CN101540031A - Confirmation method for ensuring data validity in network electronic trade - Google Patents
Confirmation method for ensuring data validity in network electronic trade Download PDFInfo
- Publication number
- CN101540031A CN101540031A CN200910083295A CN200910083295A CN101540031A CN 101540031 A CN101540031 A CN 101540031A CN 200910083295 A CN200910083295 A CN 200910083295A CN 200910083295 A CN200910083295 A CN 200910083295A CN 101540031 A CN101540031 A CN 101540031A
- Authority
- CN
- China
- Prior art keywords
- user
- computing
- user side
- information
- affirmation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention relates to a confirmation method for ensuring data validity in network electronic trade. The method comprises the steps of A1, determining a confirmation operation information set participating in an electronic trade data validity confirmation operation by a second channel; A2, displaying electronic trade data and operation indication information indicating how to use the confirmation operation information set on a user side; A3, calculating by a user to obtain user side validity identifying codes according to the operation indication information and the confirmation operation information set, inputting the identifying codes to the user side, and transmitting the identifying codes to a network background trading program; A4, calculating by the network background trading program to obtain background validity identifying codes according to the operation indication information and the confirmation operation information set; and A5, comparing the user side validity identifying codes with the background validity identifying codes by the network background trading program, and executing subsequent electronic trade treatment if the two are accordant. The invention is capable of effectively validating the data validity and preventing data from being forged or modified. The invention is suitable for on-line interactive systems, such as shopping online, internet-based banking services and internet-based tax service.
Description
Technical field
The present invention relates to a kind of confirmation method of guaranteeing the data validity of network electronic trade, belong to field of information security technology.
Background technology
Network electronic trade, be often referred to by transmitting one group of transaction data between user and the backstage service routine and (as: buy some article, perhaps transfer certain amount of money to certain account from own account) reciprocal process, in this process, must guarantee the network electronic trade safety of data.The security of network electronic trade comprises: transaction data is that the user truly imports, rather than is forged or revises, and can not the revising of the non-repudiation of process of exchange and transaction data.
Electronic signature technology based on the PKI technology is widely used in electronic transaction process at present, electronic signature device is a separate hardware that has USB interface or other Computer Communications Interfaces normally, as USBkey, in this hardware, finish the process of all or part of computing such as encryption, summary, signature of electronic transaction data.The applying electronic signature technology, can guarantee through the content of electronic signature can not change, non-repudiation etc.Present above-mentioned electronic signature device has obtained widely using, and uses the class device as what: bank issued the user of Web bank, and the circulation number in the whole nation calculates with ten million at present.Become and guarantee to relate to the safety technique that substantial contribution shifts.
But, because the transaction data that electronic signature device signs electronically, be that the user passes through, normally the computer interactive of Windows operating system produces, for the user, its content is presented on the computer screen, by program above-mentioned data is sent in the electronic signature device by above-mentioned communication port then.And in the transmittance process of above-mentioned electronic transaction data, it is unsafe that the user carries out mutual environment (normally Windows system), can have independently nontransaction side's observer, as Hacker Program.Hacker Program can be before data be sent to electronic signature device by communication port, revise the information of above-mentioned electronic transaction, cause the electronic transaction data to be modified or to forge, whether thereby can't guarantee actual electronic transaction content by the signature apparatus signature, be that the user truly imports or see content on computer screen.Can't prevent really that promptly rogue program from data being sent in the process of electronic signature device, distorting the content that will sign electronically, change the object, the amount of money, beneficiary of the electronic transaction in the user expectation etc., bring loss to the user.Said method is commonly referred to " transaction is kidnapped ", " transaction is forged " etc., promptly can't guarantee the authenticity of transaction data.
When the user buys article by network, equally also exist transaction to kidnap, conclude the business and forge, the list of articles of the user who submits to the backstage service routine being bought as rogue program increases or deletes, perhaps revise the user and buy article and do not have the article bought for the user, this also needs the user that the electronic transaction data are carried out authenticity validation.
The scheme of present solution, be in electronic signature device, to increase a display device and necessary button equal controller in addition, the data of sending in the electronic signature device are shown, and confirm the authenticity of data by the user, if confirm true, then the user touches necessary button and represents to confirm, thereby electronic signature device is carried out the signature computing to confirming real electronic transaction data.But the above-mentioned electronic signature device that has demonstration, button has increased cost.In addition, changing said apparatus for the users that existed already, itself also is the process that one-period is very long, workload is very big.
At present, utilize the CAPTCHA technology to come the authenticity of verification msg in addition.Its English full name of CAPTCHA is: " Completely Automated Program to Tell Computer and HumanApart ", perhaps " Completely Automated Public Turing test to tellComputer and Human Apart ", i.e. " a fully automatic program is distinguished people and machine ", " machine " here comprises the software of hardware device and operation on it.The identifying code technology that is widely used at present in the internet reciprocal process is exactly a kind of common example, utilize the people strong to the perception of deformation pattern, and the above-mentioned pattern analysis calculated amount of computer realization is big, in the limited computational power environment, distinguishes people and " machine ".The data that needs are confirmed are generated by the CAPTCHA technology, and the user comes the judgment data authenticity by the information that identification CAPTCHA technology generates, and is judged as true time, then carry out follow-up electronic transaction operation.
But there is defective equally in above-mentioned CAPTCHA technology, can not prevent that transaction from kidnapping, transaction is forged.Along with popularizing and the progress of mode identification technology of the raising of computer computation ability, communication, the reliability of this method is in the continuous variation, minimum this method can't prevent that rogue program from intercepting and capturing above-mentioned figure prior to the user, then above-mentioned figure is given the observer of malice by network delivery, discern figure by the malice observer who has with the same perception of user, thereby replace the user to operate or regenerate the authenticity that an alternative program destroys electronic transaction then.Therefore, the CAPTCHA technology can not prevent that transaction from kidnapping, transaction is forged, and guarantees the authenticity of electronic transaction data.
Be to promote the development of electronic transaction, need the affirmation technology of a kind of new electronic transaction data validity of design, prevent that transaction from kidnapping, transaction is forged, guarantee that simultaneously implementation cost is lower, be convenient to promote.
Summary of the invention
The object of the present invention is to provide a kind of method of guaranteeing the network electronic trade data validity, can solve " transaction is forged " and " transaction is kidnapped ", and even the unknown independent malice observer that comprises controls the safety problem that guarantees electronic transaction safety under the user terminal condition fully, independent utility or coelectron signature apparatus (as the USB Key of bank) etc., the security of raising electronic transaction.
A kind of confirmation method of guaranteeing the data validity of network electronic trade is applied in insecure client and transmits the electronic transaction data reliably between the net background transaction program, it is characterized in that described confirmation method may further comprise the steps:
A1: net background transaction program and user, determine that by second channel participates in the affirmation computing information set that the electronic transaction data validity is confirmed computing;
A2: when user side shows the electronic transaction data, show simultaneously how indication utilizes described affirmation computing information set the electronic transaction data validity to be confirmed the operation indication information of computing;
A3: the user calculates user side authenticity verification sign indicating number according to described operation indication information and described affirmation computing information set, the user imports described user side authenticity verification sign indicating number by user side, user side sends to described net background transaction program with described user side authenticity verification sign indicating number;
A4: described net background transaction program is carried out identical with the described A3 background end authenticity verification sign indicating number that calculates according to described operation indication information and described affirmation computing information set;
A5: described net background transaction program more described user side authenticity verification sign indicating number and described background end authenticity verification sign indicating number, the two unanimity is then carried out follow-up electronic transaction and is handled; Inconsistent, then refusal is carried out follow-up electronic transaction processing.
The present invention is applicable to the online interaction system, for example shopping online, Internet-based banking services, declares dutiable goods etc. on the net.
Characteristics of the present invention and advantage are as follows:
Confirm that the computing information set is by two different passage transmission with operation indication information, confirm that the computing information set is by non-network channel transmission, the user can very secret protection, and illegal user is difficult to know this information; The two is related simultaneously, and the two must be utilized the generation identifying code simultaneously when finishing transaction, can finish transaction, and operation indication information can be disclosed, but only knows that this information is nonsensical, can not generate legal identifying code.There is not legal identifying code, so can't just can't finish follow-up electronic transaction yet and handle by the comparison of net background transaction program.
Description of drawings
The present invention is further illustrated below in conjunction with the drawings and specific embodiments.
Fig. 1 is a method exemplary plot of guaranteeing the data validity of network electronic trade in the expression embodiment of the present invention.
Fig. 2 is the exemplary plot that shows electronic transaction data and operation indication information mode one in the expression embodiment of the present invention.
Fig. 3 is the exemplary plot that shows electronic transaction data and operation indication information mode two in the expression embodiment of the present invention.
Fig. 4 utilizes the CAPTCHA technology to show the exemplary plot of electronic transaction data and operation indication information in the expression embodiment of the present invention.
Embodiment
May relate to four entities in the network electronic trade: net background transaction program, user side transaction software, signature device and user, comprise potential assailant in addition, the assailant can be a local wooden horse or spy's program, more can comprise computing power and people in the network.
(1) net background transaction program: the service side that electronic transaction is provided, be positioned at electronic transaction service provider one end, usually comprise large database and transactional services software, storage and processing service content, customer information and Transaction Information etc. are guaranteed tight security by the service provider.
(2) user side transaction software: being positioned on the subscriber computer, is the operating platform that the user carries out electronic transaction, for the user provides basic transaction service function.It receives the data that the backstage transaction program is sent, and forms transaction data alternately with the user, and transaction data is sent to signature device, obtains sending to service side after the digital signature result.In the flow process of the present invention's design, it is complete that we suppose that the user side trading environment is on the rack, also be that whole user end computer might be attacked by rogue program, the data that the data of user's input and transaction software are handled can be intercepted and captured by attacker at any time, attack the information that the preface of having the records of distance by the log can be forged user's input or be chosen at random its forgery of demonstration or distort.In actual environment, what subscriber computer was installed usually is the WINDOWS system, and this hypothesis can be set up.
(3) signature device: similar with at present general USB Key, link to each other with subscriber computer by USB interface, deposit user's signature private key and certificate.Because this equipment has passed through strict safety detection usually, so we suppose that this signature device is believable, data storage that it is inner or the safe computing carried out can or not be difficult to be attacked by rogue program, the intensity of its security signature algorithm be enough to resist general user's computing equipment and general assailant the attack carried out of the network calculations ability that may have.Certainly, this signature device does not exist in some network payments or shopping at network, and whether having this signature device is not key of the present invention, whether has this signature device in the network electronic trade process, and the present invention all is suitable for.
(4) user: the user is the initiator of transaction and the affirmation side of transaction.In system architecture, the user is except participating in business in process of exchange, also need be before transaction need sometime and serve square tube and cross second channel and reach certain agreement with regard to the service that is provided and (for example sign service agreement, turn up service etc.), comprising determining that participates in the affirmation computing information set that the electronic transaction data validity is confirmed computing, concrete mode has multiple, as: the service provider of net background transaction program and user determine this affirmation computing information set face-to-face; Perhaps, the service provider of net background transaction program will confirm that by approach such as mailing the computing information set consigns to the user; Perhaps, the net background transaction program will confirm that by telecommunication path the computing information set sends to user's mobile communication terminal, as mobile phone, PDA etc., as long as variety of way being delivered in user's hand of can guaranteeing that this affirmation computing information set can be secret do not intercepted and captured by the assailant in the network and got final product.
(5) assailant, as previously mentioned, the assailant can be the program that resides in malice in the order that is performed automatically in the subscriber computer, this program can detect or forge data such as injecting USB, keyboard, demonstration, even the control user's computer; In addition, the assailant also can be that certain is attempted by distorting the people that customer transaction is acquired an advantage, it utilizes said procedure and network service, can see the input-output device of display message identical and operation subscriber computer with the user, its analysis ability to the perception of authorization information and information may be than user Geng Gao, that is: can observe the data that are used to verify prior to the user, data are analyzed and are generated at once the data of a forgery, and the data presentation that will forge is in face of the user, gain the user by cheating and import subsequent operation, and subsequent operation can be write down and analyze, and then attempt to infer user " secret ".In the environment of reality, such assailant exists, itself in addition can control and reach thousands of computing machines and carry out a certain computing simultaneously, thereby can break through the security means based on intensive computing of certain difficulty.
Based on the description of above-mentioned network electronic trade,, the method for the data validity of guaranteeing network electronic trade is introduced in conjunction with the embodiment of Fig. 1.
A kind of confirmation method of guaranteeing the data validity of network electronic trade is applied in insecure client and transmits the electronic transaction data reliably between the net background transaction program, and described confirmation method may further comprise the steps:
Steps A 1: net background transaction program and user, determine that by second channel participates in the affirmation computing information set that the electronic transaction data validity is confirmed computing.
This confirms that the computing information set can be following form:
Mode one: can be the set of one group of information, as: be printed on a hardware sequence number on the USB Key;
Mode two: can certainly arrange one group of information separately, as: 4689ZRGD@M23;
Mode three: the method that can also in this group information, also arrange computing, as 4689ZRGD@M23, and each selected numeral carried out following computing, 10 deduct this numeral, letter to selected is chosen in and comes back 2 letter of this letter in the The English alphabet;
Mode four: can also be the combination of multipacket message, as the combined information of many prescriptions formula two:
First group: 4689ZRGD@M23; Second group: 7698346210; The 3rd group: CGK7853092D;
Mode five: the combined information of many prescriptions formula three:
First group: 4689ZRGD@M23, and each selected numeral carried out following computing, and 10 deduct this numeral, and the letter to selected is chosen in and comes back 2 letter of this letter in the The English alphabet;
Second group: 7698346210, selected numeral is carried out power operation and each result is imported in proper order;
Mode six: with information and computing information respectively as multipacket message, as:
Message block: first group: 4689ZRGD@M23; Second group: 7698346210;
Computing message block: first group: each selected numeral is carried out following computing, and 10 deduct this numeral, and the letter to selected is chosen in and comes back 2 letter of this letter in the The English alphabet; Second group: selected bits per inch word is carried out power operation and each result is imported in proper order.
This affirmation computing information set comprises the computing secret of secret information that both sides arrange and/or both sides' agreement, thereby lays a solid foundation for the uniqueness of the identifying code that guarantees user's output.Certainly, can also not enumerate one by one at this for other modes based on above-mentioned affirmation computing information set.
The specific implementation of second channel has multiple, as: the service provider of net background transaction program and user determine this affirmation computing information set face-to-face; Perhaps, the service provider of net background transaction program will confirm that by approach such as mailing the computing information set consigns to the user; Perhaps, the net background transaction program will confirm that by telecommunication path the computing information set sends to user's mobile communication terminal, as mobile phone, PDA etc.
The affirmation computing information set periodic replacement of agreement can regularly replace, and can better improve security like this, avoids the long-time leakage of information that uses.
Steps A 2: when user side shows the electronic transaction data, show simultaneously how indication utilizes described affirmation computing information set the electronic transaction data validity to be confirmed the operation indication information of computing.
If second channel is when passing through telecommunication path, to be the security of guarantee information, when carrying out the electronic transaction data presentation, will confirm that again the computing information set is handed down to user's portable terminal by second channel.
Operation indication information can be selected which concentrated information of described affirmation computing information and/or the relation between the information for indication.
For improving safety of data, avoid the assailant directly to utilize easily and calculate a large amount of transaction data of intercepting and capturing, and according to the anti-affirmation computing information set of releasing of transaction data, can utilize CAPTCHA technology or multiple CAPTCHA technology to generate demonstration electronic transaction data and/or described operation indication information, and show that at user side picture as shown in Figure 4 is exactly the display message that is generated by the CAPTCHA technology.The assailant can only discern wherein information with artificial method after intercepting and capturing these data, this has just increased its anti-difficulty of confirming the computing information set of releasing.Certainly, show in the transaction data display interface that directly operation indication information also is fine, and after the assailant intercepts and captures this information, because do not know to confirm the computing information set, also can't export a unique correct pass code.And counter pushing away confirms that the computing information set is to need a large amount of Transaction Informations, and will therefrom obtain a large amount of correct samples, so just needs and huge Transaction Information thereof, and to carry out the huge anti-calculation that pushes, and the difficulty that is cracked is very big, and the probability that is cracked is very low.
Operation indication information can directly show on display interface, operation indication information as shown in Figure 4 " if above-mentioned information is correct; please according to the indication of the 1st bit digital in the 3rd, 6,7,9,12 in the account number and the amount of money, order input validation computing information is concentrated the information with the correspondence position of this numeral indication "; Better mode is that operation indication information is showed by the special identifier to the sensitive information in the electronic transaction data, in general, sensitive information in the electronic transaction is an account information, amount information, can be by special identifier to these information, as with different colors, different font etc. identifies which information of selecting affirmation computing information to concentrate, identify with italics as Fig. 2, Fig. 3 identifies with boldface type, the information indicating of indication computing may be displayed on the display interface of user side, as Fig. 2, information among Fig. 3, also can arrange the rule of computing in advance, and do not show the information of computing at user side, as in sensitive information to each units with different colour codes, and the information of appointing which colour code in advance is useful, and which kind of computing is the information of which colour code participate in, and the user calculates according to these agreements.
Operation indication information identified by the special identifier to sensitive information have high data security protecting.The assailant attacks, can be to oneself bringing interests bring loss can in other words the normal user of use, distorting sensitive information exactly, as being assailant's oneself account with account modifications, perhaps the amount of money is increased, after supposing that the assailant distorts sensitive information, the operation indication information that will certainly cause being blended in wherein changes, thereby the identifying code that causes identifying code that the user draws according to operation indication information and net background transaction program to draw is inconsistent, the net background transaction program can not carry out follow-up operation, thereby guarantees this electronic transaction safety of data.
As shown in Figure 2, operation indication information is that the data in the sensitive information are identified by italic, and the relation that provides these information prompts for " according to the numeral of italics sign, select progressively confirms that computing information is concentrated and the information of the correspondence position of this numeral indication, and input "; Fig. 3 then is the algorithm that black matrix identity validation computing information is concentrated, the message block that the glissade sign is selected, and the affirmation computing information set form of its correspondence is aforesaid mode six.The also not prompting of display message relation among Fig. 2, Fig. 3 is as long as appoint the using priciple of special identifier in advance.Concrete identification means can have multiple, as long as its principle is the sign that can provide computing, does not enumerate the identification means that can realize one by one at this.
Steps A 3: the user calculates user side authenticity verification sign indicating number according to described operation indication information and described affirmation computing information set, the user imports described user side authenticity verification sign indicating number by user side, user side sends to described net background transaction program with described user side authenticity verification sign indicating number.
The net background transaction program can be set a time threshold values that receives user side authenticity verification sign indicating number, in the time threshold values of setting, does not receive the user side authenticity verification sign indicating number that user side sends, and then cancels this electronic transaction.Like this can this electronic transaction of better protection, as avoid the user to forget closing electronic transaction to show and checked utilization by others, simultaneously, also can improve network utilisation, avoid not using for a long time and take the background process resource.
Steps A 4: described net background transaction program is carried out identical with the described A3 background end authenticity verification sign indicating number that calculates according to described operation indication information and described affirmation computing information set.
The net background transaction program remains with the affirmation computing information set corresponding with the user, and calculates according to operation indication information.
This processing can be after the net background transaction program issues the electronic transaction data, promptly carry out this and calculate, and the user side authenticity verification sign indicating number that needn't receive the user by the time just calculates, and can improve network processes speed preferably like this.
Steps A 5: described net background transaction program more described user side authenticity verification sign indicating number and described background end authenticity verification sign indicating number, the two unanimity is then carried out follow-up electronic transaction and is handled; Inconsistent, then refusal is carried out follow-up electronic transaction processing.
In some electronic transactions that need sign electronically, as the Net silver account transfer, compare user side authenticity verification sign indicating number and background end authenticity verification sign indicating number at the net background transaction program, when the two was consistent, user side was to this electronic transaction data combine digital signature.
The present invention is by being provided with the affirmation computing information set and the operation indication information of separation, only in network, transmit operation indication information, requirement simultaneously must combine the unique identifying code of acquisition based on affirmation computing information set that separates and operation indication information, when user side is consistent with the identifying code on backstage, just carry out corresponding electronic transaction.Because the undesirable can only intercept and capture operation indication information on network, the computing information set can not be obtained confirming, thereby unique identifying code can not be exported, guarantee the data security of electronic transaction, effectively avoided data to be held as a hostage, perhaps data are forged.
Be that example is introduced a kind of embodiment of the present invention below with the shopping at network.
Step 101: user and shopping at network service provider when turn up service, the affirmation computing information set of face-to-face arranging both sides in advance, mode two as previously described: 4689ZRGD@M23.
Step 102: the article that the user oneself likes by the socket selection, and show that finally oneself determines the article and the Item Number of purchase, and the amount of money.
For avoiding being distorted the own article of being bought or increase the article of oneself buying, the confirmation method that can initiate client this moment by the undesirable.In display message, increase operation indication information, carry out special identifier as selecting the numeral in Item Number, the amount of money at random, and send this display message to background server.Concrete load mode can be that purchase order information and operation indication information are sent to server respectively, also can be purchase order information and budget indication information to be utilized on the special picture of CAPTCHA technology generation issue server.Import the 2nd, 4,5,1,8,11 information as the operation indication information of determining for order.
Step 103: the user is according to operation indication information and confirm that the computing information set draws user side authenticity verification sign indicating number and is: 69Z4D2, and import this user side authenticity verification sign indicating number by user side, send server to.
Step 104: server is carried out according to the affirmation computing information set of operation indication information that receives and agreement and is calculated background end authenticity verification sign indicating number: 69Z4D2.If the Item Information of ordering is distorted, can cause operation indication information to change, the background end authenticity verification sign indicating number that obtains will not be yet: 69Z4D2.
Step 105: server is two identifying codes relatively, the two unanimity, and then the buying order with the user formally places an order, payment for goods is collected in preparation, if inconsistent, feedback error information (can also comprise the list of articles of ordering) is given the user, examine the article of makeing mistakes by the user, and carry out product ordering again.
Step 106: the user pays the bill by the Internet bank to the article of ordering.The user has arranged affirmation computing information set with bank, mode six as previously described when opening Internet banking:
Message block: first group: 4689ZRGD@M23; Second group: 7698346210;
Computing message block: first group: each selected numeral is carried out following computing, and 10 deduct this numeral, and the letter to selected is chosen in and comes back 2 letter of this letter in the The English alphabet; Second group: selected bits per inch word is carried out power operation and each result is imported in proper order.
Step 107: the user sends to bank's background server by the account and the amount information of Internet bank's input account transfer.Bank's background server generates electronic transaction data and operation indication information in view of the above, and sends to user side demonstration affirmation.For example the display message of Sheng Chenging is shown in Figure 3.
Step 108: the user calculates user side authenticity verification sign indicating number according to operation indication information that shows and the affirmation computing information set of arranging early stage, according to illustrating of front correspondence, this user side authenticity verification sign indicating number is: 4936816491636410, this information is imported by user side, and sent to bank's background server.
Step 109: the affirmation computing information set and the operation indication information of bank's background server utilization storage calculate background end authenticity verification sign indicating number equally.
Step 110: the background end authenticity verification sign indicating number that bank's background server checking obtains and the consistance of user side authenticity verification sign indicating number, unanimity is then finished transfer transactions, what need digital signature then should account transfer information send to user side, after utilizing USBkey that these electronic transaction data are carried out digital signature by user side, carry out transfer transactions again; Inconsistently then drop the business, and failure of prompting customer transaction and reason.
In step 108, for further improving security, bank's background server can be provided with the time threshold values or the record chain transaction frequency of failure, when the chain transaction frequency of failure reaches the limit value of a possibility crisis safety, suspend trading, the prompting user searches reason or replacing " secret "; Perhaps behind the time threshold values, still do not receive user side authenticity verification sign indicating number, then abort transactoin.
In said process, client and service side are the participation both sides of electronic transaction, communicate via Internet, follow ICP/IP protocol, in order to guarantee conclude the business confidentiality, integrality and authenticity, can add other encryption and means such as signature, guarantee the safety of communication data.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (10)
1. a confirmation method of guaranteeing the data validity of network electronic trade is applied in insecure client and transmits the electronic transaction data reliably between the net background transaction program, it is characterized in that described confirmation method may further comprise the steps:
A1: net background transaction program and user, determine that by second channel participates in the affirmation computing information set that the electronic transaction data validity is confirmed computing;
A2: when user side shows the electronic transaction data, show simultaneously how indication utilizes described affirmation computing information set the electronic transaction data validity to be confirmed the operation indication information of computing;
A3: the user calculates user side authenticity verification sign indicating number according to described operation indication information and described affirmation computing information set, the user imports described user side authenticity verification sign indicating number by user side, user side sends to described net background transaction program with described user side authenticity verification sign indicating number;
A4: described net background transaction program is carried out identical with the described A3 background end authenticity verification sign indicating number that calculates according to described operation indication information and described affirmation computing information set;
A5: described net background transaction program more described user side authenticity verification sign indicating number and described background end authenticity verification sign indicating number, the two unanimity is then carried out follow-up electronic transaction and is handled; Inconsistent, then refusal is carried out follow-up electronic transaction processing.
2. confirmation method according to claim 1 is characterized in that, the described of described A 1 determines that by second channel one participates in the affirmation computing information set that the electronic transaction data validity is confirmed computing, is specially:
The service provider of described net background transaction program and user determine face-to-face; Or
The user pays by approach such as mailing in the service provider of described net background transaction program; Or
Described net background transaction program sends to described affirmation computing information set by telecommunication path user's mobile communication terminal; Or
The service provider of described net background transaction program sends to user terminal by modes such as mode such as Email that comprise in this transaction flow not with described affirmation computing information set.
3. confirmation method according to claim 2 is characterized in that, when carrying out described A2, described net background transaction program sends to described affirmation computing information set by telecommunication path user's mobile communication terminal.
4. confirmation method according to claim 1 is characterized in that:
Described affirmation computing information set is one group of ensemble of communication, and described operation indication information is selected which concentrated information of described affirmation computing information and/or the relation between the information for indication; Or
Described affirmation computing information set is the multipacket message set, and described operation indication information is selected what concentrated group information of described affirmation computing information and/or the relation between the information for indication.
5. confirmation method according to claim 1 is characterized in that:
The described demonstration electronic transaction data of described A2 and/or described operation indication information are the display message of utilizing CAPTCHA technology or multiple CAPTCHA technology to generate.
6. confirmation method according to claim 1 or 5 is characterized in that:
Described operation indication information is by the special identifier of the sensitive information in the described electronic transaction data is represented.
7. confirmation method according to claim 1 is characterized in that:
Described confirmation method can be initiated by described client or described net background transaction program dual mode;
Described client is initiated mode, is specially:
Before described A4, described user side sends to described net background transaction program with described operation indication information;
Described A4 also comprises: described net background transaction program is carried out the calculate described background end authenticity verification sign indicating number identical with described A3 according to described operation indication information that receives and described affirmation computing information set;
Described net background transaction program is initiated mode, and described A2 also comprises: described net background transaction program generates described electronic transaction data and described operation indication information, and sends to the user side demonstration.
8. confirmation method according to claim 1 is characterized in that, described method also comprises:
Described net background transaction program is not received the described user side authenticity verification sign indicating number that user side sends in the time threshold values of setting, then cancel this electronic transaction.
9. confirmation method according to claim 1 is characterized in that: described affirmation computing information set can regularly replace.
10. confirmation method according to claim 1, it is characterized in that, described method also comprises: described net background transaction program more described user side authenticity verification sign indicating number and described background end authenticity verification sign indicating number, when the two was consistent, user side was signed to described electronic transaction data combine digital.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910083295A CN101540031A (en) | 2009-05-04 | 2009-05-04 | Confirmation method for ensuring data validity in network electronic trade |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910083295A CN101540031A (en) | 2009-05-04 | 2009-05-04 | Confirmation method for ensuring data validity in network electronic trade |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101540031A true CN101540031A (en) | 2009-09-23 |
Family
ID=41123209
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910083295A Pending CN101540031A (en) | 2009-05-04 | 2009-05-04 | Confirmation method for ensuring data validity in network electronic trade |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101540031A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102158488A (en) * | 2011-04-06 | 2011-08-17 | 北京天地融科技有限公司 | Dynamic countersign generation method and device and authentication method and system |
| CN102195830A (en) * | 2010-03-18 | 2011-09-21 | F2威尔股份有限公司 | Test management method and system as well as computer program product |
| CN102194070A (en) * | 2010-03-18 | 2011-09-21 | F2威尔股份有限公司 | Data processing method and system as well as computer program product thereof |
| CN102332065A (en) * | 2010-07-13 | 2012-01-25 | F2威尔股份有限公司 | Completely automated public test to tell computers and humans apart (CAPTCH) data generating method, and management system and method thereof |
| CN102542137A (en) * | 2010-12-21 | 2012-07-04 | F2威尔股份有限公司 | Method and system for processing data based on full-automatic human and computer distinguishing test data |
| CN107534668A (en) * | 2015-04-17 | 2018-01-02 | 福蒂编码有限公司 | The method and system of transaction security |
| CN110830506A (en) * | 2019-11-30 | 2020-02-21 | 王升 | Non-network information confirmation equipment system and corresponding system application method |
-
2009
- 2009-05-04 CN CN200910083295A patent/CN101540031A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102195830A (en) * | 2010-03-18 | 2011-09-21 | F2威尔股份有限公司 | Test management method and system as well as computer program product |
| CN102194070A (en) * | 2010-03-18 | 2011-09-21 | F2威尔股份有限公司 | Data processing method and system as well as computer program product thereof |
| CN102332065A (en) * | 2010-07-13 | 2012-01-25 | F2威尔股份有限公司 | Completely automated public test to tell computers and humans apart (CAPTCH) data generating method, and management system and method thereof |
| CN102542137A (en) * | 2010-12-21 | 2012-07-04 | F2威尔股份有限公司 | Method and system for processing data based on full-automatic human and computer distinguishing test data |
| CN102158488A (en) * | 2011-04-06 | 2011-08-17 | 北京天地融科技有限公司 | Dynamic countersign generation method and device and authentication method and system |
| CN102158488B (en) * | 2011-04-06 | 2014-03-12 | 天地融科技股份有限公司 | Dynamic countersign generation method and device and authentication method and system |
| CN107534668A (en) * | 2015-04-17 | 2018-01-02 | 福蒂编码有限公司 | The method and system of transaction security |
| CN110830506A (en) * | 2019-11-30 | 2020-02-21 | 王升 | Non-network information confirmation equipment system and corresponding system application method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230059316A1 (en) | Systems and methods for performing financial transactions using active authentication | |
| US11443290B2 (en) | Systems and methods for performing transactions using active authentication | |
| US12052252B2 (en) | Systems and methods for third-party interoperability in secure network transactions using tokenized data | |
| US10402803B1 (en) | Initiating a kiosk transaction | |
| US8661520B2 (en) | Systems and methods for identification and authentication of a user | |
| US10453062B2 (en) | Systems and methods for performing person-to-person transactions using active authentication | |
| US20090228370A1 (en) | Systems and methods for identification and authentication of a user | |
| CN107230050B (en) | Method and system for paying digital currency based on visible digital currency chip card | |
| CN107230068B (en) | Method and system for paying digital currency using a visual digital currency chip card | |
| US20130085942A1 (en) | Electronic funds transfer | |
| US20120239570A1 (en) | Systems and methods for performing ATM transactions using active authentication | |
| CN101540031A (en) | Confirmation method for ensuring data validity in network electronic trade | |
| CN105450400B (en) | Identity verification method, client, server and system | |
| CN101841417A (en) | Electronic signature device supporting short-distance wireless communication technology and method for ensuring safety of electronic transaction by applying same | |
| CN104933565A (en) | IC card transaction method and IC card transaction system | |
| CN101221641A (en) | On-line trading method and its safety affirmation equipment | |
| TWI668586B (en) | Data communication method and system, client and server | |
| JP2019087236A (en) | Systems and methods for enhancing online user authentication using personal cloud platform | |
| CN111052671A (en) | System for secure authentication of user identity in an electronic system for banking transactions | |
| US20200226608A1 (en) | Dynamic verification method and system for card transactions | |
| CN106961417A (en) | Auth method based on ciphertext | |
| JP6027577B2 (en) | Authentication system, authentication method, and program | |
| US20240193603A1 (en) | Systems and methods for performing atm fund transfer using active authentication | |
| CN106059773B (en) | Digital signature method and system | |
| EP3195520A1 (en) | Authentication of communications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| DD01 | Delivery of document by public notice |
Addressee: Li Yong Document name: Notification of Passing Preliminary Examination of the Application for Invention |
|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20090923 |