CN103248495A - In-app paying method, server, client side and system - Google Patents
In-app paying method, server, client side and system Download PDFInfo
- Publication number
- CN103248495A CN103248495A CN2012100306501A CN201210030650A CN103248495A CN 103248495 A CN103248495 A CN 103248495A CN 2012100306501 A CN2012100306501 A CN 2012100306501A CN 201210030650 A CN201210030650 A CN 201210030650A CN 103248495 A CN103248495 A CN 103248495A
- Authority
- CN
- China
- Prior art keywords
- application software
- appkey
- app
- server
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000004364 calculation method Methods 0.000 claims description 8
- 239000000284 extract Substances 0.000 claims description 4
- 230000006870 function Effects 0.000 description 12
- 238000009434 installation Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 239000002699 waste material Substances 0.000 description 2
- VOZKAJLKRJDJLL-UHFFFAOYSA-N 2,4-diaminotoluene Chemical compound CC1=CC=C(N)C=C1N VOZKAJLKRJDJLL-UHFFFAOYSA-N 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000019771 cognition Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000011900 installation process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Landscapes
- Stored Programmes (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the invention discloses an in-app paying method, server, client side and system. The method comprises the following steps: respectively utilizing APPKey corresponding to APPID in application software to encrypt authentication codes, which are determined via the server, by the server and the client side according to the corresponding relation between the APPID and APPKey; and when the encryption results calculated by the server and the client side are same, indicating that the application software maintained by the client side is legal and the server can perform in-app billing, otherwise, refusing in-app billing. According to the invention, in case an illegal developer obtains the legal APPID of the application software, the APPKey in corresponding relation with the APPID can not be obtained, so that when a billing request is initiated, the server authentication can not pass and billing request is not responded, which in turn avoids the error billing during in-app paying and improves the paying safety.
Description
Technical Field
The invention relates to the field of information technology processing, in particular to a method, a server, a client and a system for paying in application.
Background
Apple, 9 months 2009, released an in-App (in-App) payment system by App Store; google published the in-app payment system for Android Market in 2011 3 months; the use of in-app payment systems in society has become increasingly common as these two major companies have launched in-app payment systems.
In-app, i.e. In-app Purchase, pay In-app, i.e. within any application software, at least one charging point is set for application functions of different levels of the application software, and a user only performs charging when selecting the application function corresponding to the charging point In the process of using the application software. The payment mode breaks the traditional payment mode, allows users to download trial application software free of charge, and selectively consumes application functions provided in the application software, such as: the property in the online game and the like enable the payment mode to be more flexible. This payment mode has the following advantages: 1. for developers, a free simplified version of the software does not need to be independently issued for the users to experience a certain newly developed software, so that the waste of resources of the developers is avoided; 2. for the electronic mall, the excellent application software can be approved by the user by opening the free downloading of the application software and giving the user a trial opportunity, so that the waste of the application software caused by lack of user cognition is avoided; 3. for the user, the consumed content is determined according to the actual needs of the user, so that the user has higher evaluation on the used application software.
However, in the prior art, the important basis for charging for in-application payment is the identity of the application software, and when the application software is developed, a developer embeds an application identification code (App ID) provided by an electronic mall in the application software, uploads the application software to the electronic mall, and the electronic mall locally stores the corresponding relationship between the application software identifier and the App ID. When the terminal downloads the application software from the electronic mall and runs to the charging point of the application software, the terminal reports a charging request containing the App ID and the charging point information to the electronic mall, the electronic mall determines the corresponding application software according to the received App ID, and charges the related charging point in the determined application software according to the received charging point information.
However, the safety of the App ID is very poor, the App ID provided by the electronic mall is easily obtained by other illegal developers, after the other illegal developers obtain the App ID, the obtained App ID is written into illegal application software and reported to the electronic mall, at this time, the electronic mall will establish a corresponding relationship between the App ID and an illegal application software identifier, and when the terminal downloads and runs to a charging point in the illegal application software, the electronic mall will charge local illegal operations according to the stored corresponding relationship between the App ID and the illegal application software identifier, which causes errors in charging, reduces the security of charging in the application, brings economic loss to users, and further reduces the user experience of the application software.
For example: the e-mall provides the application identifier APPID1 for the application software AA developed by the developer a, and the application software AA has a charging point of a function. And after obtaining the APP ID1 by an illegal means, the developer B writes the APP ID1 into illegal application software BB, forges a charging point of a function in the illegal application software BB, and uploads the illegal application software BB to the electronic mall.
After obtaining the application software BB, the electronic mall will also establish a corresponding relationship between the application software BB and the APP ID 1. If the terminal runs to the function a in the application software BB, the terminal reports a charging request containing the APP ID1 and the function a information to the electronic mall, the electronic mall does not recognize that the application software BB is illegal software, but responds to the charging request according to the corresponding relationship between the locally stored application software BB and the APP ID1, so that errors occur in charging.
Disclosure of Invention
The embodiment of the invention provides a method, a server, a client and a system for paying in application, which are used for solving the problem of low safety of paying in application in the prior art.
A method of in-application payment, the method comprising:
when application software runs to a charging point of the application software, a server receives a charging request sent by a client, wherein the charging request comprises an application identification code (APP ID) of the application software;
the server generates an authentication code and returns the authentication code to the client, determines an APPKey corresponding to the received APP ID according to the correspondence between the locally stored APP ID and the application Key APPKey, and performs encryption operation on the authentication code by using the determined APPKey to obtain a first operation result;
the server receives a second operation result sent by the client, wherein the second operation result is obtained after the client performs encryption operation on the received authentication code by using the locally stored APPKey;
the server responds to the charging request when determining that the first operation result is the same as the second operation result; otherwise, returning the charging failure message.
A method of in-application payment, the method comprising:
when application software runs to a charging point of the application software, a client sends a charging request to a server, wherein the charging request comprises an application identification code (APP ID) of the application software;
the client receives an authentication code returned by the server, performs encryption operation on the received authentication code by using a locally stored application key (APPKEy) to obtain a second operation result and sends the second operation result to the server, the indication server performs encryption operation on the authentication code by using the APPKEy corresponding to the received APP ID according to the corresponding relation between the locally stored APP ID and the APPKEy to obtain a first operation result and compares the first operation result with the second operation result, and when the comparison results are the same, the client responds to the charging request; otherwise, returning the charging failure message.
A server for in-app payment, the server comprising:
the device comprises a request receiving module, a charging module and a charging module, wherein the request receiving module is used for receiving a charging request sent by a client when application software runs to a charging point of the application software, and the charging request comprises an application identification code (APP ID) of the application software;
the authentication code generating module is used for generating an authentication code and returning the authentication code to the client;
the operation module is used for determining the APPKey corresponding to the received APP ID according to the corresponding relation between the locally stored APP ID and the application Key APPKey, and carrying out encryption operation on the authentication code by the determined APPKey to obtain a first operation result;
the result receiving module is used for receiving a second operation result sent by the client, wherein the second operation result is obtained after the client performs encryption operation on the received authentication code by using the locally stored APPKey;
the judging module is used for responding to the charging request when the first operation result is determined to be the same as the second operation result; otherwise, returning the charging failure message.
A client for in-application payment, the client comprising:
the system comprises a sending module, a charging module and a charging module, wherein the sending module is used for sending a charging request to a server when application software runs to a charging point of the application software, and the charging request comprises an application identification code (APP ID) of the application software;
the receiving module is used for receiving the authentication code returned by the server;
the result operation module is used for carrying out encryption operation on the received authentication code by using the locally stored application key APPKey to obtain a second operation result and sending the second operation result to the server;
the indication module is used for indicating the server to perform encryption operation on the authentication code by using the APPKey corresponding to the received APP ID according to the corresponding relation between the locally stored APP ID and the APPKey, then obtaining a first operation result and comparing the first operation result with the second operation result, and responding to the charging request when the comparison results are the same; otherwise, returning the charging failure message.
A system for in-application payment, the system comprising:
the client is used for sending a charging request to the server when the application software runs to a charging point of the application software, wherein the charging request comprises an application identification code (APP ID) of the application software, receiving an authentication code returned by the server, carrying out encryption operation on the received authentication code by using a locally stored application key (APPKey), obtaining a second operation result and sending the second operation result to the server;
the server is used for receiving the charging request sent by the client, generating an authentication code and returning the authentication code to the client, determining an APPKey corresponding to the received APP ID according to the corresponding relationship between the locally stored APP ID and the application Key APPKey, carrying out encryption operation on the authentication code by the determined APPKey to obtain a first operation result, receiving a second operation result sent by the client, and responding to the charging request when the first operation result is determined to be the same as the second operation result; otherwise, returning the charging failure message.
The invention has the following beneficial effects:
according to the embodiment of the invention, the server and the client encrypt the authentication code determined by the server by using the APPKey corresponding to the APP ID in the application software respectively through the corresponding relation between the APP ID and the APPKey, and when the encryption results calculated by the server and the client are the same, the server indicates that the application software maintained by the client is legal software and can charge the application software internally, otherwise, the server does not charge the application software internally, so that the charging error caused by the internal charging is avoided, and the safety of the internal charging is improved.
Drawings
FIG. 1 is a flowchart illustrating a method for in-application payment according to a first embodiment;
FIG. 2 is a flowchart of a method of in-application payment according to the second embodiment;
fig. 3 is a schematic structural diagram of a pay-in-application server according to a third embodiment;
fig. 4 is a schematic structural diagram of a client for in-application payment according to a fourth embodiment;
FIG. 5 is a schematic diagram of the structure when the client is an Agent application;
fig. 6 is a schematic structural diagram of a system for in-application payment according to a fifth embodiment.
Detailed Description
In order to achieve the purpose of the present invention, embodiments of the present invention provide a method, a server, a client, and a system for in-application payment, in a scheme of the embodiments of the present invention, rather than simply identifying an application identity through an APP ID to perform in-application payment, through a correspondence between the APP ID and an APPKey, the server and the client encrypt an authentication code determined by the server by using an APPKey corresponding to the APP ID in the application, respectively, and when an encryption result calculated by the server and the client is the same, it indicates that the application maintained by the client is legitimate software, and the server can perform in-application charging on the legitimate software, otherwise, the server does not perform in-application charging on the legitimate software.
Compared with the prior art, when the server responds to the charging request, the identity of the application software is not identified by singly depending on the APP ID, but the server and the client perform encryption operation by respectively using the APPKey and the authentication code which establish the corresponding relationship with the APP ID and then compare the operation results, so that even if an illegal developer obtains the APP ID of legal application software, the APPKey which establishes the corresponding relationship with the APP ID cannot be obtained, and when the charging request is initiated, the authentication of the server is failed, and the charging request is refused to be responded, thereby avoiding the charging error caused by the payment in the application and improving the safety of the payment in the application.
The embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
The first embodiment is as follows:
as shown in fig. 1, a flow chart of a method for in-application payment according to the first embodiment is shown, where the method includes:
step 101: when the charging point of the application software is operated, the server receives a charging request sent by a client, wherein the charging request comprises an application identification code (APP ID) of the application software.
Specifically, the charging point refers to a certain charge that needs to be generated when a certain function in the application software is used by the user.
The server can be a charging system or an electronic mall platform with a charging function.
The client can be an Agent software program installed in the terminal device running the application software, and can also be an Agent application program integrated in the application software.
In this step 101, after the terminal device runs the application software, the client monitors the running of the application software, and when the terminal device runs to a charging point of the application software, the client sends a charging request to the server to request charging for the charging point, where the charging request includes an APP ID of the application software.
Step 102: the server generates an authentication code and returns the authentication code to the client, determines an APPKey corresponding to the received APP ID according to the correspondence between the locally stored APP ID and the application Key APPKey, and performs encryption operation on the authentication code by using the determined APPKey to obtain a first operation result.
In step 102, when receiving a charging request sent by a client, the server generates an authentication code for the charging request, and returns the authentication code to the client.
The authentication code may be a random number or a random code, and the form of the authentication code may be determined according to actual needs or experience, which is not limited herein.
The server searches for a corresponding relation between the locally stored APPID and the APPKey according to the received APP ID in the charging request, determines the APPKey corresponding to the received APP ID, and performs encryption operation on the generated authentication code by using the determined APPKey to obtain a first operation result.
Among them, there are various ways of encryption operation, for example: the encryption algorithm used in the scheme of the present invention is not specifically limited herein, and algorithms with encryption functions can be used in the scheme of the present invention. After the encryption algorithm is determined, an operation result can be obtained by using the encryption algorithm in a Token AES ("APPKey", input | | authentication code ") mode.
Step 103: and the server receives a second operation result sent by the client, wherein the second operation result is obtained by the client through encryption operation on the received authentication code by using the locally stored APPKey.
In this step 103, after receiving the authentication code sent by the server, the client performs an encryption operation on the received authentication code according to the locally stored APPKey to obtain a second operation result, and sends the second operation result to the server.
It should be noted that, the encryption algorithm is negotiated between the client and the server through information interaction, so that the encryption algorithm for performing encryption operation between the client and the server is the same encryption algorithm.
It should be noted that the first operation result and the second operation result in this embodiment are used to distinguish the operation results of the client and the server, and there is no special definition on whether the contents are the same.
Step 104: when receiving the second operation result, the server determines whether the received second operation result is the same as the first operation result obtained locally, and if so, executes step 105; otherwise, step 106 is performed.
Step 105: and the server responds to the charging request when determining that the first operation result is the same as the second operation result, carries out charging and returns a message of successful charging to the client.
Step 106: and when the server determines that the first operation result is different from the second operation result, the server returns a charging failure message to the client.
By implementing the scheme one, when the client initiates the charging request to the server, the server authenticates the identity of the application software operated by the client initiating the charging request according to the corresponding relation between the APPID and the APPKey, so that the legality of the identity of the application software is ensured when the server responds to the charging request, and the correctness of the payment in the application is further improved.
Example two:
as shown in fig. 2, a flowchart of a method for in-application payment in the second embodiment is shown, and the second embodiment describes in detail the steps of the first embodiment, and the method includes:
step 201: after receiving the application registration request reported by the software development terminal, the server generates and stores the APP ID and the APPKey corresponding to the APP ID, and returns the generated APP ID to the software development terminal.
In this step 201, when the software development terminal needs to upload application software to the server, it first needs to register information in the server, where the registration information includes: username, password, application name, type of affiliation, etc.
If the server is an electronic mall platform, the server has the functions of downloading application software and uploading the application software by the software development terminal, and can also have a calling entrance for providing client software to be built in a mobile phone terminal platform.
The method comprises the steps that after registration information reported by a software development terminal is received by a server, the registration information provided by the software development terminal is checked, when the check is passed, APP ID and APPKey are generated for application software to be developed by the software development terminal locally, and a corresponding relation between the APP ID and the APPKey is established, wherein the APP ID is returned to the software development terminal by the server, and software development is carried out by the software development terminal by utilizing an SDK (software development Kit); and the server stores the corresponding relation between the APP ID and the APPKey and the generated APPKey in a local safety area.
And the software development terminal writes the received APP ID into an application program of application software to be developed by using the SDK, packages the application program of the application software containing the APP ID and uploads the packaged application program to the server.
Step 202: and the server receives the application software containing the APP ID reported by the software development terminal, encrypts the corresponding APPKey according to the corresponding relationship between the APP ID and the APPKey, and places the encrypted APPKey in the application software.
In step 202, when the software development terminal uploads the installation package of the application program of the application software including the APP ID to the server, the server checks the installation package uploaded by the software development terminal according to the APP ID information in the installation package, so as to ensure that the installation package uploaded by the software development terminal is a legal application software installation package.
After the application software installation package is approved by the server, the server searches the corresponding relation between the locally stored APP ID and the APPKey according to the read APP ID in the installation package, determines the APPKey corresponding to the APP ID, encrypts the determined corresponding APPKey and then places the encrypted APPKey in the application software.
Specifically, the server may create a file in the installation package of the application software, and write the encrypted APPKey in the file. For example: writing encrypted APPKey in an APK packet of the Android software, wherein the specific writing mode is as follows:
01.|--AndroidManifest.xml
02.|--META-INF
03.||--CERT.RSA
04.||--CERT.SF
05.|--MANIFEST.MF
06.|--Classes.dex
07.|--res
08.||--drawable
09.||--icon.png
10.|--layout
11.|--main.xml
12.--resources.arsc
preferably, in order to further improve the security of the identity of the application software, the APPKey encrypted by the server and written into the application program of the application software is prevented from being illegally written into the illegal application program of the application software, the server selects the corresponding program from the application software according to the set position information, encrypts the program by using the APPKey corresponding to the APP ID in the application software, and places the encrypted program into the application software.
The set position information refers to the initial address of an application program in the application software. When the server places the encrypted APPKey in the application program of the application software, the server may also read a segment of the application program from the application software, store the start address of the application program, encrypt the application program by using the APPKey corresponding to the APP ID in the application software, and place the encrypted application program in the application software.
It should be noted that the server needs to store the start address of the application program in the application software.
The server can store an Agent application program for authenticating the identity of the application software and also can store the Agent application software for authenticating the identity of the application software, and the terminal equipment can acquire the Agent application software from the server and install the Agent application software locally, wherein the Agent application software can be a client in the scheme of the invention.
If the Agent application program is stored in the server, the client in the scheme of the invention is the Agent application program. And when the encrypted APPKey and the encrypted application program are placed in the application software, integrating the client and the installation package of the application software together to generate a new application software installation package for a user of the terminal equipment to download and use.
It should be noted that, the server sets the association relationship between the installation operation of the new application software installation package and the client start operation in the new application software installation package, that is, when the terminal device determines to install the application software, the application program of the client will be automatically started, and the process of installing the application software by the terminal device is monitored.
Step 203: and when the terminal equipment where the client is located downloads the application software from the server, the client extracts the encrypted APPKey in the application software and decrypts the APPKey to obtain the decrypted APPKey.
In step 203, the terminal device where the client is located downloads the application software from the server, and determines that the client starts a process of taking over the installation of the application software when the application software is installed, which specifically includes the following steps:
the first step is as follows: firstly, extracting encrypted APPKey stored in the taken over application software;
the second step is that: and decrypting the encrypted APPKey according to an encryption algorithm negotiated by the client and the server to obtain the decrypted APPKey.
It should be noted that, because the client may be a client that is installed locally after being downloaded from the server by the terminal device alone, or may be obtained by integrating the client and the application installation package together and downloading and installing the application software by the server, only the server and the client know the encryption algorithm for encrypting the APPKey, or only the server and the client may decrypt the encrypted APPKey to obtain the APPKey corresponding to the APP ID.
Step 204: and the client selects a corresponding program from the application software according to the set position information, and encrypts the program by using the decrypted APPKey.
In this step 204, the client selects a program corresponding to the application program encrypted by the server from the application software according to the start address of the encrypted application program stored in the application software by the server, and encrypts the program by using the APPKey decrypted in the step 203.
Step 205: the client judges whether the encrypted program obtained by local calculation is the same as the encrypted program set in the application software, if so, the terminal equipment is allowed to install the application software, and step 206 is executed; otherwise, the terminal equipment is not allowed to install the application software, and the installation is finished.
And ensuring the legality of the application software installed on the terminal equipment by means of the steps 203-205.
It should be noted that the scheme of steps 204 to 205 can also be implemented by the following method:
the first step is as follows: the client reads the encrypted application program arranged in the application software by the server from the application software, and decrypts the program by using the decrypted APPKey to obtain the decrypted application program.
The second step is that: and the client determines the application program in the application software corresponding to the initial address according to the initial address of the application program encrypted by the server stored in the application software.
The third step: the client judges whether the decrypted application program is the same as the determined application program, if so, the terminal device is allowed to install the application software, and step 206 is executed; otherwise, the terminal equipment is not allowed to install the application software.
Step 206: and when the client allows the terminal equipment to install the application software, storing the encrypted APPKey and the encrypted program stored in the application software into a local safe area.
The secure area is a secure space where the client stores important information, and may be an encrypted file or a program that cannot be identified by others, and the secure area is not specifically limited as long as the secure area has an information secure storage function.
It should be noted that, if the client is an Agent application, the Agent application includes two parts: a part of programs are completed by Java language, and the part is mainly used for realizing a safe Secure Class Loader (Class loading) program, and is particularly used for taking over the installation process of application software so as to control the installation of the application software; the other part of the program is finished by C language, which is mainly used for interacting with the server to realize the authentication of the identity of the application software, wherein, a local security area (namely a section of program or file for encryption) of the client is contained in the part C to realize the secure storage of information, the client stores the encrypted APPKey stored in the application software and the placed encrypted program in the part C, and the Java part and the part C communicate through JIN interface.
Step 207: the terminal equipment runs the installed application software and sends a charging request to the client when running to a charging point in the application software.
Step 208: and when the client receives the charging request, determining the APPID of the currently running application software.
Step 209: and the client dynamically determines the encrypted APPkey stored in the currently running application software, and decrypts the determined APPkey to obtain the decrypted APPkey.
Step 210: the client determines the application program in the application software to be encrypted according to the initial address of the application program for encryption stored in the application software, and performs encryption operation on the determined application program by using the decrypted APPkey to obtain the encrypted application program.
Step 211: the client judges whether the encrypted application program stored locally is the same as the application program obtained through calculation, if so, the client sends the received charging request to the server, and step 212 is executed; otherwise, the response request failure message is returned to the terminal equipment, and the process is finished.
Step 212: and the server receives a charging request sent by the client, wherein the charging request comprises an application identification code (APP ID) and charging point information of the application software.
Step 213: the server generates an authentication code and returns it to the client.
Step 214: the server determines the APPKey corresponding to the received APP ID according to the corresponding relation between the locally stored APP ID and the application Key APPKey, and performs encryption operation on the authentication code by using the determined APPKey to obtain a first operation result.
Step 215: and the server receives a second operation result sent by the client, wherein the second operation result is obtained by the client through encryption operation on the received authentication code by using the locally stored APPKey.
Step 216: the server judges whether the first operation result is the same as the second operation result, if so, the server responds to the charging request, charges according to the charging point information contained in the charging request and returns a successful charging message; otherwise, returning the charging failure message.
Example three:
as shown in fig. 3, a schematic structural diagram of a pay-in-application server according to a third embodiment is shown, where the server includes: a request receiving module 31, an authentication code generating module 32, an operation module 33, a result receiving module 34, and a judging module 35. Wherein,
a request receiving module 31, configured to receive a charging request sent by a client when an application software runs to a charging point of the application software, where the charging request includes an application identification code APP ID of the application software;
an authentication code generation module 32, configured to generate an authentication code and return the authentication code to the client;
the operation module 33 is configured to determine, according to a correspondence between a locally stored APP ID and an application key APPKey, an APPKey corresponding to the received APP ID, and perform an encryption operation on the authentication code using the determined APPKey to obtain a first operation result;
the result receiving module 34 is configured to receive a second operation result sent by the client, where the second operation result is obtained by the client performing encryption operation on the received authentication code by using the locally stored APPKey;
the judging module 35 is configured to respond to the charging request when it is determined that the first operation result is the same as the second operation result; otherwise, returning the charging failure message.
Preferably, the server further comprises: an APP ID generation module 36 and a key encryption module 37. Wherein,
the APP ID generation module 36 is configured to generate and store an APP ID and an APPKey corresponding to the APP ID after receiving an application registration request reported by the software development terminal before the application software runs, and return the generated APP ID to the software development terminal;
and the key encryption module 37 is configured to receive the application software including the APP ID reported by the software development terminal before the application software runs, encrypt the corresponding APPKey according to the correspondence between the APP ID and the APPKey, and place the encrypted APPKey in the application software.
The server further comprises: a program encryption module 38. Wherein,
and the program encryption module 38 is configured to select a corresponding program from the application software according to the set location information, encrypt the program by using the APPKey corresponding to the APP ID in the application software, and place the encrypted program in the application software.
Example four:
as shown in fig. 4, a schematic structural diagram of a client for in-application payment according to a fourth embodiment of the present invention is shown, where the client includes: a sending module 41, a receiving module 42, a result operation module 43 and an indication module 44. Wherein,
a sending module 41, configured to send a charging request to a server when an application software runs to a charging point of the application software, where the charging request includes an application identification code APP ID of the application software;
the receiving module 42 is configured to receive an authentication code returned by the server;
the result operation module 43 is configured to perform encryption operation on the received authentication code by using the locally stored application key APPKey, obtain a second operation result, and send the second operation result to the server;
an indication module 44, configured to instruct the server to perform, according to a correspondence between the locally stored APP ID and the APPKey, an encryption operation on the authentication code by using the APPKey corresponding to the received APP ID, to obtain a first operation result, and compare the first operation result with the second operation result, and when the comparison results are the same, respond to the charging request; otherwise, returning the charging failure message.
Preferably, the client further comprises: a decryption module 45. Wherein,
and the decryption module 45 is configured to, before the application software runs, the terminal device downloads the application software from the server, extracts the encrypted APPKey in the application software, and decrypts the APPKey to obtain the decrypted APPKey.
The client further comprises: a program encryption module 46 and a judgment module 47. Wherein
A program encryption module 46, configured to select a corresponding program from the application software according to the set location information after obtaining the decrypted APPKey, and encrypt the program by using the decrypted APPKey;
a judging module 47, configured to judge whether the encrypted program obtained by the local calculation is the same as the encrypted program set in the application software, and if so, allow the terminal device to install the application software; otherwise, the terminal equipment is not allowed to install the application software.
The client further comprises: a storage module 48. Wherein,
and a storage module 48, configured to store the encrypted APPKey stored in the application software and the set encrypted program in a local secure area when it is determined that the locally calculated encrypted program is the same as the encrypted program stored in the application software.
If the client in the embodiment of the present invention is an Agent application, as shown in fig. 5, the client is a schematic structural diagram of the Agent application.
Example five:
as shown in fig. 6, a schematic structural diagram of a system for in-application payment according to the fifth embodiment is shown, where the system includes: a client 61 and a server 62. Wherein:
the client 61 is configured to send a charging request to the server 62 when the application software runs to the charging point of the application software, where the charging request includes an application identification code APP ID of the application software, receive an authentication code returned by the server 62, perform encryption operation on the received authentication code by using a locally stored application key APPKey, obtain a second operation result, and send the second operation result to the server 62;
the server 62 is configured to receive a charging request sent by the client 61, generate an authentication code, return the authentication code to the client 61, determine, according to a correspondence between a locally stored APP ID and an application key APPKey, an APPKey corresponding to the received APP ID, perform encryption operation on the authentication code by using the determined APPKey to obtain a first operation result, receive a second operation result sent by the client 61, and respond to the charging request when it is determined that the first operation result is the same as the second operation result; otherwise, returning the charging failure message.
Specifically, the server 62 is further configured to receive, before the application software runs, an application registration request reported by the software development terminal, generate and store an APP ID and an APPKey corresponding to the APP ID, return the generated APP ID to the software development terminal, and after receiving the application software including the APP ID reported by the software development terminal, encrypt the corresponding APPKey according to a correspondence between the APP ID and the APPKey, and place the encrypted APPKey in the application software.
The server 62 is further configured to select a corresponding program from the application software according to the set location information, encrypt the program by using APPKey corresponding to the APP ID in the application software, and place the encrypted program in the application software.
The client 61 is further configured to, before the application software runs, extract the encrypted APPKey in the application software when the terminal device where the client is located downloads the application software from the server, and decrypt the APPKey to obtain the decrypted APPKey.
The client 61 is further configured to select a corresponding program from the application software according to the set location information after obtaining the decrypted APPKey, encrypt the program by using the decrypted APPKey, determine whether the locally-calculated encrypted program is the same as the encrypted program set in the application software, and if so, allow the terminal device to install the application software; otherwise, the terminal equipment is not allowed to install the application software.
The client 61 is further configured to store the encrypted APPKey stored in the application software and the encrypted program in the local secure area when it is determined that the encrypted program obtained by the local calculation is the same as the encrypted program stored in the application software.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (20)
1. A method for in-app payment, the method comprising:
when application software runs to a charging point of the application software, a server receives a charging request sent by a client, wherein the charging request comprises an application identification code (APP ID) of the application software;
the server generates an authentication code and returns the authentication code to the client, determines an APPKey corresponding to the received APP ID according to the correspondence between the locally stored APP ID and the application Key APPKey, and performs encryption operation on the authentication code by using the determined APPKey to obtain a first operation result;
the server receives a second operation result sent by the client, wherein the second operation result is obtained after the client performs encryption operation on the received authentication code by using the locally stored APPKey;
the server responds to the charging request when determining that the first operation result is the same as the second operation result; otherwise, returning the charging failure message.
2. The method of claim 1, wherein prior to the application software running, the method further comprises:
after receiving an application registration request reported by a software development terminal, a server generates and stores an APP ID and an APPKey corresponding to the APP ID, and returns the generated APP ID to the software development terminal;
and the server receives the application software containing the APP ID reported by the software development terminal, encrypts the corresponding APPKey and places the encrypted APPKey in the application software according to the corresponding relation between the APPID and the APPKey.
3. The method of claim 2, wherein the method further comprises:
and the server selects a corresponding program from the application software according to the set position information, encrypts the program by using the APPKey corresponding to the APP ID in the application software, and places the encrypted program in the application software.
4. The method of claim 3, wherein prior to the application software running, the method further comprises:
when the terminal equipment where the client is located downloads the application software from the server, the client extracts the encrypted APPKey in the application software and decrypts the APPKey to obtain the decrypted APPKey.
5. The method of claim 4, wherein after the client obtains the decrypted APPKey, the method further comprises:
the client selects a corresponding program from the application software according to the set position information, and encrypts the program by using the decrypted APPKey;
the client judges whether the encrypted program obtained by local calculation is the same as the encrypted program arranged in the application software, and if so, the terminal equipment is allowed to install the application software; otherwise, the terminal equipment is not allowed to install the application software.
6. The method of claim 5, wherein upon determining that the locally computed encrypted program is the same as the encrypted program stored in the application software, the client further comprises:
and the client stores the encrypted APPKey and the encrypted program stored in the application software to a local safe area.
7. A method for in-app payment, the method comprising:
when application software runs to a charging point of the application software, a client sends a charging request to a server, wherein the charging request comprises an application identification code (APP ID) of the application software;
the client receives an authentication code returned by the server, performs encryption operation on the received authentication code by using a locally stored application key (APPKEy) to obtain a second operation result and sends the second operation result to the server, the indication server performs encryption operation on the authentication code by using the APPKEy corresponding to the received APP ID according to the corresponding relation between the locally stored APP ID and the APPKEy to obtain a first operation result and compares the first operation result with the second operation result, and when the comparison results are the same, the client responds to the charging request; otherwise, returning the charging failure message.
8. A server for in-app payment, the server comprising:
the device comprises a request receiving module, a charging module and a charging module, wherein the request receiving module is used for receiving a charging request sent by a client when application software runs to a charging point of the application software, and the charging request comprises an application identification code (APP ID) of the application software;
the authentication code generating module is used for generating an authentication code and returning the authentication code to the client;
the operation module is used for determining the APPKey corresponding to the received APP ID according to the corresponding relation between the locally stored APP ID and the application Key APPKey, and carrying out encryption operation on the authentication code by the determined APPKey to obtain a first operation result;
the result receiving module is used for receiving a second operation result sent by the client, wherein the second operation result is obtained after the client performs encryption operation on the received authentication code by using the locally stored APPKey;
the judging module is used for responding to the charging request when the first operation result is determined to be the same as the second operation result; otherwise, returning the charging failure message.
9. The server of claim 8, wherein the server further comprises:
the APP ID generation module is used for generating and storing the APP ID and the APPKEy corresponding to the APP ID after receiving an application registration request reported by the software development terminal before the application software runs, and returning the generated APP ID to the software development terminal;
and the key encryption module is used for receiving the application software containing the APP ID reported by the software development terminal before the application software runs, encrypting the corresponding APPKey according to the corresponding relationship between the APP ID and the APPKey, and then placing the encrypted APPKey into the application software.
10. The server of claim 8, wherein the server further comprises:
and the program encryption module is used for selecting a corresponding program from the application software according to the set position information, encrypting the program by using the APPKey corresponding to the APP ID in the application software, and placing the encrypted program in the application software.
11. A client for in-application payment, the client comprising:
the system comprises a sending module, a charging module and a charging module, wherein the sending module is used for sending a charging request to a server when application software runs to a charging point of the application software, and the charging request comprises an application identification code (APP ID) of the application software;
the receiving module is used for receiving the authentication code returned by the server;
the result operation module is used for carrying out encryption operation on the received authentication code by using the locally stored application key APPKey to obtain a second operation result and sending the second operation result to the server;
the indication module is used for indicating the server to perform encryption operation on the authentication code by using the APPKey corresponding to the received APP ID according to the corresponding relation between the locally stored APP ID and the APPKey, then obtaining a first operation result and comparing the first operation result with the second operation result, and responding to the charging request when the comparison results are the same; otherwise, returning the charging failure message.
12. The client of claim 11, wherein the client further comprises:
and the decryption module is used for downloading the application software from the server by the terminal equipment before the application software runs, extracting the encrypted APPKey in the application software, and decrypting the APPKey to obtain the decrypted APPKey.
13. The client of claim 12, wherein the client further comprises:
the program encryption module is used for selecting a corresponding program from the application software according to the set position information after the decrypted APPKey is obtained, and encrypting the program by using the decrypted APPKey;
the judging module is used for judging whether the encrypted program obtained by local calculation is the same as the encrypted program arranged in the application software or not, and if so, allowing the terminal equipment to install the application software; otherwise, the terminal equipment is not allowed to install the application software.
14. The client of claim 13, wherein the client further comprises:
and the storage module is used for storing the encrypted APPKey stored in the application software and the set encrypted program to a local safe area when the encrypted program obtained by local calculation is determined to be the same as the encrypted program stored in the application software.
15. A system for in-application payment, the system comprising:
the client is used for sending a charging request to the server when the application software runs to a charging point of the application software, wherein the charging request comprises an application identification code (APP ID) of the application software, receiving an authentication code returned by the server, carrying out encryption operation on the received authentication code by using a locally stored application key (APPKey), obtaining a second operation result and sending the second operation result to the server;
the server is used for receiving the charging request sent by the client, generating an authentication code and returning the authentication code to the client, determining an APPKey corresponding to the received APP ID according to the corresponding relationship between the locally stored APP ID and the application Key APPKey, carrying out encryption operation on the authentication code by the determined APPKey to obtain a first operation result, receiving a second operation result sent by the client, and responding to the charging request when the first operation result is determined to be the same as the second operation result; otherwise, returning the charging failure message.
16. The system of claim 15,
the server is further configured to receive an application registration request reported by the software development terminal before the application software runs, generate and store an APP ID and an APPKey corresponding to the APP ID, return the generated APP ID to the software development terminal, receive the application software containing the APP ID reported by the software development terminal, encrypt the corresponding APPKey according to a correspondence between the APP ID and the APPKey, and place the encrypted APPKey in the application software.
17. The system of claim 16,
and the server is further used for selecting a corresponding program from the application software according to the set position information, encrypting the program by using the APPKey corresponding to the APP ID in the application software, and placing the encrypted program in the application software.
18. The system of claim 17,
and the client is also used for extracting the encrypted APPKey in the application software and decrypting the APPKey to obtain the decrypted APPKey when the terminal equipment where the client is located downloads the application software from the server before the application software runs.
19. The system of claim 18,
the client is further configured to select a corresponding program from the application software according to the set location information after obtaining the decrypted APPKey, encrypt the program by using the decrypted APPKey, determine whether the locally-calculated encrypted program is the same as the encrypted program set in the application software, and allow the terminal device to install the application software if the locally-calculated encrypted program is the same as the encrypted program set in the application software; otherwise, the terminal equipment is not allowed to install the application software.
20. The system of claim 19,
the client is further configured to store the encrypted APPKey stored in the application software and the encrypted program in the local secure area when it is determined that the encrypted program obtained by the local calculation is the same as the encrypted program stored in the application software.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210030650.1A CN103248495B (en) | 2012-02-10 | 2012-02-10 | A kind of method, server, client and system applying interior paying |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210030650.1A CN103248495B (en) | 2012-02-10 | 2012-02-10 | A kind of method, server, client and system applying interior paying |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103248495A true CN103248495A (en) | 2013-08-14 |
| CN103248495B CN103248495B (en) | 2016-03-30 |
Family
ID=48927730
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210030650.1A Active CN103248495B (en) | 2012-02-10 | 2012-02-10 | A kind of method, server, client and system applying interior paying |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103248495B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2014154063A1 (en) * | 2013-08-28 | 2014-10-02 | 中兴通讯股份有限公司 | Method, device and system for controlling presentation of application |
| CN104753687A (en) * | 2013-12-31 | 2015-07-01 | 中国移动通信集团公司 | Charging method and device based on uniform charging platform |
| CN105472592A (en) * | 2015-11-17 | 2016-04-06 | 上海迪静信息技术有限公司 | Application software charging system and charging method |
| CN105743643A (en) * | 2016-04-26 | 2016-07-06 | 百度在线网络技术(北京)有限公司 | Communication security detection method and device |
| CN105978929A (en) * | 2016-04-15 | 2016-09-28 | 北京思特奇信息技术股份有限公司 | Method and system for data interaction between different mobile terminal platforms and back-end server |
| WO2016192441A1 (en) * | 2015-06-02 | 2016-12-08 | 中兴通讯股份有限公司 | Method and system for deducting fee |
| CN107251595A (en) * | 2015-02-17 | 2017-10-13 | 维萨国际服务协会 | User and the safety certification of mobile device |
| CN108366176A (en) * | 2018-01-25 | 2018-08-03 | 网宿科技股份有限公司 | A kind of charging method of terminal applies, apparatus and system |
| CN111262819A (en) * | 2018-11-30 | 2020-06-09 | 中移(杭州)信息技术有限公司 | VOIP SDK access control method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2724297A1 (en) * | 2010-12-14 | 2011-03-04 | Xtreme Mobility Inc. | System and method for authenticating transactions through a mobile device |
| CN101989345A (en) * | 2010-03-26 | 2011-03-23 | 深圳中兴网信科技有限公司 | Method and system for accessing software shopping mall |
| WO2011085388A1 (en) * | 2010-01-11 | 2011-07-14 | Mobile Messenger Global, Inc. | Method and apparatus for billing purchases from a mobile phone application |
-
2012
- 2012-02-10 CN CN201210030650.1A patent/CN103248495B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011085388A1 (en) * | 2010-01-11 | 2011-07-14 | Mobile Messenger Global, Inc. | Method and apparatus for billing purchases from a mobile phone application |
| CN101989345A (en) * | 2010-03-26 | 2011-03-23 | 深圳中兴网信科技有限公司 | Method and system for accessing software shopping mall |
| CA2724297A1 (en) * | 2010-12-14 | 2011-03-04 | Xtreme Mobility Inc. | System and method for authenticating transactions through a mobile device |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2014154063A1 (en) * | 2013-08-28 | 2014-10-02 | 中兴通讯股份有限公司 | Method, device and system for controlling presentation of application |
| CN104753687B (en) * | 2013-12-31 | 2019-01-01 | 中国移动通信集团公司 | A kind of charging method and device based on unified charging platform |
| CN104753687A (en) * | 2013-12-31 | 2015-07-01 | 中国移动通信集团公司 | Charging method and device based on uniform charging platform |
| CN107251595B (en) * | 2015-02-17 | 2021-04-20 | 维萨国际服务协会 | Secure authentication of users and mobile devices |
| CN107251595A (en) * | 2015-02-17 | 2017-10-13 | 维萨国际服务协会 | User and the safety certification of mobile device |
| US10826702B2 (en) | 2015-02-17 | 2020-11-03 | Visa International Service Association | Secure authentication of user and mobile device |
| WO2016192441A1 (en) * | 2015-06-02 | 2016-12-08 | 中兴通讯股份有限公司 | Method and system for deducting fee |
| CN105472592A (en) * | 2015-11-17 | 2016-04-06 | 上海迪静信息技术有限公司 | Application software charging system and charging method |
| CN105472592B (en) * | 2015-11-17 | 2018-09-11 | 上海迪静信息技术有限公司 | The toll collection system and charging method of application software |
| CN105978929A (en) * | 2016-04-15 | 2016-09-28 | 北京思特奇信息技术股份有限公司 | Method and system for data interaction between different mobile terminal platforms and back-end server |
| CN105978929B (en) * | 2016-04-15 | 2019-03-26 | 北京思特奇信息技术股份有限公司 | The data interactive method and system of different mobile terminal platform and back-end server |
| CN105743643A (en) * | 2016-04-26 | 2016-07-06 | 百度在线网络技术(北京)有限公司 | Communication security detection method and device |
| CN108366176B (en) * | 2018-01-25 | 2020-07-10 | 网宿科技股份有限公司 | Charging method, device and system for terminal application |
| CN108366176A (en) * | 2018-01-25 | 2018-08-03 | 网宿科技股份有限公司 | A kind of charging method of terminal applies, apparatus and system |
| CN111262819A (en) * | 2018-11-30 | 2020-06-09 | 中移(杭州)信息技术有限公司 | VOIP SDK access control method and device |
| CN111262819B (en) * | 2018-11-30 | 2022-04-01 | 中移(杭州)信息技术有限公司 | VOIP SDK access control method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103248495B (en) | 2016-03-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103248495B (en) | A kind of method, server, client and system applying interior paying | |
| US10878066B2 (en) | System and method for controlled access to application programming interfaces | |
| CN103685138B (en) | The authentication method of the Android platform application software that mobile interchange is online and system | |
| US20200106775A1 (en) | Method, device, system for authenticating an accessing terminal by server, server and computer readable storage medium | |
| EP3487142A1 (en) | Method and device for providing and obtaining graphic code information, and terminal | |
| US11163859B2 (en) | Content protection via online servers and code execution in a secure operating system | |
| CN108200078B (en) | Downloading and installing method of signature authentication tool and terminal equipment | |
| CN111625829A (en) | Application activation method and device based on trusted execution environment | |
| CN103577206A (en) | Method and device for installing application software | |
| CN107145769B (en) | Digital Rights Management (DRM) method, equipment and system | |
| KR20130114593A (en) | Electronic license management | |
| CN106372497B (en) | Application programming interface API protection method and protection device | |
| US20160239841A1 (en) | Method, apparatus, and system for secure online payment | |
| CN103679005A (en) | Method to enable development mode of a secure electronic control unit | |
| CN107870793B (en) | Method and device for loading SO file in application program | |
| CN104992082A (en) | Software authorization method and device and electronic equipment | |
| US20110154436A1 (en) | Provider Management Methods and Systems for a Portable Device Running Android Platform | |
| CN113055182A (en) | Authentication method and system, terminal, server, computer system, and medium | |
| KR101642267B1 (en) | System for preventing forgery of application and method therefor | |
| US10025575B2 (en) | Method for installing security-relevant applications in a security element of a terminal | |
| CN109743283B (en) | Information transmission method and equipment | |
| WO2018156384A1 (en) | Determining legitimate conditions at a computing device | |
| CN111125705A (en) | Capability opening method and device | |
| CN111611551B (en) | Dynamic link library protection method and system based on cryptographic algorithm | |
| CN112118209B (en) | Account operation method and device of vehicle equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |