IMS trading payment system
Technical field
The invention belongs to communication field, relate in particular to the IMS transaction of a kind of ecommerce and payment
Payment system.
Background technology
Mobile communication: IMS (IP Multimedia Subsystem) is IP multimedia system.IMS supports meeting
Words class and the multimedia service of non-session class.It is absorbed in content service based on IMS framework this technology of thought
Innovation, can realize the safety communication of transaction payment category information between different terminal equipment.
Existing e-commerce platform make use of the convenience of the Internet, but needs user's actively initiation action ability
Commence business.Modern ecommerce link lacks understanding and mutual trust due to both parties, causes still continuing to use
Traditional theory cashed on delivery.Transaction payment can only use the link shape similar with the transaction guaranty of Alipay
Become the form of effective online credit intermediary.Can exist in capital management in terms of third party guarantees mechanism of exchange
Disappearance, abscond with funds, many potential safety hazards such as financial risks.Its payment funding and settlement process relatively slow and
And it is the most convenient.
Present terminal (including mobile phone, videophone, DTV, computer etc.) of all kinds, but be all
Actively initiate program request by client to start in the way of request, lack client's communication end to end.
Information on the Internet and mobile Internet (such as note, WAP web page) is many with transmission in plain text,
The process of paying is easy to forged by hacker and distort transaction, even if also cannot prevent hacker by arranging user cipher
Implant wooden horse the most in an operating system and distort transaction data.Even if by using digital certificate authentication
Complete after client identity to pay, the most still there will be security breaches.Before transaction, wooden horse has tampered with
Transaction initial data is digitally signed the most again.Or understand encryption mechanism and directly obtain private key, manufacture void
False transaction.This technological development client software extracts terminal hardware integrated information and generates the private corresponding with system
Key.Set up the private key the most corresponding with system, if not obtaining terminal hardware or not knowing about terminal system
Parameter, even if obtaining private key also cannot generate the private key of correspondence, it is ensured that the safety of private key, also ensures simultaneously
Terminal cannot carry out illegal operation by distorting Transaction Information in transaction.By on remote activation communication terminal
Client software, meet and reach client's ease of use end to end and safety.
Summary of the invention
Object of the present invention is to provide one and can carry out the flat of mutual business information on each terminal
Platform, it is possible to meet the business exchange between client and interaction, meet in minimum active period, with the most convenient
The funds transfer that carries out of means of safety and the IMS trading payment system of clearing.
The present invention realizes the technical scheme of above-mentioned purpose, and a kind of IMS trading payment system, its innovative point exists
In: managed system by IMS client and IMS service and form,
Described IMS client includes:
Described IMS client includes:
Described IMS client includes:
IMS communication module, principal security peripheral system and the communication of background server, return service in time
The result that device processes, the access and the state that complete peripheral system communication aspect return;
IMS security authentication module, uses 3DES schema creation symmetric key to complete to transmit the encryption and decryption of data,
It is simultaneously based on RSA Algorithm and generates unsymmetrical key pair, generate digital certificate signature request, complete electronic transaction
In data signature and checking, data integrity guarantee, authentication, data encrypting and deciphering etc.;
IMS starts control module, be mainly used for backward passive initiate transaction or active push transaction and
Advertisement information, the most compatible forward direction actively initiates domestic transaction control module, it is possible to meet dealing client businessman
The Business Processing request that both sides, i.e. forward or a backward initiate;
Client traffic processes engine, the logical gate that finishing service processes;
Described IMS service management system includes:
Communication module, completes data transmission and the protocol conversion of the communication agreement of bottom;
Security authentication module, completes encryption, deciphering, certification, mandate relevant portion;
Facility registration module, completes unique exclusiveness when client software starts and logs in the management of registration, note
Record kind and the mode of communication of device type when security of client software initializes, having of record login system
Effect network ip address, port, basic system parameter when equipment runs;
Businessman's access-in management, is runed the respective backstage of businessman and service platform by trade company's access-in management
Access background management system, complete the adaptation of different system interface;
Supplier management, manages the supplier information of all offer commodity and service;
Merchandise control, a warehouse of the respective commodity and service information that client provides, is a commercial door
Family, can issue the Internet and carry out online transaction, and the order relations after transaction can record out;
Order relations manages, the various subscription produced in the transaction of record both parties, orders, the phase of order
Close record;
User management module, effectively manages the information of user, for using client software to propose
Apply for and complete to register, opening, paying, accounts of finance binding valid operation effectively manages module;
System management module, completes the management module of department, user, role, authority;
Transaction activation module, for activating client and actively initiating a kind of backstage mechanism of trading activity,
Its target pushed and mode depend on the device end type of any active ues in facility registration management;Permissible
The client software remotely activated in each terminal enters transaction payment flow process, and default is that short message mode activates
Client software on mobile phone;
Transaction payment module, can be used to the backstage of third party transaction payment and settlement platform is docked,
Receive and instruct from the payment and settlement between each client etc., complete the function mould of whole transaction payment clearing
Block;
The communication module of described IMS client manages the mutual communication of communication module of system, institute with IMS service
The remote control module remote controlled IMS client stating IMS service management system completes such as to open, close
Close, conclude the business, the operation of information pushing.
Described client traffic processes the business such as user account number binding that engine completes, registration of opening an account, pushing away of commodity
Wide publicity and reservation, the payment and settlement of transaction, abnormal counterbalanced accounts cancellation etc..
Described IMS security authentication module can the most quickly generate unsymmetrical key pair based on hardware information.
The when of the work of described pushing module, when user starts client, first client can be to service
The facility registration management module of device carries out the follow-up letters needing communication such as device end type and network parameter
Breath is registered, and when another client or system background automatically initiate activation request, can inquire about this registration table
The device end type of middle user, each device type can be for a kind of remote activation mode, such as mobile phone pair
Answering note to trigger and start shutoff operation, computer can be served by starting by the monitoring on backstage closes client.
The present invention either party can be initiated instruction by the both sides concluded the business, and actively wakes up the client of user side up
End software, with remind or suggestion ground mode allow its complete a certain business (be not limited to promote, conclude the business, pay,
Gathering).It it is a kind of technical approach simulation electronic transaction new model close to actual life direct selling mode.This
Invent the technology by using this communication of client remote startup end to end, can effectively solve the 3rd
Many potential safety hazards such as side's guarantee transaction structure lacks in capital management, absconds with funds, financial risks.Anti-mistake
For can reduce third party transaction guarantee credit institution fund allocation link in transaction and high capital
Management cost and financial risks.Point-to-point, the aspectant fund of client can be realized completely by client software
Immediately transfer and settle accounts.And fund is entirely localized at the account between financial institution's (being not excluded for non-financial institution)
Family system, is effectively increased and accelerates payment funding and settlement process.Provide one to pay more easily
Means.
The present invention passes through the client software realization in different platform, remotely opening by background service system
Dynamic technology, gets up client with trade connection, completes the propelling movement transmission of various message body and shows, being conducive to
The development of the interactive model of ecommerce.
The present invention develops client software and extracts the private key that the generation of hardware synthesis information is corresponding with system.Set up
The private key the most corresponding with system, if obtaining less than terminal or not knowing about terminal system parameter, even if obtaining
Private key also cannot generate the private key of correspondence, and the safety of private key so can be effectively ensured, and also ensures terminal simultaneously
Illegal operation cannot be carried out by distorting Transaction Information in transaction.By the visitor on remote activation communication terminal
Family end software, meets and reaches ease of use and the safety of client.
Accompanying drawing explanation
Fig. 1 is the structural framing figure of the present invention;
Fig. 2 is that the terminal client of the present invention is opened an account flow chart;
Fig. 3 is that flow chart is ordered in the propelling movement of the present invention;
Fig. 4 is the payment gathering flow chart of the present invention;
Fig. 5 is the schematic flow sheet of one of embodiments of the invention;
Fig. 6 is the schematic flow sheet of the two of embodiments of the invention;
Fig. 7 is the schematic flow sheet of the three of embodiments of the invention.
Detailed description of the invention
Below in conjunction with accompanying drawing, the present invention is described in further detail.
As it is shown in figure 1, a kind of IMS trading payment system, IMS client and IMS service manage system
Composition, described IMS client includes,
IMS communication module, the main communication ensured between each system and background server, return in time
The result of server process, the access and the state that complete external system communication aspect return;Complete client to pass back
Data and process instruction. communication module be by ICP/IP protocol realize SOCKET program, communication
Agreement follows HTTP/S.
IMS security authentication module, uses 3DES schema creation symmetric key to complete to transmit adding of data
Deciphering.It is simultaneously based on RSA and generates unsymmetrical key pair, generate digital certificate signature request, complete electricity
Data signature in son transaction and checking, data integrity guarantee, authentication, data encrypting and deciphering etc..
DES algorithm full name is Data Encryption Standard, i.e. DEA, it is
IBM Corporation was in research successes in 1975 years and published.The suction parameter of DES algorithm has three
Individual: Key, Data, Mode.Wherein Key is 8 bytes totally 64, is that the work of DES algorithm is close
Key;Data is also 8 bytes 64, be to be encrypted or decrypted data: Mode be DES
Working method, have two kinds: encrypt or decipher.
3DES is a kind of pattern of des encryption algorithm, and it uses the data key of 3 64 to carry out
Tertiary infilling.Data encryption standards (DES) is a kind of long-standing encryption standard of the U.S., and it makes
By symmetric key cryptography, and in 1981 by ANSI organizational norms be ANSI X.3.92.DES makes
By 56 keys and the method for cryptographic block, and in the method for cryptographic block, text be divided into 64 big
Little text block is encrypted the most again.Compared with initial DES, 3DES is safer.
RSA Algorithm is first algorithm that can be simultaneously used for encrypted and digitally signed, is also easy to understand and behaviour
Make.RSA is to be studied widest public key algorithm, from proposing recent two decades the most, through
The test of various attacks, gradually for people accept, be widely considered to be current classic public key scheme it
One.The safety of RSA depends on the factorisation of big number, but does not proves Breaking RSA theoretically
Difficulty and big number to decompose difficulty of equal value.The shortcoming of RSA mainly has: A) produces key pretty troublesome, is subject to
Prime number produces the restriction of technology, thus is difficult to one-time pad.B) block length is too big, for ensureing
Safety, n the most also wants more than 600bits, makes computing cost the highest, and especially speed is relatively slow,
The several order of magnitude slow compared with symmetric cryptographic algorithm;And along with the development of big number decomposition technique, this length is also
Increasing, be unfavorable for the standardization of data form.At present, SET (Secure Electronic
Transaction) requiring in agreement that CA uses the key of 2048 bit long, other entities use 1024
The key of bit.
The technical program have employed P2P technology and solves to enter under limited system resources in embedded system
The technical problems such as row RSA operation cost is high, and speed is slow, can effectively process in embedded system in quickening
Time, it is possible to allow Consumer's Experience sense be greatly reinforced.
IMS starts control module, is mainly used for backward passive initiation and concludes the business or active push services friendship
Easily and advertisement information, the most compatible forward direction actively initiates domestic transaction control module, it is possible to satisfied buy and sell client
The Business Processing request that businessman both sides, i.e. forward or a backward initiate;
Client traffic processes engine, the logical gate that finishing service processes;
Also there is client's unified interface
Main unified client operation interface and the background of beautifying, company LOGO mark, it is provided that different terminals one
The operating experience caused.It is beneficial to Consumer's Experience and the universal use of business.
Described IMS service management system includes,
Communication module, completes data transmission and the protocol conversion of the communication agreement of bottom;
Security authentication module, completes encryption, deciphering, certification, mandate relevant portion;
Facility registration module,
Complete unique exclusiveness when client software starts to log at the beginning of the management of registration, record security of client software
The kind of device type and the mode of communication during beginningization, the active block IP address of record login system, end
Mouthful, basic system parameter when equipment runs;
Businessman's access-in management, is runed the respective backstage of businessman and service platform by trade company's access-in management
Access background management system, complete the adaptation of different system interface;
Supplier management, manages the merchant information of all offer commodity and service;
Merchandise control, a warehouse of the respective commodity and service information that client provides, is a commercial door
Family, can issue the Internet and carry out online transaction, and the order relations after transaction can record out;
Order relations manages, the various subscription produced in the transaction of record both parties, orders, the phase of order
Close record;
User management module, effectively manages the information of user, for using client software to propose
Apply for and complete to register, opening, paying, accounts of finance binding valid operation effectively manages module;
System administration, completes the self-service management of department, user, role, authority;
Transaction activation module, for activating client and actively initiating a kind of backstage mechanism of trading activity,
Its target pushed and mode depend on the device end type of any active ues in facility registration management;Permissible
The client software remotely activated in each terminal enters transaction payment flow process, and default is that short message mode activates
Client software on mobile phone;
Transaction payment module, can be used to the backstage of third party transaction payment and settlement platform is docked,
Receive and instruct from the payment and settlement between each client etc., complete the function mould of whole transaction payment clearing
Block;
The communication module of described IMS client manages the mutual communication of communication module of system, institute with IMS service
The IMS of the remote control module remote controlled IMS client stating IMS service management system starts and controls mould
Being turned on and off of block.Such as starting the client on mobile phone, system issues user by generating special short message,
User mobile phone receives special note, and the data in note can be resolved by background service program, and gives
Go out and such as open, out code.If trading information data, it is possible to carry out information displaying, but this
A little data are by remotely pushing that come rather than residing on mobile phone.Computer, TV is much like.
Client terminal is found simply by IP address and port.
Described client traffic processes the business such as user that completes of engine and opens an account registration, account binding, commodity
Promotional and reservation, the payment and settlement of transaction, abnormal counterbalanced accounts cancellation etc..
Described IMS security authentication module can automatically quickly generate unsymmetrical key pair based on hardware information.Also
The underlying cryptographic information i.e. generating RSA can come from the hardware information of collection
The when of the work of described pushing module, when user starts client, first client can be to server
Facility registration management module in carry out the follow-up information needing communication such as device end type and network parameter
Register, when another client or system background automatically initiate activation request, can inquire about in this registration table
The device end type of user, each device type can be for a kind of remote activation mode, such as corresponding mobile phone
Available note triggering starts shutoff operation, and corresponding computer can start pass by the monitoring attendant application on backstage
Close client.
As in figure 2 it is shown, terminal client is opened an account, flow process is, opens client software, carries out account-opening,
Input third-party platform user account carries out binding that (account comes from bank/security/insure/prestore account/void
Intend the systems such as coin platform/accumulated point exchanging platform), then start backstage security strategy, obtain according to device category
Terminal hardware information (such as the STBID of IPTV, the hardware information IMEI number of mobile phone) carries out generating key,
Thus generate digital certificate, set up each communication and run trading company's (Set Top Box numbering/cell-phone number/videophone
Number etc.) and third party transaction payment and settlement platform between the corresponding relation of user account and digital signature.Visitor
Family end can also carry out system upgrade.
If as it is shown on figure 3, push order flow process to initiate request for buyer, then starting buyer's local client and obtain
Take businessman's discount information, product description, client complete commodity and subscribe to and buying;Please if seller initiates
Ask, then remote activation buyer client is so that customer acquisition businessman discount information, price, product description,
Finally completed commodity by client to subscribe to and buying.
As shown in Figure 4, paying gathering flow process is that local terminal starts client software, carry out paying (if
Collect money then remote activation buyer client software) extract backstage sequence information, to initiate to pay request, backstage takes
It is engaged in paying request to the initiation of Third-party payment platform, finally completes payment feedback both parties' payment or charge knot
Really.
Embodiment given below, is described in detail.
Embodiment one, TV Anytime service.
As it is shown in figure 5, regarded by the initiation popularization request of preferential programme content backstage or friend recommendation program or application
Frequency selects to click on sponsored program, and input paying party uniquely identifies (can be cell-phone number, mailbox, registration ID),
Default according to unique mark inquiry system any active ues registration terminal type (TV, computer or other-end)
For cell-phone number, starting the client terminal of paying party, display pay content and the amount of money are also completed payment by client.
Embodiment two, fund collects.
As shown in Figure 6, general headquarters' system background timing initiation fund collect request or general headquarters financial staff initiates
Fund collects request or great Qu director's actively initiation fund collects request, and when general headquarters, system background timing is initiated
When fund collects request, according to unique mark inquiry system any active ues registration terminal type (TV, computer
Or other-end) default to cell-phone number, start the personal terminal of Ge great district director, display payment information and
The amount of money, completes funds transfer;When general headquarters financial staff initiate fund collect request time, paying party need to be inputted only
One mark (can be cell-phone number, mailbox, registration ID), steps on according to unique mark inquiry system any active ues
Record terminal type (TV, computer or other-end) defaults to cell-phone number, starts the individual of Ge great district director
People's terminal, display payment information and the amount of money, complete funds transfer;When great Qu director's actively initiation fund is returned
During collection request, starting the personal terminal of this great Qu director, display payment information and the amount of money, the fund of completing is drawn
Turn.
Embodiment three, pays gathering.
The when of as it is shown in fig. 7, initiated to urge money to ask by backstage, use according to unique mark inquiry system is active
Family registration terminal type (TV, computer or other-end) defaults to personal mobile phone terminal, starts paying party
Client terminal and show payment order and the amount of money thus promoted transaction and pay;Initiated by payee
The when of gathering request, paying party need to be inputted and uniquely identify (can be cell-phone number, mailbox, registration ID),
Default according to unique mark inquiry system any active ues registration terminal type (TV, computer or other-end)
For cell-phone number, start the client terminal of paying party and show payment order and the amount of money thus promoted
Pay;The when of being initiated to pay request by payer.Start the client terminal of paying party and show payment order
With the amount of money and complete pay.
The present invention is capable of carrying out the most precisely battalion to registration and between downloading member and the user of client
Pin and service product are promoted, and reduce cost of marketing and improve transaction success rate.Can realize without POS, nothing
Under conditions of needing bank card, by wireless communication terminal or wire communication terminal execute sales both sides in real time or
Person's non real-time payment gathering mode;Can be that businessman saves the input cost collected money with the means of payment, reduce and prop up
Pay intermediate link, reduce system equipment trouble point and follow-up maintenance in capital management cost, minimizing transaction
Cost.To users provide a kind of on-line off-line all can arbitrarily safety operation clearing means of payment;Can
Realize two-way trade between user and businessman, meet the request of the payment clearing that any one party is initiated.
The each terminal of client terminal software consideration and the difference of operating system, main employing JAVA language exploitation,
It is beneficial to spanning operation system platform and the exploitation of embedded system ground and migrates.Utilize existing each operating system platform
The basic framework provided, uses MVC pattern exploitation.Simplify development difficulty and unitized overall development thought.For one
The most special system platform such as IPHONE uses C++/Perl/Objective-C language to develop.The end
Layer communication uses HTTP/S protocol transmission data, and agreement is based entirely on IP agreement, it is possible to meet very well
Mobile terminals and the communication demand of wired fixed terminal, be also beneficial to compatibility SIP application later etc.
The needs of the multimedia service development of IMS technology and realize the requirement of more products function.Secure data area
Use internationally recognized PKI agreement to carry out asymmetric encryption and decryption and digital signature, added by P2P P-2-P technology
The processing speed of the service application of speed http protocol.Reducing answers big data quantity concurrently or seriously to consume embedding
The process time of the application of formula system limited resources (such as CPU, internal memory flash memory resource) and performance consumption.Visitor
Family end software can form a background service and carry out intercepting of communication aspect after starting, receives from background system
Or the operation start instruction that local system triggers, transaction, closedown etc. instructs.
IMS trading payment system is mainly divided into IMS client software and IMS service management system.IMS visitor
Family end can be randomly deployed on communication equipment, is not limited to mobile phone, computer, DTV STB
Deng terminal unit.As long as meet and there is operating system and embedded OS is provided that the mutual boundary of close friend
The equipment in face.
IMS service management system is the management system of a set of core business and transaction payment, it is possible to complete backstage
Service and the communication contact of each client terminal, it is achieved transaction and Business Processing that client software sends refer to
Order.Can the most actively trigger and wake up the client software of terminal up and complete the operations such as transaction payment clearing and push
Relative commercial and Transaction Information.