CN101436280B - Method and system for implementing electronic payment of mobile terminal - Google Patents
Method and system for implementing electronic payment of mobile terminal Download PDFInfo
- Publication number
- CN101436280B CN101436280B CN200810239658A CN200810239658A CN101436280B CN 101436280 B CN101436280 B CN 101436280B CN 200810239658 A CN200810239658 A CN 200810239658A CN 200810239658 A CN200810239658 A CN 200810239658A CN 101436280 B CN101436280 B CN 101436280B
- Authority
- CN
- China
- Prior art keywords
- smart card
- data
- bank
- business datum
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention discloses a method for realizing electronic payment of a mobile terminal. An intelligent card is taken as a carrier of business data and a key and is connected with a mobile telephone to substitute for a solid bank card; at the same time, encryption and decryption technology is utilized to perform signature encryption to the business data and further convert the encrypted data into a two-dimensional code so as to realize the safe and instant payment of the bank card. The invention also discloses a device for realizing electronic payment of the mobile terminal. The method solves the potential safety hazard caused by directly converting account information into the two-dimensional code for electronic payment at present, provides safety protection for the electronization of the bank account payment, and provides the novel carrier for account information of the bank card.
Description
Technical field
The present invention relates to the E-Payment technology, particularly realize the method and system of electronic payment of mobile terminal.
Background technology
Smart card has been widely used in the fields such as bank, telecommunications, social insurance, ecommerce, for Secure Transaction provides reliable assurance as a kind of IC-card with functions such as identification, payment, encrypt/decrypts now.Planar bar code technology is brand-new automatic identification and information carrier technology, have contain much information, error correcting capability is strong, recognition speed is fast, advantages such as comprehensive recognition, and support variety carrier.
The mode of utilizing portable terminal to pay by mails at present is directly to convert accounts information to two-dimension code, and is stored on the mobile phone.When concluding the business, all be that this fixing two-dimension code is discerned at every turn, in security, have very big hidden danger,, can cause tremendous loss to the user in case mobile phone is lost.
Summary of the invention
In view of this, the object of the present invention is to provide the method and system of realizing electronic payment of mobile terminal, the electronization that is used to the bank account payment provides the new modes of payments and safer protection.
For realizing above-mentioned purpose, the invention provides a kind of method that realizes electronic payment of mobile terminal, may further comprise the steps:
The smart card that stores business datum is connected with portable terminal, said business datum is encrypted, and convert the business datum after encrypting into two-dimension code; Distinguish said two-dimension code, it is reduced to original ciphertext, to carrying out authentication after the said decrypt ciphertext, if authentication success then conclude the business;
Wherein, said business datum is encrypted specifically comprises:
The user selects corresponding business data in the smart card, in smart card, produces the authentication factor; The said authentication factor is specially: the data element of exchange hour or agreement;
With business datum and the synthetic data 1 of authentication factor set;
Individual private key with in the smart card blocks interior signature to data 1, thereby generates data 2;
Use the said authentication factor data 1 and data 2 to be encrypted, generate ciphertext 1 as key;
Use the PKI in bank's root certificate that the said authentication factor is encrypted, generate ciphertext 2.
The present invention replaces the entity bank card through being connected the carrier of smart card as business datum and key with portable terminal with this; Utilize encryption and decryption technology that business datum is wherein carried out encrypted signature simultaneously, convert data encrypted into two-dimension code then, to realize the safe pay down of bank card.Solved and at present directly convert accounts information to two-dimension code and pay the potential safety hazard of bringing by mails, paying by mails for bank account provides safe guarantee, and new carrier is provided for bank card account information.
Description of drawings
Fig. 1 is a system construction drawing of realizing electronic payment of mobile terminal in the embodiment of the invention;
Fig. 2 is a method flow diagram of realizing electronic payment of mobile terminal in the embodiment of the invention.
Embodiment
Embodiments of the invention are through with the embedded or external smart card that contains business datum and relevant key information of portable terminal, and the user is connected portable terminal with the e-bank server, and carries out authentication with smart card, conclude the business determining whether.Through utilizing the combination of smart card and portable terminal, make portable terminal have the function the same with bank card on the one hand, the user only need carry this medium of mobile phone and can realize paying by mails; On the other hand, when transaction,, guaranteed the secure payment of bank card through adopting encryption and decryption technology that user sensitive information is carried out encrypted signature.
For making the object of the invention, technical scheme and advantage clearer, the present invention is made further detailed description below in conjunction with accompanying drawing.
Fig. 1 is a system construction drawing of realizing electronic payment of mobile terminal in the embodiment of the invention; Comprising portable terminal 1 that can complete two-dimensional code display figure; This portable terminal can embedded two-dimension code modular converter, and this module can be with converting two-dimension code into behind the business datum encrypted signature in the smart card; The smart card 11 that is used for storage service data and key, said two-dimension code modular converter also can be arranged in the smart card, accomplish said function; Can correctly distinguish out the identification terminal 2 of the two-dimension code that shows on the portable terminal; Authentication terminal 3, the authentication terminal can pass to e-bank's server with information such as ciphertext business datum, transaction data and verification msgs; E-bank's server 4 is deciphered and is verified ciphertext, if verify successfully then conclude the business.
Fig. 2 is a method flow diagram of realizing electronic payment of mobile terminal in the embodiment of the invention, and this method specifically may further comprise the steps:
For guaranteeing the security of business datum, the authentication factor can be specified various ways, like random number, Time of Day etc.The generation of this authentication factor can be realized by hardware or software, for example generates random number through random number generation module or respective algorithms, or utilizes the Time of Day of agreement to do the authentication factor.
PKI in step 206, the use bank root certificate is encrypted the authentication factor and is generated ciphertext 2.Utilizing PKI in bank's root certificate that the authentication factor is encrypted is the method that adopts digital envelope, and the function class of digital envelope is similar to ordinary envelope capable, and ordinary envelope capable guarantees to have only the receiver could read the content of believing under the constraint of law; Digital envelope then adopts cryptographic technique to guarantee to have only the content that the recipient of regulation could reading information.Why will also encrypt the authentication factor mainly is to let key transmit with relatively safer form.
Because the authentication factor all is different at every turn, so two-dimension code also all will regenerate when each transaction, could guarantee the security of concluding the business like this.
After step 208, identification terminal are read two-dimension code, it is reduced to ciphertext 1 and ciphertext 2, and sends it to the authentication terminal.
If step 213 is verified successfully then is concluded the business.
In embodiments of the present invention, the packaged type of smart card can have multiple, for example:
Smart card is embedded in the portable terminal with the form of SD card, and this packing forms makes the user only need carry this medium of mobile phone and just can realize paying by mails easily and efficiently;
Perhaps; The packing forms of said smart card with PLUG-IN type card is embedded in the portable terminal; Or the packing forms of said smart card with integrated circuit be embedded in the portable terminal, or said smart card is carried out the outside with the packing forms of USB KEY with portable terminal be connected.The user in use, the patchcord of available USB mouth is carried out the outside with USB KEY with portable terminal and is connected, and realizes the E-Payment of portable terminal with this.
In addition, in embodiments of the present invention, the mode that the user obtains smart card also can have multiple, for example:
Related service department of bank produces corresponding business data and key according to the individual subscriber specifying information; And directly store on the smart card; The smart card that will store business datum and key again is presented to the user, and in a single day this smart card is issued, and being connected the back user can directly use with portable terminal;
Related service department of bank provides smart card to the user; And according to individual subscriber specifying information generation corresponding business data and key; The user can through with smart card with after portable terminal is connected, the form of employing network download downloads to business datum and key in the smart card and re-uses;
The third-party institution provides smart card to the user; The user directly uses the mode that related service department of third party bank downloads through using smart card, obtains corresponding service data and key information that this related service department of bank produces according to the individual subscriber specifying information.
Through above flow process, on the one hand through utilizing the combination of smart card and portable terminal, make portable terminal have the function the same with bank card, the user only need carry this medium of mobile phone and can realize paying by mails; On the other hand, when transaction,, guaranteed the secure payment of bank card through adopting encryption and decryption technology that user sensitive information is carried out encrypted signature.
In other embodiments of the invention, also can handle data and specify different modes, for example can be divided into data: ciphertext three parts that the signature+business datum of business datum+business datum generates make it be converted into two-dimension code.Also can be only it be signed and do not encrypt or simultaneously data are carried out encrypted signature.
In a word, the above is merely preferred embodiment of the present invention, is not to be used to limit protection scope of the present invention.
Claims (7)
1. a method that realizes electronic payment of mobile terminal is characterized in that, may further comprise the steps:
The smart card that stores business datum is connected with portable terminal, said business datum is encrypted, and convert the business datum after encrypting into two-dimension code; Distinguish said two-dimension code, it is reduced to original ciphertext; To said original decrypt ciphertext, and carry out authentication, if authentication success then conclude the business;
Wherein, said business datum is encrypted specifically comprises:
The user selects corresponding business data in the smart card, in smart card, produces the authentication factor; The said authentication factor is specially: the data element of exchange hour or agreement;
With business datum and the synthetic data 1 of authentication factor set;
Individual private key with in the smart card blocks interior signature to data 1, thereby generates data 2;
Use the said authentication factor data 1 and data 2 to be encrypted, generate ciphertext 1 as key;
Use the PKI in bank's root certificate that the said authentication factor is encrypted, generate ciphertext 2.
2. method according to claim 1 is characterized in that, the connected mode of said smart card and portable terminal specifically comprises:
The packing forms of said smart card with the SD card is embedded in the portable terminal; Or the packing forms of said smart card with PLUG-IN type card be embedded in the portable terminal; Or the packing forms of said smart card with integrated circuit be embedded in the portable terminal; Or said smart card is carried out the outside with the packing forms of USB KEY with portable terminal be connected.
3. method according to claim 1 and 2 is characterized in that, said business datum specifically comprises:
Bank's root certificate, Private Banking's certificate, bank account business information and individual private key information.
4. method according to claim 3 is characterized in that, the obtain manner of said business datum specifically comprises:
Related service department of bank produces the corresponding business data according to the individual subscriber specifying information, and directly stores on the smart card, and the smart card that will store business datum again is presented to the user; Or
Related service department of bank provides smart card to the user, and produces the corresponding business data according to the individual subscriber specifying information, the user through with smart card with after portable terminal is connected, the form of employing network download downloads to business datum in the smart card and re-uses; Or
The third-party institution provides smart card to the user, and the user directly uses the mode that related service department of third party bank downloads through using smart card, obtains the corresponding service data that this related service department of bank produces according to the individual subscriber specifying information.
5. method according to claim 4 is characterized in that, saidly is reduced to original ciphertext and specifically comprises:
After said two dimension code reading gone out, it is reduced to ciphertext 1 and ciphertext 2.
6. method according to claim 5 is characterized in that, this method further uses bank's root certificate private key that ciphertext 2 is deciphered, and obtains the said authentication factor;
With authentication factor decrypting ciphertext 1, obtain data 1 and data 2.
7. method according to claim 6 is characterized in that, said authentication specifically comprises: utilize the corresponding individual PKI of business datum in the said data 1 that data 2 are verified, and legal like checking through showing transaction.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810239658A CN101436280B (en) | 2008-12-15 | 2008-12-15 | Method and system for implementing electronic payment of mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810239658A CN101436280B (en) | 2008-12-15 | 2008-12-15 | Method and system for implementing electronic payment of mobile terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101436280A CN101436280A (en) | 2009-05-20 |
| CN101436280B true CN101436280B (en) | 2012-09-05 |
Family
ID=40710712
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810239658A Active CN101436280B (en) | 2008-12-15 | 2008-12-15 | Method and system for implementing electronic payment of mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101436280B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104134139A (en) * | 2013-05-03 | 2014-11-05 | 中国银联股份有限公司 | Method for encryption protection of financial information |
Families Citing this family (28)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101930644B (en) * | 2009-06-25 | 2014-04-16 | 中国银联股份有限公司 | Method for safely downloading master key automatically in bank card payment system and system thereof |
| FR2959896B1 (en) | 2010-05-06 | 2014-03-21 | 4G Secure | METHOD FOR AUTHENTICATING A USER REQUIRING A TRANSACTION WITH A SERVICE PROVIDER |
| CN101938520B (en) * | 2010-09-07 | 2015-01-28 | 中兴通讯股份有限公司 | Mobile terminal signature-based remote payment system and method |
| CN101945118B (en) * | 2010-09-29 | 2013-11-13 | 天地融科技股份有限公司 | Method, device and system for realizing reserved withdrawal service |
| CN102469453B (en) * | 2010-11-12 | 2015-03-25 | 国民技术股份有限公司 | Security certificate method |
| US20120310756A1 (en) * | 2011-06-06 | 2012-12-06 | Sarvatra Technologies Pvt Ltd. | System and method for displaying user's signature on pos terminals |
| CN102387142A (en) * | 2011-10-20 | 2012-03-21 | 北京天地融科技有限公司 | Tool, authentication method and system for electronic signature |
| CN102402745A (en) * | 2011-10-24 | 2012-04-04 | 广东汇卡商务服务有限公司 | Method and device for paying based on SD card |
| CN102609641A (en) * | 2011-12-28 | 2012-07-25 | 潘铁军 | DRM (digital rights management) system based on distributed keys |
| CN102737311B (en) * | 2012-05-11 | 2016-08-24 | 福建联迪商用设备有限公司 | Internet bank security authentication method and system |
| CN103871159A (en) * | 2012-12-11 | 2014-06-18 | 中国银联股份有限公司 | Money-withdrawing system and method based on two-dimension code |
| CN103136664B (en) * | 2013-03-06 | 2016-05-18 | 天地融科技股份有限公司 | There is smart card transaction system and the method for electronic signature functionality |
| CN103136667B (en) * | 2013-03-06 | 2016-09-14 | 天地融科技股份有限公司 | There is the smart card of electronic signature functionality, smart card transaction system and method |
| CN103178964A (en) * | 2013-03-05 | 2013-06-26 | 中国地质大学(武汉) | QR-code-based (quick response code-based) key exchange method for intelligent terminal authentication |
| CN103136666B (en) * | 2013-03-06 | 2016-08-03 | 天地融科技股份有限公司 | There is smart card method of commerce and the system of electronic signature functionality |
| CN103208151B (en) * | 2013-04-03 | 2016-08-03 | 天地融科技股份有限公司 | Process the method and system of operation requests |
| CN103354634B (en) * | 2013-05-08 | 2017-05-17 | 上海方付通商务服务有限公司 | Method and system for information processing |
| CN103413244A (en) * | 2013-07-29 | 2013-11-27 | 北京握奇数据系统有限公司 | Mobile security financial terminal and financial transaction method |
| CN103747012B (en) * | 2013-08-01 | 2017-12-19 | 戴林巧 | Safe verification method, the apparatus and system of network trading |
| CN103489102A (en) * | 2013-09-13 | 2014-01-01 | 惠州Tcl移动通信有限公司 | Method and system for preventing unauthorized credit card swiping through mobile phone based on two-dimensional code |
| CN103593757A (en) * | 2013-11-29 | 2014-02-19 | 成树嘎 | Method for bank transfer via mobile phone |
| CN105282088A (en) * | 2014-05-28 | 2016-01-27 | 腾讯科技(深圳)有限公司 | Method and system for controlling verification server and method and system for controlling verification |
| CN105321069A (en) * | 2014-07-16 | 2016-02-10 | 中兴通讯股份有限公司 | Method and device for realizing remote payment |
| CN106875175B (en) | 2016-06-28 | 2020-07-24 | 阿里巴巴集团控股有限公司 | Method and device convenient for payment subject expansion |
| CN111541728B (en) * | 2016-09-20 | 2023-10-10 | 徐蔚 | Payment method and device using payment mark and mobile terminal |
| CN106953872B (en) * | 2017-04-18 | 2019-08-16 | 韵盛发科技(北京)股份有限公司 | A kind of method and apparatus of business authentication |
| WO2019019153A1 (en) * | 2017-07-28 | 2019-01-31 | 杭州复杂美科技有限公司 | Scheme for generating, storing and using private key |
| CN109685497A (en) * | 2018-12-26 | 2019-04-26 | 江苏恒宝智能系统技术有限公司 | A kind of smart card external equipment and its method of payment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1556449A (en) * | 2004-01-08 | 2004-12-22 | 中国工商银行 | Device and method for proceeding encryption and identification of network bank data |
| CN101051908A (en) * | 2007-05-21 | 2007-10-10 | 北京飞天诚信科技有限公司 | Dynamic cipher certifying system and method |
-
2008
- 2008-12-15 CN CN200810239658A patent/CN101436280B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1556449A (en) * | 2004-01-08 | 2004-12-22 | 中国工商银行 | Device and method for proceeding encryption and identification of network bank data |
| CN101051908A (en) * | 2007-05-21 | 2007-10-10 | 北京飞天诚信科技有限公司 | Dynamic cipher certifying system and method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104134139A (en) * | 2013-05-03 | 2014-11-05 | 中国银联股份有限公司 | Method for encryption protection of financial information |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101436280A (en) | 2009-05-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101436280B (en) | Method and system for implementing electronic payment of mobile terminal | |
| US20200372503A1 (en) | Transaction messaging | |
| CN101789934B (en) | Method and system for online security trading | |
| US6385723B1 (en) | Key transformation unit for an IC card | |
| US6230267B1 (en) | IC card transportation key set | |
| CN106527673A (en) | Method and apparatus for binding wearable device, and electronic payment method and apparatus | |
| CN102081769A (en) | Method and system for processing payment data, payment terminal and payment server | |
| CN101098225A (en) | Safety data transmission method and paying method, paying terminal and paying server | |
| CN101226616A (en) | Payment server of webs, payment platform as well as payment method and system of webs | |
| CN101465019A (en) | Method and system for implementing network authentication | |
| CN101216923A (en) | A system and method to enhance the data security of e-bank dealings | |
| US8117453B2 (en) | Customization of an electronic circuit | |
| CN101247605A (en) | Short information enciphering and endorsement method, mobile terminal and short information ciphering system | |
| US20140289129A1 (en) | Method for secure contactless communication of a smart card and a point of sale terminal | |
| Purnomo et al. | Mutual authentication in securing mobile payment system using encrypted QR code based on public key infrastructure | |
| ES2436426T3 (en) | SIM card based method for performing services with high security features | |
| CN109903052A (en) | A kind of block chain endorsement method and mobile device | |
| CN103108245A (en) | Smart television payment secret key system and payment method based on smart television | |
| CN110633778A (en) | Pad pasting card with block chain digital currency wallet function | |
| KR101110777B1 (en) | Method and terminal of preventing parameter from forging/alternating | |
| Rosati et al. | Elliptic curve certificates and signatures for nfc signature records | |
| CN111914308A (en) | Method for mobile data signature by using CA certificate in intelligent card | |
| CN109816379B (en) | Network payment system for directly reading and writing IC card by mobile phone | |
| KR200466551Y1 (en) | Multifunctional pin pad | |
| CN109858295B (en) | Network payment method for directly reading and writing IC card by mobile phone |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |