CN101018130B - Finance business system and finance business processing method - Google Patents
Finance business system and finance business processing method Download PDFInfo
- Publication number
- CN101018130B CN101018130B CN2007100639759A CN200710063975A CN101018130B CN 101018130 B CN101018130 B CN 101018130B CN 2007100639759 A CN2007100639759 A CN 2007100639759A CN 200710063975 A CN200710063975 A CN 200710063975A CN 101018130 B CN101018130 B CN 101018130B
- Authority
- CN
- China
- Prior art keywords
- information
- service
- module
- authentication
- financial terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The disclosed financial business system comprises: a business host in service center, a front server with connected authorization module and transmitting-receiving module connected with a pre-process module, and a terminal access gateway including an access module and a conversion module and transmission module connected with a protocol conversion module. This invention reduces both service and hardware cost, and simplifies network structure.
Description
Technical field
The present invention relates to financial service system and finance business processing method, especially a kind of by the professional main frame, the front server that are arranged at the financial service center and be arranged at point that the IAD of financial terminal side constitutes financial service system to the multiple spot star topology, and utilize financial service system to handle the finance business processing method of financial business.
Background technology
Traditional financial service is the agency that establishes in a wide range in the region within the jurisdiction, and the bank's cabinet user oriented by agency provides aspectant direct service.This method of service needs bigger operation place and human resources, and operating cost is higher, and service time is limited, and service is not provided general night; And, expand service if desired, just need to enlarge the operation place or set up agency, invest greatlyyer, development speed is very slow, therefore, becomes the bottleneck that the in-depth financial service develops.
Along with the intensified competition of financial field after the China's entry into the WTO, each big bank transfers service-centric one after another to, and various user friendly value-added services are provided.Each big bank of China and China Unionpay's cloth are placed on the financial terminal in market in recent years, for example: the ATM (abbreviation of Cash Deposit/Automated TellerMachine automatically, hereinafter to be referred as: CD/ATM), self-service terminal, the point of sales terminal (abbreviation of Pointof Sales, hereinafter to be referred as: POS) mechanical, electrical words POS, various types of POS equipment, portable terminal, cashier's machine etc., quantity sharply increases, and has greatly promoted the development of financial business.
At present, financial terminal has been developed strong functions, by its simple and have affinity operation interface, substantially, can realize the Self-Service except that depositing, withdrawing of wholesale cash (for example: below 5,000 yuans) is professional at home to private business and part service for corporate customers, for example: small amount (in 5,000 yuan) is deposited and withdrawn, bankbook is recognized, the inquiry of bank card billing information and printing, various transferred account service, the various expense business etc. of withholding, in addition, can also realize functions such as banking propaganda, can replenish mutually with bank counter is professional.The operation place has been saved in the introducing of financial terminal, has discharged human resources, has saved bank's operating cost greatly; Service time is unrestricted, and 24 * 7 Self-Service can be provided; Shunt service, alleviated the operating load of agency of bank greatly; And made things convenient for the user.
Financial terminal uses two the big fields that are mainly used at present: commercial consumption and self-service dealing.Wherein, commercial consumption is mainly realized by the POS machine that places each commercial network; Self-service dealing is mainly deposited self-aided terminal such as machine and is realized by various ATM, circle, can finish at present as withdraw the money, supplement with money, pay dues, financial service such as inquiry, become the another kind of mainstream applications pattern outside the commercial consumption gradually, general employing Digital Data Net (Digital Data Network, hereinafter to be referred as: DDN) wait the special line networking mode.
As shown in Figure 1, be the structural representation of prior art financial service system.Comprise different types of financial terminal that is distributed in each service location and professional main frame, front end processor and network controller (the Network Access Controller that is arranged at the financial service center, hereinafter to be referred as: NAC), wherein, the communication protocol difference that different types of financial terminal uses, the financial terminal of same kind is connected to NAC in point-to-point mode by special circuit, and the front end processor by this NAC and same kind is connected with professional main frame again.
With present the most widely used POS is example, and the prior art financial communication networks is described.But the broad covered area of POS business, POS all can install in each emporium, hotel, savings point, gas station etc.; Its data quantity transmitted is less, and generally, a POS service message is about 200 bytes, and it requires high to real-time, and the time that business is finished is short more good more; Its security requirement to transfer of data is higher.The mode that present most popular POS inserts financial communication networks mainly contains two kinds: traditional based on the point-to-point access way of telephone network and network access mode afterwards, the basic principle of the two access is: place the point of sale (for example: the market, the hotel, the restaurant, gas station etc.) wired or wireless POS financial terminal, be connected to the NAC at financial service center by telephone network or data network, after removing redundant information by NAC, sequencing by different transaction-based requirements transmits the effective information bag to the POS at financial service center front end processor, the POS front end processor is handled the POS service message that each financial terminal sends, after being converted to the discernible data format of professional main frame, sending to professional main frame and handle.
The financial communication networks that NAC is mainly used in self-service financial terminals such as POS, ATM connects, it has basic functions such as the reception of multichannel line concentration, protocol conversion, service message and forwarding, allow financial terminal to insert in modes such as dialing, special line, local area network (LAN)s, support VISA I/II, ISO ASYNC, X.28, asynchronous communications protocol such as Transparent, support SDLC, X.25 wait communication protocol synchronously.
Figure 2 shows that conventional P OS inserts the topological schematic diagram of financial service system.The POS financial terminal by public switched telephone network (PSTN) (Public Switched Telephony Network, hereinafter to be referred as: PSTN) be connected on the POS access device (that is: NAC), NAC is connected with professional main frame in the banking system by the POS front end processor again.Bank card (for example: credit card, stored value card, debit card etc.) user uses before the bank card business at every turn, and POS needs to dial in to NAC by PSTN, confirms that by NAC this POS is a legitimate device.Only after POS is by authentication, could with NAC between set up and be connected.When bank card user could be utilized various bank card consumption, " swipe the card " on POS, that is: input account number (that is: account number) information, and input consumption service information comprises: dealing money, password etc.; POS generates the POS service message according to the information that reads, send to the second line of a couplet card of NAC by PSTN, first line of a couplet card by NAC is transmitted to the POS front end processor, the POS front end processor carries out protocol conversion to the message that NAC sends, professional main frame is converted into after can discern the POS business datum of form, send to professional main frame and handle, and return the result message to the POS financial terminal by original route.
There are following shortcomings and deficiencies in the financial communication networks of prior art:
1, financial terminal is connected in point-to-point mode with the financial service center, each financial terminal that is arranged at user side all needs to be connected with the NAC that is arranged at the financial service center by a special circuit, and the communication usage charges of special circuit are very high, increased cost of serving; Every financial terminal all has private line access NAC, and bank need increase second line of a couplet card on the NAC, network charges height for every circuit; In wired application, for the financial terminal user, financial terminal of every increase will be applied for an analog of telephone line, and for bank, analog of telephone line of every access will increase a second line of a couplet card.Cost is higher; Adjust the quantity of financial terminal as need, for example: in colleges and universities during the new term begins, under the situation such as fair, need increase new financial terminal according to the requirement of financial business is interim, then need when revising the deploying troops on garrison duty of financial terminal, adjust synchronously, because NAC is arranged on the financial service center to NAC, can't be in time, adjust easily, therefore, application and change required time cycle of special line are longer, and required cost is higher, the business development difficulty is big, and is extremely inconvenient.
2, different types of financial terminal need be connected the system complexity height by different front end processors with professional main frame.
3, because telephone network is exclusively used in the transmission voice service, its transmission error rates is 1 * 10
-3, transmission quality is relatively poor; POS with dial mode when NAC transmits data, time that will have a Modem " to shake hands " and connect at first, probably need 10~20 seconds time, even adopt " shaking hands fast ", also need the time about 5 seconds at least, therefore, exchange's length that takes time, each time of 10~30 seconds of service needed, in addition longer; The call completing rate of telephone network is far below data network, and the outgoing trunk road of the main line at financial service center and point of sale phone Private Branch Exchange PBX all is " bottlenecks " of point-to-point dialing POS, and therefore, call completing rate is lower.This just makes that the reliability of system is relatively poor, can't satisfy the business that transfer of data is had relatively high expectations.
4, financial terminal is initiated before the service request at every turn, all need by the NAC authentication that is arranged at the financial service center could set up and MAC between link, just can carry out Business Processing then, the program complexity, required time is long, inefficiency; And, authenticate in a large number confidential data by public network at the financial terminal that is arranged at the point of sale and be arranged between the NAC at financial service center and propagate poor stability.
5, NAC is provided with a first line of a couplet card and the polylith second line of a couplet card corresponding with the quantity of financial terminal, and complexity is set; Secondly, also need the first line of a couplet to be sticked into row setting by special management software, comparatively loaded down with trivial details; A first line of a couplet card only can provide a kind of way of output, application extension inconvenience, and cost an arm and a leg; Financial terminal and NAC do not have the encryption function to service message, this just makes very easily reveals through the data of public PSTN or data network transmission between financial terminal and the NAC, this just may illegally be intercepted and captured, though service message is a ciphertext, but unauthorized person may be according to the synthetic service message of the data set of intercepting and capturing, if unauthorized person has got access to key by other means, then service message can be reduced to expressly, thereby bring economic loss to bank card user.
Summary of the invention
Technical problem to be solved by this invention is: the financial terminal that is arranged at the point of sale is connected existing shortcomings and deficiencies with the professional main frame that is arranged at the financial service center in point-to-point mode: the communication usage charges of special circuit are very high; The network charges height; It is required with high costs to increase financial terminal; Can't be in time, adjust the quantity of financial terminal easily, required time cycle of application and change special line is longer, required cost is higher, the business development difficulty is big, and is extremely inconvenient.
For solving the problems of the technologies described above, a kind of financial service system that the embodiment of the invention provides comprises the professional main frame that is arranged at the financial service center, also comprises the front server that is arranged at the financial service center, and the IAD that is arranged at the financial terminal side; Described IAD comprises: access module, be used for authentication information or business information service message corresponding generation authentication request information or service requesting information service message according to the financial terminal transmission, and to described financial terminal return authentication object information or service processing result information service message; Modular converter is connected with described access module, is used for described authentication request information, described service requesting information, described authentication result information or described service processing result information service message are converted to default form; Forwarding module, be connected with described modular converter, be used for sending the authentication request information or the described service requesting information service message of default form, and described authentication result information or the described service processing result information service message that described front server returns is transmitted to described modular converter to described front server;
Described front server comprises: authentication module, and the authentication information that is used for the financial terminal that described authentication request information carried according to financial terminal information authenticates, and generates authentication result information service message; Pretreatment module is connected with described authentication module and front end processor, is used for asking described professional main frame that described service requesting information is handled, and receiving the service processing result information service message that described front end processor returns after described authentication information is by authentication; Transceiver module, be connected with described forwarding module, described authentication module and described pretreatment module respectively, be used for authentication request information or described service requesting information service message that described forwarding module sends are transmitted to described authentication module and described pretreatment module respectively, and the service processing result information service message that the authentication result information service message that described authentication module is returned or described pretreatment module are returned is transmitted to described forwarding module;
Described IAD also comprises the enciphering/deciphering module, be connected with described modular converter and described forwarding module respectively, send to described forwarding module after being used to adopt default algorithm to described authentication request information or the encryption of service requesting information service message, and to sending to described modular converter after described authentication result information or the deciphering of service processing result information service message;
Described front server also comprises to be separated/encrypting module, be connected with described transceiver module, described authentication module and described pretreatment module respectively, send to described authentication module after being used to adopt described default algorithm to the deciphering of described authentication request information or service requesting information service message, and send to described transceiver module after described authentication result information or service processing result information service message encrypted.
For solving the problems of the technologies described above, a kind of finance business processing method that the embodiment of the invention provides may further comprise the steps:
The service requesting information service message that receives is converted to default form, carries business information in the described service requesting information; Bank card user information according to storing in advance authenticates described business information; If by authentication, then the business of service message request is handled, is generated and return service processing result information; If not by authentication, then generate the also authentication result information of return authentication failure;
Wherein, also comprise the operation of adopting the algorithm preset that described service message is encrypted between described service requesting information service message being converted to default form and described business information being authenticated; If, before the business of service message request is handled, also carry out the operation of adopting above-mentioned default algorithm that described service message is decrypted by authenticating.
Based on technique scheme, the present invention has following beneficial technical effects:
1, each financial terminal communicates to connect by IAD that is arranged at the financial terminal side and the front server that is arranged at the financial service center, thereby form based on the financial communication system of putting the multiple spot star topology, a plurality of financial terminals are by an IAD, only need a circuit to be connected with the business service center, all need by a circuit access service server relatively save the special circuit expense with each financial terminal in the prior art, reduce cost of serving at double; The access module of IAD can insert a plurality of financial terminals simultaneously, does not need to set up interface separately for the financial terminal of each access, has saved network charges; Because IAD is arranged on the financial terminal side, setting up terminal does not need to set up circuit between financial terminal and the financial service center, and expense is low, and is easy to operate, more easily sets up service point, adjusts professional scale.
2, because IAD has protocol conversion function, different types of financial terminal can be connected with front server by IAD nearby, and does not need to insert corresponding front end processor according to the kind of financial terminal again, and network configuration is simple.
Below by drawings and Examples, technical scheme of the present invention is described in further detail.
Description of drawings
Fig. 1 is the structural representation of prior art financial service system.
Fig. 2 is the topological schematic diagram that prior art conventional P OS inserts financial service system.
Fig. 3 is the structural representation of financial service system embodiment of the present invention.
Fig. 4 is applied to the topological schematic diagram of market embodiment for financial service system of the present invention.
Fig. 5 is applied to the topological schematic diagram of wholesale market embodiment for financial service system of the present invention.
Fig. 6 is applied to the topological schematic diagram of user residential quarters embodiment for financial service system of the present invention.
Fig. 7 is the flow chart of finance business processing method of the present invention.
Fig. 8 is the flow chart of finance business processing method embodiment of the present invention.
Embodiment
The present invention communicates to connect the front server that different types of financial terminal inserts the financial service center by the IAD that is arranged at user side, forms based on the financial service system of putting the multiple spot star topology.
As shown in Figure 3, structural representation for financial service system embodiment of the present invention, it comprises the IAD 1 that is arranged at the financial terminal side, front server 2 and the professional main frame 3 that is arranged at the financial service center, and IAD 1 can work in same safe local area network (LAN) or the VLAN with the financial terminal that is connected.Wherein, IAD 1 comprises access module 11, modular converter 12, the forwarding module 13 that connects successively; Front server 2 comprises the authentication module 21 and transceiver module 22 that connects successively, and the pretreatment module 23 that is connected with authentication module 21 and transceiver module 22 respectively, transceiver module 22 is connected with forwarding module 13, concrete, can be by DDN/FR/ATM or other connected mode connections reliably at a high speed.Can in different financial terminal sides IAD be set respectively according to the actual requirements.
Wherein, access module 11 is used to be connected in a plurality of financial terminals of bank card user side, can insert financial terminal can different types of financial terminal, for example: CD/ATM, self-service terminal, the POS machine, telephone POS, various types of POS equipment, portable terminal, in the cashier's machine one or more, receive authentication request information and service requesting information service message that financial terminal sends, and to financial terminal return authentication object information and business and service processing result information service message, bank card wherein can be a stored value card, credit card, all kinds of cards such as debit card; Modular converter 12 is used for authentication request information that financial terminal sends or service requesting information service message and is converted to the transceiver module 22 that sends to front server 2 behind the front server 2 discernible default forms by forwarding module 13, and the authentication result information that transceiver module 22 is returned or processing result information service message send to corresponding financial terminal by access module 11 after being converted to the discernible default form of financial terminal that sends service requesting information; Forwarding module 13 is used for sending to the transceiver module 22 of front server 2 service message of default form, and authentication result information or processing result information service message that transceiver module 22 is sent are transmitted to modular converter 12.Wherein, access module 11 can be utilized technology shielding internal-external network territories such as two network interface cards, can support client/server (Client/Server, hereinafter to be referred as: C/S) pattern and browser/server (Brower/Server, hereinafter to be referred as: B/S) equipment of pattern inserts; During specific implementation, the kind of the financial terminal that can insert according to reality, the existing various access module of flexible combination, for example: can insert the voice module of conventional P OS, can insert the DLSw module of traditional ATM, can insert the POS of IPization and the ethernet module of ATM.
Access module can insert a plurality of financial terminals simultaneously, does not need to set up interface separately for the financial terminal of each access, and simple in structure, cost is low; Because IAD is arranged on the financial terminal side, the convenient modification; It can be converted to the discernible default form of professional main frame with the data that different types of financial terminal sends, and it is convenient to expand.
Because the modular converter in the IAD has the Data Format Transform function, different types of financial terminal can be connected with front server by IAD nearby, and do not need again to insert corresponding front end processor according to the kind of financial terminal, network configuration is simple, it can be converted to the discernible default form of front server with the data that different types of financial terminal sends, and it is convenient to expand; Access module can insert a plurality of financial terminals simultaneously, does not need to set up interface separately for the financial terminal of each access, and is simple in structure, saved network charges, and cost is low.
Professional main frame 3 is used for the service request that IAD is initiated is handled, and is identical with the function of prior art.
Each financial terminal communicates to connect by IAD that is arranged at the financial terminal side and the front server that is arranged at the financial service center, thereby form based on the financial service system of putting the multiple spot star topology, a plurality of financial terminals are by an IAD, only need a circuit to be connected with front server, all need insert NAC relatively with each financial terminal in the prior art by a circuit, save the special circuit expense, reduced cost of serving at double; Because IAD is arranged on the financial terminal side, setting up financial terminal does not need to set up circuit between financial terminal and the financial service center, and expense is low, and is easy to operate, more easily sets up service point, adjusts professional scale; Because IAD is arranged on the financial terminal side, the convenient modification.
Again referring to Fig. 3, IAD 1 also comprises enciphering/deciphering module 14, be connected with modular converter 12 and forwarding module 13 respectively, be used to adopt the service message of default algorithm to modular converter 12 transmissions, for example: authentication request information or service requesting information service message, send to forwarding module 13 after encrypting, and the secure service message that forwarding module 13 is sent, for example: authentication result information or service processing result information service message send to modular converter 12 after being decrypted.Accordingly, front server 2 also comprises to be separated/encrypting module 24, respectively with transceiver module 22, authentication module 21 and pretreatment module 23 connect, be used to adopt the default identical algorithms that adopt with encrypting module 14, secure service message to transceiver module 22 transmissions, for example: authentication request information or service requesting information service message, be decrypted corresponding authentication module 21 and the pretreatment module 23 of sending in back, and the service message that authentication module 21 or pretreatment module 23 are returned, for example: send to transceiver module 22 after authentication result information or service processing result information service message are encrypted.
Be provided with the enciphering/deciphering module in the IAD, just send to front server after financial terminal service message that send, that promptly be ciphertext itself can being encrypted, fully guaranteed fail safe and the reliability of service message in transmission course, effectively avoided bringing economic loss to the user because of the bank card user information leakage.
In addition, IAD 1 can also comprise information storage module 15, is connected with access module 11, is used to store the effective information by the financial terminal of authentication, and this effective information can be identification information, address information, the valid expiration date information etc. of financial terminal.Accordingly, when financial terminal was initiated authentication request information to IAD, access module 11 can also be used for the effective information according to information storage module 15 storages, judges whether and need authenticate this financial terminal, controls the access of financial terminal.Configuration information memory module 15 in the IAD, can store the effective information that passes through the financial terminal of authentication, therefore, financial terminal only need be by first authentication when activating, when financial terminal is initiated service request before the deadline once more, this financial terminal is authenticated again by front server with regard to not needing, just can directly handle the service request of its initiation, link setup and authenticated time and workload have been reduced, and the possibility of having avoided authentication information in transmission course, to be exposed, shorten traffic handling time, improved Business Processing efficient.Because IAD and financial terminal work in same safe local area network (LAN) or the VLAN, if do not need to authenticate again, be example with the POS transaction, only the activation that needs 1~3 second has been saved 10~20 seconds the link setup time under the traditional mode.
In addition, IAD 1 also comprises interconnective test module 16 and statistical information memory module 17, and test module 16 also is connected with access module 11.Wherein, test module 15 is used for the situation according to transmitting-receiving authentication request information, service requesting information, authentication result information or service processing result information on the access module 11, detect the attribute and/or the business processing status of each financial terminal that connects, for example: can detect the attribute such as kind, address of financial terminal, and business processing status such as operating state of each financial terminal, Business Processing frequency, Business Processing success rate; Statistical information memory module 17 is used to store the historical information of the attribute and/or the business processing status of detected financial terminal, so that keeper's inquiry.
After test module 16 and statistical information memory module 17 are set in the IAD, can detect the attribute and/or the business processing status of each financial terminal, so that the keeper makes a strategic decision according to detected situation, for example: if a certain financial terminal long-term immobilization may be to break down; The treatment state if a certain financial terminal is managed business for a long time always in order to alleviate its live load, can be considered to set up financial terminal separately in its address.
Financial service system of the present invention can extend, expand the outlet of each financial institution, build trade networks such as entering various commercial networks, trade company, sub-district and resident family, can carry Bank Retail Business and other and payment financial business and network value added business for the basis.As Fig. 4-shown in Figure 6, be respectively the topological schematic diagram that financial service system of the present invention is applied to market, wholesale market, user residential quarters embodiment.Wherein, front server is arranged in the banking system.
Figure 7 shows that the flow chart of finance business processing method of the present invention, it may further comprise the steps:
The service requesting information service message that receives is converted to default form, carries business information in this service requesting information, the business (step 1) that this business information is handled for request; Bank card user information according to storing in advance authenticates (step 2) to the business information in the service requesting information; If authentication is passed through, then the business of service message request is handled, after successfully handling, generate and return service processing result information (step 3); If not by authentication, then generate the also authentication result information (step 4) of return authentication failure.
Wherein, before above-mentioned steps 1, also comprise: the flow process that the validity of bank card is authenticated, for example: the bank card account number and the password of encryption, it is specially: the authentication request information service message that receives is converted to default form; According to the bank card user information of storing in the financial service central database, the bank card information of carrying in the authentication request information is carried out authentication, and the return authentication object information.
The flow process of the finance business processing method embodiment that realizes based on financial service system of the present invention as shown in Figure 8, specifically may further comprise the steps:
Financial terminal receives the bank card information of user's input: account number 011112121 and password 33332, generate the authentication request information service message of encrypting and send to access module 11, authentication request information wherein comprises the account number and the encrypted message (step 101) of encryption.
Access module 11 is transmitted to modular converter 12 (step 102) with authentication request information service message.
Enciphering/deciphering module 14 adopts default algorithm that the authentication request information service message of default form is encrypted the back and sends to transceiver module 22 (step 104) by forwarding module 13.
The secure service message that transceiver module 22 will be preset form is transmitted to be separated/encrypting module 24, separate/encrypting module 24 sends to pretreatment module 23 (step 105) after adopting algorithm default form, identical with enciphering/deciphering module 14 that the service message of encryption is decrypted.
If correct, then to separate/encrypting module 24 sends the authentication result information (step 107) that authentications are passed through.
The authentication result information of separating/by transceiver module, 22 forwarding modules 13 authentication of encrypting being passed through successively after encrypting module 24 adopts default algorithm to the authentication result information encryption is transmitted to enciphering/deciphering module 14 (step 108).
The authentication result decrypts information that enciphering/deciphering module 14 adopts described default algorithm that the authentication of encrypting is passed through, the authentication result information that the authentication after the deciphering is passed through sends to modular converter 12 (step 109).
Enciphering/deciphering module 14 can be encrypted service message, has fully guaranteed the fail safe of service message, avoids bringing economic loss because of the bank card user information leakage to it.
Behind the default form that the authentication result information translation that modular converter 12 passes through authentication can be discerned for the financial terminal that sends service requesting information, send to corresponding financial terminal (step 110) by access module 11.
Financial terminal prompting user incoming traffic information, and according to the business information of user input, for example: amount deducted: 888.00 yuan, generate the service requesting information service message of encrypting and send to access module 11, service requesting information wherein comprises business information (step 111).
Access module 11 is transmitted to modular converter 12 (step 112) with service requesting information.
Enciphering/deciphering module 14 adopts default algorithm that the service requesting information service message of default form is encrypted the back and sends to transceiver module 22 (step 114) by forwarding module 13.
The secure service solicited message service message that transceiver module 22 will be preset form sends to be separated/encrypting module 24, separate/encrypting module 24 sends to pretreatment module 23 (step 115) after adopting default, identical with enciphering/deciphering module 14 algorithm that the service message of this encryption is decrypted.
Professional main frame 3 888.00 yuan of amount deducteds on the account number 011112222, deduct successfully after, generation and by pretreatment module 23 to separating/encrypting module 24 transmission Business Processing successful service processing result information service messages (step 118).
Separate/by transceiver module 22, forwarding module 13 the service processing result information service message of encrypting is transmitted to enciphering/deciphering module 14 (step 119) successively after encrypting module 24 adopts default algorithm to service processing result information service message encryption.
Enciphering/deciphering module 14 adopts the described default Business Processing successful service processing result information service message deciphering of algorithm to encrypting, and the Business Processing successful service processing result information service message after the deciphering is sent to modular converter 12 (step 120).
If account number and password bad, perhaps the remaining sum on the account number 011112222 is less than 888.00 yuan of the amount of money of request deduction, then separates/send to enciphering/deciphering module 14 (step 122) by transceiver module 22, forwarding module 13 successively after encrypting module 24 adopts the default authentication result information service message encryption of algorithm to failed authentication.
Enciphering/deciphering module 14, modular converter 12 be respectively to authentication result decrypts information, the format conversion of the failed authentication encrypted, and send to corresponding financial terminal (step 123) by access module 11.
Wherein, in the embodiment of above-mentioned method for processing business, before the step 101, also comprise the operation that the validity to financial terminal authenticates, only after financial terminal is by authentication, bank card user could be managed business by this financial terminal, and the validity of financial terminal is authenticated specifically and can realize by following steps:
When financial terminal activates, generate and send the access requested service message that request inserts financial service systems, carry the sign and/or the address information of financial terminal during this accesss is asked to access module 11; Modular converter 12 should insert the requested service message and be converted to default form; Enciphering/deciphering module 14 adopts default algorithm that the access requested service message of default form is encrypted; Separate/encrypting module 24 adopts the algorithm identical with enciphering/deciphering module 14, to the access requested service message by forwarding module 13, transceiver module 22 transmissions successively is decrypted; After authentication module 21 receives and inserts the requested service message, according to the financial terminal information of storing in the database, the validity that sends the financial terminal that inserts the requested service message is authenticated, whether sign and/or the address information of judging the financial terminal that carries in the request of access be effective, and according to the processing mode that inserts the requested service message, reverse return authentication object information; Access module 11 returns to corresponding financial terminal with it after receiving this authentication result information; Simultaneously,, then this financial terminal is stored in information storage module 15 at effective effective information in the default term of validity by authentication as financial terminal.Afterwards, when the authentication request information of the transmission that receives this financial terminal, access module 11 is according to just can judging whether and need authenticate this financial terminal according to the effective information of storage in the information storage module 15, if need, then again this financial terminal authenticated according to above-mentioned flow process; If do not need, then directly the authentication request information of its transmission is handled.
When financial terminal is initiated service request before the deadline once more, only need the effective information of access module 11 according to storage in the information storage module 15, judge whether and to authenticate again this financial terminal, avoided unnecessary identifying procedure to financial terminal, simplified operation, shorten traffic handling time, and alleviated network burden.
According to authentication request information, service requesting information, authentication result information and the service processing result information service message handled on the access module 11, test module 16 can detect attributes such as the kind, address of each financial terminal that IAD 1 connects, and business processing status such as operating state of each financial terminal, Business Processing frequency, Business Processing success rate, and with the testing result information stores in statistical information memory module 17 use so that administrative staff analyze with decision-making.
The embodiment of the invention has following total useful technique effect:
Save the special circuit expense, reduced cost of serving at double; Saved network charges; Setting up terminal does not need to set up circuit between financial terminal and the financial service center, and expense is low, and is easy to operate, more easily sets up service point, adjusts professional scale; Different types of financial terminal can be connected with front server by the IAD by nearby, and does not need to insert corresponding front end processor according to the kind of financial terminal again, and network configuration is simple; Can not need before each business financial terminal to be repeated authentication at the effective information of Preset Time stored financial terminal, reduced the workload of link setup and authentication, shortened traffic handling time, improved Business Processing efficient; Fully guaranteed the fail safe of service message, avoided bringing economic loss to the user because of the leakage of the data in the service message; IAD does not need to set up interface separately for the financial terminal of each access, and simple in structure, cost is low, and convenient the modification and expansion.
It should be noted last that: above embodiment is only in order to illustrating technical scheme of the present invention, but not the present invention is made restrictive sense.Although the present invention is had been described in detail with reference to above-mentioned preferred embodiment, those of ordinary skill in the art is to be understood that: it still can make amendment or be equal to replacement technical scheme of the present invention, and this modification or be equal to the spirit and scope that replacement does not break away from technical solution of the present invention.
Claims (13)
1. a financial service system comprises the professional main frame that is arranged at the financial service center, it is characterized in that, also comprises the front server that is arranged at the financial service center, and the IAD that is arranged at the financial terminal side; Described IAD comprises: access module, be used for authentication information or business information service message corresponding generation authentication request information or service requesting information service message according to the financial terminal transmission, and to described financial terminal return authentication object information or service processing result information service message; Modular converter is connected with described access module, is used for described authentication request information, described service requesting information, described authentication result information or described service processing result information service message are converted to default form; Forwarding module, be connected with described modular converter, be used for sending the authentication request information or the described service requesting information service message of default form, and described authentication result information or the described service processing result information service message that described front server returns is transmitted to described modular converter to described front server;
Described front server comprises: authentication module, and the authentication information that is used for the financial terminal that described authentication request information carried according to financial terminal information authenticates, and generates authentication result information service message; Pretreatment module is connected with described authentication module and front end processor, is used for asking described professional main frame that described service requesting information is handled, and receiving the service processing result information service message that described front end processor returns after described authentication information is by authentication; Transceiver module, be connected with described forwarding module, described authentication module and described pretreatment module respectively, be used for described authentication request information or described service requesting information service message that described forwarding module sends are transmitted to described authentication module and described pretreatment module respectively, and the service processing result information service message that the authentication result information service message that described authentication module is returned or described pretreatment module are returned is transmitted to described forwarding module;
Described IAD also comprises the enciphering/deciphering module, be connected with described modular converter and described forwarding module respectively, send to described forwarding module after being used to adopt default algorithm to described authentication request information or the encryption of service requesting information service message, and to sending to described modular converter after described authentication result information or the deciphering of service processing result information service message;
Described front server also comprises to be separated/encrypting module, be connected with described transceiver module, described authentication module and described pretreatment module respectively, send to described authentication module after being used to adopt described default algorithm to the deciphering of described authentication request information or service requesting information service message, and send to described transceiver module after described authentication result information or service processing result information service message encrypted.
2. financial service system according to claim 1 is characterized in that described IAD also comprises information storage module, is connected with described access module, is used to store the effective information by the financial terminal of authentication; Described access module also is used for the effective information stored according to information storage module, judges whether and need the financial terminal of current transmission authentication request information be authenticated.
3. financial service system according to claim 1 and 2 is characterized in that, described IAD also comprises:
Test module is connected with described access module, is used to detect the attribute and/or the business processing status of financial terminal;
The statistical information memory module is connected with described test module, is used to store the historical information of the attribute and/or the business processing status of detected financial terminal.
4. financial service system according to claim 1 and 2 is characterized in that, described IAD is a plurality of, is arranged at different user side respectively.
5. financial service system according to claim 1 and 2 is characterized in that, described financial terminal is one or more in CD/ATM, self-service terminal, the mechanical, electrical words of POS POS, portable terminal, the cashier's machine.
6. a finance business processing method is characterized in that, may further comprise the steps:
The service requesting information service message that receives is converted to default form, carries business information in the described service requesting information; Bank card user information according to storing in advance authenticates described business information; If by authentication, then the business of service message request is handled, is generated and return service processing result information; If not by authentication, then generate the also authentication result information of return authentication failure;
Wherein, also comprise the operation of adopting the algorithm preset that described service message is encrypted between described service requesting information service message being converted to default form and described business information being authenticated; If, before the business of service message request is handled, also carry out the operation of adopting described default algorithm that described service message is decrypted by authenticating.
7. finance business processing method according to claim 6, it is characterized in that, before the service requesting information that receives is converted to default form, also comprise: after receiving authentication request information, financial terminal information according to storage, validity to financial terminal authenticates, and after described financial terminal is by authentication, at the effective information of the default described financial terminal of term of validity stored.
8. finance business processing method according to claim 7, it is characterized in that, also comprise: when receiving the authentication request information of transmission of financial terminal, effective information according to the financial terminal of storing, judge whether and to authenticate described financial terminal, if need, then again described financial terminal authenticated; If do not need, then directly described authentication request information is handled.
9. finance business processing method according to claim 8 is characterized in that, carries the financial terminal sign and/or the address information of the validity of sign financial terminal in the described authentication request information.
10. finance business processing method according to claim 6 is characterized in that, returns service processing result information and is specially:
Receive service processing result information service message, described service processing result information service message is converted to the default form identical with described service requesting information after, return the financial terminal that sends described service requesting information.
11. finance business processing method according to claim 6, it is characterized in that, also comprise:, detect and store the attribute and/or the business processing status of the financial terminal that connects according to the situation of the described authentication request information of transmitting-receiving, described service requesting information, described authentication result information or described service processing result information service message.
12. finance business processing method according to claim 11 is characterized in that, described attribute is the kind and/or the address of described financial terminal.
13., it is characterized in that described business processing status is specially one or more in operating state, Business Processing frequency and the Business Processing success rate of described financial terminal according to claim 11 or 12 described finance business processing methods.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007100639759A CN101018130B (en) | 2007-02-15 | 2007-02-15 | Finance business system and finance business processing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007100639759A CN101018130B (en) | 2007-02-15 | 2007-02-15 | Finance business system and finance business processing method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101018130A CN101018130A (en) | 2007-08-15 |
| CN101018130B true CN101018130B (en) | 2010-09-08 |
Family
ID=38726901
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007100639759A Expired - Fee Related CN101018130B (en) | 2007-02-15 | 2007-02-15 | Finance business system and finance business processing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101018130B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109714380A (en) * | 2018-08-17 | 2019-05-03 | 深圳壹账通智能科技有限公司 | Partner's method for network access, device, equipment and computer readable storage medium |
Families Citing this family (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101616414A (en) * | 2008-06-23 | 2009-12-30 | 中国移动通信集团公司 | Method, system and server that terminal is authenticated |
| CN101800639A (en) * | 2009-02-09 | 2010-08-11 | 华为终端有限公司 | Method, system and device for realizing ebanking services |
| CN101877717A (en) * | 2010-03-23 | 2010-11-03 | 苏州德融嘉信信用管理技术有限公司 | Document transmission system and transmission method thereof |
| CN101924715B (en) * | 2010-08-19 | 2012-07-25 | 中国工商银行股份有限公司 | Gateway server and bank data processing system |
| KR101195182B1 (en) * | 2011-02-18 | 2012-10-29 | 주식회사 하렉스인포텍 | Card payment system including mobile communication terminal and mobile relay device, apparatuses in the system and method for card payment in the apparatuses |
| CN102497354A (en) * | 2011-11-08 | 2012-06-13 | 陈嘉贤 | Method, system and device for identifying user's identity |
| CN102496218A (en) * | 2011-12-06 | 2012-06-13 | 广州广电运通金融电子股份有限公司 | Method and system for processing service of automatic teller machine |
| CN102663661B (en) * | 2012-04-10 | 2015-04-22 | 华为技术有限公司 | Health information system |
| CN103856340A (en) * | 2012-12-04 | 2014-06-11 | 广州智域电子有限公司 | China People's Bank information network access system based on second-generation ID cards and China People's Bank information network accessing method |
| CN103236959A (en) * | 2013-05-09 | 2013-08-07 | 中国银行股份有限公司 | Test system and test method for testing business processing module |
| CN103957241A (en) * | 2014-04-16 | 2014-07-30 | 中国工商银行股份有限公司 | Communication method and device based on message data |
| CN104361489B (en) * | 2014-11-03 | 2018-01-09 | 上海众人网络安全技术有限公司 | A kind of mark system and method for sensitive information |
| CN105227667A (en) * | 2015-10-14 | 2016-01-06 | 深圳市金证科技股份有限公司 | Message forwarding method and platform |
| CN106686040B (en) * | 2015-11-10 | 2020-06-30 | 阿里巴巴集团控股有限公司 | Message processing method and device |
| CN107392617A (en) * | 2017-07-25 | 2017-11-24 | 贵州眯果创意科技有限公司 | A kind of payment transaction management system based on network big data |
| CN108335039A (en) * | 2018-02-01 | 2018-07-27 | 深圳市买买提信息科技有限公司 | A kind of electronic financial service method, terminal and server |
| CN110113162A (en) * | 2019-05-08 | 2019-08-09 | 深圳乐信软件技术有限公司 | A kind of sensitive information processing system, method and its equipment |
| CN114973549A (en) * | 2019-05-10 | 2022-08-30 | 杭州米雅信息科技有限公司 | Data processing method and device, teller machine and data processing system |
| CN111711632A (en) * | 2020-06-20 | 2020-09-25 | 中信银行股份有限公司 | Authorization transaction system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1529878A (en) * | 2001-07-19 | 2004-09-15 | W3��Ѷ���ż���˽������˾ | Mobile electronic funds transfer system and method |
| CN1545054A (en) * | 2003-11-21 | 2004-11-10 | 氢 徐 | Information telephone financial POS system |
-
2007
- 2007-02-15 CN CN2007100639759A patent/CN101018130B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1529878A (en) * | 2001-07-19 | 2004-09-15 | W3��Ѷ���ż���˽������˾ | Mobile electronic funds transfer system and method |
| CN1545054A (en) * | 2003-11-21 | 2004-11-10 | 氢 徐 | Information telephone financial POS system |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109714380A (en) * | 2018-08-17 | 2019-05-03 | 深圳壹账通智能科技有限公司 | Partner's method for network access, device, equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101018130A (en) | 2007-08-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101018130B (en) | Finance business system and finance business processing method | |
| US20020025795A1 (en) | Method, system and device for monitoring activity of a wireless communication device | |
| AU2008352864B2 (en) | Sim chip bank system and method | |
| US8943088B2 (en) | System and method for processing database queries | |
| US6061664A (en) | System for facilitating the ordering and paying of services by means of a communication network | |
| US20100010932A1 (en) | Secure wireless deposit system and method | |
| HU220734B1 (en) | Service widening unit and system for facilitating the ordering and paying of services by means of a communication network | |
| JP2000500256A (en) | System, method and apparatus for conducting an electric payment transaction in a telecommunications network | |
| CN103577983A (en) | Load method of electronic currency for off-line consumption | |
| JP2010507143A (en) | Method and system for transferring value between mobile phone users | |
| CN107111815A (en) | System, method and device for updating stored value card | |
| CN108460593A (en) | A kind of offline Quick Response Code method of payment and device | |
| CN109118184A (en) | A kind of payment system and its method of payment | |
| CN1972306A (en) | Implementation method of secure socket layer protocol secure proxy multiple authentication | |
| WO2011140710A1 (en) | Method and service platform for implementing funds transfer using mobile terminal | |
| EP2334009A1 (en) | Realizing method and device for independent vc system compatible with different charge cards | |
| CN1946108B (en) | Method and method for realizing online payment of telephone | |
| CN105160531B (en) | Transaction data processing method and processing device | |
| CN101964125A (en) | Mobile phone payment system authenticated by double communication paths and corresponding method | |
| CN109617672A (en) | A kind of novel filling code key method | |
| CN101515350A (en) | System and method for realizing security payment by mobile telephone | |
| US8595131B2 (en) | Method for paying for a service offered by means of a data network | |
| CN1112062C (en) | Portable POS system of wireless mobile network and its operation method | |
| CN112379862A (en) | Universal blockchain wallet platform system | |
| CN1924940B (en) | Card-online trade terminal, its trade system and trade implementation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100908 Termination date: 20190215 |