CN101986355B - Method, system and terminal for managing transaction authority of bank card - Google Patents

Method, system and terminal for managing transaction authority of bank card Download PDF

Info

Publication number
CN101986355B
CN101986355B CN 201010526499 CN201010526499A CN101986355B CN 101986355 B CN101986355 B CN 101986355B CN 201010526499 CN201010526499 CN 201010526499 CN 201010526499 A CN201010526499 A CN 201010526499A CN 101986355 B CN101986355 B CN 101986355B
Authority
CN
China
Prior art keywords
bank card
password
trading
bank
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN 201010526499
Other languages
Chinese (zh)
Other versions
CN101986355A (en
Inventor
杨珣
张永超
雷兵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN 201010526499 priority Critical patent/CN101986355B/en
Publication of CN101986355A publication Critical patent/CN101986355A/en
Application granted granted Critical
Publication of CN101986355B publication Critical patent/CN101986355B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention provides a method, a system and a terminal for managing the transaction authority of a bank card. The method comprises the following steps of: ensuring the legal identity of a user by double authentication of the personal identification code and the number of the bank card; calculating a transaction password by using modified bank card transaction authority information and determined time for modifying the transaction authority information as parameter information; and determining the validity of the source of the modified bank card transaction authority information by checking the transaction password through a bank backstage so as to manage the transaction authority of the bank card according to the modified transaction authority information. Therefore, the user need not worry about the security of financial data in the bank card when the bank card is lost, so that the security of user transaction is guaranteed.

Description

A kind of bank card business dealing right management method, system and terminal
Technical field
The present invention relates to field of computer technology, relate in particular to a kind of bank card business dealing right management method, system and terminal.
Background technology
Along with the raising of economic development and living standards of the people, people's consumption demand constantly increases, and for finance service, for satisfying client's consumption hope, improves service quality, and need to give the client safer consumption experience.Such as in bank and other financial mechanism, by bank card being arranged the legitimacy that password is guaranteed client identity, guarantee transaction security.
Yet the development along with electronic technology, only can not effectively guarantee the safety of concluding the business by bank card being arranged password in the prior art, illegal molecule can copy identical bank card use by the track data information that the illegal terminals such as bank card reproducer, bank card demoder are stolen on the bank card, and bank card client's true identity can't be confirmed to use in the bank backstage, thereby so that there is serious potential safety hazard in bank card business dealing.
Summary of the invention
The purpose of the embodiment of the invention is to provide a kind of bank card business dealing right management method, system and terminal, this bank card business dealing rights management techniques can be carried out double authentication to user identity and bank card, and make the user that trading privilege freely is set, both make the user lose bank card and also needn't worry the wherein security of finance data, thereby guaranteed the safety of customer transaction.
In order to realize the purpose of foregoing invention embodiment, the embodiment of the invention provides a kind of bank card business dealing right management method, and described method comprises:
User's side bank card business dealing rights management terminal is obtained bank card number, and sends the enciphered message of PIN (Personal Identification Number) and the described bank card number of described terminal being encrypted by the first key to target bank backstage;
Described target bank backstage goes out described PIN (Personal Identification Number) and described bank card number in the described enciphered message by the second secret key decryption, and determines user's unique identification according to described PIN (Personal Identification Number) and described bank card number;
After described terminal receives definite information that described target bank backstage sends, according to the bank card business dealing authority information of revising and time of determining to revise described trading privilege information, the time that calculates the first trading password and bank card business dealing authority information that will described the first trading password, modification and determine to revise described trading privilege information is through the backstage transmission of the backward described target of described the first secret key encryption bank;
Described the first trading password that described target bank backstage goes out to receive by described the second secret key decryption, the bank card business dealing authority information of modification and the time of determining to revise described trading privilege information, according to the bank card business dealing authority information of revising and definite time of revising described trading privilege information described the first trading password is checked, if checking computations are correct, then described target bank backstage is according to the trading privilege information management bank card business dealing authority of described modification.
For the user who holds described terminal is carried out identity validation, before described terminal got access to bank card number, described method also comprised:
Described terminal receives the login password of input, and judges whether the described login password that receives is identical with the password of authorizing in advance, if described login password is identical with the password of authorizing in advance, then carries out the step that gets access to bank card number.
In order to guarantee the safety of terminal internal information, prevent that unauthorized person from using, when whether the described login password that receives in described terminal judges was identical with the password of authorizing in advance, described method also comprised:
If described login password is not identical with the password of authorizing in advance, then judged result is counted for not identical number of times;
When count value reached day pre-determined number within a predetermined period of time, described terminal was at date inner locking corresponding to described time period.
When count value reaches predetermined total degree, described terminal locking in indefinite duration.
For user identity is confirmed, before described terminal got access to bank card number, described method also comprised:
Obtain the finger print information that collects, and whether compare the described finger print information that collects identical with pre-stored finger print information, if the finger print information that collects is identical with pre-stored finger print information, then carry out the step that gets access to bank card number.
In order effectively to confirm the corresponding relation of PIN (Personal Identification Number) and bank card number, described target bank determines that according to described PIN (Personal Identification Number) and described bank card number user's unique identification comprises in the backstage:
Described PIN (Personal Identification Number) and each self-corresponding user's unique identification of described bank card number are searched in the backstage by described target bank;
Judge whether each the self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number that finds is identical, if it is identical to judge each self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number, then sends to described terminal and determine information.
In order effectively to confirm that the first trading password is the data that validated user sends by terminal, described target bank backstage according to trading privilege information and the time of determining to revise described trading privilege information described the first trading password checked comprise:
According to the bank card business dealing authority information of revising and definite Time Calculation the second trading password of revising described trading privilege information;
Judge whether described the second trading password is identical with described the first trading password, if described the second trading password is identical with described the first trading password, then checking computations are correct.
In order to make the embodiment of the invention adapt to various real network environment, the mode of interactive information comprises between described terminal and target bank backstage:
Described terminal is directly mutual by personal computer and the target bank backstage of interconnection network by the mutual or described terminal of network and target bank backstage.
In order to realize the foregoing invention purpose, the embodiment of the invention also provides a kind of bank card transaction privilege management system, and described system comprises:
User's side bank card business dealing rights management terminal, be used for obtaining bank card number, and send the enciphered message of PIN (Personal Identification Number) and the described bank card number of described terminal being encrypted by the first key to target bank backstage, after receiving definite information that described target bank backstage sends, according to the bank card business dealing authority information of revising and definite time of revising described trading privilege information, calculate the first trading password also with described the first trading password, the time that the bank card business dealing authority information of revising and determining is revised described trading privilege information sends through the backward described target of described the first secret key encryption bank backstage;
Target bank backstage, be used for going out by the second secret key decryption described PIN (Personal Identification Number) and the described bank card number of described enciphered message, and determine user's unique identification according to described PIN (Personal Identification Number) and described bank card number, described the first trading password that goes out to receive by described the second secret key decryption, the bank card business dealing authority information of revising and the time of determining to revise described trading privilege information, according to the bank card business dealing authority information of revising and definite time of revising described trading privilege information described the first trading password is checked, if checking computations are correct, then according to the trading privilege information management bank card business dealing authority of described modification.
For the user who holds described terminal is carried out identity validation, bank card business dealing rights management terminal, also be used for before getting access to bank card number, receive the login password of input, and judge whether the described login password that receives is identical with the password of authorizing in advance, if described login password is identical with the password of authorizing in advance, then obtain bank card number.
In order to guarantee the safety of terminal internal information, prevent that unauthorized person from using, bank card business dealing rights management terminal, also be used for when the password of judging the described login password that receives and in advance mandate is not identical, judged result is counted for not identical number of times, when count value reaches day pre-determined number within a predetermined period of time, at date inner locking corresponding to described time period.Bank card business dealing rights management terminal also is used for when count value reaches predetermined total degree, indefinite duration locking.
For user identity is confirmed, bank card business dealing rights management terminal, also be used for before getting access to bank card number, obtain the finger print information that collects, whether and it is identical with pre-stored finger print information to compare the described finger print information that collects, if the finger print information that collects is identical with pre-stored finger print information, then get access to bank card number.
In order effectively to confirm the corresponding relation of PIN (Personal Identification Number) and bank card number, target bank backstage is when determining user's unique identification according to described PIN (Personal Identification Number) and described bank card number, concrete for searching described PIN (Personal Identification Number) and each self-corresponding user's unique identification of described bank card number, judge whether each the self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number that finds is identical, if it is identical to judge each self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number, then sends to described terminal and determine information.
In order to confirm that effectively the first trading password is the data that validated user sends by terminal, when target bank backstage checked described the first trading password in the time according to the bank card business dealing authority information of revising and the described trading privilege information of definite modification, concrete being used for according to the bank card business dealing authority information of revising and definite Time Calculation the second trading password of revising described trading privilege information, judge whether described the second trading password is identical with described the first trading password, if described the second trading password is identical with described the first trading password, then checking computations are correct.
In order to make the embodiment of the invention adapt to various real network environment, the mode of interactive information comprises between described terminal and target bank backstage: described terminal is directly mutual by personal computer and the target bank backstage of interconnection network by the mutual or described terminal of network and target bank backstage.
In order to realize the purpose of foregoing invention embodiment, the embodiment of the invention provides a kind of bank card business dealing rights management terminal, and described terminal comprises:
Acquiring unit is used for obtaining bank card number;
The first ciphering unit is used for by the first key of prestoring the bank card number that PIN (Personal Identification Number) and the described acquiring unit of described terminal gets access to being encrypted as the first enciphered message;
The first transmitting element is used for sending the first enciphered message that described ciphering unit encrypts to target bank backstage;
Receiving element is used for receiving definite information that described target bank backstage sends;
Revise the unit, be used for revising according to the modify instruction of input the trading privilege information of described bank card;
The time determining unit is used for the time that trading privilege information is revised in definite described modification unit;
Computing unit, the Time Calculation that is used for the modification trading privilege information that the bank card business dealing authority information revised according to described modification unit and described time determining unit determine goes out the first trading password;
The second ciphering unit, for the first trading password that described computing unit is calculated by the first key that prestores, the time of the modification trading privilege information that the bank card business dealing authority information that described modification unit is revised and described time determining unit are determined is encrypted as the second enciphered message;
The second transmitting element is used for sending the second enciphered message that described the second ciphering unit encrypts to target bank backstage.
For the user who holds described terminal is carried out identity validation, described terminal also comprises:
The login password recognition unit, be used for before described acquiring unit obtains bank card number, receive the login password of input, and judge whether the described login password that receives is identical with the password of authorizing in advance, if described login password is identical with the password of authorizing in advance, then allow described acquiring unit to obtain bank card number.
In order to guarantee the safety of terminal internal information, prevent that unauthorized person from using, the login password recognition unit also is used for judging described login password when not identical with the password of authorizing in advance, and the counting unit that then also comprises to described terminal sends counts instruction;
Described counting unit is used for according to described counting instruction judged result being counted for not identical number of times;
Described terminal also comprises the locking unit, is used for when numerical value that described counting unit is counted reaches day pre-determined number within a predetermined period of time, in date inner locking terminal corresponding to described time period.
The locking unit also is used for when numerical value that described counting unit is counted reaches predetermined total degree, indefinite duration the locking terminal.
The advantage of the embodiment of the invention is, can carry out double acknowledge to user identity and bank card, makes the user freely manage oneself account authority, both made the user lose bank card also needn't worry stolen, thereby guaranteed the safety of user account.
Description of drawings
In order to be illustrated more clearly in the technical scheme of the embodiment of the invention, the accompanying drawing of required use was done to introduce simply during the below will describe embodiment, apparently, accompanying drawing in the following describes only is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the process flow diagram of a kind of bank card business dealing right management method of providing of the embodiment of the invention.
Fig. 2 is the process flow diagram of the another kind of bank card business dealing right management method that provides of the embodiment of the invention.
Fig. 3 is definite user's uniquely identified FB(flow block) of step 204 among Fig. 2.
Fig. 4 is the FB(flow block) that the first trading password is checked of step 206 among Fig. 2.
Fig. 5 is the functional structure schematic block diagram of a kind of bank card transaction privilege management system of providing of the embodiment of the invention.
Fig. 6 is the functional structure schematic block diagram of a kind of bank card business dealing rights management terminal of providing of the embodiment of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that obtains under the creative work prerequisite.
The embodiment of the invention provides a kind of bank card business dealing right management method, and as shown in Figure 1, Fig. 1 is the process flow diagram of a kind of bank card business dealing right management method of providing of the embodiment of the invention, and the method can comprise:
101. user's side bank card business dealing rights management terminal is obtained bank card number, and sends by the first key the PIN (Personal Identification Number) of this terminal and the enciphered message of the bank card number encryption that gets access to target bank backstage;
Bank card business dealing rights management terminal in this step is a kind of handheld terminal, belongs to individual subscriber, in be provided with communication module, can carry out network connection with the bank backstage and transmit data.When the user wishes one's own bank card business dealing authority managed, just can be according to corresponding prompting input bank card number in this bank card business dealing rights management terminal, such as inputting by the input of the digital keys on this terminal or by the card reader on this terminal, this terminal can get access to bank card number like this.This terminal also has personal identification code (PIN, personal identification number), user's unique identification corresponding to this PIN (Personal Identification Number) is recorded in the bank backstage, comprises the bank card number that gets access to and the PIN (Personal Identification Number) of this terminal in the information on bank backstage so send to.And in order to guarantee the security with bank's backstage interactive information, by the first key in the terminal PIN (Personal Identification Number) of this terminal and bank card number are encrypted to enciphered message in this step and send to target bank backstage.Wherein the first key is to adopt symmetry (such as data encryption standard algorithm DES, DataEncryption Standard) or a kind of encryption and decryption mode of asymmetric arithmetic, also be difficult to be cracked even intercept and capture after the information of transmitting in network is encrypted through this mode.
Target bank in this step namely is the bank that can accept this trading privilege management service, all is the row of selling of this bank card generally, so application or the requirement to the bank card business dealing rights management that can process user submit on its backstage.
102. PIN (Personal Identification Number) and bank card number in the enciphered message that target bank backstage goes out to receive by the second secret key decryption, and determine user's unique identification according to PIN (Personal Identification Number) and bank card number;
After target bank backstage receives enciphered message in this step, can go out PIN (Personal Identification Number) and bank card number in the enciphered message by the second secret key decryption, wherein this second key is corresponding with the first key in the above-mentioned steps, also be to adopt the symmetry identical with the first key or a kind of encryption and decryption mode of asymmetric arithmetic, can decipher mutually the other side's enciphered message.After target bank backstage decrypts PIN (Personal Identification Number) and bank card number in the enciphered message, can determine user's unique identification according to PIN (Personal Identification Number) and bank card number.User's unique identification is the user when the registration of this bank in order to determine unique identity code of respective user identity, can be that digital combination also can be the combination of numeral and letter, present embodiment does not limit at this, should corresponding same user's unique identification so belong to a user's terminal PIN (Personal Identification Number) and bank card number.Because bank card number and user's unique identification corresponding relation and terminal PIN (Personal Identification Number) and user's unique identification corresponding relation have all been recorded in the bank backstage when the user registers bank card information and bank card business dealing rights management terminal, so user's unique identification can be determined according to PIN (Personal Identification Number) and bank card number in the target bank backstage of this step, and after determining, send definite information to terminal.
103. receive definite information of target bank backstage transmission when this terminal after, according to the bank card business dealing authority information of revising and time of determining to revise trading privilege information, calculate the first trading password and with the bank card business dealing authority information of the first trading password, modification and determine that the time of revising trading privilege information sends through the backward target of the first secret key encryption bank backstage;
Terminal receives definite information that target bank backstage in the step 102 sends in this step, can know that target bank backstage determined user's identity, thus expression target bank backstage can accepted user to the application of bank card business dealing rights management.The user makes amendment to the trading privilege of this bank card according to the prompting of display screen on the terminal, such as to the single withdrawal limit, day withdrawal limit, day the number of times of withdrawing the money, withdraw the money by moon number of times and transferring accounts, the authority setting is carried out in the transaction such as payment, revise complete rear terminal and can get access to the trading privilege information of modification and the time of determining to revise this trading privilege information, thereby go out the first trading password according to this bank card business dealing authority information that gets access to modification and definite Time Calculation of revising this trading privilege information, circular is published technology, and this step does not repeat them here.After calculating the first trading password, terminal sends bank card business dealing authority information and definite time of revising trading privilege information of the first trading password, modification again through the backward target of the first secret key encryption bank backstage, to treat the backstage checking computations of target bank.
104. the first trading password that target bank backstage goes out to receive by the second secret key decryption, the bank card business dealing authority information of modification and the time of determining to revise described trading privilege information, according to the bank card business dealing authority information of revising and definite time of revising described trading privilege information the first trading password is checked, if checking computations are correct, then described target bank backstage is according to the trading privilege of this bank card of trading privilege information of described modification;
The first trading password that this step target bank backstage goes out to receive by the second secret key decryption, the bank card business dealing authority information of modification and the time of determining to revise trading privilege information, in order to confirm that the terminal that this first trading password is validated user sends, target bank backstage will check this first trading password, has confirmed the relation of this first trading password and terminal.Parameter and the algorithm of checking computations all with step 103 in parameter and the algorithm of calculating the first trading password identical, namely be according to the bank card business dealing authority information of revising and definite time of revising this trading privilege information described the first trading password to be checked, if checking computations are correct, illustrate that this first trading password is exactly that terminal sends, so target bank backstage can submit to the bank card business dealing authority information of revising to process to terminal, it is the trading privilege that target bank backstage is revised and managed this bank card according to the bank card business dealing authority information of revising, this bank card can only be finished transaction according to the trading privilege of new modification when carrying out various financial transaction, bank card was lost, and the user also can guarantee by revising trading privilege the safety of own Financial Information.
Can find out by the embodiment of the invention, the described bank card business dealing right management method of the embodiment of the invention not only can be safe and reliable the trading privilege of free leading subscriber, further guaranteed the safety of user's Financial Information, and use also very convenient, save bank's cabinet face resource, saved the time that the user handles the trading privilege management.
The embodiment of the invention also provides a kind of bank card business dealing right management method, and as shown in Figure 2, Fig. 2 is the process flow diagram of the another kind of bank card business dealing right management method that provides of the embodiment of the invention, and the method can comprise:
201. user's side bank card business dealing rights management terminal is obtained subscriber identity information is also confirmed the user according to the identity information that gets access to identity, if the affirmation result is the user, then changes step 202 over to; If confirm that the result is not the user, continue then to judge that user identity changes step 203 simultaneously over to;
Bank card business dealing rights management terminal in this step is a kind of handheld terminal, belong to individual subscriber, in be provided with communication module, can be directly and the bank backstage carry out network connection and transmit data, can (be PC by the personal computer of interconnection network also, Personal Computer) is connected with the bank backstage and transmits data, if be connected the transmission data by PC with the bank backstage, must client be installed at PC then in advance.In the present embodiment between terminal and target bank backstage the mode of interactive information all can realize by above-mentioned two schemes, in the following description of present embodiment, this is no longer described in detail.
When the user need to pass through the terminal modifications trading privilege, must carry out authentication, to confirm that this terminal is the user, so the bank card business dealing rights management terminal in this step will be obtained subscriber identity information is also confirmed the user according to the identity information that gets access to identity.The affirmation user identity can be confirmed by fingerprint identification or login password in the present embodiment.
If terminal is by fingerprint identification, then be provided with the fingerprint collecting district on this terminal, can obtain the finger print information that collects by fingerprint collecting district terminal, the finger print information with pre-stored user is identical to compare the described finger print information that collects again, if the finger print information that collects is identical with pre-stored finger print information, illustrate that current what collect is user's fingerprint, namely be the user, so can allow validated user operate this terminal, change step 202 over to.Otherwise illustrate that current what collect is not user's fingerprint, namely not the user, so can not allow the disabled user operate this terminal, thereby according to Resurvey to finger print information continue to judge that user identity changes step 203 simultaneously over to, so both made the user that this lost terminal needn't be worried that also terminal can be used by other people.
If terminal is confirmed by login password, then terminal receives the user by the login password of digital keys input on the terminal, and judge whether the login password that receives is identical with password pre-stored and that authorize, if described login password is identical with the password of authorizing in advance, the user that current input password is described is the user, so can allow validated user operate this terminal, change step 202 over to.Otherwise the user that current input password is described is not the user, so can not allow the disabled user operate this terminal, thereby continue to judge that according to the login password that receives user identity changes step 203 simultaneously over to, so both made the user that this lost terminal needn't be worried that also terminal can be used by other people.
202. bank card business dealing rights management terminal is obtained bank card number, and sends the enciphered message of PIN (Personal Identification Number) and the bank card number of this terminal being encrypted by the first key to target bank backstage;
After the user confirms identity by step 201, the user can operate terminal, this step bank card business dealing rights management this moment terminal can be obtained bank card number, and sends the enciphered message of PIN (Personal Identification Number) and the bank card number of this terminal being encrypted by the first key to target bank backstage.When passing through network connection such as and target bank backstage direct when terminal, enciphered message namely directly is sent to target bank backstage.When the PC of terminal by interconnection network when the bank backstage is connected, enciphered message namely is forwarded to target bank backstage by PC.This step is identical with step 101 in the above-mentioned enforcement, so repeat no more.
203. judged result is counted for not identical number of times and is monitored that whether count value surpasses pre-determined number;
This step connects step 201, in order to guarantee the safety of terminal internal information, prevent that unauthorized person from using, this step is also counted for not identical number of times judged result, like this when count value reaches day pre-determined number within a predetermined period of time, this terminal is at predetermined amount of time locking voluntarily in the corresponding date, so that should can't re-use this terminal in the date.It is 1 hour such as predetermined amount of time, the user uses the date of terminal input login password to be September 20, pre-determined number is 5 times, in September 20 1 hour of terminal, judge the login password (being subscriber identity information) that gets access to have 5 times all with the login password of authorizing in advance and storing not simultaneously, this terminal is locking voluntarily just so that terminal can't use on September 20 this day, and September 20 mistake, terminal is with voluntarily release, and the user can reuse.If terminal during other days, judge in 1 hour the login password that gets access to have 5 times all different from the login password of authorizing in advance and store, this terminal is at locking voluntarily still on the same day.
In this step, when count value reaches predetermined total degree, described terminal locking in indefinite duration.It is 20 times such as predetermined total degree, so if the terminal judges subscriber identity information (such as login password) that goes out to get access to have 20 times all with the user profile of authorizing in advance and storing not simultaneously, no matter whether in one day, add up for these 20 times, terminal all can indefinite duration automatic blocking, if the user wants to use and has to and proof of identification goes again release of bank.
Pre-determined number in this step can be the number of times of continuous integration, can be the number of times of discontinuous accumulative total also, and present embodiment does not limit at this.
204. target bank backstage goes out PIN (Personal Identification Number) and bank card number in the enciphered message by the second secret key decryption, and determines user's unique identification according to PIN (Personal Identification Number) and bank card number;
This step connects step 202, and is basic identical with the step 102 of above-described embodiment, so something in common repeats no more.Fig. 3 is definite user's uniquely identified FB(flow block) of step 204 among Fig. 2, determines that according to PIN (Personal Identification Number) and bank card number user's unique identification comprises but wherein as shown in Figure 3:
241. PIN (Personal Identification Number) and each self-corresponding user's unique identification of bank card number are searched on the backstage by target bank;
User's unique identification is the user when the registration of this bank in order to determine unique identity code of respective user identity, this unique identity code is recorded in the bank backstage, can be that digital combination also can be the combination of numeral and letter, present embodiment does not limit at this, should corresponding same user's unique identification so belong to a user's terminal PIN (Personal Identification Number) and bank card number.So in order to confirm that PIN (Personal Identification Number) and bank card number belong to a user, namely bank card and terminal all belong to the user, so this substep is searched PIN (Personal Identification Number) and each self-corresponding user's unique identification of bank card number herein.
242. judge whether each the self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number that finds is identical, if it is identical to judge each self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number, then sends to described terminal and determine information.If it is not identical to judge each self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number, does not then send to described terminal and determine information.
After substep 241 finds out PIN (Personal Identification Number) and each self-corresponding user's unique identification of bank card number, this substep judges whether each the self-corresponding user's unique identification of PIN (Personal Identification Number) and bank card number that finds is identical, if it is identical to judge each self-corresponding user's unique identification of PIN (Personal Identification Number) and bank card number, illustrate that bank card and terminal all belong to same user, should be the user, assent family allowable application to the modification of trading privilege, so send definite information to terminal.If it is not identical to judge each self-corresponding user's unique identification of PIN (Personal Identification Number) and bank card number, illustrate that bank card and terminal belong to different users, for guaranteeing the safety of Transaction Information, can not allow the user to apply for modification to trading privilege, determine information so do not send to terminal.
205. terminal receives definite information that target bank backstage sends, obtain the bank card business dealing authority information of modification and the time of revising this trading privilege information, calculate the first trading password and with the bank card business dealing authority information of the first trading password, modification and determine that the time of revising trading privilege information sends through the backward target of the first secret key encryption bank backstage;
According to step 204, this step terminal receives definite information that target bank backstage sends, and can understand target bank backstage have confirmed user's identity, like this user can in upper trading privilege is managed, this step is identical with step 103 in above-described embodiment, so repeat no more.
206. described the first trading password that target bank backstage goes out to receive by described the second secret key decryption, the bank card business dealing authority information of modification and the time of determining to revise described trading privilege information, according to the bank card business dealing authority information of revising and definite time of revising described trading privilege information described the first trading password is checked, if checking computations are correct, then described target bank backstage is according to the trading privilege of this bank card of trading privilege information management of described modification.
This step is basic identical with the step 104 in above-described embodiment, so something in common repeats no more.But wherein as shown in Figure 4, Fig. 4 is the FB(flow block) that the first trading password is checked of step 206 among Fig. 2, according to trading privilege information and the time of determining to revise trading privilege information the first trading password checked comprise:
261. according to the bank card business dealing authority information of revising and definite Time Calculation the second trading password of revising trading privilege information;
Because being terminal calculating, finishes the first trading password, so the bank backstage calculates the second trading password according to the bank card business dealing authority information that decrypts and definite time of revising described trading privilege information by the algorithm identical with calculating the first trading password for the first trading password being checked herein.If the time of the trading privilege information that decrypts and the described trading privilege information of definite modification is identical with terminal, that trading password that calculates also should be identical; If the trading password of twice calculating is not identical, then the trading privilege information that decrypts of explanation and determining time of revising described trading privilege information and end side is not identical.
262. judge whether the second trading password is identical with the first trading password, if the second trading password is identical with the first trading password, then checking computations are correct, illustrate that Transaction Information is safe in transmission course, do not intercepted and captured and revised, so the bank backstage is according to the trading privilege of the trading privilege information management user bank card of revising.If the second trading password is not identical with the first trading password, then the explanation checking computations are incorrect, and the bank backstage can be according to the trading privilege of the trading privilege information management user bank card of revising.
So far namely finished the management to the bank card business dealing authority, can know by above-described embodiment those skilled in the art and know, this bank card business dealing right management method adapts to the popular network platform, has preferably practicality; The information of transmitting in the network is encrypted protection, so that information is safer alternately, had both made to be blocked also to be not easy to be cracked; By double authentication and the checking computations to information, make the user freely manage according to the actual requirements the account authority of oneself, can not produce as trading privilege is arranged to, perhaps be arranged to the appointed date and can produce, need be arranged to produce by this device by the client in the time of perhaps need to producing etc. at every turn.Similarly, the embodiment of the invention can also be used for the channel of disbursement authority is limited, as the user can close bank card ATM the transaction channel such as POS, but open e-Bank payment channel (because Net silver has the U shield to guarantee safety) etc.So further guarantee to carry out mutual safety and reliability, not only handled corresponding service to the user easily mode is provided, and alleviated the pressure of bank's cabinet face, greatly improved the efficient of bank card business dealing rights management simultaneously.
In order to realize said method, the embodiment of the invention also provides a kind of bank card transaction privilege management system, as shown in Figure 5, Fig. 5 is the functional structure schematic block diagram of a kind of bank card transaction privilege management system of providing of the embodiment of the invention, described system comprises bank card business dealing rights management terminal 501 and target bank backstage 502, this terminal 501 can be directly mutual by network and target bank backstage 502, this terminal 501 also can be mutual by personal computer and the target bank backstage 502 of interconnection network, and present embodiment does not limit at this.
Bank card business dealing rights management terminal 501 is positioned at user's side, when user card punching or input card number, be used for obtaining bank card number, and the enciphered message that 502 transmissions are encrypted PIN (Personal Identification Number) and the bank card number of terminal 501 by the first key to target bank backstage.After the definite information that receives 502 transmissions of target bank backstage, revise the time that the bank card business dealing authority information determines to revise trading privilege information simultaneously according to modify instruction, according to the Time Calculation of the bank card business dealing authority information of revising and the modification trading privilege information determined go out the first trading password and with the bank card business dealing authority information of this first trading password, modification and the time of determining to revise trading privilege information 502 send through the backward target of the first secret key encryption bank backstage.
Target bank backstage 502 is used for receiving enciphered message, and goes out PIN (Personal Identification Number) and bank card number in the enciphered message by the second secret key decryption, according to PIN (Personal Identification Number) with bank card number is determined user's unique identification and send to terminal 501 and to determine information.Receive the first trading password through the first secret key encryption, the bank card business dealing authority information of modification and the time of determining to revise trading privilege information, and the time that goes out the bank card business dealing authority information of the first trading password, modification and determine to revise trading privilege information by the second secret key decryption, according to the trading privilege information of revising and definite time of revising described trading privilege information the first trading password is checked, if checking computations are correct, then according to the trading privilege of this bank card of trading privilege information management of revising.
Bank card business dealing rights management terminal 501, also be used for before getting access to bank card number, receiving the login password of input, and judge whether the login password that receives is identical with the password of authorizing in advance, if login password is identical with the password of authorizing in advance, then obtain bank card number.If login password is not identical with the password of authorizing in advance, then judged result is counted for not identical number of times, when count value reaches day pre-determined number within a predetermined period of time, locking voluntarily within date corresponding to this time period.And when count value reaches predetermined total degree, then indefinite duration locking.
Bank card business dealing rights management terminal 501, also be used for before getting access to bank card number, obtain the finger print information that collects, whether and it is identical with pre-stored finger print information to compare the described finger print information that collects, if the finger print information that collects is identical with pre-stored finger print information, then get access to bank card number.
Target bank backstage 502 is when determining user's unique identification according to PIN (Personal Identification Number) and bank card number, concrete being used for can be searched in this locality each self-corresponding user's unique identification of this PIN (Personal Identification Number) and bank card number, judge whether each the self-corresponding user's unique identification of PIN (Personal Identification Number) and bank card number that finds is identical, if it is identical to judge each self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number, then sends to terminal and determine information.
When target bank backstage 502 checked this first trading password in the time according to the bank card business dealing authority information of revising and the described trading privilege information of definite modification, concrete being used for goes out the second trading password according to the bank card business dealing authority information of revising and definite Time Calculation of revising trading privilege information, judge whether described the second trading password is identical with the first trading password, if described the second trading password is identical with described the first trading password, then checking computations are correct.
Hence one can see that, and the described system of present embodiment adapts to the popular network platform, has preferably practicality; The information of transmitting in the network is encrypted protection, so that information is safer alternately, had both made to be blocked also to be not easy to be cracked; By double authentication and the checking computations to information, further guaranteed to carry out mutual safety and reliability, not only handle corresponding service to the user easily mode is provided, and alleviated the pressure of bank's cabinet face, greatly improved the efficient of bank card business dealing rights management simultaneously.
The embodiment of the invention also provides a kind of bank card business dealing rights management terminal, and as shown in Figure 6, Fig. 6 is the functional structure schematic block diagram of a kind of bank card business dealing rights management terminal of providing of the embodiment of the invention, and this bank card business dealing rights management terminal comprises:
Acquiring unit 601 is used for obtaining bank card number;
The first ciphering unit 602 is used for by the first key of prestoring the bank card number that PIN (Personal Identification Number) and the acquiring unit 601 of this terminal gets access to being encrypted as the first enciphered message;
The first transmitting element 603 is used for sending the first enciphered message that the first ciphering unit 602 encrypts to target bank backstage;
Receiving element 604 is used for receiving definite information that target bank backstage sends;
Revise unit 605, be used for revising according to the modify instruction of input the trading privilege information of described bank card;
Time determining unit 606 is used for determining to revise the time that trading privilege information is revised in unit 605;
Computing unit 607 is used for going out the first trading password according to the Time Calculation of revising the modification trading privilege information that the bank card business dealing authority information revised unit 605 and time determining unit 606 determine;
The second ciphering unit 608, the first trading password that is used for by the first key that prestores computing unit 607 being calculated, the time of revising the modification trading privilege information that the bank card business dealing authority information revised unit 605 and time determining unit 606 determine are encrypted as the second enciphered message together;
The second transmitting element 609 is used for sending the second enciphered message that the second ciphering unit 608 encrypts to target bank backstage.
For the user who holds described terminal is carried out identity validation, this terminal also comprises:
Login password recognition unit 610, be used for before acquiring unit 601 obtains bank card number, receive the login password of input, and judge whether the login password that receives is identical with the password of authorizing in advance, if described login password is identical with the password of authorizing in advance, then allow described acquiring unit 601 to obtain bank card number; If described login password is not identical with the password of authorizing in advance, then send the counting instruction to counting unit 611.
Counting unit 611 is used for according to the counting instruction that login password recognition unit 610 sends judged result being counted for not identical number of times.
Locking unit 612 is used for when numerical value that counting unit 611 is counted reaches day pre-determined number within a predetermined period of time, in this terminal of date inner locking corresponding to this time period.And the numerical value of counting when counting unit 611 is when reaching predetermined total degree, then indefinite duration the locking terminal.
Need to prove; the function that all are approximate also can be realized by a unit in the akin unit of function in the present embodiment; can be used as the task that a transmitting element realizes sending first, second enciphered message such as the first transmitting element 603 and the second transmitting element 609; those skilled in the art can arrange according to actual conditions; present embodiment does not carry out combination restriction to the unit of such approximation function at this; so this can not be regarded as the restriction to protection domain of the present invention, in like manner the first ciphering unit and the second ciphering unit also are like this.
Hence one can see that, the described bank card business dealing rights management of present embodiment terminal is after the affirmation that obtains the bank backstage, can apply for modification to the bank card business dealing authority by the bank card business dealing authority information of uploading modification, the bank backstage is by determining the legitimacy of terminal to apply to the checking computations of the first trading password, if checking computations are correct, just the application of terminal is processed.And the user is by using this terminal can finish management to the bank card business dealing authority, need not the queuing of bank cabinet face handles corresponding service and realizes administrative purposes, not only safe and reliable, guaranteed the safety of customer transaction, and alleviated the pressure of bank's cabinet face, greatly improved the efficient of bank card business dealing rights management simultaneously.
Above-described specific embodiment; purpose of the present invention, technical scheme and beneficial effect are further described; institute is understood that; the above only is specific embodiments of the invention; the protection domain that is not intended to limit the present invention; within the spirit and principles in the present invention all, any modification of making, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (16)

1. a bank card business dealing right management method is characterized in that, described method comprises:
User's side bank card business dealing rights management terminal is obtained bank card number, and sends the enciphered message of PIN (Personal Identification Number) and the described bank card number of described terminal being encrypted by the first key to target bank backstage;
Described target bank backstage goes out described PIN (Personal Identification Number) and described bank card number in the described enciphered message by the second secret key decryption, and determines user's unique identification according to described PIN (Personal Identification Number) and described bank card number;
After described terminal receives definite information that described target bank backstage sends, according to the bank card business dealing authority information of revising and time of determining to revise described trading privilege information, the time that calculates the first trading password and bank card business dealing authority information that will described the first trading password, modification and determine to revise described trading privilege information is through the backstage transmission of the backward described target of described the first secret key encryption bank;
Described the first trading password that described target bank backstage goes out to receive by described the second secret key decryption, the bank card business dealing authority information of modification and the time of determining to revise described trading privilege information, according to the bank card business dealing authority information of revising and definite time of revising described trading privilege information described the first trading password is checked, if checking computations are correct, then described target bank backstage is according to the trading privilege of the described bank card of trading privilege information management of described modification.
2. method according to claim 1 is characterized in that, before described terminal got access to bank card number, described method also comprised:
Described terminal receives the login password of input, and judges whether the described login password that receives is identical with the password of authorizing in advance, if described login password is identical with the password of authorizing in advance, then carries out the step that gets access to bank card number.
3. method according to claim 2 is characterized in that, when whether the described login password that receives in described terminal judges was identical with the password of authorizing in advance, described method also comprised:
If described login password is not identical with the password of authorizing in advance, then judged result is counted for not identical number of times;
When count value reached day pre-determined number within a predetermined period of time, described terminal was at date inner locking corresponding to described time period.
4. method according to claim 3 is characterized in that, described method also comprises:
When count value reaches predetermined total degree, described terminal locking in indefinite duration.
5. method according to claim 1 is characterized in that, before described terminal got access to bank card number, described method also comprised:
Obtain the finger print information that collects, and whether compare the described finger print information that collects identical with pre-stored finger print information, if the finger print information that collects is identical with pre-stored finger print information, then carry out the step that gets access to bank card number.
6. method according to claim 1 is characterized in that, described target bank determines that according to described PIN (Personal Identification Number) and described bank card number user's unique identification comprises in the backstage:
Described PIN (Personal Identification Number) and each self-corresponding user's unique identification of described bank card number are searched in the backstage by described target bank;
Judge whether each the self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number that finds is identical, if it is identical to judge each self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number, then sends to described terminal and determine information.
7. method according to claim 1 is characterized in that, described target bank backstage according to the bank card business dealing authority information of revising and the time of determining to revise described trading privilege information described the first trading password checked comprise:
According to the bank card business dealing authority information of revising and definite Time Calculation the second trading password of revising described trading privilege information;
Judge whether described the second trading password is identical with described the first trading password, if described the second trading password is identical with described the first trading password, then checking computations are correct.
8. the described method of any one is characterized in that according to claim 1-7, and the mode of interactive information comprises between described terminal and target bank backstage:
Described terminal is directly mutual by personal computer and the target bank backstage of interconnection network by the mutual or described terminal of network and target bank backstage.
9. a bank card transaction privilege management system is characterized in that, described system comprises:
User's side bank card business dealing rights management terminal, be used for obtaining bank card number, and send the enciphered message of PIN (Personal Identification Number) and the described bank card number of described terminal being encrypted by the first key to target bank backstage, after receiving definite information that described target bank backstage sends, according to the bank card business dealing authority information of revising and definite time of revising described trading privilege information, calculate the first trading password also with described the first trading password, the time that the bank card business dealing authority information of revising and determining is revised described trading privilege information sends through the backward described target of described the first secret key encryption bank backstage;
Target bank backstage, be used for going out by the second secret key decryption described PIN (Personal Identification Number) and the described bank card number of described enciphered message, and determine user's unique identification according to described PIN (Personal Identification Number) and described bank card number, described the first trading password that goes out to receive by described the second secret key decryption, the bank card business dealing authority information of revising and the time of determining to revise described trading privilege information, according to the bank card business dealing authority information of revising and definite time of revising described trading privilege information described the first trading password is checked, if checking computations are correct, then according to the trading privilege information management bank card business dealing authority of described modification.
10. system according to claim 9 is characterized in that,
Bank card business dealing rights management terminal, also be used for before getting access to bank card number, receiving the login password of input, and judge whether the described login password that receives is identical with the password of authorizing in advance, if described login password is identical with the password of authorizing in advance, then obtain bank card number.
11. system according to claim 10 is characterized in that,
Bank card business dealing rights management terminal, also be used for when the password of judging the described login password that receives and in advance mandate is not identical, judged result is counted for not identical number of times, when count value reaches day pre-determined number within a predetermined period of time, at date inner locking corresponding to described time period.
12. system according to claim 11 is characterized in that,
Bank card business dealing rights management terminal also is used for when count value reaches predetermined total degree, indefinite duration locking.
13. system according to claim 9 is characterized in that,
Bank card business dealing rights management terminal, also be used for before getting access to bank card number, obtain the finger print information that collects, whether and it is identical with pre-stored finger print information to compare the described finger print information that collects, if the finger print information that collects is identical with pre-stored finger print information, then get access to bank card number.
14. system according to claim 9, it is characterized in that, target bank backstage is when determining user's unique identification according to described PIN (Personal Identification Number) and described bank card number, concrete for searching described PIN (Personal Identification Number) and each self-corresponding user's unique identification of described bank card number, judge whether each the self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number that finds is identical, if it is identical to judge each self-corresponding user's unique identification of described PIN (Personal Identification Number) and described bank card number, then sends to described terminal and determine information.
15. system according to claim 9, it is characterized in that, when target bank backstage checked described the first trading password in the time according to the bank card business dealing authority information of revising and the described trading privilege information of definite modification, specifically according to the bank card business dealing authority information of revising and definite Time Calculation the second trading password of revising described trading privilege information, judge whether described the second trading password is identical with described the first trading password, if described the second trading password is identical with described the first trading password, then checking computations are correct.
16. the described system of any one is characterized in that according to claim 9-15, the mode of interactive information comprises between described terminal and target bank backstage:
Described terminal is directly mutual by personal computer and the target bank backstage of interconnection network by the mutual or described terminal of network and target bank backstage.
CN 201010526499 2010-10-29 2010-10-29 Method, system and terminal for managing transaction authority of bank card Active CN101986355B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201010526499 CN101986355B (en) 2010-10-29 2010-10-29 Method, system and terminal for managing transaction authority of bank card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201010526499 CN101986355B (en) 2010-10-29 2010-10-29 Method, system and terminal for managing transaction authority of bank card

Publications (2)

Publication Number Publication Date
CN101986355A CN101986355A (en) 2011-03-16
CN101986355B true CN101986355B (en) 2013-02-13

Family

ID=43710700

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201010526499 Active CN101986355B (en) 2010-10-29 2010-10-29 Method, system and terminal for managing transaction authority of bank card

Country Status (1)

Country Link
CN (1) CN101986355B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104240387B (en) * 2013-06-21 2019-03-29 北京数码视讯科技股份有限公司 Bank card business dealing handles method and system
CN103906062B (en) * 2014-04-22 2017-09-01 陈勇 A kind of owner's authentication method of wireless router, apparatus and system
CN105550859A (en) * 2015-07-30 2016-05-04 宇龙计算机通信科技(深圳)有限公司 Method and apparatus for service data transfer between accounts
CN106447921A (en) * 2016-08-26 2017-02-22 合肥若涵信智能工程有限公司 Bank card reader
CN106651318A (en) * 2016-12-28 2017-05-10 中国建设银行股份有限公司 Enterprise-level flow setting method and system
CN107016537A (en) * 2017-04-12 2017-08-04 杭州纳戒科技有限公司 Stored value card management method and device
CN113411347B (en) * 2021-06-30 2023-02-28 中国农业银行股份有限公司 Transaction message processing method and processing device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7207478B1 (en) * 1999-11-30 2007-04-24 Diebold, Incorporated Check accepting and cash dispensing automated banking machine system and method
CN1975793A (en) * 2006-12-22 2007-06-06 中国建设银行股份有限公司 Method and system for dynamic realizing self-service equipment function
CN101183468A (en) * 2006-11-13 2008-05-21 杨文烈 Terminal login system and method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SE525418C2 (en) * 2000-03-19 2005-02-15 Efb Energifoerbaettringar Ab payment
US7181416B2 (en) * 2000-06-08 2007-02-20 Blackstone Corporation Multi-function transaction processing system
CN202033843U (en) * 2010-10-29 2011-11-09 中国工商银行股份有限公司 Bank card transaction privilege management system and terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7207478B1 (en) * 1999-11-30 2007-04-24 Diebold, Incorporated Check accepting and cash dispensing automated banking machine system and method
CN101183468A (en) * 2006-11-13 2008-05-21 杨文烈 Terminal login system and method
CN1975793A (en) * 2006-12-22 2007-06-06 中国建设银行股份有限公司 Method and system for dynamic realizing self-service equipment function

Also Published As

Publication number Publication date
CN101986355A (en) 2011-03-16

Similar Documents

Publication Publication Date Title
US10832245B2 (en) Universal secure registry
CN101986355B (en) Method, system and terminal for managing transaction authority of bank card
CN102880960B (en) Based on the payment by using short messages method and system of fingerprint recognition mobile phone
EP2648163B1 (en) A personalized biometric identification and non-repudiation system
US9386003B2 (en) System and method for secure transactions
KR102171568B1 (en) A voter terminal, an authentication server, a voting server, and Electronic voting system
CN101277191B (en) Non-repudiation for digital content delivery
CN107094154B (en) Intelligent password network real-name system identity management method and platform
CN108712389B (en) Intelligent lock system
CN104126292A (en) Strong authentication token with visual output of pki signatures
CN103985036A (en) Two-dimension code payment method with biological characteristics
CN102394896A (en) Privacy-protection fingerprint authentication method and system based on token
WO2018133674A1 (en) Method of verifying and feeding back bank payment permission authentication information
JP2004127142A (en) Authentication method and system and entrance/exit management method and system using the method and system
CN106911722B (en) Intelligent password signature identity authentication bidirectional authentication method and system
CN101145233A (en) Data ciphered-mortgage transaction system, teller identification system, trans-center transaction system and method
CN105205944A (en) Self-service deposit and withdrawal system based on intelligent terminal
CN100412840C (en) User identification with improved password input method
CN104135480A (en) Entrance guard authorization system and entrance guard authorization method
US10686777B2 (en) Method for establishing protected electronic communication, secure transfer and processing of information among three or more subjects
CN110866763A (en) Ticket buying system based on block chain architecture
KR20020091418A (en) System for operation and management of water supply facilities
CN112329004A (en) Method and device for face recognition and face password
CA2974861C (en) Method for managing authorizations in an arrangement having multiple computing systems
CN202033843U (en) Bank card transaction privilege management system and terminal

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant