CN103366278B - Process the method and system of operation requests - Google Patents
Process the method and system of operation requests Download PDFInfo
- Publication number
- CN103366278B CN103366278B CN201310219444.XA CN201310219444A CN103366278B CN 103366278 B CN103366278 B CN 103366278B CN 201310219444 A CN201310219444 A CN 201310219444A CN 103366278 B CN103366278 B CN 103366278B
- Authority
- CN
- China
- Prior art keywords
- password
- random number
- authorized
- strategy
- operation request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 60
- 230000008569 process Effects 0.000 title abstract description 9
- 238000012545 processing Methods 0.000 claims abstract description 62
- 238000013475 authorization Methods 0.000 claims description 127
- 238000012790 confirmation Methods 0.000 claims description 14
- 238000001514 detection method Methods 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 4
- 230000014509 gene expression Effects 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 238000005336 cracking Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 230000002441 reversible effect Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a kind of method and system processing operation requests.The method includes: first terminal sends the operation requests information of user to smart card;Smart card generates licencing key, and generates the licencing key after process, and the licencing key after processing sends to first terminal;The information of smart card output licencing key;Licencing key after operation requests information and process is sent to background system server by first terminal;Operation requests information is sent to the second terminal by background system server;Operation requests information is sent to electronic signature token by the second terminal;Electronic signature token, after user confirms that operation requests information is correct, receives and confirms instruction, generates signature message according to operation requests information, and sends signature message to the second terminal;Signature message and password to be verified are sent to background system server by the second terminal;Background system server, after verifying that password to be verified and signature message all pass through, triggers the flow process of response operation requests.
Description
Technical Field
The present invention relates to the field of electronic technologies, and in particular, to a method and a system for processing an operation request.
Background
Nowadays more and more people use smart cards for shopping, and there are certain risks in shopping using smart cards, such as: the information of the smart card is easy to be acquired by other people, and if other people acquire the account number and the password of the smart card at the same time, other people can embezzle the amount of money on the smart card, so that economic loss is brought to the user. Therefore, the security of shopping using smart cards is to be further improved.
Disclosure of Invention
The invention aims to solve the problem of low security caused by hijacking of transaction information and/or signature information in the process of multiple accesses of the existing smart card.
One aspect of the present invention provides a method for processing an operation request, where the method includes: the method comprises the steps that after an operation request of a user is detected, a first terminal sends operation request information of the user to an intelligent card; the smart card generates an authorization password according to a preset password generation strategy after acquiring operation request information output by the first terminal, generates a processed authorization password according to a preset password processing strategy after acquiring the authorization password, and sends the processed authorization password to the first terminal; after the first terminal acquires the processed authorized password, if the smart card detects that the smart card is disconnected from the first terminal, the smart card outputs prompt information of the authorized password; after the first terminal obtains the processed authorization code, the first terminal sends the operation request information and the processed authorization code to a background system server; the background system server acquires the operation request information and the processed authorization password and then sends the operation request information to a second terminal; after the second terminal acquires the operation request information, the operation request information is sent to an electronic signature token; the electronic signature token is displayed according to the operation request information after acquiring the operation request information, receives a confirmation instruction after a user confirms that the operation request information is correct, generates a signature message according to the operation request information after receiving the confirmation instruction, and sends the signature message to the second terminal; after the second terminal acquires the signature message, receiving an authorized password corresponding to the prompt message, taking the acquired authorized password corresponding to the prompt message as a password to be verified, and sending the signature message and the password to be verified to the background system server; and after receiving the signature message and the password to be verified, the background system server verifies the password to be verified and the signature message, and triggers a flow for responding to the operation request after verifying that both the password to be verified and the signature message pass.
In addition, the step of generating the processed authorized password according to the preset password processing policy includes any one of the following modes: the first method is as follows: if the preset password processing strategy is to encrypt the authorized password, acquiring an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, and encrypting the authorized password according to the encryption algorithm to obtain the processed authorized password; the second method comprises the following steps: if the preset password processing strategy is to add random numbers in the authorized password, acquiring the random numbers according to the preset random number generation strategy, and acquiring a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; processing the authorization password according to the obtained random number and random number combination strategy to obtain a processed authorization password, and informing the background system server of the random number and random number combination strategy used by the processed authorization password; the third method comprises the following steps: if the preset password processing strategy is to increase a random number and encrypt the authorized password after the random number is increased, generating a strategy according to the preset random number to obtain the random number, and obtaining a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; combining the random number and the authorized password according to the obtained random number and random number combination strategy, then obtaining an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, encrypting the combined authorized password according to the encryption algorithm to obtain a processed authorized password, and informing the background system server of the random number and random number combination strategy used by the processed authorized password; the method is as follows: if the preset password processing strategy is to encrypt the authorized password and add random numbers in the encrypted authorized password, acquiring an encryption algorithm corresponding to the randomly added authorized password according to a distribution strategy of a prestored encryption algorithm, encrypting the encrypted authorized password according to the encryption algorithm, generating a strategy according to the preset random numbers, acquiring the random numbers, and acquiring a random number combination strategy corresponding to the encrypted authorized password according to the preset random number combination strategy; and combining the encrypted authorization code according to the obtained random number and the random number combination strategy to obtain a processed authorization code, and informing the background system server of the random number and the random number combination strategy used by the processed authorization code.
In addition, the step of verifying the password to be verified and the signature message by the background system server includes: and the background system server verifies the password to be verified according to the processed authorized password and verifies the signature message according to the operation request information.
In addition, after the second terminal acquires the signature message, the step of receiving the authorization password corresponding to the prompt message includes: and after the second terminal acquires the signature message, detecting input equipment arranged on the second terminal, and if information input is detected, acquiring an authorization password corresponding to the prompt message according to a detection result.
In addition, the step of outputting the authorization password prompt message by the smart card further comprises the following steps: according to a preset identity authentication strategy, performing identity authentication on a requester who requests to output an authorized password; and if the authentication is successful, outputting prompt information of the authorized password.
The invention also provides a system for processing operation requests, which comprises a first terminal, a smart card, a second terminal, an electronic signature token and a background system server, wherein: the first terminal sends operation request information of a user to the smart card after detecting an operation request of the user, and sends the operation request information and the processed authorization password to the background system server after acquiring the processed authorization password; after the smart card acquires operation request information output by the first terminal, generating an authorized password according to a preset password generation strategy, after the authorized password is acquired, generating a processed authorized password according to a preset password processing strategy, and sending the processed authorized password to the first terminal, and after the first terminal acquires the processed authorized password, if the smart card detects that the smart card is disconnected from the first terminal, outputting prompt information of the authorized password by the smart card; the second terminal sends the operation request information to the electronic signature token after acquiring the operation request information, receives an authorized password corresponding to the prompt information after acquiring the signature message, takes the authorized password corresponding to the prompt information as a password to be verified, and sends the signature message and the password to be verified to the background system server; the electronic signature token is displayed according to the operation request information after acquiring the operation request information, receives a confirmation instruction after a user confirms that the operation request information is correct, generates a signature message according to the operation request information after receiving the confirmation instruction, and sends the signature message to the second terminal; the background system server acquires the operation request information and the processed authorization password, then sends the operation request information to a second terminal, verifies the password to be verified and the signature message after receiving the signature message and the password to be verified, and triggers a flow for responding to the operation request after verifying that both the password to be verified and the signature message pass.
In addition, the smart card generates the processed authorization code in any one of the following ways: the first method is as follows: if the preset password processing strategy is to encrypt the authorized password, the smart card acquires an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, and encrypts the authorized password according to the encryption algorithm to obtain the processed authorized password; the second method comprises the following steps: if the preset password processing strategy is to add random numbers in the authorized password, the smart card generates a strategy according to the preset random numbers to obtain the random numbers, and obtains a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; processing the authorization password according to the obtained random number and random number combination strategy to obtain a processed authorization password, and informing the background system server of the random number and random number combination strategy used by the processed authorization password; the third method comprises the following steps: if the preset password processing strategy is to increase a random number and encrypt the authorized password after the random number is increased, the smart card generates a strategy according to the preset random number to obtain the random number, and obtains a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; combining the random number and the authorized password according to the obtained random number and random number combination strategy, then obtaining an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, encrypting the combined authorized password according to the encryption algorithm to obtain a processed authorized password, and informing the background system server of the random number and random number combination strategy used by the processed authorized password; the method is as follows: if the preset password processing strategy is to encrypt the authorized password and add random numbers in the encrypted authorized password, the smart card acquires an encryption algorithm corresponding to the randomly added authorized password according to a distribution strategy of a pre-stored encryption algorithm, encrypts the encrypted authorized password according to the encryption algorithm, acquires a random number according to a preset random number generation strategy, and acquires a random number combination strategy corresponding to the encrypted authorized password according to a preset random number combination strategy; and combining the encrypted authorization code according to the obtained random number and the random number combination strategy to obtain a processed authorization code, and informing the background system server of the random number and the random number combination strategy used by the processed authorization code.
In addition, the step of verifying the password to be verified and the signature message by the background system server includes: and the background system server verifies the password to be verified according to the processed authorized password and verifies the signature message according to the operation request information.
In addition, the second terminal also detects input equipment arranged on the second terminal, and if information input is detected, an authorization password corresponding to the prompt information is obtained according to a detection result.
In addition, the intelligent card also carries out identity authentication on a requester who requests to output the authorized password according to a preset identity authentication strategy, and if the authentication is successful, prompt information of the authorized password is output.
According to the technical scheme provided by the invention, the interaction of data (such as operation request information of a user) required by transaction is completed through one-time access of the intelligent card and the first terminal, so that the risk of intercepting important information caused by multiple accesses is reduced, and the safety is improved; meanwhile, after the smart card holder finishes the card swiping operation and needs a user holding the electronic signature token to sign, the second terminal sends the authorization password input by the holder receiving the electronic signature token and the signature message sent by the electronic signature token to the background system server, and the background system server triggers a flow of responding to the operation request after performing double verification on the authorization password and the signature message, so that unsafe hidden dangers caused by the fact that important data such as signature data are transmitted through a network are prevented, the situation that the smart card information is stolen and swiped by being acquired by other people is also prevented, and the security of smart card transaction is ensured.
The authorization password can be one or more combinations of numbers, letters and characters randomly generated in each transaction, and different from the existing transaction password and OTP which are transmitted according to a ciphertext, the second terminal can directly acquire the plaintext of the authorization password, and the security of an account in the transaction process cannot be reduced.
The invention generates the authorization password by the intelligent card and carries out encryption transmission on the authorization password, thereby ensuring the safety of transmitting the authorization password to the background system server and the accuracy of verifying the authorization password by the background system server.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
FIG. 1 is a flow chart illustrating a method for processing an operation request according to the present invention;
fig. 2 is a schematic structural diagram of a system for processing an operation request according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it is to be understood that the terms "center", "longitudinal", "lateral", "up", "down", "front", "back", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", and the like, indicate orientations or positional relationships based on those shown in the drawings, and are used only for convenience in describing the present invention and for simplicity in description, and do not indicate or imply that the referenced devices or elements must have a particular orientation, be constructed and operated in a particular orientation, and thus, are not to be construed as limiting the present invention. Furthermore, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or quantity or location.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Embodiments of the present invention will be described in further detail below with reference to the accompanying drawings.
Fig. 1 is a flowchart illustrating a method for processing an operation request according to the present invention. Referring to fig. 1, the method for processing an operation request provided by the present invention includes:
step S101, after detecting an operation request of a user, a first terminal sends operation request information of the user to an intelligent card;
specifically, the operation request of the user may be to access a certain account; or, modifying personal information, such as modifying a password of a certain account, or modifying information corresponding to a certain account, such as modifying the amount of money of a certain stored account;
for example, the user's operation request is to transfer a certain amount of credit to a certain account. The operation request information may include an account and an amount of money, and may also include transaction detail information, etc.
The first terminal may be: a fixed terminal, which may include an ATM, a PC, a POS, etc., or a mobile terminal, which may include: mobile phones, tablet computers, handheld POS machines, etc.
The smart card can be a chip card, a magnetic stripe card and the like, and can comprise a card chip containing user account information.
Before the smart card is accessed to the first terminal, the first terminal can acquire the operation request information through modes of manual input, network, commodity information scanning and the like.
Step S102, after obtaining operation request information output by a first terminal, the smart card generates an authorization password according to a preset password generation strategy, generates a processed authorization password according to a preset password processing strategy after obtaining the authorization password, and sends the processed authorization password to the first terminal;
specifically, the access mode of the smart card and the first terminal may be a non-contact mode or a contact mode. Among them, a non-contact access terminal is preferable, which has higher security and prevents information from being acquired, compared with a contact access terminal.
The preset password generation strategy can be pre-stored or updated regularly, and the generation rule of the authorized password can be reduced from being cracked;
of course, the password generation policy may include a password generation algorithm and input parameters, where the password generation algorithm may be various, and the input parameters may be some real-time information as input parameters required for generating the authorized password, such as time information or random numbers, to ensure the diversity of the authorized password generation.
In addition, the password generation strategy can also be random generation, for example, the smart card randomly generates numbers, letters and/or symbols, and selects one or more combinations from the numbers, the letters and the symbols to generate the authorization password, so that the non-uniqueness and the randomness of the authorization password can be ensured, and the security of the authorization password can be improved.
In addition, the step of generating the processed authorized password by the smart card according to the preset password processing policy comprises any one of the following modes:
the first method is as follows: if the preset password processing strategy is to encrypt the authorized password, acquiring an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, and encrypting the authorized password according to the encryption algorithm to obtain a processed authorized password;
the second method comprises the following steps: if the preset password processing strategy is to add random numbers in the authorized password, acquiring the random numbers according to the preset random number generation strategy, and acquiring a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; processing the authorization password according to the acquired random number and the random number combination strategy to obtain a processed authorization password, and informing the background system server of the random number and the random number combination strategy used by the processed authorization password;
the third method comprises the following steps: if the preset password processing strategy is to increase a random number and encrypt the authorized password after the random number is increased, generating a strategy according to the preset random number to obtain the random number, and obtaining a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; combining the random number and the authorized password according to the obtained random number and random number combination strategy, then obtaining an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, encrypting the combined authorized password according to the encryption algorithm to obtain a processed authorized password, and informing a background system server of the random number and random number combination strategy used by the processed authorized password;
the method is as follows: if the preset password processing strategy is to encrypt the authorized password and add random numbers in the encrypted authorized password, acquiring an encryption algorithm corresponding to the randomly added authorized password according to a distribution strategy of a prestored encryption algorithm, encrypting the encrypted authorized password according to the encryption algorithm, generating a strategy according to the preset random numbers, acquiring the random numbers, and acquiring a random number combination strategy corresponding to the encrypted authorized password according to the preset random number combination strategy; and combining the encrypted authorization password according to the acquired random number and random number combination strategy to obtain a processed authorization password, and informing the background system server of the random number and random number combination strategy used by the processed authorization password.
The encryption algorithm adopted in the four ways may be a reversible encryption algorithm, or may use an irreversible encryption algorithm, such as performing digest calculation on an authorized password or a combined password, where the digest calculation way may include one or a combination of the following: the hash value calculated by the hash algorithm, the MAC value calculated by the MAC algorithm, and the ciphertext itself obtained by symmetric encryption.
The following embodiments are described in the following paragraphs:
the first mode is different from the conventional encryption algorithm, the used encryption algorithm can be different every time, the randomness of the encryption algorithm is increased, the encryption effect is better, and the possibility of cracking the encryption algorithm is reduced.
In the second mode, random numbers are added to the authorized password, and if a cracker cannot know the random number corresponding to the authorized password and the random number combination strategy, the authorized password cannot be cracked, so that the transmission safety of the authorized password is improved; in addition, the processing principle of the authorized password content can be different every time, so that the diversity of content processing modes is improved, the randomness of the processing modes is increased, and the possibility of cracking the content processing modes is reduced.
The third mode and the fourth mode are both optimized schemes of the first mode and the second mode, and the safety is higher than that of the first two modes.
In the second method, the authorized password is 123456, the generated random number is 789, the random number combination policy is to add a random number to the last bit of the authorized password, and the adjusted authorized password is 123456789.
In order to ensure that the background system server can obtain the most original authorization code during subsequent verification, the background system server needs to be informed of the authorization code used by the smart card and the random number combination strategy.
Of course, the random number combining strategy can be various, such as adding a random number to every other bit in the authorized password.
Of course, the processing policy of the authorized password may also be as follows:
when the length of the authorized password reaches a certain preset threshold value, deleting the information of one or more positions in the authorized password according to the obtained deletion strategy, and taking the rest authorized passwords after the deletion operation as processed authorized passwords; or,
when the length of the authorized password reaches a certain preset threshold value, selecting corresponding position information in the authorized password to form a new authorized password according to the position information set in the acquired selection strategy, and taking the new authorized password generated by combination as the processed authorized password;
and acquiring a calculation expression from a plurality of calculation expressions which are pre-stored locally, calculating the authorized password as an input parameter of the calculation expression, and taking the calculation result as the processed authorized password.
Of course, in all the above manners, the background system server needs to be notified of the policy that the smart card needs to use when processing the authorized password.
Due to the randomness of the random number, the randomness of the information after the combination of the authorized password and the random number can be improved, and replay attack can be prevented.
Step S103, after the first terminal obtains the processed authorized password, if the smart card detects that the smart card is disconnected from the first terminal, the smart card outputs prompt information of the authorized password;
specifically, the prompt message of the authorization password output by the smart card may be directly displaying the authorization password; or, the bar code information of the authorized password; or the signal can be sent out in a non-contact mode;
the prompt message may be "establish communication connection with the terminal," or "enter the following content" XXXXXX "at the terminal," where "XXXXXX" is an authorization password, or "ask the electronic signature token to scan the picture Y," where Y is barcode information.
Optionally, in order to ensure that the authorization code is controlled to be output within a limited range and prevented from being read by others, the smart card further includes before outputting the authorization code information:
according to a preset identity authentication strategy, performing identity authentication on a requester who requests to output an authorized password;
and if the authentication is successful, outputting prompt information of the authorized password.
The authentication mode can access the password information of the smart card, or a special identity authentication mechanism.
Step S104, after the first terminal obtains the processed authorization code, the first terminal sends the operation request information and the processed authorization code to a background system server;
specifically, the background system server may be a bank background system server or a third-party server, and the third-party server is a server based on a non-bank system, such as a server based on a public transportation system for charging and deducting a bus card.
Step S105, after obtaining the operation request information and the processed authorization password, the background system server sends the operation request information to the second terminal;
specifically, the second terminal may be: a fixed terminal, which may include an ATM, a PC, a POS, etc., or a mobile terminal, which may include: mobile phones, tablet computers, handheld POS machines, etc.
Step S106, after the second terminal acquires the operation request information, the operation request information is sent to the electronic signature token;
specifically, the electronic signature token may be an existing signing device such as a U shield or a U key, and may include a security chip that performs digital signature using a key.
Step S107, after the electronic signature token acquires the operation request information, displaying according to the operation request information, receiving a confirmation instruction after the user confirms that the operation request information is correct, generating a signature message according to the operation request information after receiving the confirmation instruction, and sending the signature message to a second terminal;
specifically, the electronic signature token may display the content of the transaction according to the operation request information, the user presses a confirmation key set on the electronic signature token after confirming that the transaction is correct, and the electronic signature token generates a signature message according to the operation request information after receiving the confirmation instruction and sends the signature message to the second terminal.
Step S108, after the second terminal acquires the signature message, receiving an authorized password corresponding to the prompt message, taking the acquired authorized password corresponding to the prompt message as a password to be verified, and sending the signature message and the password to be verified to the background system server;
specifically, after the second terminal obtains the signature message, the second terminal may detect an input device provided on the second terminal, and if the input of the information is detected, obtain an authorization password corresponding to the prompt information according to a detection result.
For example: when the prompt message of the authorization password output by the smart card is directly displayed, the smart card holder can inform the electronic signature token holder of the authorization password, and the electronic signature token holder inputs the authorization password into the second terminal; or when the authorized password is the bar code information, the smart card holder can scan the content displayed by the smart card through the second terminal so as to enable the second terminal to obtain the authorized password; or the smart card holder sends the authorization code to the second terminal in a non-contact mode so that the second terminal can obtain the authorization code.
In this embodiment, it is preferable that the authorization code is directly displayed, and the smart card holder can notify the holder of the electronic signature token of the authorization code, so as to prevent the smart card and the electronic signature token from being stored by one person and causing loss.
Step S109, after receiving the signature message and the password to be verified, the background system server verifies the password to be verified and the signature message, and after the password to be verified and the signature message are both verified, triggers a flow of responding to the operation request.
Specifically, the background system server verifies the password to be verified according to the processed authorized password, verifies the signature message according to the operation request information, and triggers a flow for responding the operation request only after the background system server performs double verification on the authorized password and the signature message, so that unsafe hidden dangers caused by transmission of important data such as signature data through a network are prevented, the situation that the information of the smart card is stolen and swiped by others is also prevented, and the transaction safety of the smart card is ensured.
In addition, the background system server needs to acquire the same password processing policy as that adopted by the smart card to verify the correctness of the authorized password.
According to the technical scheme provided by the invention, the interaction of data (such as operation request information of a user) required by transaction is completed through one-time access of the intelligent card and the first terminal, so that the risk of intercepting important information caused by multiple accesses is reduced, and the safety is improved; meanwhile, after the smart card holder finishes the card swiping operation, the transaction can be realized only after the user who holds the electronic signature token carries out signature, and the security of the transaction by adopting the smart card is ensured.
The authorization password can be one or more combinations of numbers, letters and characters randomly generated in each transaction, and different from the existing transaction password and OTP which are transmitted according to a ciphertext, the second terminal can directly acquire the plaintext of the authorization password, and the security of an account in the transaction process cannot be reduced.
The invention generates the authorization password by the intelligent card and carries out encryption transmission on the authorization password, thereby ensuring the safety of transmitting the authorization password to the background system server and the accuracy of verifying the authorization password by the background system server.
To facilitate a clear understanding of the present disclosure by those skilled in the art, a specific scenario is described below:
in the scene, the background system server is a bank background system server, the first terminal is a POS machine, and the second terminal is a PC machine.
At the moment, after the POS machine detects the payment request of the user, the POS machine sends the transaction message to the smart card of the user;
the smart card encrypts the locally generated authorization password and sends the encrypted authorization password to the POS machine; after the POS machine obtains the encrypted authorization password, if the smart card detects that the smart card is disconnected from the POS machine, outputting prompt information of the authorization password;
after the POS machine obtains the encrypted authorization code, the encrypted authorization code is sent to a bank background system server; the bank background system server sends a payment request of a user to the PC through a network, the PC sends the payment request to the electronic signature token, the electronic signature token signs the payment request or extracts part of information in the payment request, the signature message is sent to the PC, the PC prompts to input an authorization password, receives the authorization password input by the user, sends the authorization password and the signature message to the bank background system server as a password to be verified, and the bank background system server executes payment after the signature message and the authorization password are verified.
As can be seen from the above, the operation is a daily card swiping payment behavior, but the payment can be realized only by confirming and signing the payment by the electronic signature token, so that the security of the payment of the smart card is ensured.
Fig. 2 is a schematic structural diagram of a system for processing an operation request according to the present invention. Since the system for processing the operation request provided by the present invention corresponds to the above method flow, detailed descriptions of the following five components are omitted.
Referring to fig. 2, the system for processing operation request provided by the present invention includes: a first terminal 101, a smart card 102, a second terminal 103, an electronic signature token 104 and a backend system server 105. Wherein:
the first terminal 101 sends operation request information of the user to the smart card 102 after detecting an operation request of the user, and sends the operation request information and the processed authorization password to the background system server 105 after obtaining the processed authorization password;
after obtaining the operation request information output by the first terminal 101, the smart card 102 generates an authorization password according to a preset password generation strategy, after obtaining the authorization password, generates a processed authorization password according to a preset password processing strategy, and sends the processed authorization password to the first terminal 101, and after obtaining the processed authorization password, if the smart card 102 detects that the smart card is disconnected from the first terminal 101, the smart card 102 outputs prompt information of the authorization password;
the second terminal 103 sends the operation request information to the electronic signature token 104 after acquiring the operation request information, receives the authorization password corresponding to the prompt information after acquiring the signature message, takes the acquired authorization password corresponding to the prompt information as a password to be verified, and sends the signature message and the password to be verified to the background system server 105;
after the electronic signature token 104 acquires the operation request information, displaying according to the operation request information, receiving a confirmation instruction after the user confirms that the operation request information is correct, generating a signature message according to the operation request information after receiving the confirmation instruction, and sending the signature message to the second terminal 103;
the background system server 105 acquires the operation request information and the processed authorization password, then sends the operation request information to the second terminal 103, verifies the password to be verified and the signature message after receiving the signature message and the password to be verified, and triggers a flow of responding to the operation request after verifying that both the password to be verified and the signature message pass.
Of course, in accordance with the method, the smart card 102 of the present invention may generate the processed authorization code by any one of the following methods:
the first method is as follows: if the preset password processing strategy is to encrypt the authorized password, the smart card 102 acquires an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, and encrypts the authorized password according to the encryption algorithm to obtain a processed authorized password;
the second method comprises the following steps: if the preset password processing strategy is to add a random number in the authorized password, the smart card 102 acquires the random number according to the preset random number generation strategy and acquires a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; processing the authorization code according to the acquired random number and the random number combination strategy to obtain a processed authorization code, and informing the background system server 105 of the random number and the random number combination strategy used by the processed authorization code;
the third method comprises the following steps: if the preset password processing strategy is to increase a random number and encrypt the authorized password after the random number is increased, the smart card 102 acquires the random number according to the preset random number generation strategy and acquires a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; combining the random number and the authorized password according to the obtained random number and random number combination strategy, obtaining an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, encrypting the combined authorized password according to the encryption algorithm to obtain a processed authorized password, and informing the background system server 105 of the random number and random number combination strategy used by the processed authorized password;
the method is as follows: if the preset password processing strategy is to encrypt the authorized password and add random numbers in the encrypted authorized password, the smart card 102 acquires an encryption algorithm corresponding to the randomly added authorized password according to a pre-stored distribution strategy of the encryption algorithm, encrypts the encrypted authorized password according to the encryption algorithm, acquires a random number according to a preset random number generation strategy, and acquires a random number combination strategy corresponding to the encrypted authorized password according to a preset random number combination strategy; and combining the encrypted authorization code according to the acquired random number and random number combination strategy to obtain a processed authorization code, and informing the background system server 105 of the random number and random number combination strategy used by the processed authorization code.
The background system server 105 verifies the password to be verified according to the processed authorized password, and verifies the signature message according to the operation request information.
The second terminal 103 further detects an input device arranged on the second terminal 103, and if the input of the information is detected, obtains an authorized password corresponding to the prompt information according to a detection result.
The smart card 102 also performs identity authentication on a requester who requests to output an authorized password according to a preset identity authentication policy, and outputs prompt information of the authorized password if the authentication is successful.
Of course, if the smart card of the present invention is a smart card with an electronic signature function, the smart card may include a card chip containing user account information and a security chip digitally signed with a key, or an integrated chip having the functions of the above two chips. At this time, the electronic signature token may be replaced with a smart card with an electronic signature function.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a form of hardware or a form of a software functional module. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made in the above embodiments by those of ordinary skill in the art without departing from the principle and spirit of the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (10)
1. A method of processing an operation request, the method comprising:
the method comprises the steps that after an operation request of a user is detected, a first terminal sends operation request information of the user to an intelligent card;
the smart card generates an authorization password according to a preset password generation strategy after acquiring operation request information output by the first terminal, generates a processed authorization password according to a preset password processing strategy after acquiring the authorization password, and sends the processed authorization password to the first terminal;
after the first terminal acquires the processed authorized password, if the smart card detects that the smart card is disconnected from the first terminal, the smart card outputs prompt information of the authorized password;
after the first terminal obtains the processed authorization code, the first terminal sends the operation request information and the processed authorization code to a background system server;
the background system server acquires the operation request information and the processed authorization password and then sends the operation request information to a second terminal;
after the second terminal acquires the operation request information, the operation request information is sent to an electronic signature token;
the electronic signature token is displayed according to the operation request information after acquiring the operation request information, receives a confirmation instruction after a user confirms that the operation request information is correct, generates a signature message according to the operation request information after receiving the confirmation instruction, and sends the signature message to the second terminal;
after the second terminal acquires the signature message, receiving an authorized password corresponding to the prompt message, taking the acquired authorized password corresponding to the prompt message as a password to be verified, and sending the signature message and the password to be verified to the background system server;
and after receiving the signature message and the password to be verified, the background system server verifies the password to be verified and the signature message, and triggers a flow for responding to the operation request after verifying that both the password to be verified and the signature message pass.
2. The method of claim 1, wherein the step of generating the processed authorized password according to the preset password processing policy comprises any one of the following manners:
the first method is as follows: if the preset password processing strategy is to encrypt the authorized password, acquiring an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, and encrypting the authorized password according to the encryption algorithm to obtain the processed authorized password;
the second method comprises the following steps: if the preset password processing strategy is to add random numbers in the authorized password, acquiring the random numbers according to the preset random number generation strategy, and acquiring a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; processing the authorization password according to the obtained random number and random number combination strategy to obtain a processed authorization password, and informing the background system server of the random number and random number combination strategy used by the processed authorization password;
the third method comprises the following steps: if the preset password processing strategy is to increase a random number and encrypt the authorized password after the random number is increased, generating a strategy according to the preset random number to obtain the random number, and obtaining a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; combining the random number and the authorized password according to the obtained random number and random number combination strategy, then obtaining an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, encrypting the combined authorized password according to the encryption algorithm to obtain a processed authorized password, and informing the background system server of the random number and random number combination strategy used by the processed authorized password;
the method is as follows: if the preset password processing strategy is to encrypt the authorized password and add random numbers in the encrypted authorized password, acquiring an encryption algorithm corresponding to the randomly added authorized password according to a distribution strategy of a prestored encryption algorithm, encrypting the encrypted authorized password according to the encryption algorithm, generating a strategy according to the preset random numbers, acquiring the random numbers, and acquiring a random number combination strategy corresponding to the encrypted authorized password according to the preset random number combination strategy; and combining the encrypted authorization code according to the obtained random number and the random number combination strategy to obtain a processed authorization code, and informing the background system server of the random number and the random number combination strategy used by the processed authorization code.
3. The method according to claim 1 or 2, wherein the step of verifying the password to be verified and the signature message by the background system server comprises:
and the background system server verifies the password to be verified according to the processed authorized password and verifies the signature message according to the operation request information.
4. The method according to claim 1, wherein the step of receiving, by the second terminal, the authorized password corresponding to the prompt message after acquiring the signature packet comprises:
and after the second terminal acquires the signature message, detecting input equipment arranged on the second terminal, and if information input is detected, acquiring an authorization password corresponding to the prompt message according to a detection result.
5. The method of claim 1, wherein the step of outputting the authorization code prompt message by the smart card further comprises:
according to a preset identity authentication strategy, performing identity authentication on a requester who requests to output an authorized password;
and if the authentication is successful, outputting prompt information of the authorized password.
6. A system for processing an operation request, the system comprising a first terminal, a smart card, a second terminal, an electronic signature token, and a backend system server, wherein:
the first terminal sends operation request information of a user to the smart card after detecting an operation request of the user, and sends the operation request information and the processed authorization password to the background system server after acquiring the processed authorization password;
after the smart card acquires operation request information output by the first terminal, generating an authorized password according to a preset password generation strategy, after the authorized password is acquired, generating a processed authorized password according to a preset password processing strategy, and sending the processed authorized password to the first terminal, and after the first terminal acquires the processed authorized password, if the smart card detects that the smart card is disconnected from the first terminal, outputting prompt information of the authorized password by the smart card;
the second terminal sends the operation request information to the electronic signature token after acquiring the operation request information, receives an authorized password corresponding to the prompt information after acquiring the signature message, takes the authorized password corresponding to the prompt information as a password to be verified, and sends the signature message and the password to be verified to the background system server;
the electronic signature token is displayed according to the operation request information after acquiring the operation request information, receives a confirmation instruction after a user confirms that the operation request information is correct, generates a signature message according to the operation request information after receiving the confirmation instruction, and sends the signature message to the second terminal;
the background system server acquires the operation request information and the processed authorization password, then sends the operation request information to a second terminal, verifies the password to be verified and the signature message after receiving the signature message and the password to be verified, and triggers a flow for responding to the operation request after verifying that both the password to be verified and the signature message pass.
7. The system of claim 6, wherein the smart card generates the processed authorization code by any one of:
the first method is as follows: if the preset password processing strategy is to encrypt the authorized password, the smart card acquires an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, and encrypts the authorized password according to the encryption algorithm to obtain the processed authorized password;
the second method comprises the following steps: if the preset password processing strategy is to add random numbers in the authorized password, the smart card generates a strategy according to the preset random numbers to obtain the random numbers, and obtains a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; processing the authorization password according to the obtained random number and random number combination strategy to obtain a processed authorization password, and informing the background system server of the random number and random number combination strategy used by the processed authorization password;
the third method comprises the following steps: if the preset password processing strategy is to increase a random number and encrypt the authorized password after the random number is increased, the smart card generates a strategy according to the preset random number to obtain the random number, and obtains a random number combination strategy corresponding to the authorized password according to the preset random number combination strategy; combining the random number and the authorized password according to the obtained random number and random number combination strategy, then obtaining an encryption algorithm corresponding to the authorized password according to a pre-stored distribution strategy of the encryption algorithm, encrypting the combined authorized password according to the encryption algorithm to obtain a processed authorized password, and informing the background system server of the random number and random number combination strategy used by the processed authorized password;
the method is as follows: if the preset password processing strategy is to encrypt the authorized password and add random numbers in the encrypted authorized password, the smart card acquires an encryption algorithm corresponding to the randomly added authorized password according to a distribution strategy of a pre-stored encryption algorithm, encrypts the encrypted authorized password according to the encryption algorithm, acquires a random number according to a preset random number generation strategy, and acquires a random number combination strategy corresponding to the encrypted authorized password according to a preset random number combination strategy; and combining the encrypted authorization code according to the obtained random number and the random number combination strategy to obtain a processed authorization code, and informing the background system server of the random number and the random number combination strategy used by the processed authorization code.
8. The system according to claim 6 or 7, wherein the step of the background system server verifying the password to be verified and the signature message comprises:
and the background system server verifies the password to be verified according to the processed authorized password and verifies the signature message according to the operation request information.
9. The system according to claim 6, wherein the second terminal further detects an input device provided on the second terminal, and if information input is detected, obtains an authorized password corresponding to the prompt information according to a detection result.
10. The system of claim 6, wherein the smart card further performs authentication on the requester who requests to output the authorization code according to a preset authentication policy, and outputs a prompt message of the authorization code if the authentication is successful.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310219444.XA CN103366278B (en) | 2013-06-04 | 2013-06-04 | Process the method and system of operation requests |
| PCT/CN2014/076259 WO2014194730A1 (en) | 2013-06-04 | 2014-04-25 | Method and system for processing operation request |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310219444.XA CN103366278B (en) | 2013-06-04 | 2013-06-04 | Process the method and system of operation requests |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103366278A CN103366278A (en) | 2013-10-23 |
| CN103366278B true CN103366278B (en) | 2016-11-23 |
Family
ID=49367566
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310219444.XA Active CN103366278B (en) | 2013-06-04 | 2013-06-04 | Process the method and system of operation requests |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103366278B (en) |
| WO (1) | WO2014194730A1 (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103366278B (en) * | 2013-06-04 | 2016-11-23 | 天地融科技股份有限公司 | Process the method and system of operation requests |
| CN103944726B (en) * | 2014-04-25 | 2018-05-29 | 天地融科技股份有限公司 | Operation requests processing system |
| CN107346383B (en) * | 2016-09-09 | 2019-12-10 | 天地融科技股份有限公司 | authorization method and system |
| CN106533695B (en) * | 2016-11-15 | 2019-10-25 | 北京华大智宝电子系统有限公司 | A kind of safety certifying method and equipment |
| CN107959552B (en) * | 2017-10-27 | 2023-08-22 | 浙江浙大网新众合轨道交通工程有限公司 | Method and system for realizing request confirmation operation in single channel |
| CN107944234B (en) * | 2017-11-20 | 2021-07-16 | 上海闻泰电子科技有限公司 | Machine refreshing control method for Android equipment |
| CN108600218B (en) * | 2018-04-23 | 2020-12-29 | 捷德(中国)科技有限公司 | Remote authorization system and remote authorization method |
| CN112583588B (en) * | 2020-12-08 | 2022-06-21 | 四川虹微技术有限公司 | Communication method and device and readable storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1798026B (en) * | 2004-12-27 | 2010-08-25 | 北京天地融科技有限公司 | Method for enhancing security of electronic signature tool in use for computer |
| CN102780674A (en) * | 2011-05-09 | 2012-11-14 | 同方股份有限公司 | Method and system for processing network service by utilizing multifactor authentication method |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101178802A (en) * | 2006-11-08 | 2008-05-14 | 李东声 | Dynamic password realization method in network bank trading and electronic signing device |
| CN101652782B (en) * | 2007-04-05 | 2014-04-02 | 英特尔移动通信有限责任公司 | Communication terminal device, communication device, electronic card, method for a communication terminal device and method for a communication device for providing a verification |
| JP2008262321A (en) * | 2007-04-11 | 2008-10-30 | Sony Corp | Information processing method, terminal device and electronic money notification device |
| CN101374049B (en) * | 2008-10-24 | 2010-10-06 | 北京飞天诚信科技有限公司 | Method and system for improving signature safety |
| CN101651675B (en) * | 2009-08-27 | 2015-09-23 | 飞天诚信科技股份有限公司 | By the method and system that authentication code is verified client |
| JP5630245B2 (en) * | 2010-11-30 | 2014-11-26 | 日本電気株式会社 | Accreditation information verification apparatus, accreditation information verification program, accreditation information verification system, and accreditation information verification method |
| CN102118251B (en) * | 2011-01-24 | 2013-01-02 | 郑州信大捷安信息技术股份有限公司 | Security authentication method for internet banking remote payment based on multi-interface intelligent safety card |
| CN202918499U (en) * | 2012-11-22 | 2013-05-01 | 天地融科技股份有限公司 | Electronic signing device |
| CN103116847B (en) * | 2013-02-06 | 2019-06-25 | 天地融科技股份有限公司 | Smart card, intelligent card transaction system and method with electronic signature functionality |
| CN103366278B (en) * | 2013-06-04 | 2016-11-23 | 天地融科技股份有限公司 | Process the method and system of operation requests |
-
2013
- 2013-06-04 CN CN201310219444.XA patent/CN103366278B/en active Active
-
2014
- 2014-04-25 WO PCT/CN2014/076259 patent/WO2014194730A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1798026B (en) * | 2004-12-27 | 2010-08-25 | 北京天地融科技有限公司 | Method for enhancing security of electronic signature tool in use for computer |
| CN102780674A (en) * | 2011-05-09 | 2012-11-14 | 同方股份有限公司 | Method and system for processing network service by utilizing multifactor authentication method |
Non-Patent Citations (1)
| Title |
|---|
| 中国金融集成电路(IC)卡规范 第2部分:电子钱包/电子存折应用规范;中国人民银行;《中华人民共和国金融行业标准》;20100430;第13,20,22-24页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103366278A (en) | 2013-10-23 |
| WO2014194730A1 (en) | 2014-12-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103366278B (en) | Process the method and system of operation requests | |
| CN112805967B (en) | System and method for password authentication of contactless card | |
| CN103220281B (en) | A kind of information processing method and system | |
| CN103208151B (en) | Process the method and system of operation requests | |
| TWI497336B (en) | Data security devices and computer program | |
| US8251286B2 (en) | System and method for conducting secure PIN debit transactions | |
| US8132244B2 (en) | Mobile smartcard based authentication | |
| CN113474803A (en) | Steganographic image encoding of biometric template information on a card | |
| JP2004506361A (en) | Entity authentication in electronic communication by providing device verification status | |
| CN105827656B (en) | Identity identifying method and device based on NFC payment | |
| CN115004208A (en) | Generating barcodes using cryptographic techniques | |
| CN112639856A (en) | System and method for password authentication of contactless cards | |
| US20120095919A1 (en) | Systems and methods for authenticating aspects of an online transaction using a secure peripheral device having a message display and/or user input | |
| KR20120108599A (en) | Credit card payment service using online credit card payment device | |
| CN106027461B (en) | A kind of method that authentication ids system medium cloud authentication platform uses key | |
| JP2015088080A (en) | Authentication system, authentication method, and program | |
| CN103198401B (en) | There is smart card method of commerce and the system of electronic signature functionality | |
| US20240135764A1 (en) | Token based secure access to a locker system | |
| CN104639542A (en) | Method and system for obtaining identity card information | |
| CN106027252A (en) | Cloud authentication platform in identity card authentication system | |
| CN112639785A (en) | System and method for signaling potential attacks on contactless cards | |
| CN113595714A (en) | Contactless card with multiple rotating security keys | |
| CN104471892A (en) | User access control based on a graphical signature | |
| CN203338403U (en) | Intelligent card transaction system with an electronic signature function | |
| CN105405010B (en) | Transaction device, transaction system using the same and transaction method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |