CN102891842A - Security authentication method and system - Google Patents
Security authentication method and system Download PDFInfo
- Publication number
- CN102891842A CN102891842A CN2012103358052A CN201210335805A CN102891842A CN 102891842 A CN102891842 A CN 102891842A CN 2012103358052 A CN2012103358052 A CN 2012103358052A CN 201210335805 A CN201210335805 A CN 201210335805A CN 102891842 A CN102891842 A CN 102891842A
- Authority
- CN
- China
- Prior art keywords
- paid
- payment
- payment terminal
- account
- transaction information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a security authentication method, which comprises the following steps that: a payment terminal generates a payment instruction according to transaction information and sends the payment instruction to an electronic signing tool; the electronic signing tool receives the payment instruction, executes signature on information to be signed after confirming that the transaction information is correct, and sends signature data to a signature-checking server through the payment terminal; and the signature-checking server checks the identity of the signature data, and executes operation according to the transaction information after the signature data pass checking. The authentication method has the advantages of security, reliability, convenience in operation and low expense. The invention also discloses a security authentication system.
Description
Technical field
The present invention relates to information security field, relate in particular to a kind of safety certifying method and system.
Background technology
Existing market, supermarket generally adopt POS machine brush to get the bank card payment, after the payment, print payment information, and need the card holder to carry out Signature Confirmation in the payment information of printing, because the card holder directly inputs password and namely finished course of payment, and present sign validation of information after just payment is finished of card holder can not the identity to the card holder authenticate in the course of payment of swiping the card, thereby can not prevent the stolen brush of bank card, fail safe remains further to be improved.
Simultaneously, include the information such as account in the payment information that prints, reveal easily, also cause the reduction of fail safe.
In addition, printing payment information needs particular printer and specific paper, improves system cost, causes easily the waste of resource simultaneously.
At last, the card holder can only obtain the information of this transaction by the payment information of printing, and is not easy to obtain historical transactional information.
Summary of the invention
The present invention is intended to one of solve the problems of the technologies described above at least.
For this reason, one object of the present invention is to propose a kind of safety certifying method, safe and reliable, easy and simple to handle and advantage that expense is few that the method has.Another object of the present invention is to propose a kind of security certification system.
To achieve these goals, the embodiment of first aspect present invention provides a kind of safety certifying method, and the method comprises: payment terminal generates payment instruction according to Transaction Information, and described payment instruction is sent to electric signing tools; Described electric signing tools receives described payment instruction, after the described Transaction Information of affirmation is correct the described signing messages for the treatment of is signed, and by described payment terminal described signed data and described Transaction Information is sent to the sign test server; Described sign test server carries out authentication to described signed data, and operates according to described Transaction Information by rear in checking.
Safety certifying method according to the embodiment of the invention, electric signing tools can be verified the correctness of the user identity of holding this electric signing tools on the one hand, guarantee user's property safety, on the other hand, electric signing tools can carry out to Transaction Information the affirmation of electronic form, in order to operate according to Transaction Information by rear sign test server in checking.Have advantage safe and reliable and easy and simple to handle, for example, need not the user and carry out manual signature, reduce the cost expense of paper.
In one embodiment of the invention, described payment terminal comprises according to the step that Transaction Information generates payment instruction: described payment terminal is obtained account to be paid, the amount of money to be paid and payment accounts, and generates payment instruction according to described account to be paid, the described amount of money to be paid and described payment accounts.
In one embodiment of the invention, the step that described payment terminal is obtained account to be paid, the amount of money to be paid comprises: described payment terminal is obtained the account described to be paid that described payment terminal prestores, and obtains the described amount of money to be paid by the scanning electron label; Or described payment terminal obtains the account described to be paid that described payment terminal prestores, and by receiving the described payment of acquisition of information of user's input; Or described payment terminal is obtained described account to be paid and the described amount of money to be paid by the scanning electron label; Or described payment terminal is by receiving the described account to be paid of acquisition of information and the described amount of money to be paid of user's input; Or described payment terminal is obtained described account to be paid and the described amount of money to be paid by network trading platform.The mode that payment terminal is obtained account to be paid, the amount of money to be paid has flexibility and diversity, thereby has the wide scope of application.
In yet another embodiment of the present invention, the described payment terminal step of obtaining payment accounts comprises: described payment terminal is obtained described payment accounts by card reader; Or described payment terminal is by receiving the described payment accounts of acquisition of information of user's input.Payment terminal is obtained the payment accounts mode and is had diversity, makes things convenient for user selection.
In one embodiment of the invention, described card reader is contact card reader or Non-contact Media Reader.
In one embodiment of the invention, described sign test server carries out authentication to described signed data, and also comprises after checking is by the rear step that operates according to described Transaction Information: described sign test server is to described payment terminal transmit operation successful information; Described payment terminal sends to storage server with described Transaction Information and described signed data and stores.To make things convenient for the user to carry out the inquiry of historical transactional information.
In one embodiment of the invention, described method also comprises: described Transaction Information and the described signed data of inquiring about described storage server storage by inquiry terminal.Thus, make things convenient for user's query history Transaction Information, grasp the dynamic of account.
The embodiment of second aspect present invention has proposed a kind of security certification system, comprising: payment terminal, described payment terminal are used for generating payment instruction according to Transaction Information, and described payment instruction is sent to electric signing tools; Electric signing tools, described electric signing tools is used for receiving described payment instruction, after the described Transaction Information of affirmation is correct, the described signing messages for the treatment of is signed, and by described payment terminal described signed data and described Transaction Information are sent to the sign test server; And authentication server, described sign test server is used for described signed data is carried out authentication, and operates according to described Transaction Information by rear in checking.
Security certification system according to the embodiment of the invention, electric signing tools can be verified the correctness of the user identity of holding this electric signing tools on the one hand, guarantee user's property safety, on the other hand, electric signing tools can carry out to Transaction Information the affirmation of electronic form, in order to operate according to Transaction Information by rear sign test server in checking.Have advantage safe and reliable and easy and simple to handle, for example, need not the user and carry out manual signature, reduce the cost expense of paper.
In one embodiment of the invention, described payment terminal comprises: acquisition module, and described acquisition module is used for obtaining account to be paid, the amount of money to be paid and payment accounts; Instruction generation module, described instruction generation module are used for generating payment instruction according to described account to be paid, the described amount of money to be paid and described payment accounts.
In one embodiment of the invention, described payment terminal also comprises: memory module, described memory module is used for storing described account to be paid.
In yet another embodiment of the present invention, described acquisition module comprises: the first acquiring unit and second acquisition unit; Described the first acquiring unit is used for obtaining described account to be paid from described memory module; Described second acquisition unit is used for obtaining the described amount of money to be paid by the scanning electron label; Perhaps described acquisition module comprises: the 3rd acquiring unit and the 4th acquiring unit; Described the 3rd acquiring unit is used for obtaining described account to be paid from described memory module; Described the 4th acquiring unit is used for by receiving the described payment of acquisition of information of user's input.The mode that payment terminal is obtained account to be paid, the amount of money to be paid has flexibility and diversity, thereby the scope of application is wider.
In one embodiment of the invention, described acquisition module comprises: the 5th acquiring unit, and described the 5th acquiring unit obtains described account to be paid and the described amount of money to be paid by the scanning electron label; Perhaps described acquisition module comprises: the 6th acquiring unit, described the 6th acquiring unit are used for by receiving the described account to be paid of acquisition of information and the described amount of money to be paid of user's input; Perhaps described acquisition module comprises: the 7th acquiring unit, described the 7th acquiring unit are used for obtaining described account to be paid and the described amount of money to be paid by network trading platform.The mode that payment terminal is obtained account to be paid, the amount of money to be paid has flexibility and diversity, thereby the scope of application is wider.
In one embodiment of the invention, described acquisition module comprises: the 8th acquiring unit is used for obtaining described payment accounts by card reader; Perhaps described acquisition module comprises: the 9th acquiring unit is used for by receiving the described payment accounts of acquisition of information of user's input.Payment terminal is obtained the payment accounts mode and is had diversity, makes things convenient for user selection.
In one embodiment of the invention, described system also comprises: storage server; Described storage server is used for storing described Transaction Information and described signed data.Thus, make things convenient for user's query history Transaction Information, grasp the dynamic of account.
In yet another embodiment of the present invention, described sign test server also is used for to described payment terminal transmit operation successful information; Described payment terminal is used for that also described Transaction Information and described signed data are sent to described storage server and stores.In one embodiment of the invention, described system also comprises: inquiry terminal, described inquiry terminal are used for inquiring about described Transaction Information and the described signed data of described storage server storage.Make things convenient for user's query history Transaction Information.
In one embodiment of the invention, described payment terminal is connected in the following way with described electric signing tools: USB interface, audio interface, NFC, bluetooth, mobile communications network or the Internet.The diversity of connected mode is for user selection, and the scope of application promotes.
The aspect that the present invention adds and advantage in the following description part provide, and part will become obviously from the following description, or recognize by practice of the present invention.
Description of drawings
Above-mentioned and/or the additional aspect of the present invention and advantage are from obviously and easily understanding becoming the description of embodiment below in conjunction with accompanying drawing, wherein:
Fig. 1 is the flow chart of safety certifying method according to an embodiment of the invention;
Fig. 2 is the flow chart of safety certifying method according to an embodiment of the invention;
Fig. 3 is security certification system structure chart according to an embodiment of the invention;
Fig. 4 is the payment terminal structure chart according to the security certification system of the embodiment of the invention;
Fig. 5 is the structure chart of security certification system according to an embodiment of the invention.
Embodiment
The below describes embodiments of the invention in detail, and the example of described embodiment is shown in the drawings, and wherein identical or similar label represents identical or similar element or the element with identical or similar functions from start to finish.Be exemplary below by the embodiment that is described with reference to the drawings, only be used for explaining the present invention, and can not be interpreted as limitation of the present invention.
In description of the invention, need to prove, unless otherwise prescribed and limit, term " installation ", " linking to each other ", " connection " should be done broad understanding, for example, can be mechanical connection or electrical connection, also can be the connection of two element internals, can be directly to link to each other, and also can indirectly link to each other by intermediary, for the ordinary skill in the art, can understand as the case may be the concrete meaning of above-mentioned term.
Below with reference to safety certifying method and the system of accompanying drawing description according to the embodiment of the invention.
Fig. 1 is the flow chart of safety certifying method according to an embodiment of the invention.
As shown in Figure 1, the safety certifying method according to the embodiment of the invention may further comprise the steps:
Step S101, payment terminal generates payment instruction according to Transaction Information, and payment instruction is sent to electric signing tools.Payment instruction can be resolved out corresponding Transaction Information.Payment terminal can be the special equipment (POS machine) of PC, portable terminal, mobile phone terminal, ATM or market or supermarket setting, transmission means coupling with electric signing tools, can adopt wired or wireless transmission means, such as: adopt USB interface, audio interface, NFC, bluetooth, mobile communications network or the Internet etc. any.
Wherein, Transaction Information comprises at least: account to be paid, the amount of money to be paid and payment accounts.
Particularly, payment terminal comprises according to the step that Transaction Information generates payment instruction: payment terminal is obtained account to be paid, the amount of money to be paid and payment accounts, and generates payment instruction according to account to be paid, the amount of money to be paid and payment accounts.
Furthermore, payment terminal can be obtained account to be paid, the amount of money to be paid in several ways, for example includes but not limited to following obtain manner:
1, payment terminal is obtained the account to be paid that payment terminal prestores, and obtains the amount of money to be paid by the scanning electron label.For example, in the market or supermarket when concluding the business, account to be paid is the account in market or supermarket, and this account is pre-stored in the payment terminal.In market or supermarket, commodity have electronic tag, and payment terminal scans this electronic tag, can get access to the price of commodity.
2, payment terminal is obtained the account to be paid that payment terminal prestores, and by receiving the acquisition of information payment of user's input.For example, in the market or supermarket when concluding the business, thereby the cashier inputs the price that the numbering of dependent merchandise obtains these commodity.
3, payment terminal is obtained account to be paid and the amount of money to be paid by the scanning electron label.When different commodity were the commodity of different businessmans, each businessman generated electronic tag jointly with the account of oneself and the price of the commodity of correspondence, and payment terminal obtains the account of different businessmans and the price of corresponding goods by the electronic tag that scans different commodity.
4, payment terminal is by receiving acquisition of information account to be paid and the amount of money to be paid of user's input.For example, the goods number of payment terminal reception cashier input obtains account to be paid and the amount of money to be paid.
5, payment terminal is obtained account to be paid and the amount of money to be paid by network trading platform.Such as being online store etc. when businessman, the user can be by the network trading platform of businessman, such as carrying out remote transaction etc. by business site.In this example, network trading platform can include but not limited to following information: commodity, detailed, the payment information of cash register.
Payment terminal also can be obtained payment accounts in several ways, for example includes but not limited to following obtain manner:
1, payment terminal is obtained payment accounts by card reader, and wherein, card reader is but is not limited to: contact card reader or Non-contact Media Reader; The contact card reader, for example, magnetic stripe card etc., Non-contact Media Reader for example, has NFC, bluetooth, the card reader of the wireless communication apparatus such as radio frequency.
2, payment terminal is by receiving the acquisition of information payment accounts of user's input.For example, the payment user inputs to the account of oneself in the payment terminal.
Step S102, electric signing tools receives payment instruction, is confirming that treating signing messages after Transaction Information correctly signs, and by payment terminal signed data and Transaction Information is being sent to the sign test server.Particularly, electric signing tools is resolved payment instruction, to parse account to be paid, the information such as the amount of money to be paid, such as analysis result be: " this account to be transacted: 1234567890; amount of money to be transacted: 500 ", and analysis result is shown to the user, or pass through voice, perhaps the mode of voice+demonstration is informed the user, the user confirm errorless after, the acknowledgement key of clicking on the electric signing tools is signed to treat signing messages, this signature can be digital finger-print or digital certificate, its objective is the correctness and the legitimacy that guarantee user identity, as people's identity card.Electric signing tools is such as being: USB KEY etc.
Wherein, treating that signing messages is of content in the Transaction Information, perhaps is the combination of a plurality of contents in the Transaction Information, perhaps is the partial content in the certain content in the Transaction Information.For example: Transaction Information comprises: account 1234567890 to be paid, the amount of money to be paid 500, payment accounts 0987654321, treat that signing messages can be above-mentioned full detail, perhaps be four information 7890 and the full detail 500 of the amount of money to be paid after the account to be paid, only comprise perhaps after the account to be paid that four the combination in any such as information 7890 are for signature.Certainly, treat that signing messages can also comprise that above-mentioned information exchange crosses the summary info that default cipher mode obtains, for example, the full detail 500 for the treatment of after the payment accounts four information 7890 and the amount of money to be paid carries out digest value that the HASH computing obtains for treating signing messages.
Step S103, the sign test server carries out authentication to signed data, and operates according to Transaction Information by rear in checking.Thereby can be in process of exchange, treat the mode that signing messages carries out signature verification by electric signing tools and realize the transaction such as payment.In this example, to the verification mode of signed data for but be not limited to: the correctness of certifying digital signature or digital finger-print and legitimacy.
Certainly, in the present embodiment, the sign test server can also be to payment terminal transmit operation successful information, in order to inform that user-pay is complete.
Fig. 2 is the flow chart of safety certifying method according to an embodiment of the invention.
As shown in Figure 2, safety certifying method according to an embodiment of the invention may further comprise the steps:
Step S201, payment terminal generates payment instruction according to Transaction Information, and payment instruction is sent to electric signing tools.Payment instruction can be resolved out corresponding Transaction Information.
Particularly, payment terminal comprises according to the step that Transaction Information generates payment instruction: payment terminal is obtained account to be paid, the amount of money to be paid and payment accounts, and generates payment instruction according to account to be paid, the amount of money to be paid and payment accounts.Wherein, Transaction Information comprises at least: account to be paid, the amount of money to be paid and payment accounts.
Furthermore, payment terminal can be obtained account to be paid, the amount of money to be paid in several ways, for example includes but not limited to following obtain manner:
1, payment terminal is obtained the account to be paid that payment terminal prestores, and obtains the amount of money to be paid by the scanning electron label.For example, in the market or supermarket when concluding the business, account to be paid is the account in market or supermarket, and this account is pre-stored in the payment terminal.In market or supermarket, commodity have electronic tag, and payment terminal scans this electronic tag, can get access to the price of commodity.
2, payment terminal is obtained the account to be paid that payment terminal prestores, and by receiving the acquisition of information payment of user's input.For example, in the market or supermarket when concluding the business, thereby the cashier inputs the price that the numbering of dependent merchandise obtains these commodity.
3, payment terminal is obtained account to be paid and the amount of money to be paid by the scanning electron label.When different commodity were the commodity of different businessmans, each businessman generated electronic tag jointly with the account of oneself and the price of the commodity of correspondence, and payment terminal obtains the account of different businessmans and the price of corresponding goods by the electronic tag that scans different commodity.
4, payment terminal is by receiving acquisition of information account to be paid and the amount of money to be paid of user's input.For example, the goods number of payment terminal reception cashier input obtains account to be paid and the amount of money to be paid.
5, payment terminal is obtained account to be paid and the amount of money to be paid by network trading platform.Such as being online store etc. when businessman, the user can be by the network trading platform of businessman, such as carrying out remote transaction etc. by business site.In this example, network trading platform can include but not limited to following information: commodity, detailed, the payment information of cash register.
Payment terminal also can be obtained payment accounts in several ways, for example includes but not limited to following obtain manner:
1, payment terminal is obtained payment accounts by card reader, and wherein, card reader is but is not limited to: contact card reader or Non-contact Media Reader; The contact card reader, for example, magnetic stripe card etc., Non-contact Media Reader for example, has NFC, bluetooth, the card reader of the wireless communication apparatus such as radio frequency.
2, payment terminal is by receiving the acquisition of information payment accounts of user's input.For example, the payment user inputs to the account of oneself in the payment terminal.
Step S202, electric signing tools receives payment instruction, is confirming that treating signing messages after Transaction Information correctly signs, and by payment terminal signed data and Transaction Information is being sent to the sign test server.Particularly, electric signing tools is resolved payment instruction, to parse account to be paid, the information such as the amount of money to be paid, such as analysis result be: " this account to be transacted: 1234567890; amount of money to be transacted: 500 ", and analysis result is shown to the user, or pass through voice, perhaps the mode of voice+demonstration is informed the user, the user confirm errorless after, the acknowledgement key of clicking on the electric signing tools is signed to treat signing messages, this signature can be digital finger-print or digital certificate, its objective is the correctness and the legitimacy that guarantee user identity, as people's identity card.
In one embodiment of the invention, electric signing tools can also be sent to Transaction Information and signed data on the storage server, and for example, storage server is the cloud storage platform.So that later inquiry.
Step S203, the sign test server carries out authentication to signed data, and operates according to Transaction Information by rear in checking.In this example, to the verification mode of signed data for but be not limited to: the correctness of certifying digital signature or digital finger-print and legitimacy.
Step S204, the sign test server is to payment terminal transmit operation successful information.
Step S205, payment terminal sends to storage server with Transaction Information and signed data and stores.In order to record is carried out in transaction, make things convenient for the subsequent query historical transaction record, this transaction record has validity, legitimacy.
In one embodiment of the invention, this authentication method also can comprise: by Transaction Information and the signed data of inquiry terminal inquiry storage server storage.In this example, the equipment such as ATM that inquiry terminal can provide for PC, portable terminal, mobile phone terminal, bank, the user can login inquiry terminal by the mode of user name, password and inquire about, also can inquire about by the mode of inserting electric signing tools, the mode of its receive data and electric signing tools coupling can adopt wired or wireless mode to carry out transfer of data.
Safety certifying method according to the embodiment of the invention, electric signing tools can be verified the correctness of the user identity of holding this electric signing tools on the one hand, guarantee user's property safety, on the other hand, electric signing tools can carry out to Transaction Information the affirmation of electronic form, in order to operate according to Transaction Information by rear sign test server in checking.Have advantage safe and reliable and easy and simple to handle, for example, need not the user and carry out manual signature, reduce the cost expense of paper.
Fig. 3 is the structure chart of security certification system according to an embodiment of the invention.
As shown in Figure 3, according to the security certification system of the embodiment of the invention, comprise payment terminal 100, electric signing tools 200 and sign test server 300.
Particularly, payment terminal 100 is used for generating payment instruction according to Transaction Information, and payment instruction is sent to electric signing tools 200.Payment instruction can be resolved out corresponding Transaction Information.Wherein, payment terminal 100 can or be the special equipment that market or supermarket arrange separately for PC, portable terminal, mobile phone terminal, ATM, for example, the POS machine, be used for the signed data of electric signing tools 200 is transmitted, the transmission means coupling of itself and electric signing tools 200 can adopt the mode of wire transmission or wireless transmission.Wherein, Transaction Information comprises at least: account to be paid, the amount of money to be paid and payment accounts.
Electric signing tools 200 is used for receiving payment instruction, is confirming that treating signing messages after Transaction Information correctly signs, and by payment terminal signed data and Transaction Information is being sent to sign test server 300.In one embodiment of the invention, payment terminal 100 is connected in the following way with electric signing tools 200: USB interface, audio interface, NFC, bluetooth, mobile communications network or the Internet.
In this embodiment, electric signing tools 200 is signed to the sign test server 300 of bank by payment terminal 100, and 300 pairs of signatures of sign test server are verified, after checking is passed through, carry out delivery operation.Wherein, electric signing tools 200 can adopt but be not limited to: the mode with wired connections such as USB interface, audio interface is carried out transfer of data, also can adopt the wireless transmission methods such as bluetooth module, NFC module to carry out transfer of data.
In one embodiment of the invention, sign test server 300 also can be used for signed data is carried out authentication, and operates according to Transaction Information by rear in checking.Particularly, sign test server 300 provides for bank, and whether its signature that can verify electric signing tools 200 is true, and after checking is passed through, carries out payment operation, signs by electric signing tools 200 with assurance and realizes payment, has strengthened fail safe.
Certainly, in the present embodiment, sign test server 300 can also be to payment terminal 100 transmit operation successful information, in order to inform that user-pay is complete.
As shown in Figure 4, the payment terminal 100 of the security certification system of the embodiment of the invention comprises acquisition module 110 and instruction generation module 120.
Simultaneously, when obtaining account to be paid, the amount of money to be paid for acquisition module 110, one of can be in the following way carry out the operation of obtaining account to be paid and the amount of money to be paid:
1, comprises in the situation of memory module in payment terminal 100, memory module is stored account to be paid, acquisition module 110 comprises the first acquiring unit and second acquisition unit so, from memory module, obtain account to be paid by the first acquiring unit, obtain the amount of money to be paid by second acquisition unit scanning electron label.For example, in the market or supermarket when concluding the business, account to be paid is the account in market or supermarket, and this account is pre-stored in the payment terminal.In market or supermarket, commodity have electronic tag, and payment terminal scans this electronic tag, can get access to the price of commodity.
2, comprise in the situation of memory module in payment terminal 100, memory module is stored account to be paid, acquisition module 110 comprises so: the 3rd acquiring unit and the 4th acquiring unit, from memory module, obtain account to be paid by the 3rd acquiring unit, receive the acquisition of information payment of user's input by the 4th acquiring unit.For example, in the market or supermarket when concluding the business, thereby the cashier inputs the price that the numbering of dependent merchandise obtains these commodity.
3, acquisition module 110 comprises: the 5th acquiring unit, and obtain account to be paid and the amount of money to be paid by the 5th acquiring unit scanning electron label.When different commodity were the commodity of different businessmans, each businessman generated electronic tag jointly with the account of oneself and the price of the commodity of correspondence, and payment terminal obtains the account of different businessmans and the price of corresponding goods by the electronic tag that scans different commodity.
4, acquisition module 110 comprises: the 6th acquiring unit, and pass through acquisition of information account to be paid and the amount of money to be paid that the 6th acquiring unit receives user's input.For example, the goods number of payment terminal reception cashier input obtains account to be paid and the amount of money to be paid.
5, acquisition module 110 comprises: the 7th acquiring unit, and obtain account to be paid and the amount of money to be paid by the 7th acquiring unit 107 from network trading platform.Such as being online store etc. when businessman, the user can be by the network trading platform of businessman, such as carrying out remote transaction etc. by business site.In this example, network trading platform can include but not limited to following information: commodity, detailed, the payment information of cash register.
Obtain the combination in any of account to be paid, amount of money mode to be paid with above-mentioned acquisition module 110, acquisition module 110 is carried out one of in the following way the operation of obtaining payment accounts when obtaining payment accounts:
1, acquisition module 110 comprises: the 8th acquiring unit, obtain payment accounts by the 8th acquiring unit from card reader.Wherein, card reader is arranged on the payment terminal, and card reader for but be not limited to: contact card reader or Non-contact Media Reader; The contact card reader, for example, magnetic stripe card etc., Non-contact Media Reader for example, has NFC, bluetooth, the card reader of the wireless communication apparatus such as radio frequency.
2, acquisition module 110 comprises: the 9th acquiring unit receives the acquisition of information payment accounts that the user inputs by the 9th acquiring unit.For example, the payment user inputs to the account of oneself in the payment terminal.
As shown in Figure 5, security certification system also can comprise according to an embodiment of the invention: storage server 400.Storage server 400 is used for store transaction information and signed data.
In this embodiment, storage server 400 is for storing each Transaction Information and electric signing tools 200 signed data for this Transaction Information, so that the user can inquire about transaction record at any time.
Certainly, in the present embodiment, after payment was finished, sign test server 300 was to payment terminal 100 transmit operation successful information, and payment terminal 100 sends to storage server 400 with Transaction Information and signed data and stores after receiving the operation successful information; Also can when electric signing tools 200 send signed data and Transaction Information by payment terminal 100 to sign test server 300, send to simultaneously storage server 400 and store; Can also directly signed data and Transaction Information be sent to storage server 400 and store afterwards by 300 successful payments of sign test server are complete.
Further, storage server 400 store transaction information and signed data are the electronic signatures that the user carries out, and have non repudiation.
In conjunction with Fig. 5, according to one embodiment of present invention, security certification system also can comprise again: inquiry terminal 500, inquiry terminal 500 is used for Transaction Information and the signed data of inquiry storage server storage.
In this embodiment, inquiry terminal 500 can but be not limited to: the equipment such as ATM that PC, portable terminal, mobile phone terminal or bank provide, the user can login by the mode of user name, password and inquire about, and also can inquire about by the mode of inserting electric signing tools 200.The mode of its receive data and electric signing tools 200 couplings can adopt limited transmission means, wireless transmission method.
Certainly, in the present embodiment, inquiry terminal 500 can also be an equipment with payment terminal 100.
Security certification system according to the embodiment of the invention, replace the operation such as conclude the business of existing bank card by electric signing tools, electric signing tools can be verified the correctness of the user identity of holding this electric signing tools on the one hand, guarantee user's property safety, on the other hand, electric signing tools can carry out to Transaction Information the affirmation of electronic form, in order to operate according to Transaction Information by rear sign test server in checking.Have advantage safe and reliable and easy and simple to handle, for example, need not the user and carry out manual signature, reduce the cost expense of paper.
Describe and to be understood in the flow chart or in this any process of otherwise describing or method, expression comprises module, fragment or the part of code of the executable instruction of the step that one or more is used to realize specific logical function or process, and the scope of preferred implementation of the present invention comprises other realization, wherein can be not according to order shown or that discuss, comprise according to related function by the mode of basic while or by opposite order, carry out function, this should be understood by the embodiments of the invention person of ordinary skill in the field.
In flow chart the expression or in this logic of otherwise describing and/or step, for example, can be considered to the sequencing tabulation for the executable instruction that realizes logic function, may be embodied in any computer-readable medium, use for instruction execution system, device or equipment (such as the computer based system, comprise that the system of processor or other can and carry out the system of instruction from instruction execution system, device or equipment instruction fetch), or use in conjunction with these instruction execution systems, device or equipment.With regard to this specification, " computer-readable medium " can be anyly can comprise, storage, communication, propagation or transmission procedure be for instruction execution system, device or equipment or the device that uses in conjunction with these instruction execution systems, device or equipment.The more specifically example of computer-readable medium (non-exhaustive list) comprises following: the electrical connection section (electronic installation) with one or more wirings, portable computer diskette box (magnetic device), random-access memory (ram), read-only memory (ROM), the erasable read-only memory (EPROM or flash memory) of editing, fiber device, and portable optic disk read-only memory (CDROM).In addition, computer-readable medium even can be paper or other the suitable media that to print described program thereon, because can be for example by paper or other media be carried out optical scanner, then edit, decipher or process to obtain described program in the electronics mode with other suitable methods in case of necessity, then it is stored in the computer storage.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, a plurality of steps or method can realize with being stored in the memory and by software or firmware that suitable instruction execution system is carried out.For example, if realize with hardware, the same in another embodiment, can realize with the combination of each or they in the following technology well known in the art: have for the discrete logic of data-signal being realized the logic gates of logic function, application-specific integrated circuit (ASIC) with suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that and realize that all or part of step that above-described embodiment method is carried is to come the relevant hardware of instruction to finish by program, described program can be stored in a kind of computer-readable recording medium, this program comprises step of embodiment of the method one or a combination set of when carrying out.
In addition, each functional unit in each embodiment of the present invention can be integrated in the processing module, also can be that the independent physics of unit exists, and also can be integrated in the module two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, also can adopt the form of software function module to realize.If described integrated module realizes with the form of software function module and during as independently production marketing or use, also can be stored in the computer read/write memory medium.
In the description of this specification, the description of reference term " embodiment ", " some embodiment ", " example ", " concrete example " or " some examples " etc. means to be contained at least one embodiment of the present invention or the example in conjunction with specific features, structure, material or the characteristics of this embodiment or example description.In this manual, the schematic statement of above-mentioned term not necessarily referred to identical embodiment or example.And the specific features of description, structure, material or characteristics can be with suitable mode combinations in any one or more embodiment or example.
Although the above has illustrated and has described embodiments of the invention, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, those of ordinary skill in the art can change above-described embodiment in the situation that does not break away from principle of the present invention and aim within the scope of the invention, modification, replacement and modification.
Claims (17)
1. safety certifying method is characterized in that the method comprises:
Payment terminal generates payment instruction according to Transaction Information, and described payment instruction is sent to electric signing tools;
Described electric signing tools receives described payment instruction, after the described Transaction Information of affirmation is correct the described signing messages for the treatment of is signed, and by described payment terminal described signed data and described Transaction Information is sent to the sign test server;
Described sign test server carries out authentication to described signed data, and operates according to described Transaction Information by rear in checking.
2. method according to claim 1 is characterized in that, described payment terminal comprises according to the step that Transaction Information generates payment instruction:
Described payment terminal is obtained account to be paid, the amount of money to be paid and payment accounts, and generates payment instruction according to described account to be paid, the described amount of money to be paid and described payment accounts.
3. method according to claim 2 is characterized in that, the step that described payment terminal is obtained account to be paid, the amount of money to be paid comprises:
Described payment terminal is obtained the account described to be paid that described payment terminal prestores, and obtains the described amount of money to be paid by the scanning electron label; Or
Described payment terminal is obtained the account described to be paid that described payment terminal prestores, and by receiving the described payment of acquisition of information of user's input; Or
Described payment terminal is obtained described account to be paid and the described amount of money to be paid by the scanning electron label; Or
Described payment terminal is by receiving the described account to be paid of acquisition of information and the described amount of money to be paid of user's input; Or
Described payment terminal is obtained described account to be paid and the described amount of money to be paid by network trading platform.
4. method according to claim 2 is characterized in that, the step that described payment terminal is obtained payment accounts comprises:
Described payment terminal is obtained described payment accounts by card reader; Or
Described payment terminal is by receiving the described payment accounts of acquisition of information of user's input.
5. method according to claim 4 is characterized in that, described card reader is contact card reader or Non-contact Media Reader.
6. each described method is characterized in that according to claim 1-5, and described sign test server carries out authentication to described signed data, and also comprises after checking is by the rear step that operates according to described Transaction Information:
Described sign test server is to described payment terminal transmit operation successful information;
Described payment terminal sends to storage server with described Transaction Information and described signed data and stores.
7. method according to claim 6 is characterized in that, described method also comprises:
Inquire about described Transaction Information and the described signed data of described storage server storage by inquiry terminal.
8. a security certification system is characterized in that, this system comprises: payment terminal, electric signing tools and sign test server;
Described payment terminal is used for generating payment instruction according to Transaction Information, and described payment instruction is sent to electric signing tools;
Described electric signing tools is used for receiving described payment instruction, after the described Transaction Information of affirmation is correct the described signing messages for the treatment of is signed, and by described payment terminal described signed data and described Transaction Information is sent to the sign test server;
Described sign test server is used for described signed data is carried out authentication, and operates according to described Transaction Information by rear in checking.
9. system according to claim 8 is characterized in that, described payment terminal comprises:
Acquisition module, described acquisition module is used for obtaining account to be paid, the amount of money to be paid and payment accounts;
Instruction generation module, described instruction generation module are used for generating payment instruction according to described account to be paid, the described amount of money to be paid and described payment accounts.
10. system according to claim 9 is characterized in that, described payment terminal also comprises: memory module, described memory module is used for storing described account to be paid.
11. system according to claim 10 is characterized in that,
Described acquisition module comprises: the first acquiring unit and second acquisition unit;
Described the first acquiring unit is used for obtaining described account to be paid from described memory module;
Described second acquisition unit is used for obtaining the described amount of money to be paid by the scanning electron label;
Perhaps
Described acquisition module comprises: the 3rd acquiring unit and the 4th acquiring unit;
Described the 3rd acquiring unit is used for obtaining described account to be paid from described memory module;
Described the 4th acquiring unit is used for by receiving the described payment of acquisition of information of user's input.
12. system according to claim 9 is characterized in that,
Described acquisition module comprises: the 5th acquiring unit, and described the 5th acquiring unit obtains described account to be paid and the described amount of money to be paid by the scanning electron label;
Perhaps
Described acquisition module comprises: the 6th acquiring unit, described the 6th acquiring unit are used for by receiving the described account to be paid of acquisition of information and the described amount of money to be paid of user's input;
Perhaps
Described acquisition module comprises: the 7th acquiring unit, described the 7th acquiring unit are used for obtaining described account to be paid and the described amount of money to be paid by network trading platform.
13. according to claim 9 or 10 described systems, it is characterized in that,
Described acquisition module comprises: the 8th acquiring unit is used for obtaining described payment accounts by card reader; Perhaps
Described acquisition module comprises: the 9th acquiring unit is used for by receiving the described payment accounts of acquisition of information of user's input.
14. system according to claim 8 is characterized in that, described system also comprises: storage server;
Described storage server is used for storing described Transaction Information and described signed data.
15. system according to claim 14 is characterized in that,
Described sign test server also is used for to described payment terminal transmit operation successful information;
Described payment terminal is used for that also described Transaction Information and described signed data are sent to described storage server and stores.
16. system according to claim 14 is characterized in that, described system also comprises: inquiry terminal, described inquiry terminal are used for inquiring about described Transaction Information and the described signed data of described storage server storage.
17. system according to claim 8 is characterized in that, described payment terminal is connected in the following way with described electric signing tools:
USB interface, audio interface, NFC, bluetooth, mobile communications network or the Internet.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012103358052A CN102891842A (en) | 2012-09-07 | 2012-09-11 | Security authentication method and system |
Applications Claiming Priority (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201220457354.5 | 2012-09-07 | ||
| CN201210331557.4 | 2012-09-07 | ||
| CN201220457354 | 2012-09-07 | ||
| CN201210331557 | 2012-09-07 | ||
| CN2012103358052A CN102891842A (en) | 2012-09-07 | 2012-09-11 | Security authentication method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102891842A true CN102891842A (en) | 2013-01-23 |
Family
ID=47535209
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012103358052A Pending CN102891842A (en) | 2012-09-07 | 2012-09-11 | Security authentication method and system |
| CN201220462961.0U Expired - Lifetime CN202771476U (en) | 2012-09-07 | 2012-09-11 | Security certification system |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201220462961.0U Expired - Lifetime CN202771476U (en) | 2012-09-07 | 2012-09-11 | Security certification system |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN102891842A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103268547A (en) * | 2013-06-04 | 2013-08-28 | 北京邮电大学 | NFC (Near Field Communication) mobile phone payment system with fingerprint authentication mechanism |
| CN103903133A (en) * | 2014-04-09 | 2014-07-02 | 广西中烟工业有限责任公司 | High-safety POS machine system and payment processing method thereof |
| WO2014121721A1 (en) * | 2013-02-06 | 2014-08-14 | 天地融科技股份有限公司 | Smart card with electronic signature function, and smart card transaction system and method |
| CN104166935A (en) * | 2014-05-08 | 2014-11-26 | 贵阳银行股份有限公司 | Fund transferring method, system and management platforms |
| CN104243170A (en) * | 2014-10-14 | 2014-12-24 | 北京金玉衡科技有限责任公司 | Identity authentication method |
| WO2016045305A1 (en) * | 2014-09-26 | 2016-03-31 | 苏州海博智能系统有限公司 | Method, system and server for secure transaction using wireless security devices |
| CN105719134A (en) * | 2014-12-05 | 2016-06-29 | 北京握奇智能科技有限公司 | E-bank transaction method based on USBkey and system |
| CN109472525A (en) * | 2017-09-08 | 2019-03-15 | 北京京东尚科信息技术有限公司 | Method, apparatus, electronic equipment and the terminal device signed for for order |
| CN112036861A (en) * | 2020-08-31 | 2020-12-04 | 深圳市兆珑科技有限公司 | Safety device |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103955643B (en) * | 2014-05-20 | 2017-02-15 | 北京握奇智能科技有限公司 | Method and device for judging and prompting e-bank (electronic bank) transaction safety |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101192284A (en) * | 2006-11-28 | 2008-06-04 | 北京握奇数据系统有限公司 | Remote payment method and system based on signing on mobile equipment |
| CN101588364A (en) * | 2009-03-31 | 2009-11-25 | 北京飞天诚信科技有限公司 | Signature method, device and system thereof |
| CN202004768U (en) * | 2011-01-20 | 2011-10-05 | 深圳市文鼎创数据科技有限公司 | Physical authentication device and dynamic token |
| CN102223234A (en) * | 2011-06-17 | 2011-10-19 | 飞天诚信科技股份有限公司 | Electronic signature system and method based on audio communication |
-
2012
- 2012-09-11 CN CN2012103358052A patent/CN102891842A/en active Pending
- 2012-09-11 CN CN201220462961.0U patent/CN202771476U/en not_active Expired - Lifetime
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101192284A (en) * | 2006-11-28 | 2008-06-04 | 北京握奇数据系统有限公司 | Remote payment method and system based on signing on mobile equipment |
| CN101588364A (en) * | 2009-03-31 | 2009-11-25 | 北京飞天诚信科技有限公司 | Signature method, device and system thereof |
| CN202004768U (en) * | 2011-01-20 | 2011-10-05 | 深圳市文鼎创数据科技有限公司 | Physical authentication device and dynamic token |
| CN102223234A (en) * | 2011-06-17 | 2011-10-19 | 飞天诚信科技股份有限公司 | Electronic signature system and method based on audio communication |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2014121721A1 (en) * | 2013-02-06 | 2014-08-14 | 天地融科技股份有限公司 | Smart card with electronic signature function, and smart card transaction system and method |
| CN103268547A (en) * | 2013-06-04 | 2013-08-28 | 北京邮电大学 | NFC (Near Field Communication) mobile phone payment system with fingerprint authentication mechanism |
| CN103903133A (en) * | 2014-04-09 | 2014-07-02 | 广西中烟工业有限责任公司 | High-safety POS machine system and payment processing method thereof |
| CN103903133B (en) * | 2014-04-09 | 2018-01-16 | 广西中烟工业有限责任公司 | A kind of high security POS system and its payment processing method |
| CN104166935A (en) * | 2014-05-08 | 2014-11-26 | 贵阳银行股份有限公司 | Fund transferring method, system and management platforms |
| WO2016045305A1 (en) * | 2014-09-26 | 2016-03-31 | 苏州海博智能系统有限公司 | Method, system and server for secure transaction using wireless security devices |
| CN104243170A (en) * | 2014-10-14 | 2014-12-24 | 北京金玉衡科技有限责任公司 | Identity authentication method |
| CN104243170B (en) * | 2014-10-14 | 2018-01-23 | 北京金玉衡科技有限责任公司 | Identity identifying method |
| CN105719134A (en) * | 2014-12-05 | 2016-06-29 | 北京握奇智能科技有限公司 | E-bank transaction method based on USBkey and system |
| CN109472525A (en) * | 2017-09-08 | 2019-03-15 | 北京京东尚科信息技术有限公司 | Method, apparatus, electronic equipment and the terminal device signed for for order |
| CN109472525B (en) * | 2017-09-08 | 2022-08-09 | 北京京东振世信息技术有限公司 | Order signing method and device, electronic equipment and terminal equipment |
| CN112036861A (en) * | 2020-08-31 | 2020-12-04 | 深圳市兆珑科技有限公司 | Safety device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN202771476U (en) | 2013-03-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN202771476U (en) | Security certification system | |
| CN105339963B (en) | System and method for connecting a device to a user account | |
| RU2648944C2 (en) | Methods, devices, and systems for secure provisioning, transmission and authentication of payment data | |
| US8112627B2 (en) | System for self-service recharging and method for the same | |
| CN102868527B (en) | A kind of dynamic password generation and device | |
| CN110930147B (en) | Offline payment method and device, electronic equipment and computer-readable storage medium | |
| CN102722816B (en) | A kind of method, system and device of mobile payment | |
| CN104424565A (en) | Digital card-based payment system and method | |
| WO2015000365A1 (en) | Quick payment method and system based on location information | |
| CN103942684A (en) | Data security interactive system | |
| CN103377429A (en) | Payment method and payment system carried out by using two-dimension code | |
| CN104871186A (en) | Application system for mobile payment and method for providing and using mobile means for payment | |
| CN103886460A (en) | On-site payment system and method implemented based on identity authentication token | |
| CN104182875A (en) | Payment method and payment system | |
| CN103617522A (en) | Quick-response matrix code receipt paying method and system | |
| CN103942685A (en) | Data security interactive system | |
| CN105096113A (en) | Mobile payment method and device | |
| CN111091430A (en) | Billing two-dimensional code processing method and system | |
| CN108334927B (en) | NFC (near field communication) receipt tag and payment method thereof | |
| KR101472751B1 (en) | Method and System for Providing Payment by using Alliance Application | |
| CN105354518A (en) | Virtual chip card system based on soft excitation electromagnetic near-field mutual inductance of mobile intelligent terminal | |
| TW201342118A (en) | Mobile authentication for enabling host device functions | |
| KR101250387B1 (en) | Method for Usage Point using Settlement Terminal, Settlement Terminal | |
| CN111553678A (en) | Two-dimensional code payment method and system based on mobile phone business card | |
| CN111052671A (en) | System for secure authentication of user identity in an electronic system for banking transactions |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 100083 Beijing, Haidian District Road, No. 38, B block, 1810 Applicant after: Beijing Tiandi Cryptography Technology Co., Ltd. Address before: 102211 Beijing city Changping District Baishan town 100 Ge Road No. 9 Hospital No. 2 building four layer Applicant before: Beijing Tianlong Ronghe Software Co., Ltd. |
|
| COR | Change of bibliographic data | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130123 |
|
| RJ01 | Rejection of invention patent application after publication |