art constitutes common general knowledge in relation to the invention.

Throughout this specification, including the claims, where the context permits, the term “comprise” and variants thereof such as “comprises” or “comprising” are to be interpreted as including the stated integer or integers without necessarily excluding any other integers.

Claims (20)

1. What is claimed is:

   1. A secure data interactive method for electronic payment, comprising: scanning, by a terminal at a merchant’s store, a cipher token in a signal coverage range and obtaining identification information of the cipher token; obtaining, by a background system server, the identification information of the cipher token and completing an authentication to the cipher token; obtaining, by the terminal, user identification information corresponding to the cipher token after the background system server completes the authentication to the cipher token, wherein the user identification information comprises at least one of a photo, a name and an account of the user; and storing, by the terminal, the user identification information into a pre-established current user list, wherein the pre-established current user list updated when the cipher tokens varies constantly due to customer flow change in the merchant’s store where the terminal is, and the user identification information of the pre-established current user list is used for electronic payment.
2. 2. The method according to claim 1, wherein, obtaining by a background system server the identification information of the cipher token and completing an authentication to the cipher token comprises: generating, by the terminal, first information to be signed; sending, by the terminal, the first information to be signed and an authentication instruction to the cipher token; signing, by the cipher token, the first information to be signed by using a private key of the cipher token to obtain first signature information, after the cipher token receives the first information to be signed and the authentication instruction; sending, by the cipher token, the first signature information and a cipher token certificate to the terminal; sending, by the terminal, authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate to the background system server, after the terminal receives the first signature information and the cipher token certificate; verifying, by the background system server, whether the cipher token certificate is legitimate by using a pre-stored root certificate corresponding to the cipher token certificate, after the background system server receives the authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate; verifying, by the background system server, the first signature information by using a public key of the cipher token after the cipher token certificate is verified to be legitimate; and completing, by the background system server, the authentication to the cipher token after the first signature information is successfully verified.
3. 3. The method according to claim 1, wherein obtaining by a background system server the identification information of the cipher token and completing an authentication to the cipher token comprises: sending, by the terminal, the identification information of the cipher token to the background system server; generating, by the background system server, first information to be signed and sending the first information to be signed to the terminal, after the background system server receives the identification information of the cipher token; sending, by the terminal, the first information to be signed and an authentication instruction to the cipher token after the terminal receives the first information to be signed; signing, by the cipher token, the first information to be signed by using a private key of the cipher token to obtain first signature information, after the cipher token receives the first information to be signed and the authentication instruction; sending, by the cipher token, the first signature information and a cipher token certificate to the terminal; sending, by the terminal, authentication request information, the first signature information and the cipher token certificate to the background system server, after the terminal receives the first signature information and the cipher token certificate; verifying, by the background system server, whether the cipher token certificate is legitimate by using a pre-stored root certificate corresponding to the cipher token certificate, after the background system server receives the authentication request information, the first signature information and the cipher token certificate; verifying, by the background system server, the first signature information by using a public key of the cipher token after the cipher token certificate is verified to be legitimate; and completing, by the background system server, the authentication to the cipher token after the first signature information is verified successfully.
4. 4. The method according to any one of claims 1 to 3, wherein obtaining by the terminal user identification information corresponding to the cipher token comprises: sending, by the terminal, the identification information of the cipher token and a user identification information reading request to the background system server; obtaining, by the background system server, the user identification information corresponding to the cipher token based on the identification information of the cipher token, after the background system server receives the identification information of the cipher token and the user identification information reading request; obtaining, by the background system server, response information of the user identification information reading request based on the user identification information and sending the response information of the user identification information reading request to the terminal; and obtaining, by the terminal, the user identification information based on the response information of the user identification information reading request, after the terminal receives the response information of the user identification information reading request.
5. 5. The method according to any one of claims 1 to 3, wherein obtaining by the terminal user identification information corresponding to the cipher token comprises: sending, by the terminal, a user identification information reading request to the cipher token; obtaining, by the cipher token, pre-stored user identification information obtaining response information of the user identification information reading request based on the pre-stored user identification information, and sending the response information of the user identification information reading request to the terminal; and obtaining, by the terminal, the user identification information based on the response information of the user identification information reading request, after the terminal receives the response information of the user identification information reading request.
6. 6. The method according to any one of claims 1 to 5, after scanning by a terminal a cipher token in a signal coverage range and obtaining identification information of the cipher token, further comprising: generating, by the terminal, a real-time identification list, after the terminal obtains identification information of all cipher tokens in the signal coverage range of the terminal; comparing, by the terminal, each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval; and executing, by the terminal, the step of obtaining user identification information corresponding to a scanned cipher token respectively based on identification information included in the real-time identification list but not included in the pre-established current user list; deleting, from the pre-established current user list, user identification information corresponding to each cipher token with the identification information included in the pre-established current user list but not included in the real-time identification list.
7. 7. The method according to any one of claims 1 to 5, after scanning by a terminal a cipher token in a signal coverage range and obtaining identification information of the cipher token, further comprising: generating, by the terminal, a real-time identification list, after the terminal obtains identification information of all cipher tokens in the signal coverage range of the terminal; comparing, by the terminal, each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval; executing, by the terminal, the step of obtaining user identification information corresponding to a scanned cipher token respectively based on identification information included in the real-time identification list but not included in the pre-established current user list, and storing obtained user identification information into the real-time identification list; copying user identification information corresponding to each cipher token with the identification information included in the real-time identification list and included in the pre-established current user list from the pre-established current user list to the real-time identification list; and taking the real-time identification list as an updated current user list.
8. 8. The method according to any one of claims 2 to 7, wherein, signing by the cipher token the first information to be signed by using a private key of the cipher token to obtain first signature information after the cipher token receives the first information to be signed and the authentication instruction comprises: turning, by the cipher token, a sleep state into an awakened state after the cipher token receives the first information to be signed and the authentication instruction; and signing, by the cipher token in the awaked state, the first information to be signed by using the private key of the cipher token to obtain the first signature information.
9. 9. The method according to any one of claims 1 to 8, after obtaining by a background system server the identification information of the cipher token, further comprising: judging, by the background system server, whether the identification information of the cipher token is included in a cipher token abnormality list pre-stored in the background system server; obtaining, by the background system server, a cipher token locking instruction, signing the cipher token locking instruction by using a private key of the background system server to generate second signature information and sending the cipher token locking instruction and the second signature information to the cipher token via the terminal, after the background system server judges that the identification information of the cipher token is included in the cipher token abnormality list; verifying, by the cipher token, the second signature information by using a public key in a pre-stored background system server certificate, after the cipher token receives the cipher token locking instruction and the second signature information; and executing, by the cipher token, a cipher token locking operation based on the cipher token locking instruction, after the second signature information is successfully verified.
10. 10. The method according to any one of claims 1 to 9, further comprising: receiving and checking, by the background system server, a cipher token registration application; sending, by the background system server, a cipher token key pair generating instruction to the cipher token, after the cipher token registration application is successfully checked; generating, by the cipher token, a cipher token key pair after the cipher token receives the cipher token key pair generating instruction; sending, by the cipher token, a public key in the cipher token key pair to the background system server; generating, by the background system server, a cipher token certificate and sending the cipher token certificate to the cipher token, after the background system server receives the public key in the cipher token key pair; and storing, by the cipher token, the cipher token certificate.
11. 11. A secure data interactive system for electronic payment, comprising: a terminal, a background system server and a cipher token; wherein, the terminal is configured to: scan the cipher token in a signal coverage range and obtain identification information of the cipher token, obtain user identification information corresponding to the cipher token after the background system server completes an authentication to the cipher token, and store the user identification information into a pre-established current user list, wherein the user identification information comprises at least one of a photo, a name and an account of the user, wherein the pre-established current user list updated when the cipher tokens varies constantly due to customer flow change in the merchant’s store where the terminal is, and the user identification information of the pre-established current user list is used for electronic payment; and the background system server is configured to: obtain the identification information of the cipher token and complete the authentication to the cipher token.
12. 12. The system according to claim 11, wherein, the terminal is further configured to: generate first information to be signed; send the first information to be signed and an authentication instruction to the cipher token; receive first signature information and a cipher token certificate sent by the cipher token; and send authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate to the background system server; the cipher token is further configured to: receive the first information to be signed and the authentication instruction sent by the terminal; sign the first information to be signed by using a private key of the cipher token to obtain the first signature information; and send the first signature information and the cipher token certificate to the terminal; and the background system server is further configured to: receive the authentication request information, the identification information of the cipher token, the first information to be signed, the first signature information and the cipher token certificate; verify whether the cipher token certificate is legitimate by using a pre-stored root certificate corresponding to the cipher token certificate; verify the first signature information by using a public key of the cipher token after the cipher token certificate is verified to be legitimate; and complete the authentication to the cipher token after the first signature information is successfully verified.
13. 13. The system according to claim 11, wherein, the terminal is further configured to: send the identification information of the cipher token to the background system server; receive first information to be signed sent by the background system server; send the first information to be signed and an authentication instruction to the cipher token; receive first signature information and a cipher token certificate sent by the cipher token; and send authentication request information, the first signature information and the cipher token certificate to the background system server; the background system server is further configured to: receive the identification information of the cipher token sent by the terminal; generate the first information to be signed; send the first information to be signed to the terminal; receive the authentication request information, the first signature information and the cipher token certificate sent by the terminal; verify whether the cipher token certificate is legitimate by using a pre-stored root certificate corresponding to the cipher token certificate; verify the first signature information by using a public key of the cipher token after the cipher token certificate is verified to be legitimate; and complete the authentication to the cipher token after the first signature information is verified successfully; and the cipher token is further configured to: receive the first information to be signed and the authentication instruction sent by the terminal; sign the first information to be signed by using a private key of the cipher token to obtain the first signature information; and send the first signature information and the cipher token certificate to the terminal.
14. 14. The system according to any one of claims 11 to 13, wherein, the terminal is further configured to: send the identification information of the cipher token and a user identification information reading request to the background system server, receive response information of the user identification information reading request sent by the background system server, and obtain the user identification information based on the response information of the user identification information reading request; and the background system server is further configured to: receive the identification information of the cipher token and the user identification information reading request sent by the terminal, and obtain the user identification information corresponding to the cipher token based on the identification information of the cipher token; and obtain the response information of the user identification information reading request based on the user identification information, and send the response information of the user identification information reading request to the terminal.
15. 15. The system according to any one of claims 11 to 13, wherein, the terminal is further configured to: send a user identification information reading request to the cipher token; receive response information of the user identification information reading request sent by the cipher token, and obtain the user identification information based on the response information of the user identification information reading request; and the cipher token is further configured to: obtain pre-stored user identification information, obtain the response information of the user identification information reading request based on the pre-stored user identification information, and send the response information of the user identification information reading request to the terminal.
16. 16. The system according to any one of claims 11 to 15, wherein, after scanning the cipher token in the signal coverage range and obtaining the identification information of the cipher token, the terminal is further configured to: obtain identification information of all cipher tokens in the signal coverage range of the terminal and generate a real-time identification list; compare each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval; obtain user identification information corresponding to each scanned cipher token based on the identification information included in the real-time identification list but not included in the pre-established current user list; delete, from the pre-established current user list, user identification information corresponding to each cipher token with the identification information included in the pre-established current user list but not included in the real-time identification list.
17. 17. The system according to any one of claims 11 to 15, wherein, after scanning the cipher token in the signal coverage range and obtaining identification information of the cipher token, the terminal is further configured to: obtain identification information of all cipher tokens in the signal coverage range of the terminal and generate a real-time identification list; compare each piece of identification information in the real-time identification list with all the identification information in the pre-established current user list, at a predetermined time interval; obtain user identification information corresponding to each scanned cipher token based on the identification information included in the real-time identification list but not included in the pre-established current user list, and store the obtained user identification information into the real-time identification list; copy user identification information corresponding to each cipher token with the identification information included in the real-time identification list and included in the pre-established current user list from the pre-established current user list to the real-time identification list; and take the real-time identification list as an updated current user list.
18. 18. The system according to any one of claims 12 to 17, wherein, the cipher token is further configured to: turn a sleep state into an awakened state after receiving the first information to be signed and the authentication instruction, and sign the first information to be signed in the awaked state by using the private key of the cipher token to obtain the first signature information.
19. 19. The system according to any one of claims 11 to 18, wherein, after obtaining the identification information of the cipher token, the background system server is further configured to: judge whether the identification information of the cipher token is included in a cipher token abnormality list pre-stored in the background system server; obtain a cipher token locking instruction, sign the cipher token locking instruction by using a private key of the background system server to generate second signature information, and send the cipher token locking instruction and the second signature information to the cipher token via the terminal, after judging that the identification information of the cipher token is included in the cipher token abnormality list; and the cipher token is further configured to: receive the cipher token locking instruction and the second signature information sent by the background system server via the terminal; verify the second signature information by using a public key in a pre-stored background system server certificate; and execute a cipher token locking operation based on the cipher token locking instruction, after the second signature information is successfully verified.
20. 20. The system according to any one of claims 11 to 19, wherein, the background system server is further configured to: receive and check a cipher token registration application; send a cipher token key pair generating instruction to the cipher token, after the cipher token registration application is successfully checked; receive a public key in the cipher token key pair sent by the cipher token, generate a cipher token certificate and send the cipher token certificate to the cipher token; and the cipher token is further configured to: receive the cipher token key pair generating instruction sent by the background system server and generate the cipher token key pair; send the public key in the cipher token key pair to the background system server; and store the cipher token certificate.