CN101729537A - Handset sim card paster based mobile authentication method of banking businesses - Google Patents
Handset sim card paster based mobile authentication method of banking businesses Download PDFInfo
- Publication number
- CN101729537A CN101729537A CN200910154847A CN200910154847A CN101729537A CN 101729537 A CN101729537 A CN 101729537A CN 200910154847 A CN200910154847 A CN 200910154847A CN 200910154847 A CN200910154847 A CN 200910154847A CN 101729537 A CN101729537 A CN 101729537A
- Authority
- CN
- China
- Prior art keywords
- transaction
- user
- data
- signature
- mobile phone
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention discloses a handset sim card paster based mobile authentication method of banking businesses. A paster which can store a user certificate and carry out digital signature is inserted into a handset sim card slot of a user; when the user initiates the fund change of a transaction account, a background transaction system sends transaction information to a mobile authentication gateway, and the mobile authentication gateway sends the transaction information to a handset of the user to request the digital signature; after a request is received by the paster and then displayed to the user, the user verifies the signature and then returns a signature result to the mobile authentication gateway and transmits the signature result to the background transaction system; and the background transaction system verifies the signature result and the content of the signature request and correspondingly operates the transaction account of the user after determining that the signature is effective. The mobile authentication method can request the digital signature of the user in time when user funds are changed, ensure the security of the user funds and provide the convenience when the user goes out and has non-repudiation property, thereby ensuring the transaction security of both parties.
Description
Technical field
The present invention relates to a kind of mobile authentication method that uses the mobile phone patch device to carry out the banking system authentication, relate in particular to a kind of mobile authentication method of banking based on mobile phone sim card paster.
Background technology
At present each tame bank mainly contains following two classes to the mode that the client carries out authentication, and a class is deliver personally signature or the seal of checking user when easy of cabinet, another kind of when being the electronic system transaction checking user password or be loaded with the USBKey of customer digital certificate.This several modes mainly contains following problem: customer consignment other people need when acting on behalf business just seal etc. to give the factor, but can't the real-time constraint factor utilize seal to carry out which kind of transaction, and this problem is also generally perplexing the medium-sized and small enterprises master in the reality; The user is when going out not carry computer, because mobile phone do not have the USB mouth can't use USBKEY and most of mobile phone can't support the digital certificate of the document form that bank issues, therefore can't carry out keeping fit part transaction of checking, and for example wholesale is transferred accounts etc.; User's bank card is lost or is replicated, and password spied on by the people, and the lawless person utilizes these information to extract the user account fund from ATM, is easy to cause the loss of user's fund.Mobile phone dynamic password technology can be alleviated this problem to a certain extent, can help the user to confirm the operation of own account, and ambulant facility is provided, but dynamic password does not possess the effect of resisting denying, and level of security is relative not high yet.All this kind is all restricting the banking development.
Summary of the invention
At existing bank identity identifying method in the deficiency aspect real-time, mobility and the non-repudiation, the invention provides a kind of mobile authentication method of banking, with implementation, mobility and the non-repudiation demand that satisfies authentication based on mobile phone sim card paster.
The technical solution adopted for the present invention to solve the technical problems is: insert in user's mobile phone sim draw-in groove and can deposit the go forward side by side paster of line number word signature of user certificate, when the user initiates the change of trading account fund, the backstage transaction system sends Transaction Information to the mobile authentication gateway, and the mobile authentication gateway sends to user mobile phone request digital signature with this Transaction Information.This request is shown to the user after being accepted by paster, and the result that will sign after the user confirms to sign returns to the mobile authentication gateway, and is transmitted to the backstage transaction system.Transaction system will sign result and the content that asks for an autograph in backstage tested and signed operation, confirms that signature effectively carries out corresponding operating to user account in the back.
The invention has the beneficial effects as follows, when user's fund changes, can ask number signature timely, guarantee user's fund security, and the convenience when providing the user to go out, the transaction security that non-repudiation guarantees both sides possessed simultaneously.
Embodiment
Describe the present invention below in detail, it is more obvious that purpose of the present invention and effect will become.
The present invention is based on the mobile authentication method of banking of mobile phone sim card paster, may further comprise the steps:
The 1st step: user or factor initiate transaction by various transaction channels, comprise that withdraw the money money transfer transactions, the cashier of transaction, Web bank or Mobile banking of ATM handles service for corporate customers etc. at the cabinet face.ATM in the transaction channel, Net silver etc. all can be any system, the data of initiating transaction by transaction channel through the Internet or special line, procotol according to TCP/IP transfers to the backstage transaction system, and will be made as 1 to the easy type of transaction of personal friendship, and the type of transaction easy to public transport is made as 2.
The 2nd step: the judge module in the transaction system is judged the type of transaction that the foreground is imported into, it for type of transaction 1 situation, transaction data is sent to account-holder's mobile phone, for type of transaction is 2 situation, and transaction system is sent to transaction data the legal representative's of account corresponding mechanism mobile phone.The send mode of transaction data is:, send via mobile, UNICOM, this three tame operator of telecommunications by the OTA front end processor with short message mode, the data encapsulation form meets the GSM03.48 standard, encrypts with the 3DES cryptographic algorithm.
The 3rd step: user's mobile phone installs the STK hand-set digit signature paster of Shanghai Ke Si in advance additional, and loading meets the X.509 digital certificate of standard.Confirm through the user after receiving note data this moment, in STK mobile phone paster, transaction data is carried out the digital signature operation.Digital signature adopts the SHA-1 hashing algorithm and the RSA cryptographic algorithms of standard.
The 4th step: signature sends to the OTA front end processor by short message mode once more together with former data and user certificate, and the data encapsulation form meets the GSM03.48 standard, and sends to transaction system by the OTA front end processor in the lump by ICP/IP protocol.
The 5th step: transaction system receives tests to Ge Er SVS data forwarding behind former data, signature and the user certificate to sign server V1.8, tests to sign server and sign to test and sign operation.
The 6th step: SVS tests and signs server and return to test and sign the result and give transaction system.
The 7th step: transaction system will be tested to sign the result and test the label data and be saved to database (DB2, Oracle, SQLServer etc.) as a data-base recording, in order to evidence obtaining in the future.
The 8th step: transaction system sends note with short message mode to user mobile phone by the OTA front end processor, and the notice customer transaction is finished.
Claims (1)
1. the mobile authentication method of banking based on mobile phone sim card paster is characterized in that, may further comprise the steps:
(1) user or factor initiate transaction by various transaction channels, comprise that withdraw the money money transfer transactions, the cashier of transaction, Web bank or Mobile banking of ATM handles service for corporate customers etc. at the cabinet face.ATM in the transaction channel, Net silver etc. all can be any system, the data of initiating transaction by transaction channel through the Internet or special line, procotol according to TCP/IP transfers to the backstage transaction system, and will be made as 1 to the easy type of transaction of personal friendship, and the type of transaction easy to public transport is made as 2.
(2) judge module in the transaction system is judged the type of transaction that the foreground is imported into, it for type of transaction 1 situation, transaction data is sent to account-holder's mobile phone, is 2 situation for type of transaction, and transaction system is sent to transaction data the legal representative's of account corresponding mechanism mobile phone.The send mode of transaction data is:, send via mobile, UNICOM, this three tame operator of telecommunications by the OTA front end processor with short message mode, the data encapsulation form meets the GSM03.48 standard, encrypts with the 3DES cryptographic algorithm.
(3) user's mobile phone installs the STK hand-set digit signature paster of Shanghai Ke Si in advance additional, and loading meets the X.509 digital certificate of standard.Confirm through the user after receiving note data this moment, in STK mobile phone paster, transaction data is carried out the digital signature operation.Digital signature adopts the SHA-1 hashing algorithm and the RSA cryptographic algorithms of standard.
(4) signature sends to the OTA front end processor by short message mode once more together with former data and user certificate, and the data encapsulation form meets the GSM03.48 standard, and sends to transaction system by the OTA front end processor in the lump by ICP/IP protocol.
(5) transaction system receives and tests to Ge Er SVS data forwarding behind former data, signature and the user certificate to sign server V1.8, tests to sign server and sign to test and sign operation.
(6) SVS tests and signs server and return to test and sign the result and give transaction system.
(7) transaction system will be tested to sign the result and test the label data and be saved to database (DB2, Oracle, SQLServer etc.) as a data-base recording, in order to evidence obtaining in the future.
(8) transaction system sends note with short message mode to user mobile phone by the OTA front end processor, and the notice customer transaction is finished.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910154847A CN101729537A (en) | 2009-11-26 | 2009-11-26 | Handset sim card paster based mobile authentication method of banking businesses |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910154847A CN101729537A (en) | 2009-11-26 | 2009-11-26 | Handset sim card paster based mobile authentication method of banking businesses |
Publications (1)
Publication Number | Publication Date |
---|---|
CN101729537A true CN101729537A (en) | 2010-06-09 |
Family
ID=42449745
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200910154847A Pending CN101729537A (en) | 2009-11-26 | 2009-11-26 | Handset sim card paster based mobile authentication method of banking businesses |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101729537A (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102201143A (en) * | 2011-04-08 | 2011-09-28 | 张应刚 | Bank card transaction system and method based on real-time interaction of short-message platform |
CN102546571A (en) * | 2010-12-31 | 2012-07-04 | 国民技术股份有限公司 | Identity authentication system and method |
CN102708347A (en) * | 2012-04-12 | 2012-10-03 | 福建联迪商用设备有限公司 | Bar-code reading method and equipment |
CN103200176A (en) * | 2013-02-27 | 2013-07-10 | 中国工商银行股份有限公司 | Identification method, identification device and identification system based on bank independent communication channel |
CN104657853A (en) * | 2013-11-20 | 2015-05-27 | 恩门科技股份有限公司 | Mobile communication device point exchange system and method thereof |
WO2015110039A1 (en) * | 2014-01-27 | 2015-07-30 | 邵通 | Method and system for inputting payment account using public data of card |
CN105096119A (en) * | 2014-05-15 | 2015-11-25 | 东方斯泰克信息技术研究院(北京)有限公司 | Virtual bank system and realization method thereof |
CN109560932A (en) * | 2017-09-25 | 2019-04-02 | 北京云海商通科技有限公司 | The recognition methods of identity data, apparatus and system |
-
2009
- 2009-11-26 CN CN200910154847A patent/CN101729537A/en active Pending
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102546571A (en) * | 2010-12-31 | 2012-07-04 | 国民技术股份有限公司 | Identity authentication system and method |
CN102546571B (en) * | 2010-12-31 | 2014-10-15 | 国民技术股份有限公司 | Identity authentication system and method |
CN102201143A (en) * | 2011-04-08 | 2011-09-28 | 张应刚 | Bank card transaction system and method based on real-time interaction of short-message platform |
CN102201143B (en) * | 2011-04-08 | 2016-06-15 | 张应刚 | A kind of bank card transaction system based on SMS platform real-time interaction and method |
CN102708347A (en) * | 2012-04-12 | 2012-10-03 | 福建联迪商用设备有限公司 | Bar-code reading method and equipment |
CN103200176A (en) * | 2013-02-27 | 2013-07-10 | 中国工商银行股份有限公司 | Identification method, identification device and identification system based on bank independent communication channel |
CN104657853A (en) * | 2013-11-20 | 2015-05-27 | 恩门科技股份有限公司 | Mobile communication device point exchange system and method thereof |
WO2015110039A1 (en) * | 2014-01-27 | 2015-07-30 | 邵通 | Method and system for inputting payment account using public data of card |
CN105096119A (en) * | 2014-05-15 | 2015-11-25 | 东方斯泰克信息技术研究院(北京)有限公司 | Virtual bank system and realization method thereof |
CN106104598A (en) * | 2014-08-15 | 2016-11-09 | 邵通 | A kind of method and system using card public data input Send only Account |
CN109560932A (en) * | 2017-09-25 | 2019-04-02 | 北京云海商通科技有限公司 | The recognition methods of identity data, apparatus and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109493016B (en) | Offline payment method, terminal and agent releasing equipment based on digital currency | |
CN101729537A (en) | Handset sim card paster based mobile authentication method of banking businesses | |
CN108093001B (en) | System, method and server computer for mutual mobile authentication using key management center | |
CN104680361B (en) | A kind of enchashment method and system based on third-party platform | |
CN102118251B (en) | Security authentication method for internet banking remote payment based on multi-interface intelligent safety card | |
CN109493038A (en) | A kind of front-end system and method for applying to financial industry and having pressure notarization function | |
CN104504562A (en) | Mobile payment method and system | |
CN104050567A (en) | Data interaction method under off-line mode, terminal and server | |
CN101165716A (en) | Electronic payment procedure based on transaction code | |
CN110555683A (en) | Virtual currency and legal currency service integration platform | |
CN108460593A (en) | A kind of offline Quick Response Code method of payment and device | |
CN112508575A (en) | Subway passing brake payment method and system based on digital currency | |
CN111461682A (en) | Financial system and digital currency trusteeship system that has it | |
CN106934608B (en) | Multi-state two-dimensional code synthesis and user signless and signless trading method | |
CN104200365A (en) | Writing and paying method for electronic check | |
CN104539616B (en) | Realize credible MESSAGE EXCHANGE and the system of storage between heterogeneous system | |
CN101197028A (en) | Electric paying method based on trade code | |
US20170243202A1 (en) | Transferable value or rights token | |
CN106023050A (en) | Traffic data management system | |
CN102831517A (en) | Electronic consumption card system based on mobile terminal | |
US20100094756A1 (en) | System and method for rapid financial transactions through an open financial exchange or wire transfer | |
WO2016173044A1 (en) | Cross-funds management server-based payment system, and method, device and server therefor | |
CN102118394A (en) | Safety authentication method for remote payment through internet banking based on dual-interface safety intelligent card | |
CN101976403A (en) | Phone number payment platform, payment trading system and method thereof | |
CN201946038U (en) | Security certificate device of internet-banking remote payment based on dual-interface safety smart card |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C12 | Rejection of a patent application after its publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20100609 |