CN101582152A - Electronic commerce system based on token passing authentification and corresponding business method thereof - Google Patents
Electronic commerce system based on token passing authentification and corresponding business method thereof Download PDFInfo
- Publication number
- CN101582152A CN101582152A CNA2009101477515A CN200910147751A CN101582152A CN 101582152 A CN101582152 A CN 101582152A CN A2009101477515 A CNA2009101477515 A CN A2009101477515A CN 200910147751 A CN200910147751 A CN 200910147751A CN 101582152 A CN101582152 A CN 101582152A
- Authority
- CN
- China
- Prior art keywords
- token
- surcharge
- carrier
- consumer
- character
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides an electronic commerce system and a corresponding business method thereof, is used for improving the efficiency of the electronic commerce and leads the users to engage in the electronic commerce activities more easily. In order to achieve the purpose, the electronic commerce system achieves the business method by managing a carrier called token. The minimum cycle process comprises the steps that a user A (40) accesses a shopping module (201) of a trade company (20) by a terminal (401) and the internet (10), and then inputs necessary information and a token (403) in the purchase process by an information collection device (402), and later a token decoding module (302) receives and processes the information, and instructs other modules to complete the purchase process, and then a token coding module (301) simultaneously generates a new token set (404) and returns the new token set (404) to the user A who passes a new token to a user B (50), and the user B finally uses the new token ( 503) to start the same process with the user A.
Description
Technical field
The present invention relates to a kind of network by internet and so on provides the e-commerce system and the corresponding business method thereof of the information of relevant ecommerce.
Background technology
Recently, various e-commerce systems in the internet (as the Internet Internet, mobile telephone communications networks etc.) upward be extensive use of, by agreements such as HTTP or HTTPS, these e-commerce systems can be carried out e-commerce initiative mostly safely, easily.But these e-commerce systems still are weak on function, and are also perfect inadequately with combining of business method, also have the leeway that increases substantially.What propose among the present invention combines based on the e-commerce system of the token passing authentification business method corresponding with it, can produce that efficient is higher, the e-commerce system of more perfect function.
Summary of the invention
The present invention includes 2 parts, a kind of e-commerce system and corresponding business method thereof based on token passing authentification, purpose is to make e-commerce system robotization more, with the importance of further raising e-commerce system in modern commerce.
" token " mentioned among the present invention be a code name for saying something only, does not have positive connection with the existing definition of token, and not necessarily uses " token " as its title in actual the use." token " mentioned among the present invention can be understood as the carrier that has carried certain specific information, and businessman has given surcharge for this carrier.The specific information of " token " carrying is in order to raise the efficiency, to make its suitable more transmission and better being managed by e-commerce system.
Business method is described below for example:
Bought certain or some commodity of a businessman when user's first after, can obtain the individual token of A (A 〉=1) (as a character string that comprises specific format and content), wherein each token has all been given the added value M (M>0) that equates or do not wait by businessman.User's first can pass to A token B (the individual user of B≤A), if and only if can obtain the income that this B user provides when the token that will own obtain from businessman passes to B user for user's first herein, in case this token passes to this B user, user's first can not be because of this token any income of reentrying.Suppose A=2 herein, B=2, B user is respectively user's second and user third.The added value M of the token that will receive because of oneself when user's second goes to this businessman to buy commodity and obtain income or reduce the expenditure of the commodity of buying, while user's second can obtain the individual token of C (C 〉=1) that this businessman sends again, again C token is passed to other people.User third is similar with the situation of user's second, so constantly goes on.In this method, all are used is to buy voluntarily to be worth the commodity suitable with material object per family, and does not bear the obligation of promoting dependent merchandise.
More existing business methods still have the leeway of further raising at aspects such as product marketing.Its essence of new business method among the present invention is a kind of product marketing method, compare with existing business method, its characteristics and advantage are, this business method is specially at internet and e-commerce system and invent, with can give full play to its advantage after computer technology combines, can realize the full automation of this business method.New e-commerce system among the present invention is and addresses this problem and invent.
E-commerce system based on token passing authentification is compared with existing e-commerce system, comprises the assembly of following necessity:
At least comprise a token management module, this module comprises: token coded device, token decode device, token store device.Arbitrary token institute loaded information can be the set that comprises some associated electrical commercial activity information as the time that buyer's name, trade name or ID, buying behavior take place, this token term of validity etc., also can be an identification code, and the set of this identification code and some associated electrical commercial activity information have one-to-one relationship.
The token coded device can comprise several subsystems, and its key subsystem generates token or its loaded information.Its generative process can be the simple combination of some e-commerce initiative relevant informations, also can be the simple combination of the corresponding coding of these information, also can be the complex calculation of these information or coding.
The token decode device can comprise several subsystems, its key subsystem is carried out is inverse operation with the corresponding subsystem of token coded device, at least can read and handle the token institute loaded information of prescribed form, and can judge whether this token belongs to this e-commerce system, and send the instruction of respective operations according to judged result.
The token store device can comprise several subsystems, its key subsystem is used to store the information of token institute's loaded information and token institute loaded information correspondence, storage format can be the database or the file of computer realm, and institute's canned data must still can keep under the situation of this device outage.
Other module except that the token management module can be used the correlation module that has e-commerce system now.
The technique effect of the new e-commerce system among the present invention is, make business method full automation new among the present invention, be able to by high efficiency enforcement, saved cost of human resources, and improved the marketing model in the existing e-commerce system, made e-commerce system informationization, robotization more.
Further specify below in conjunction with one embodiment of the present of invention and accompanying drawing.
Description of drawings
Fig. 1 is the system block diagram of one embodiment of the present of invention;
Fig. 2 is the minimum e-commerce initiative circulation process of of embodiment;
Fig. 3 is the token protocol packet structure figure of embodiment;
Fig. 4 is the structural drawing of the token store database of embodiment;
Fig. 5 is the token coded module process flow diagram of embodiment;
Fig. 6 is the token encrypting module process flow diagram of embodiment;
Fig. 7 is the token decode module process flow diagram of embodiment;
Fig. 8 is the e-commerce initiative process flow diagram of embodiment;
Fig. 9 is the token grant process flow diagram of embodiment;
Figure 10 is the token register flow path figure of embodiment.
Embodiment
The e-commerce system based on token passing authentification in the present embodiment may operate on the current general calculation machine system, and user interface is a Web browser, and the duplicate tokens character string can be finished the transmission of token.
Fig. 1 is a system block diagram according to an embodiment of the invention, and among the figure, 10 is the internet; 30 is the token management module of e-commerce system, comprises token coded module 301, token decode module 302, token store module 303; 20 is other module except the token management module, comprises shopping module 201, and database module 202, payment module 203 etc., these module correlation techniques of current e-commerce system are quite ripe, so it is not elaborated in this explanation; 40 is user's first and the relevant device thereof described in the present embodiment, comprise user terminal 401 (refering in particular to the browser of online in the present embodiment), information acquisition process 402 (user's keyboard or mouse input shopping relevant information when refering in particular to shopping in the present embodiment), user's token input process 403, user's token output procedure 404; 50 and 60 are respectively user's second described in the present embodiment and user the third, and relevant code name can be with reference to 40; 70 is the process of transmitting token between the user, both can finish (present embodiment promptly is) by e-commerce system, also can finish by alternate manner, so classify a numbering separately as.
Fig. 2 is a minimal circulation flow process of business method among the embodiment, and 10,20,30 buy commodity for user's first by e-commerce system, preferential because the positive value added M of token obtains, and obtain 2 new tokens that businessman provides simultaneously; 701 2 tokens that will obtain for user's first pass to user's second and user the third respectively, and obtain the added value N of token respectively from user's second and user third, and these 2 tokens are authorized; 702 for user's second and user third receive the token of having authorized by Email, and the token of oneself is registered, and promptly the personal information of input oneself in token is usurped the token of oneself to prevent other people; User's second and user third distinguish the flow process of duplicate customer first then, and this cyclic process can go on always.Wherein, M 〉=N>0.
Fig. 3 is the token data packet protocol among the embodiment, and the size of each field, implication and order in the expression token data are as follows:
The 30301:0-7 character, token protocol version number
The 30302:8-347 character, the token character string, concerning token store device and user, this character string is through encrypting, for the purpose of safety, the plaintext of this character string only exists in calculator memory, and string length is herein also only represented its length expressly, and its cryptographic algorithm can be with reference to the explanation of figure 6
30303:348-379 character, the token string of checking character, its algorithm can be with reference to the explanation of figure 6
The 30304:8-39 character, father's token number word signature, the digital signature of the employed token of doing shopping when generating this token, it is read-only to write the back
The 30305:40-71 character, token transmission signature, the digital signature of this token of sign that produces when generating this token, it is read-only to write the back, and its algorithm can be with reference to the explanation of figure 5
The 30306:72-103 character, the token number word signature generates when token grant, and can be modified when token is registered, it is read-only that the back is revised in registration, when generating other token in this token participation shopping back, become father's token number word signature of new token, its algorithm can be with reference to the explanation of figure 9
The 30307:104-111 character, the token date of formation, token writes current system data when generating, and it is read-only to write the back
The 30308:112-119 character, on the token grant date, each character of this field was blank character when token generated, and this field is written into system's current date during token grant, and this field was read-only after token was authorized to
The 30309:120-123 character, the token term of validity, 365, unit is the sky
The 30310:124-127 character, token added value M, 100, unit is RMB RMB, added value N can be by User Defined
The 30311:128-131 character, token serial number, the numbering of the sub-token that is generated for same father's token is guaranteed the uniqueness of token transmission signature
The 30312:132-137 character, token licensee postcode, each character of this field was blank character when token generated, and this field is modified during the token registration, and is read-only after revising
The 30313:138-237 character, token licensee address, each character of this field was blank character when token generated, and this field is modified during the token registration, and is read-only after revising
The 30314:238-277 character, token licensee name, each character of this field was blank character when token generated, and this field is modified during the token registration, and is read-only after revising
The 30315:278-297 character, token licensee phone, each character of this field was blank character when token generated, and this field is modified during the token registration, and is read-only after revising
The 30316:298-347 character, token licensee E-mail address, each character of this field was blank character when token generated, and this field is modified during the token registration, and is read-only after revising
The token data packet protocol is a subclass of token protocol, and token protocol complete in the present embodiment also comprises:
1. protocol version 00000000
2. key length: 16 characters, key character set: upper and lower case letter and arabic numeral
3. the token cleartext information is encoded: UTF-8
4. token ciphertext character set: hexadecimal digit
5. the generating algorithm (seeing the explanation of Fig. 5) and the key key1:ABCD1234abcd1234 thereof of token transmission signature
6. generating algorithm of token number word signature (seeing the explanation of Fig. 9) and key key2:ABCDabcd1234abcd thereof
7. token cryptographic algorithm (seeing the explanation of Fig. 6) and key key3:ABCDabcd12341234 thereof
8. string algorithm (seeing the explanation of Fig. 6) and key key4:12341234ABCDabcd thereof check character
9. sub-token quantity: 2, the sub-token quantity that each father's token generates is the maximal value of token serial number 30311
Fig. 4, the token store database record structure, each Field Definition is as follows:
30305: token transmission signature, character type, 32 characters, major key, non-NULL
30304: father's token number word signature, character type, 32 characters, non-NULL
30306: token number word signature, character type, 32 characters
30301: token protocol version number, character type, 8 characters, non-NULL
30302: the token character string after the encryption, character type, 688 characters, non-NULL
30303: the token string of checking character, character type, 32 characters
30317: the transaction journal that token participates in number, character type, variable-length
Fig. 5, token coded module process flow diagram
Used MD5 algorithm, full name are message-digest algorithm 5 (md5-challenge), and it is technical to be widely used in encryption and decryption, and whether the string that is used in the present invention check character was modified, and its detailed description can be with reference to relevant documentation.
30101, the definition of input token information and current agreement
30102, get current system time
(the 30103-30104 step is that token transmits signature algorithm)
30103, connect token number word signature 30304, current date 30307, the term of validity 30309, added value 30310, token serial number 30311, key string key1
30104, get the sexadecimal MD5 value of above-mentioned 30103 character strings that obtain, obtain the transmission signature 30305 of new token
30105, to the protocol fields in the new token 30308,30312-30316 uses continuous blank character assignment
30106, token is encrypted (seeing the explanation of Fig. 6)
30107, token data is write the token store database
30108, whether successfully write?
30109, return the token (collection) of generation
309, token system is unusual
Fig. 6, token encrypting module process flow diagram
Used blowfish algorithm is a kind of general symmetrical expression enciphering and deciphering algorithm, is used for the encryption and decryption of character string in the present invention, and its detailed description can be with reference to relevant documentation.
(3010601-3010602 is the token cryptographic algorithm)
3010601, connect each protocol fields (30302) of removing protocol version, i.e. all fields of 30304-30316 in order successively
3010602, use the token encryption key key3 in blowfish cryptographic algorithm and the token protocol, the character string that character string 3010601 steps obtain is encrypted
(3010603 are the string algorithm of checking character)
3010603, the character string after token protocol version number connect to encrypt is calculated its MD5 value after connecting the string key key4 that checks character again, obtains checking character and goes here and there 30303
3010604, return the character string and the string of checking character thereof after the encryption
Fig. 7, token decode module process flow diagram
30201, the input token
30202, splitting token is 3 parts (30301,30302,30303), gets token protocol version number
30203, according to token protocol version number, use the string algorithm 3010603 of checking character, the authorization information integrality
30204, whether token complete?
30205, according to protocol version, use the inverse process of token encryption 3010602 that token is decrypted, calculate the plaintext of each protocol fields of token again according to agreement
Does 30206, the token number word signature exist?
30207, whether token Digital Signature Algorithm (70109, see the explanation of Fig. 9) checking token number word signature by checking?
Is 30208, whether token transmitted signature algorithm (30103-30104) checking token transmission signature, by checking?
30209, return token information, return each protocol fields of token with form expressly
30210, the token decode failure
Fig. 8, the e-commerce initiative process flow diagram
The precondition of using token to carry out e-commerce initiative is, this token must be authorized to, and promptly the authorization date field 30308 of token is date of expiration, and token does not have expired.
20101, input merchandise news
403, the user imports token
302, the token decode module
20102, whether decoding successful?
20103, whether token out of date?
Does 20104, whether token authorize?
20105, whether information such as buyer individual address correct?
20106, re-enter token?
20107, shopping is ended
20108, deduction token added value M from commodity price
203, pay by payment system
20109, whether payment successful?
20110, whether pay again?
301, generate new token by the token coded module
Does 20111, whether new token successfully generate?
20112, shopping is finished, and returns new token
309, token system is unusual
Fig. 9, the token grant process flow diagram
The precondition that sub-token is authorized to is that this sub-token is not out of date, and uncommitted.
70101, input father and son token, sub-token take over party's Email address
302, the token decode module
70102, whether decoding successful?
Is 70103, token a set membership?
70104, whether sub-token out of date?
Does 70105, whether sub-token authorize?
70106, re-enter?
70107, authorize and end
70108, get current system data, upgrade sub-token grant date field 30308
(70109 is the token Digital Signature Algorithm)
70109, connect among the 30304-30316 all the other fields except 30306, connect the token digital signature keys key2 in the token protocol again, obtain a character string, the character string that obtains is got the MD5 value, obtain the token number word signature, upgrade sub-token digital signature field 30306
30106, token is encrypted
70110, new database relative recording more
Does 70111, database upgrade success?
70112, the token grant success sends Email to sub-token take over party
309, token system is unusual
Figure 10, token register flow path figure
The precondition that token is registered is that this token is authorized to, and not out of date, and unregistered mistake.The basis for estimation of whether registering is the personal information field of this token, and promptly whether the 30312-30316 field is effective.
70201, input token, token owner information
302, the token decode module
70202, whether decoding successful?
70203, whether token out of date?
Does 70204, whether token authorize?
70205, re-enter?
70206, registration is ended
70207, upgrade token protocol field 30312-30316
70109, the token Digital Signature Algorithm upgrades the token digital signature field
30106, token is encrypted
70209, new database relative recording more
Does 70210, database upgrade success?
70211, token succeeds in registration, and sends the Email owner that gives token
309, token system is unusual
Token system unusual 309 is an exception among the present invention, do not belong to token system problem in logic itself, its possible reason has: network failure, operating system failure, or Computer Storage space, database place is full etc., must particular problem specifically treat, do not belong to the problem that token system itself will solve, so do not describe in detail at this.
Above embodiment emphasis is to the token management module declaration, and other module in the current e-commerce system (as payment system, shopping cart system, user's registration management system etc.) technology is quite ripe, so do not describe in detail at this.
Claims (12)
1. based on the e-commerce system of token transmission, this system has: token is used to carry specific information; The token decode device is used for verification, explanation or translation to token institute beared information; The token coded device is used for coding, generates token institute loaded information; The token store device is used to store token loaded information and the relevant information thereof that all have produced.
2. token according to claim 1, it is characterized in that, a token writes down a character string at least, this character string is made up of the printable character of any amount, and possesses distinguishability in the character string of the same type of this character string in the e-commerce system at place, described character string of the same type, it refers to all character strings that token comprised that all have existed in the e-commerce system of place and occur in the future, described distinguishability, it refers to this character string and itself possesses uniqueness, and perhaps this character string possesses uniqueness with other character informations that token comprised that comprise this character string or binary message afterwards through combination or computing.
3. token according to claim 1 is characterized in that this token transmits between user terminal, the user refers to the consumer in the e-commerce initiative.
4. token according to claim 1 is characterized in that token has ageing T, T>0, and token will lose efficacy behind the elapsed time T from being generated beginning, and the surcharge that it is endowed in the time of inefficacy also will be lost.
5. token according to claim 1, it is characterized in that, token is endowed surcharge, and its surcharge obtains embodying two stages at most, phase one is in the process that this token is transmitted, its value is N, subordinate phase is when this token participates in e-commerce initiative, its value is M, and M 〉=N>0, the indication transmission must not comprise that producing interests between generation token side and its other party exchanges, and the indication e-commerce initiative must comprise that producing interests between generation token side and its other party exchanges, and the exchange of indication interests does not all comprise the surcharge increase of corresponding token.
6. token store device according to claim 1 is characterized in that, stores at least one as claim 1,2,3,4,5 described tokens.
7. token decode device according to claim 1, it is characterized in that, read information, and whether this token of verification belong to this e-commerce system, and send the instruction of next step operation according to check results as claim 1,2,3,4,5 described tokens.
8. token coded device according to claim 1 is characterized in that, generates as claim 1,2,3,4,5 described tokens or token collection.
9. the business method of the described e-commerce system correspondence of claim 1, it is characterized in that, described method comprises the steps: that the consumer uses carrier surcharge because of carrier when consuming of being given surcharge by businessman to obtain income or reduce expenditure, this consumer obtains to be given the new carrier of surcharge by businessman simultaneously, this consumer obtains income from the consumer who receives its carrier when giving other consumers with new carrier transfer, other consumers repeat the described step of this claim.
10. business method according to claim 9, it is characterized in that, the surcharge of its described carrier can only obtain at most embodying in two processes, the one, when consumer self uses the carrier of being given surcharge by businessman to consume, the 2nd, when the consumer will be given other consumers by the carrier transfer that businessman gives surcharge, and the value sum that the carrier of same quantity embodies in the former is more than or equal to its value sum that embodies in the latter, and in other processes except that these two processes, the consumer is not because the relevant carrier of its process obtains any income from businessman.
11. business method according to claim 9 is characterized in that, transmits between described consumer and the consumer in the process of carrier, businessman does not participate in the interests exchange, and interests exchange does not herein comprise that the surcharge of the carrier that transmits increases.
12. business method according to claim 9, it is characterized in that, once following situation takes place at least, the surcharge sum of the carrier that the consumer was used up when the surcharge sum of the new carrier that described consumer is obtained because of consumption at the businessman place was consumed more than or equal to this time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2009101477515A CN101582152A (en) | 2009-06-19 | 2009-06-19 | Electronic commerce system based on token passing authentification and corresponding business method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2009101477515A CN101582152A (en) | 2009-06-19 | 2009-06-19 | Electronic commerce system based on token passing authentification and corresponding business method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101582152A true CN101582152A (en) | 2009-11-18 |
Family
ID=41364288
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2009101477515A Pending CN101582152A (en) | 2009-06-19 | 2009-06-19 | Electronic commerce system based on token passing authentification and corresponding business method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101582152A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103748526A (en) * | 2011-08-30 | 2014-04-23 | 西门子公司 | Method and system for providing device-specific operator data for automation device in automation installation |
-
2009
- 2009-06-19 CN CNA2009101477515A patent/CN101582152A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103748526A (en) * | 2011-08-30 | 2014-04-23 | 西门子公司 | Method and system for providing device-specific operator data for automation device in automation installation |
| US9544300B2 (en) | 2011-08-30 | 2017-01-10 | Siemens Aktiengesellschaft | Method and system for providing device-specific operator data for an automation device in an automation installation |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10963886B2 (en) | Electronic transaction security system and method | |
| CN100531365C (en) | IPTV authentication and authorization method, server and system | |
| US20140279558A1 (en) | Two-Way, Token-Based Validation for NFC-Enabled Transactions | |
| CN105027153A (en) | Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data | |
| WO2017137888A1 (en) | Systems and methods for messaging, calling, digital multimedia capture, payment transactions, global digital ledger, and national currency world digital token | |
| CN109615351A (en) | SIM card, terminating machine and digital currency managing system | |
| CN104424565A (en) | Digital card-based payment system and method | |
| CN101576983A (en) | Electronic payment method and system based on mobile terminal | |
| CN103152337A (en) | Method for transmitting two-dimensional code information in secure dynamic manner | |
| CN106327723B (en) | A kind of mPOS transaction systems based on intelligent platform | |
| US11210664B2 (en) | Systems and methods for amplifying the strength of cryptographic algorithms | |
| CN103942687A (en) | Data security interactive system | |
| CN100459495C (en) | Password dynamic enciphering inputmethod of public emipering mode | |
| CN104301288A (en) | Method and system for online identity authentication, online transaction certification, and online certification protection | |
| TWI748630B (en) | Two-dimensional bar code payment method based on mobile phone business card and its payment system, computer readable storage medium and computer equipment | |
| CN103281186B (en) | A kind of dynamic token based on Android system, transaction system and method | |
| CN101272248B (en) | Dynamic cipher authentication system | |
| CN102332068A (en) | On-line logistics encryption, authentication and storage system using universal serial bus key (USBKEY) | |
| CN203786773U (en) | Mobile payment service platform | |
| CN101582152A (en) | Electronic commerce system based on token passing authentification and corresponding business method thereof | |
| WO2014172967A1 (en) | Consumption management system and method | |
| JP2006065437A (en) | Electronic module for presenting member information mounted to portable telephone for its use and its issuing method | |
| CN106960345B (en) | Internet of things card and working method thereof | |
| CN2938239Y (en) | Dynamic cipher providing system and dynamic cipher providing equipment | |
| TWI455038B (en) | Chip reader device, remote server and transaction verification code generation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20091118 |