CN102263792A - Wireless security key equipment, electronic commerce service system and method - Google Patents

Wireless security key equipment, electronic commerce service system and method Download PDF

Info

Publication number
CN102263792A
CN102263792A CN2011102244558A CN201110224455A CN102263792A CN 102263792 A CN102263792 A CN 102263792A CN 2011102244558 A CN2011102244558 A CN 2011102244558A CN 201110224455 A CN201110224455 A CN 201110224455A CN 102263792 A CN102263792 A CN 102263792A
Authority
CN
China
Prior art keywords
module
wireless
information
security key
portable terminal
Prior art date
Application number
CN2011102244558A
Other languages
Chinese (zh)
Inventor
常钧
徐玮
张露露
Original Assignee
常钧
徐玮
张露露
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 常钧, 徐玮, 张露露 filed Critical 常钧
Priority to CN2011102244558A priority Critical patent/CN102263792A/en
Publication of CN102263792A publication Critical patent/CN102263792A/en

Links

Abstract

The invention provides wireless security key equipment, an electronic commerce service system and an electronic commerce service method. The wireless security key equipment comprises a storage module, a service request module and a first wireless transmission module, wherein the storage module is used for storing a public key and a private key; the service request module is connected with the storage module and used for subscribing received service information according to the private key and generating and transmitting service request information; and the first wireless transmission module is connected with the service request module and used for transmitting the wirelessly received service information to the service request module and wirelessly transmitting the service request information received from the service request module. By the wireless security key equipment, the electronic commerce service system and the electronic commerce service method provided by the invention, the subscription encryption process of the service information is finished in the wireless security key equipment to prevent the subscription encryption process from being cracked by a Trojan program and greatly improve the security of electronic commerce realized by a mobile terminal.

Description

Wireless security key devices, electronic commerce affair system and method

Technical field

The present invention relates to the portable terminal safe practice, relate in particular to a kind of wireless security key devices, electronic commerce affair system and method.

Background technology

Along with the extensive use of 3G network and smart mobile phone, increasing user carries out electronic commerce affair by smart mobile phone.Traditional ecommerce is based on the general internet user's, and this type of user carries out E-business applications by PC, and the safe practice on the PC is comparative maturity relatively.And the operating system of intelligent terminal and its built-in browser are all poor with the support of the safety insert that prevents wooden horse to digital certificate, can not guarantee the electronic commerce affair safety of portable terminal.The private key of storing on portable terminal in order to carry out professional signature is intercepted and captured by rogue programs such as wooden horses, and user's identity just might be by counterfeit, and the user is caused damage.

Summary of the invention

The invention provides a kind of wireless security key devices, electronic commerce affair system and method, carry out safety of electrical business by portable terminal to improve.

The invention provides a kind of wireless security key devices, comprising:

Memory module is used for storage of public keys and private key;

The service request module links to each other with described memory module, and described service request module is used for according to described private key the business information that receives being signed, and generates service requesting information and transmission;

First wireless transport module, link to each other with described service request module, described first wireless transport module be used for wireless receiving to described business information send to described service request module, and the service requesting information wireless transmission that will receive from described service request module.

The invention provides a kind of electronic commerce affair system, comprise portable terminal, e-commerce server and wireless security key devices provided by the invention;

Described portable terminal comprises second wireless transport module, wireless communication module and business information generation module;

Described business information generation module is used to generate business information and sends;

Described second wireless transport module links to each other with described wireless communication module with described business information generation module respectively, the described business information that described second wireless transport module is used for receiving from described business information generation module is wirelessly sent to described wireless security key devices, and will from described wireless security key devices wireless receiving to service requesting information send to described wireless communication module;

Described wireless communication module is used for described service requesting information is wirelessly sent to described e-commerce server;

Described e-commerce server is used for according to PKI the described service requesting information that receives being carried out signature verification, if the signature verification success is then carried out described service requesting information corresponding service and handled.

The invention provides a kind of electronic commerce affair method, comprising:

The business information that wireless security key devices wireless receiving portable terminal sends;

Described wireless security key devices is signed to described business information according to private key, generates service requesting information;

Described wireless security key devices is to the described service requesting information of described portable terminal wireless transmission.

As shown from the above technical solution, wireless security key devices provided by the invention, electronic commerce affair system and method, the wireless security key devices is signed to the business information of portable terminal wireless transmission according to private key, generate service requesting information, be wirelessly sent to portable terminal, portable terminal offers e-commerce server with this service requesting information, so that e-commerce server carries out signature authentication according to obtaining PKI in advance to this service requesting information.Because this private key is stored in the wireless security key devices all the time, and is not stored in the portable terminal, even portable terminal has suffered rogue programs such as wooden horse, this private key can not intercepted and not captured yet.And the ciphering process of business information finished in the wireless security key devices, realized preventing that the encrypted signature process from being cracked by trojan horse program, improved greatly by portable terminal and carried out safety of electrical business.

Description of drawings

A kind of wireless security key devices structural representation that Fig. 1 provides for the embodiment of the invention;

The another kind of wireless security key devices structural representation that Fig. 2 provides for the embodiment of the invention;

The electronic commerce affair system configuration schematic diagram that Fig. 3 provides for the embodiment of the invention;

The electronic commerce affair method flow diagram that Fig. 4 provides for the embodiment of the invention.

Reference numeral:

51-wireless security key devices; The 52-portable terminal;

The 53-e-commerce server; The 1-memory module;

11-service request module; 12-first wireless transport module;

The 13-key production module; The 14-input module;

The 15-display module; 16-earphone module;

The 17-microphone module; The 18-sound identification module;

The 19-voice cue module; 21-second wireless transport module;

The 22-wireless communication module; 23-business information generation module.

Embodiment

For the purpose, technical scheme and the advantage that make the embodiment of the invention is clearer,, the technical scheme in the embodiment of the invention is clearly and completely described below in conjunction with the embodiment of the invention.Need to prove that in accompanying drawing or specification, similar or components identical is all used identical Reference numeral.

A kind of wireless security key devices structural representation that Fig. 1 provides for the embodiment of the invention.The wireless security key devices 51 that present embodiment provides specifically can be at the portable terminal 52 by having wireless transport module as smart mobile phone, personal digital assistant (Personal Digital Assistant, be called for short PDA) or personal computer etc. business information is carried out encrypted signature when carrying out electronic commerce affair, electronic commerce affair can be Internet-based banking services, contactless payment business etc.The wireless security key devices 51 that present embodiment provides specifically comprises memory module 1, service request module 11 and first wireless transport module 12.Memory module 1 is used for storage of public keys and private key.Service request module 11 links to each other with memory module 1, and service request module 11 is used for according to private key the business information that receives being signed, and generates service requesting information and transmission.First wireless transport module 12 links to each other with service request module 11, first wireless transport module 12 be used for wireless receiving to business information send to service request module 11, and the service requesting information wireless transmission that will receive from professional request module 11.

Concrete, PKI and private key can generate in advance, are stored in the memory module 1 of wireless security key devices 51, also can be that wireless security key devices 51 generates according to service needed according to default key schedule, and be stored in the memory module 1.Business information can be in the electronic commerce affair process, the user imports by the input equipment of portable terminal 52, specifically can comprise account information, encrypted message and Transaction Information etc., portable terminal 52 is with this business information wireless transmission, this business information of first wireless transport module, 12 wireless receivings of wireless security key devices 51, and this business information is offered service request module 11 handle.First wireless transport module 12 is specifically as follows bluetooth module, infrared module, radio universal serial bus (Universal Serial Bus, abbreviation USB) module, WiMAX (Wireless Fidelity is called for short WiFi) module or ZigBee (purple peak) interface module etc. have the module of wireless transmission function.Service request module 11 by private key to the business information generation service requesting information of signing, again with this service requesting information by the moving terminal 52 of first wireless transport module, 12 wireless transmission travelling backwards.

In ensuing electronic commerce affair process, portable terminal 52 sends to e-commerce server 53 with this service requesting information, this e-commerce server 53 can be Unionpay's server or other service provider's servers, e-commerce server 53 has above-mentioned PKI, this PKI can obtain from wireless security key devices 51 for portable terminal 52, and offers e-commerce server 53.When e-commerce server 53 receives this service requesting information, service requesting information is carried out signature verification,, then carry out corresponding service processing if be proved to be successful by PKI.If authentication failed then can be returned Fail Transaction information.

The wireless security key devices 51 that present embodiment provides by the setting of memory module 1, stores PKI and private key, and service request module 11 is signed to the business information that portable terminal 52 sends according to this private key.Because this private key is stored in the memory module 1 of wireless security key devices 51 all the time, and is not stored in 52 li of portable terminals, even portable terminal 52 has suffered rogue programs such as wooden horse, this private key can not intercepted and not captured yet.And the encrypted signature process of business information finished in wireless security key devices 51, realized preventing that the encrypted signature process from being cracked by trojan horse program, improved greatly by portable terminal 52 and carried out safety of electrical business.

The another kind of wireless security key devices structural representation that Fig. 2 provides for the embodiment of the invention.As shown in Figure 2, in the present embodiment, this wireless security key devices 51 specifically also comprises key production module 13.Key production module 13 links to each other with first wireless transport module 12 with memory module 1 respectively, key production module 13 is used for when receiving the certificate request instruction, generate private key and PKI according to default key schedule, private key and PKI are sent to memory module 1, and PKI is sent to first wireless transport module 12.Correspondingly, first wireless transport module 12 also links to each other with memory module 1, first wireless transport module 12 also is used for the PKI wireless transmission that will receive from key production module 13, and the digital certificate of wireless receiving PKI correspondence, and digital certificate is sent to memory module 1.Memory module 1 also is used to store digital certificate.Service request module 11 also is used for the business information packing behind digital certificate and the signature is generated service requesting information.

The certificate request instruction is concrete also can be the instruction in order to designation number certificate request of user by the input equipment input of portable terminal, portable terminal 52 is with this certificate request instruction wireless transmission, first wireless transport module, the 12 acceptance certificate applications instruction of wireless security key devices 51, and send to key production module 13, key production module 13 is when receiving this certificate request instruction, generate PKI and private key according to default key schedule, default key schedule is specifically as follows RSA (Rivest-Shamir-Adleman), Elgamal, knapsack algorithm, Rabin or elliptic curve cipher coding theory asymmetric-key encryption algorithms such as (Elliptic Curves Cryptography are called for short ECC).Key production module 13 is stored in private key and the PKI that generates in the memory module 1, by private key business information is signed in the electronic commerce affair process.Key production module 13 is wirelessly sent to portable terminal 52 with PKI by first wireless transport module 12, portable terminal 52 sends to e-commerce server 53 with this PKI again, e-commerce server 53 generates digital certificate according to this PKI and user profile, specifically can comprise the signing messages of user profile, PKI and e-commerce server 53 in the digital certificate.The personal information that user profile can provide to bank or ecommerce provider when electronic commerce affair is handled in application for the user, bank or ecommerce provider store this identity information in the database into, and be that the user distributes the authorization code corresponding with identity information, the user provides this authorization code to e-commerce server 53 when carrying out applying digital certificate, so that e-commerce server 53 obtains corresponding identity information with it.Identity information also can be the personal information of user by portable terminal 52 submissions, and user profile can comprise name information, ID card information etc.E-commerce server 53 sends to the handover terminal with digital certificate, and portable terminal 52 is wirelessly sent to digital certificate first wireless transport module 12 of wireless security key devices 51 again.

When storing PKI, private key and digital certificate in the memory module 1, the user carries out in the electronic commerce affair process, business information is wirelessly sent to first wireless transport module 12 of wireless security key devices 51 by portable terminal 52, first transport module sends to service request module 11 with business information, the business information packing of service request module 11 with digital certificate and after signing generates service requesting information, and being wirelessly sent to portable terminal 52 by first wireless transport module 12, portable terminal 52 is submitted to e-commerce server 53 with this service requesting information.E-commerce server 53 is verified the digital certificate of service requesting information earlier, according to the PKI that comprises in the digital certificate service requesting information is carried out signature verification again, if all successes of digital certificate checking and signature verification, then carry out the service requesting information corresponding service processing, if authentication failed is then returned Fail Transaction information to portable terminal 52.

In the present embodiment, service request module 11 can also generate the business information summary by default digest algorithm according to business information earlier, again summary of the business information after this business information, the private key signature and digital certificate packing is formed service requesting information.Portable terminal 52 sends to e-commerce server 53 with this service requesting information, e-commerce server 53 at first verifies the digital certificate in this service requesting information, is decrypted business information summary after obtaining deciphering by the business information summary of PKI after to private key signature.By default digest algorithm the business information that receives is carried out digest calculations and generate server end business information summary.Whether the business information summary after the comparison deciphering is consistent with server end business information summary then.If consistent, illustrate that service requesting information do not distorted by intercepting and capturing, with the fail safe in the raising service requesting information transmission course.

In the present embodiment, setting by key production module 13, generate PKI and private key, and PKI radioed to portable terminal 52 by first wireless transport module 12, portable terminal 52 sends to e-commerce server 53 with PKI, obtaining the digital certificate of PKI correspondence, the business information packing of service request module 11 after with digital certificate and private key signature generates service requesting information.The e-commerce server 53 that receives this service requesting information can verify whether the identity that checking sends the user of this service requesting information is trusty, can further improve the fail safe of electronic commerce affair to digital certificate.And this digital certificate also is stored in the memory module 1 of wireless security key devices 51, avoided easily being intercepted and captured in the portable terminal 52 or portable terminal 52 is lost the problem that back PKI, private key, digital certificate are lost simultaneously because of being stored in.

In the present embodiment, this wireless security key devices 51 can also comprise input module 14 and display module 15, input module 14 links to each other with service request module 11, input module 14 is used for generating the first signature indication information according to the operational order that receives, and the first signature indication information is sent to service request module 11.Display module 15 links to each other with first wireless transport module 12, and the business information that display module 15 is used for receiving according to first wireless transport module 12 generates display message and shows.Correspondingly, service request module 11 also is used for the business information that receives being signed according to private key if judge when knowing the first signature indication information for the execution signature operation.

Input module 14 is specifically as follows keyboard or touch-screen or fingerprint identification module etc., and display module 15 can be LCDs or light-emitting diode (Light Emitting Diode is called for short LED) display screen etc.Display module 15 can generate business information display message and show, concrete, Transaction Information that produces in the electronic commerce affair process and confirmation can show for the user by display module 15, the user can confirm and operation acknowledgement information by input module 14 input operations instruction, carry out signature operation with 11 pairs of business information of control service request module.The business information that sends when portable terminal 52 is not by Client-initiated, but initiate by trojan horse program, if then the user does not pass through input module 14 input operation confirmation commands in the certain hour, then this electronic commerce affair is cancelled automatically, has further improved by portable terminal 52 and has carried out the fail safe of electronic commerce affair.

In the present embodiment, this wireless security key devices 51 specifically can also comprise earphone module 16 and microphone module 17.Earphone module 16 is used for first audio signal that receives is decoded, and generates first acoustic information.Microphone module 17 is used for second acoustic information that receives is encoded, and generates second audio signal and transmission.Correspondingly, first wireless transport module 12 also links to each other with microphone module 17 with earphone module 16 respectively, first wireless transport module 12 also be used for wireless receiving to first audio signal send to earphone module 16, and will receive the second audio signal wireless transmission from microphone module 17.

By earphone module 16 and microphone module 17 are set in wireless security key devices 51, can make earphone module 16 and microphone module 17 all carry out data interaction with portable terminal 52 by first wireless transport module 12, in electronic commerce affair, carry out communication, improved the utilance of resource.

In the present embodiment, this wireless security key devices 51 specifically can also comprise sound identification module 18 and voice cue module 19, sound identification module 18 links to each other with earphone module 16, microphone module 17 and service request module 11 respectively, sound identification module 18 is used for extracting the customer information of first audio signal or second audio signal, extract the control information in second audio signal, generate the second signature indication information according to control information, and the second signature indication information is sent to service request module 11.Voice cue module 19 links to each other with earphone module 16 with first wireless transport module 12 respectively, and the business information that voice cue module 19 is used for receiving according to first wireless transport module 12 produces voice messaging, and voice messaging is sent to earphone module 16.Correspondingly, service request module 11 also is used for according to private key the described business information that receives being signed, and customer information being added in the business information if judge when knowing the second signature indication information for the execution signature operation.

Concrete voice cue module 19 can be Text To Speech (Text To Speech is called for short TTS) voice module.Sound identification module 18 can identification extraction first audio signal or second audio signal in customer information and the control information in second audio signal, customer information specifically can comprise number of the account, name and the amount information etc. that the user need transfer accounts, control information is specifically as follows the operational order of information or operation acknowledgement, generate the second signature indication information according to this control information, with the processing of signing of 11 pairs of business information of control service request module.Need not the input module 14 of user by portable terminal 52 or wireless security key devices 51 and carry out manual operation, sound identification module 18 not only can be discerned the phonetic order that user oneself sends, and can also discern the account information with the opposing party of user's communication.When the needs user confirmed relationship trading information, the TTS voice module was used speech synthesis technique relevant information is listened to the user by earphone module 16 thoughts.

In the present embodiment, this wireless security key devices 51 specifically also comprises battery and power management module (not shown).This battery can be arranged in the wireless security key devices 51, also can be arranged on outside the wireless security key devices 51, is 51 power supplies of wireless security key devices.Power management module is used for managing power supply strategies such as the power supply of each module and standby, dormancy.For some portable terminal 52, this battery and power management module can also charge to portable terminal 52, guarantee that portable terminal has enough electric power to finish relationship trading and application.

The electronic commerce affair system configuration schematic diagram that Fig. 3 provides for the embodiment of the invention.As shown in Figure 3, the electronic commerce affair system that provides of present embodiment comprises the wireless security key devices 51 that portable terminal 52, e-commerce server 53 and any embodiment of the present invention provide.Portable terminal 52 comprises second wireless transport module 21, wireless communication module 22 and business information generation module 23.Business information generation module 23 is used to generate business information and sends.Second wireless transport module 21 links to each other with wireless communication module 22 with business information generation module 23 respectively, the business information that second wireless transport module 21 is used for receiving from professional information generating module 23 is wirelessly sent to wireless security key devices 51, and will from wireless security key devices 51 wireless receivings to service requesting information send to wireless communication module 22.Wireless communication module 22 is used for service requesting information is wirelessly sent to e-commerce server 53.E-commerce server 53 is used for according to PKI the service requesting information that receives being carried out signature verification, if the signature verification success is then carried out the service requesting information corresponding service and handled.

The wireless security key devices 51 that present embodiment provides can be realized the described electronic commerce affair process of the foregoing description, and this repeats no more.

The electronic commerce affair system that present embodiment provides, setting by wireless security key devices 51, can store PKI and the private key encrypted in order to business datum, wireless security key devices 51 is signed to the business information of portable terminal 52 wireless transmissions according to private key, generate service requesting information, be wirelessly sent to portable terminal 52, portable terminal 52 offers e-commerce server 53 with this service requesting information, so that e-commerce server 53 carries out signature authentication according to obtaining PKI in advance to this service requesting information.Because this private key is stored in the wireless security key devices 51 all the time, and is not stored in 52 li of portable terminals, even portable terminal 52 has suffered rogue programs such as wooden horse, this private key can not intercepted and not captured yet.And the encrypted signature process of business information finished in wireless security key devices 51, realized preventing that ciphering process from being cracked by trojan horse program, improved greatly by portable terminal 52 and carried out safety of electrical business.

The electronic commerce affair method flow diagram that Fig. 4 provides for the embodiment of the invention.As shown in Figure 4, the electronic commerce affair method that present embodiment provides can realize that specifically this repeats no more its specific implementation process prescription by the wireless security key devices that any embodiment of the present invention provides.

The electronic commerce affair method that present embodiment provides specifically comprises:

The business information that step 10, wireless security key devices wireless receiving portable terminal send;

Step 20, wireless security key devices are signed to business information according to private key, generate service requesting information;

Step 30, wireless security key devices are to portable terminal wireless transmission service requesting information.

The electronic commerce affair method that present embodiment provides, the wireless security key devices is signed to the business information of portable terminal wireless transmission according to private key, generate service requesting information, be wirelessly sent to portable terminal, portable terminal offers e-commerce server with this service requesting information, so that e-commerce server carries out signature authentication according to obtaining PKI in advance to this service requesting information.Because this private key is stored in the wireless security key devices all the time, and is not stored in the portable terminal, even portable terminal has suffered rogue programs such as wooden horse, this private key can not intercepted and not captured yet.And the ciphering process of business information finished in the wireless security key devices, realized preventing that the encrypted signature process from being cracked by trojan horse program, improved greatly by portable terminal and carried out safety of electrical business.

In the present embodiment, step 10 before the business information that wireless security key devices wireless receiving portable terminal sends, specifically can also comprise the steps:

Step 40, when wireless security key devices wireless receiving during to certificate request instruction that portable terminal sends, generate private key and PKI and store according to default key schedule;

Step 50, wireless security key devices are to portable terminal wireless transmission PKI;

The digital certificate of the PKI correspondence that step 60, wireless security key devices wireless receiving portable terminal send and storage;

Correspondingly, step 20, wireless security key devices are signed to business information according to private key, generate service requesting information, specifically can comprise:

Step 201, wireless security key devices are signed to business information according to private key, again the business information packing behind digital certificate and the signature are generated service requesting information.

In the present embodiment, step 30, the wireless security key devices specifically can also comprise after portable terminal wireless transmission service requesting information:

Step 70, portable terminal send to e-commerce server with service requesting information;

Step 80, e-commerce server carry out signature verification according to PKI to the service requesting information that receives, and the digital certificate in the described service requesting information verified, if signature verification and all successes of digital certificate checking are then carried out the service requesting information corresponding service and are handled.

In the present embodiment, step 50, wireless security key devices before the digital certificate and storage of the PKI correspondence that step 60, wireless security key devices wireless receiving portable terminal send, also comprise after portable terminal wireless transmission PKI:

Step 90, portable terminal are wirelessly sent to e-commerce server with PKI;

Step 100, e-commerce server generate digital certificate according to user profile that gets access to and PKI, and digital certificate are wirelessly sent to portable terminal.

It should be noted that at last: above embodiment only in order to technical scheme of the present invention to be described, is not intended to limit; Although with reference to previous embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that previous embodiment is put down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.

Claims (10)

1. a wireless security key devices is characterized in that, comprising:
Memory module is used for storage of public keys and private key;
The service request module links to each other with described memory module, and described service request module is used for according to described private key the business information that receives being signed, and generates service requesting information and transmission;
First wireless transport module, link to each other with described service request module, described first wireless transport module be used for wireless receiving to described business information send to described service request module, and the service requesting information wireless transmission that will receive from described service request module.
2. wireless security key devices according to claim 1 is characterized in that, also comprises:
Key production module, link to each other with described first wireless transport module with described memory module respectively, described key production module is used for when receiving the certificate request instruction, generate described private key and described PKI according to default key schedule, described private key and described PKI are sent to described memory module, and described PKI is sent to described first wireless transport module;
Correspondingly, described first wireless transport module also links to each other with described memory module, described first wireless transport module also is used for the described PKI wireless transmission that will receive from described key production module, and the digital certificate of the described PKI correspondence of wireless receiving, and described digital certificate sent to described memory module;
Described memory module also is used to store described digital certificate;
Described service request module also is used for the business information packing behind described digital certificate and the signature is generated described service requesting information.
3. wireless security key devices according to claim 1 and 2 is characterized in that, also comprises:
Input module links to each other with described service request module, and described input module is used for generating the first signature indication information according to the operational order that receives, and the described first signature indication information is sent to described service request module;
Display module is connected with described first wireless transport module, and described display module is used for generating display message and demonstration according to the described business information that described first wireless transport module receives;
Correspondingly, described service request module also is used for the described business information that receives being signed according to described private key if judge when knowing the described first signature indication information for the execution signature operation.
4. wireless security key devices according to claim 3 is characterized in that, also comprises:
The earphone module is used for first audio signal that receives is decoded, and generates first acoustic information;
Microphone module is used for second acoustic information that receives is encoded, and generates second audio signal and transmission;
Correspondingly, described first wireless transport module also links to each other with described microphone module with described earphone module respectively, described first wireless transport module also be used for wireless receiving to described first audio signal send to described earphone module, and will receive the described second audio signal wireless transmission from described microphone module.
5. wireless security key devices according to claim 4 is characterized in that, also comprises:
Sound identification module, link to each other with described earphone module, described microphone module and described service request module respectively, described sound identification module is used for extracting the customer information of described first audio signal or described second audio signal, extract the control information in described second audio signal, generate the second signature indication information according to described control information, and the described second signature indication information is sent to described service request module;
Voice cue module, link to each other with described earphone module with described first wireless transport module respectively, described voice cue module is used for producing voice messaging according to the described business information that described first wireless transport module receives, and described voice messaging is sent to described earphone module;
Correspondingly, described service request module also is used for according to described private key the described business information that receives being signed, and described customer information being added in the described business information if judge when knowing the described second signature indication information for the execution signature operation.
6. electronic commerce affair system is characterized in that: comprise portable terminal, e-commerce server and as the arbitrary described wireless security key devices of claim 1-5;
Described portable terminal comprises second wireless transport module, wireless communication module and business information generation module;
Described business information generation module is used to generate business information and sends;
Described second wireless transport module links to each other with described wireless communication module with described business information generation module respectively, the described business information that described second wireless transport module is used for receiving from described business information generation module is wirelessly sent to described wireless security key devices, and will from described wireless security key devices wireless receiving to service requesting information send to described wireless communication module;
Described wireless communication module is used for described service requesting information is wirelessly sent to described e-commerce server;
Described e-commerce server is used for according to PKI the described service requesting information that receives being carried out signature verification, if the signature verification success is then carried out described service requesting information corresponding service and handled.
7. an electronic commerce affair method is characterized in that, comprising:
The business information that wireless security key devices wireless receiving portable terminal sends;
Described wireless security key devices is signed to described business information according to private key, generates service requesting information;
Described wireless security key devices is to the described service requesting information of described portable terminal wireless transmission.
8. electronic commerce affair method according to claim 7 is characterized in that, before the business information that described wireless security key devices wireless receiving portable terminal sends, also comprises:
When described wireless security key devices wireless receiving arrives the certificate request instruction of described portable terminal transmission, generate described private key and PKI and storage according to default key schedule;
Described wireless security key devices is to the described PKI of described portable terminal wireless transmission;
The digital certificate of the described PKI correspondence that the described portable terminal of described wireless security key devices wireless receiving sends and storage;
Correspondingly, described wireless security key devices is signed to described business information according to private key, generates service requesting information, comprising:
Described wireless security key devices is signed to described business information according to described private key, again the business information packing behind described digital certificate and the signature is generated described service requesting information.
9. electronic commerce affair method according to claim 8 is characterized in that, described wireless security key devices also comprises after the described service requesting information of described portable terminal wireless transmission:
Described portable terminal sends to described e-commerce server with described service requesting information;
Described e-commerce server carries out signature verification according to PKI to the described service requesting information that receives and the digital certificate in the described service requesting information is verified, if signature verification and all successes of digital certificate checking are then carried out described service requesting information corresponding service and are handled.
10. electronic commerce affair method according to claim 8, it is characterized in that, described wireless security key devices is after the described PKI of described portable terminal wireless transmission, before the digital certificate and storage of the described PKI correspondence that the described portable terminal of described wireless security key devices wireless receiving sends, also comprise:
Described portable terminal is wirelessly sent to described e-commerce server with described PKI;
Described e-commerce server generates described digital certificate according to the user profile and the described PKI that get access to, and described digital certificate is wirelessly sent to described portable terminal.
CN2011102244558A 2011-08-05 2011-08-05 Wireless security key equipment, electronic commerce service system and method CN102263792A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2011102244558A CN102263792A (en) 2011-08-05 2011-08-05 Wireless security key equipment, electronic commerce service system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2011102244558A CN102263792A (en) 2011-08-05 2011-08-05 Wireless security key equipment, electronic commerce service system and method

Publications (1)

Publication Number Publication Date
CN102263792A true CN102263792A (en) 2011-11-30

Family

ID=45010246

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2011102244558A CN102263792A (en) 2011-08-05 2011-08-05 Wireless security key equipment, electronic commerce service system and method

Country Status (1)

Country Link
CN (1) CN102263792A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102592377A (en) * 2012-02-29 2012-07-18 福建联迪商用设备有限公司 Method for realizing finance card terminal by Bluetooth mobile phone
CN102647410A (en) * 2012-03-14 2012-08-22 上海众人网络安全技术有限公司 Information safe system and method based on light sensation identification
CN102752117A (en) * 2012-07-24 2012-10-24 天地融科技股份有限公司 Dynamic password generating device and method and transaction system with dynamic password generating device
CN103944728A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data security interactive system
CN103944731A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data security interactive method
CN107979467A (en) * 2016-10-21 2018-05-01 中国移动通信有限公司研究院 Verification method and device

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030177363A1 (en) * 2002-03-15 2003-09-18 Kaoru Yokota Service providing system in which services are provided from service provider apparatus to service user apparatus via network
WO2006001710A1 (en) * 2004-06-25 2006-01-05 Buypass As Method for generating and verifying an electronic signature
CN201069581Y (en) * 2007-08-17 2008-06-04 潘铁军 A mobile payment system based on distributed secrete key
CN101448255A (en) * 2007-11-27 2009-06-03 飞力凯网路股份有限公司 Service provision system, service provision server as well as information terminal equipment
CN101668288A (en) * 2009-08-25 2010-03-10 钱袋网(北京)信息技术有限公司 Identity authenticating method, identity authenticating system and terminal
CN101778381A (en) * 2009-12-31 2010-07-14 卓望数码技术(深圳)有限公司 Digital certificate generation method, user key acquisition method, mobile terminal and device
CN101794420A (en) * 2009-12-31 2010-08-04 卓望数码技术(深圳)有限公司 Payment authentication method, terminal and system
CN101834946A (en) * 2010-05-11 2010-09-15 丁峰 Method for performing safe mobile phone payment and mobile phone for performing safe payment
CN101909287A (en) * 2010-06-25 2010-12-08 北京天地融科技有限公司 Method for carrying out transaction by using electronic signature tool for mobile phone and electronic signature device
CN102035654A (en) * 2010-12-29 2011-04-27 北京握奇数据系统有限公司 Identity authentication method, identity authentication equipment, server and identity authentication-based encryption method
CN202197405U (en) * 2011-08-05 2012-04-18 常钧 Wireless safe secret key apparatus and electronic business system

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030177363A1 (en) * 2002-03-15 2003-09-18 Kaoru Yokota Service providing system in which services are provided from service provider apparatus to service user apparatus via network
WO2006001710A1 (en) * 2004-06-25 2006-01-05 Buypass As Method for generating and verifying an electronic signature
CN201069581Y (en) * 2007-08-17 2008-06-04 潘铁军 A mobile payment system based on distributed secrete key
CN101448255A (en) * 2007-11-27 2009-06-03 飞力凯网路股份有限公司 Service provision system, service provision server as well as information terminal equipment
CN101668288A (en) * 2009-08-25 2010-03-10 钱袋网(北京)信息技术有限公司 Identity authenticating method, identity authenticating system and terminal
CN101778381A (en) * 2009-12-31 2010-07-14 卓望数码技术(深圳)有限公司 Digital certificate generation method, user key acquisition method, mobile terminal and device
CN101794420A (en) * 2009-12-31 2010-08-04 卓望数码技术(深圳)有限公司 Payment authentication method, terminal and system
CN101834946A (en) * 2010-05-11 2010-09-15 丁峰 Method for performing safe mobile phone payment and mobile phone for performing safe payment
CN101909287A (en) * 2010-06-25 2010-12-08 北京天地融科技有限公司 Method for carrying out transaction by using electronic signature tool for mobile phone and electronic signature device
CN102035654A (en) * 2010-12-29 2011-04-27 北京握奇数据系统有限公司 Identity authentication method, identity authentication equipment, server and identity authentication-based encryption method
CN202197405U (en) * 2011-08-05 2012-04-18 常钧 Wireless safe secret key apparatus and electronic business system

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102592377A (en) * 2012-02-29 2012-07-18 福建联迪商用设备有限公司 Method for realizing finance card terminal by Bluetooth mobile phone
CN102592377B (en) * 2012-02-29 2014-06-11 福建联迪商用设备有限公司 Method for realizing finance card terminal by Bluetooth mobile phone
CN102647410A (en) * 2012-03-14 2012-08-22 上海众人网络安全技术有限公司 Information safe system and method based on light sensation identification
CN102752117A (en) * 2012-07-24 2012-10-24 天地融科技股份有限公司 Dynamic password generating device and method and transaction system with dynamic password generating device
CN102752117B (en) * 2012-07-24 2016-04-06 天地融科技股份有限公司 Dynamic password generating device, method and there is the transaction system of this device
CN103944728A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data security interactive system
CN103944731A (en) * 2014-04-25 2014-07-23 天地融科技股份有限公司 Data security interactive method
CN107979467A (en) * 2016-10-21 2018-05-01 中国移动通信有限公司研究院 Verification method and device

Similar Documents

Publication Publication Date Title
US10595201B2 (en) Secure short message service (SMS) communications
US10313110B2 (en) Efficient methods for protecting identity in authenticated transmissions
US10235670B2 (en) Device provisioning using partial personalization scripts
CN105190661B (en) Secure mobile payment using media binding
US20170011395A1 (en) Multi-path communication of electronic device secure element data for online payments
CN103595718B (en) A kind of POS terminal Activiation method, system, service platform and POS terminal
US20150095219A1 (en) Initiation of online payments using an electronic device identifier
CN103503366B (en) Manage the data for authenticating device
CN101436280B (en) Method and system for implementing electronic payment of mobile terminal
CN102696212B (en) There is the compact safety device of transaction risk grade approval ability
US9806889B2 (en) Key downloading method, management method, downloading management method, device and system
CN105027153A (en) Methods, devices, and systems for secure provisioning, transmission, and authentication of payment data
TW201540040A (en) Service Authorization using Auxiliary Device
CN103747012B (en) Safe verification method, the apparatus and system of network trading
CN105556892A (en) Systems and methods for secure communication
CN101916388B (en) Smart SD card and method for using same for mobile payment
US20150213433A1 (en) Secure provisioning of credentials on an electronic device using elliptic curve cryptography
KR20160112895A (en) Method and apparatus for performing secure bluetooth communication
US20100051686A1 (en) System and method for authenticating a transaction using a one-time pass code (OTPK)
AU2020203687A1 (en) Validating online access to secure device functionality
CN101222333B (en) Data transaction processing method and apparatus
CN101131756B (en) Security authentication system, device and method for electric cash charge of mobile paying device
CN102196425B (en) Quantum-key-distribution-network-based mobile encryption system and communication method thereof
CN104081742A (en) Method and apparatus for providing federated service accounts
CN105684346A (en) Method for securing over-the-air communication between a mobile application and a gateway

Legal Events

Date Code Title Description
PB01 Publication
C06 Publication
SE01 Entry into force of request for substantive examination
C10 Entry into substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20111130

C12 Rejection of a patent application after its publication