CN103440444B - The signing method of electronic contract - Google Patents

The signing method of electronic contract Download PDF

Info

Publication number
CN103440444B
CN103440444B CN201310310961.8A CN201310310961A CN103440444B CN 103440444 B CN103440444 B CN 103440444B CN 201310310961 A CN201310310961 A CN 201310310961A CN 103440444 B CN103440444 B CN 103440444B
Authority
CN
China
Prior art keywords
contract
parties
initiator
ca center
electronic
Prior art date
Application number
CN201310310961.8A
Other languages
Chinese (zh)
Other versions
CN103440444A (en
Inventor
邵宇
李刚
汪长洪
苏杰
Original Assignee
深圳市亚略特生物识别科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市亚略特生物识别科技有限公司 filed Critical 深圳市亚略特生物识别科技有限公司
Priority to CN201310310961.8A priority Critical patent/CN103440444B/en
Publication of CN103440444A publication Critical patent/CN103440444A/en
Application granted granted Critical
Publication of CN103440444B publication Critical patent/CN103440444B/en

Links

Abstract

The present invention relates to a kind of signing method of electronic contract, it comprises: parties of contract is at CA center fingerprint register and generate E-seal; CA center generates a pair public and private key, generates digital certificate by PKI and account; Initiator gathers fingerprint characteristic, and carries out digital signature with private key to electronic contract, fingerprint characteristic and contract responder accounts information; CA center by the information of public key decryptions through digital signature, by the identity of fingerprint authentication initiator; CA center PKI gives each contract responder to electronic contract encrypting and transmitting; Each contract responder receives and with respective private key decrypt electronic contract, and demonstration validation treaty content; Each contract responder carries out digital signature with private key to electronic contract; CA receive centre also implants E-seal with public key decryptions after the electronic contract of digital signature, and sends to parties of contract.The present invention adopts CA center certification and in conjunction with digital signature and fingerprint identification technology, improves security and the confidentiality of electron contract and transmission.

Description

The signing method of electronic contract

Technical field

The present invention relates to e-commerce field, particularly relate to a kind of signing method of the electronic contract based on digital certificate and fingerprint identification technology.

Background technology

Current electronic contract is normally signed by the mode of electronic data interchange and Email.This method operates more loaded down with trivial details, owing to confirming at it electronic contract and not being encrypted in transmitting procedure, electronic contract is easily illegally intercepted or is revised, contract parties's secret of the trade and transaction security are constituted a threat to, and security management and control is also lacked to the signing process of electronic contract.

Chinese patent application CN201310076065.X discloses the method and system that a kind of electronic contract is concluded online, comprising: receive electronic contract essential information; Party A confirms electronic contract essential information; Generate electronic contract; After Party B confirms electronic contract essential information, the communicating terminal of specifying respectively to both Parties sends identifying code of signing a contract; Receive the identifying code of signing a contract that both sides reply respectively, complete both sides' electronic contract and affix one's seal; The receiving terminal that the electronic contract of both sides being affixed one's seal sends to both sides to specify respectively.Adopt in this way, both in transmission and generation process, confidential treatment was not carried out to electronic contract, also do not confirm the legal identity of contract signatory, existing to go beyond one's commission or pretend to be and reply identifying code and sign the possibility of electronic contract, there is the hidden danger of safety and privacy in e-contracting process.

Summary of the invention

Technical matters solved by the invention is to provide a kind of signing method of electronic contract, avoids other people to pretend to be or go beyond one's commission concluding electronic contract and the illegal information intercepting and revise the interior perhaps generation process of electronic contract.

For solving the problems of the technologies described above, the present invention adopts following scheme:

A signing method for electronic contract, it is characterized in that, it comprises step:

A: parties of contract, in the registration of CA center, gathers user profile and fingerprint template, generates user account and E-seal;

B: described CA center generates a pair public and private key, generates digital certificate by described PKI and described account, and provides respective account, private key and digital certificate to described parties of contract;

C: electronic contract initiator gathers fingerprint characteristic, and with private key, digital signature is carried out to electron contract request msg, and being sent to described CA center, described electron contract request msg comprises described electronic contract, fingerprint characteristic and contract responder accounts information;

D: described CA center, by the information of described public key decryptions through digital signature, obtains the electron contract request msg of initiator, and compared by the fingerprint template of described fingerprint characteristic and described initiator, verify the identity of described initiator;

E: when initiator's authentication is passed through, the described PKI in described CA center gives each contract responder to described electronic contract encrypting and transmitting, otherwise described CA center sends authentication failure information to described initiator;

F: described each contract responder receives and deciphers encrypted electronic contract with respective private key, and demonstration validation electronic contract content;

G: when demonstration validation electronic contract content is passed through, described each contract responder carries out digital signature with respective private key to electronic contract, and sends described CA center to, otherwise described CA center sends electronic contract content false information to described initiator;

H: described CA receive centre also, with public key decryptions after the electronic contract of described each contract responder digital signature, described electronic contract is implanted the E-seal of described parties of contract, and is sent to described parties of contract.

Preferably, described electron contract request msg also comprises the electron contract term of validity, before H step, also comprise step: described CA central authentication confirms that the time of the electronic contract through digital signature receiving described each contract responder is all in the described electron contract term of validity, otherwise described CA center sends electron contract to described initiator exceeds the time limit information.

Preferably, described CA center and described parties of contract all gather fingerprint image and the feature that therefrom takes the fingerprint by fingerprint characteristic harvester.

Preferably, private key and the digital certificate of the described parties of contract generated in step B are provided to described parties of contract accordingly by USBKey equipment.

Preferably, the PIN code of described USBKey equipment is set to the fingerprint template in steps A.

Preferably, after described step H, also comprise step: described CA center generates electron contract daily record, and sends to described parties of contract.

Preferably, in step D, when verifying the identity of described initiator, the fingerprint template of described fingerprint characteristic and described initiator is compared, and as both similarities exceed reservation threshold, then the authentication of described initiator is passed through, otherwise does not pass through for authentication.

Preferably, in stepb, described private key and digital certificate log in the acquisition of described CA central server web download by described parties of contract at user terminal.

Preferably, described CA center comprises a cipher code generator, generates a pair public and private key.

Preferably, in step, described parties of contract be company or organization time, gather the fingerprint characteristic of its legal representative and generate fingerprint template.

The invention has the beneficial effects as follows a kind of signing method that electronic contract is provided, adopt CA center certification in conjunction with digital signature and fingerprint identification technology, confirm to sign a contract the legal identity of each side, and digital signature encryption is carried out to the content of electronic contract, improve security and the confidentiality of the process of electron contract and transmission, avoid other people to pretend to be or go beyond one's commission concluding electronic contract and the illegal information intercepting and revise the interior perhaps generation process of electronic contract.

Accompanying drawing explanation

Fig. 1 is the process flow diagram of the electron contract method of the embodiment of the present invention.

Embodiment

The invention provides a kind of signing method of electronic contract, for making object of the present invention, technical scheme and effect clearly, clearly, referring to accompanying drawing examples, the present invention is described in more detail.

Electron contract in the embodiment of the present invention can think two, also can be multiple.Before electron contract, each signing side can carry out deliberation by the concrete clause of mode to electronic contract such as fax, Emails and finally draft electronic contract content, so that follow-up electron contract process.

Fig. 1 is the process flow diagram of the electron contract method of the embodiment of the present invention, comprises step:.

A: parties of contract, in the registration of CA center, gathers user profile and fingerprint template, generates user account and E-seal;

Wherein, described CA center (CertificateAuthorityCenter) is authority, reliable, the just tripartite's authentication mechanism based on fingerprint identification technology, can confirm to close registration with the true identity of each side in electronic transaction and the real effectiveness of certificate information.Described parties of contract can go the log-in window at CA center to handle registration formality in person, and the server that also can log in CA center by user terminal network carries out network registry.

When registering at CA center, described parties of contract first sets respective CA center uniqueness account, there is provided the information such as scanned copy of the name of parties of contract, identification card number, address, telephone number and identity document, the authenticity of parties of contract's identity document and log-on message described in described CA central authentication and validity.As registered Fang Wei company, group or mechanism, the fingerprint characteristic of operation license and duplicating and collection legal representative need be provided and generate fingerprint template.Described CA center and electronic contract each side all gather fingerprint image and the feature that therefrom takes the fingerprint by fingerprint characteristic harvester.Described fingerprint acquisition device comprises the fingerprint sensor gathering fingerprint image.Like this, described parties of contract can gather fingerprint characteristic by described fingerprint acquisition device and generate the log-in password of fingerprint template as CA center.

B: described CA center generates a pair public and private key, generates digital certificate by described PKI and described account, and provides respective account, private key and digital certificate to described parties of contract;

Wherein, described CA center comprises a cipher code generator, generates a pair public and private key by RSA Algorithm.Described CA center described PKI and described account generate digital certificate.Described CA center provide face to face store respective private key and digital certificate physical storage medium give described parties of contract, described physical storage medium can be USB flash disk or SD card.

Certainly, private key described here and digital certificate also can log in CA central server web download by described parties of contract at user terminal and obtain, or the private key of described parties of contract and digital certificate pass through DES algorithm for encryption stored in different USBKey equipment, and provide accordingly to described parties of contract.Described USBKey equipment can be used by USB interface access at described user terminal, and its PIN code is set to the described fingerprint template in steps A.

C: electronic contract initiator gathers fingerprint characteristic, and with private key, digital signature is carried out to electron contract request msg, and being sent to described CA center, described electron contract request msg comprises described electronic contract, fingerprint characteristic and contract responder accounts information;

After the registration of the CA center of steps A and step B, described electronic contract each side just can pass through the electronic contract content that fax, Email or other electronics load modes confirm to draft, and by electronic contract either party as the initiator of electron contract, start the signing step of electronic contract.In an embodiment of the present invention, described CA center and parties of contract all realize communication by wired or wireless network.

Described parties of contract acquisition described private key and digital certificate after, by it stored in described user terminal.If the granting of described private key and digital certificate is undertaken by USBKey equipment releasing mode, then USBKey equipment is accessed described user terminal by USB interface, described parties of contract is by gathering fingerprint authentication PIN code and then can transferring respective private key.Because the electron contract request msg after electronic signature is in encrypted state, it is in transport process, can ensure that it is not illegally modified, intercept and decode, and ensure that security and the confidentiality of electronic contract content.

D: described CA center, by the information of described public key decryptions through digital signature, obtains the electron contract request msg of initiator, and compared by the fingerprint template of described fingerprint characteristic and described initiator, verify the identity of described initiator;

Wherein, the fingerprint characteristic of initiator and its fingerprint template when steps A is registered are compared by described CA center, and as both similarities exceed reservation threshold, then the authentication of described parties of contract is passed through, otherwise does not pass through for authentication.

Here, after the electron contract request msg that described CA receive centre arrives, the first-selected legal identity of deciphering and being verified described initiator by fingerprint characteristic, guarantee that the promoter of the signing of described electronic contract is the legal litigant of described electronic contract main body, effectively prevent other people and go beyond one's commission or pretend to be initiation to sign electronic contract request.

E: when initiator's authentication is passed through, the described PKI in described CA center gives each contract responder to described electronic contract encrypting and transmitting, otherwise described CA center sends authentication failure information to described initiator;

Here, only have initiator's authentication by time, described CA center just can be encrypted described electronic contract by des encryption algorithm with described PKI, and sends it to the contract responder that described electron contract request msg specifies.

F: described each contract responder receives and deciphers encrypted electronic contract with respective private key, and demonstration validation electronic contract content;

Here, described each contract responder mainly confirms that described electronic contract content is whether consistent with the prior electronic contract content drafted by electronic data, with the true sale wish guaranteeing that electronic contract content to be signed is parties of contract.

G: when demonstration validation electronic contract content is passed through, described each contract responder carries out digital signature with respective private key to electronic contract, and sends described CA center to, otherwise described CA center sends electronic contract content false information to described initiator;

Here, described each contract responder can directly call respective private key, or verifies that the authority of described private key is called in fingerprint characteristic acquisition PIN code and then acquisition by gathering.

H: described CA receive centre also, with public key decryptions after the electronic contract of described each contract responder digital signature, described electronic contract is implanted the E-seal of described parties of contract, and is sent to described parties of contract.

The final electronic contract implanting described parties of contract E-seal, can send to the user of described parties of contract by the mode such as server network or Email.Described parties of contract, after user terminal fingerprint authentication confirms legal identity, just can obtain the electronic contract implanting the electronic signature of described parties of contract.

On the basis of above-described embodiment, in the signing method of electronic contract provided by the invention, described electron contract request msg can further include the electron contract term of validity, before H step, also comprise step: described CA central authentication confirms that the time of the electronic contract through digital signature receiving described each contract responder is all in the described electron contract term of validity, otherwise described CA center sends electron contract to described initiator exceeds the time limit information.In order to make parties of contract understand electron contract process, also comprise step after described step H: described CA center generates electron contract daily record, and sends to described parties of contract.

In sum, the invention provides a kind of signing method of electronic contract, adopt CA center certification in conjunction with digital signature and fingerprint identification technology, confirm to sign a contract the legal identity of each side, and digital signature encryption is carried out to the content of electronic contract, improve security and the confidentiality of the process of electron contract and transmission.

Be understandable that, for those of ordinary skills, can be equal to according to technical scheme of the present invention and inventive concept thereof and replace or change, and all these change or replace the protection domain that all should belong to the claim appended by the present invention.

Claims (10)

1. a signing method for electronic contract, is characterized in that, comprise step:
A: parties of contract, in the registration of CA center, gathers user profile and fingerprint template, generates user account and E-seal;
B: described CA center generates a pair public and private key, generates digital certificate by described PKI and described account, and provides respective account, private key and digital certificate to described parties of contract;
C: electronic contract initiator gathers fingerprint characteristic, and with private key, digital signature is carried out to electron contract request msg, and being sent to described CA center, described electron contract request msg comprises described electronic contract, fingerprint characteristic and contract responder accounts information;
D: described CA center, by the information of described public key decryptions through digital signature, obtains the electron contract request msg of initiator, and compared by the fingerprint template of described fingerprint characteristic and described initiator, verify the identity of described initiator;
E: when initiator's authentication is passed through, the described PKI in described CA center gives each contract responder to described electronic contract encrypting and transmitting, otherwise described CA center sends authentication failure information to described initiator;
F: described each contract responder receives and deciphers encrypted electronic contract with respective private key, and demonstration validation electronic contract content;
G: when demonstration validation electronic contract content is passed through, described each contract responder carries out digital signature with respective private key to electronic contract, and sends described CA center to, otherwise described CA center sends electronic contract content false information to described initiator;
H: described CA receive centre also, with public key decryptions after the electronic contract of described each contract responder digital signature, described electronic contract is implanted the E-seal of described parties of contract, and is sent to described parties of contract.
2. the method for claim 1, it is characterized in that, described electron contract request msg also comprises the electron contract term of validity, before H step, also comprise step: described CA central authentication confirms that the time of the electronic contract through digital signature receiving described each contract responder is all in the described electron contract term of validity, otherwise described CA center sends electron contract to described initiator exceeds the time limit information.
3. the method for claim 1, is characterized in that, described CA center and described parties of contract all gather fingerprint image and the feature that therefrom takes the fingerprint by fingerprint characteristic harvester.
4. the method for claim 1, is characterized in that, private key and the digital certificate of the described parties of contract generated in step B are provided to described parties of contract accordingly by USBKey equipment.
5. method as claimed in claim 4, it is characterized in that, the PIN code of described USBKey equipment is set to the fingerprint template in steps A.
6. the method for claim 1, is characterized in that, also comprises step after described step H: described CA center generates electron contract daily record, and sends to described parties of contract.
7. the method for claim 1, it is characterized in that, in step D, when verifying the identity of described initiator, the fingerprint template of described fingerprint characteristic and described initiator is compared, as both similarities exceed reservation threshold, then the authentication of described initiator is passed through, otherwise does not pass through for authentication.
8. the method for claim 1, is characterized in that, in stepb, described private key and digital certificate log in described CA central server web download by described parties of contract at user terminal and obtain.
9. the method for claim 1, is characterized in that, described CA center comprises a cipher code generator, generates a pair public and private key.
10. the method for claim 1, is characterized in that, in step, described parties of contract be company or organization time, gather the fingerprint characteristic of its legal representative and generate fingerprint template.
CN201310310961.8A 2013-07-16 2013-07-16 The signing method of electronic contract CN103440444B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310310961.8A CN103440444B (en) 2013-07-16 2013-07-16 The signing method of electronic contract

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310310961.8A CN103440444B (en) 2013-07-16 2013-07-16 The signing method of electronic contract

Publications (2)

Publication Number Publication Date
CN103440444A CN103440444A (en) 2013-12-11
CN103440444B true CN103440444B (en) 2016-04-27

Family

ID=49694137

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310310961.8A CN103440444B (en) 2013-07-16 2013-07-16 The signing method of electronic contract

Country Status (1)

Country Link
CN (1) CN103440444B (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103778353B (en) * 2014-01-28 2016-09-14 福建伊时代信息科技股份有限公司 Signature method, device and the system of e-file
CN104065484B (en) * 2014-06-26 2018-01-09 江苏买卖网电子商务有限公司 A kind of electronic contract platform implementation method based on SDK short messages and digital signature
CN104732133B (en) * 2015-03-31 2018-05-11 努比亚技术有限公司 Electronic contract signs method and system
CN104954364A (en) * 2015-05-25 2015-09-30 收付宝科技有限公司 Electronic signature information pushing method and system
CN104851037A (en) * 2015-06-04 2015-08-19 中国电力科学研究院 Method for signing electronic contract at mobile terminal
CN105245342A (en) * 2015-09-14 2016-01-13 中合国际知识产权股份有限公司 Smart phone-based electronic contract signing method and system
CN105426773B (en) * 2015-11-03 2018-03-27 浙江律讯网络科技有限公司 Cloud contract generates system and method
CN105631248A (en) * 2015-12-10 2016-06-01 深圳先进技术研究院 Signing method, forging judgment method and tampering judgment method of electronic contract
CN106982190A (en) * 2016-01-18 2017-07-25 卓望数码技术(深圳)有限公司 A kind of electric endorsement method and system
CN107579827A (en) * 2017-06-06 2018-01-12 江苏慧世联网络科技有限公司 It is a kind of that method is signed based on the electronic document of trusted third party and facial recognition techniques
CN107844949A (en) * 2017-08-10 2018-03-27 深圳风豹互联网科技有限公司 Generation method, device, portable terminal device and the server of consumptive loan electronic contract
CN108416588A (en) * 2018-02-14 2018-08-17 北京三六五八网络科技有限公司 Data processing method and device for electronic transaction verification
CN108494559A (en) * 2018-03-12 2018-09-04 北京航空航天大学 A kind of electron contract method based on semi trusted third party
CN108595938B (en) * 2018-03-15 2020-08-25 兴业数字金融服务(上海)股份有限公司 Electronic contract application range expanding method and system based on structured control
CN108769012B (en) * 2018-05-29 2020-08-04 山东恒云信息科技有限公司 Method for independently authenticating bank electronic credit archive

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1858793A (en) * 2006-05-24 2006-11-08 孟繁波 Electronic contract managing system operation platform
CN101340285A (en) * 2007-07-05 2009-01-07 杭州中正生物认证技术有限公司 Method and system for identity authentication by finger print USBkey
CN102567802A (en) * 2011-12-23 2012-07-11 北京国富安电子商务安全认证有限公司 Method and device for signing of electronic contracts in security
CN102867261A (en) * 2012-08-24 2013-01-09 深圳市亚略特生物识别科技有限公司 Fingerprint digital certificate-based electronic contract signing method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100174650A1 (en) * 2007-04-19 2010-07-08 Aruze Corp. Electronic settlement system, electronic settlement server, negotiable-value providing apparatus, mobile communication terminal, and electronic settlement method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1858793A (en) * 2006-05-24 2006-11-08 孟繁波 Electronic contract managing system operation platform
CN101340285A (en) * 2007-07-05 2009-01-07 杭州中正生物认证技术有限公司 Method and system for identity authentication by finger print USBkey
CN102567802A (en) * 2011-12-23 2012-07-11 北京国富安电子商务安全认证有限公司 Method and device for signing of electronic contracts in security
CN102867261A (en) * 2012-08-24 2013-01-09 深圳市亚略特生物识别科技有限公司 Fingerprint digital certificate-based electronic contract signing method

Also Published As

Publication number Publication date
CN103440444A (en) 2013-12-11

Similar Documents

Publication Publication Date Title
Jiang et al. A privacy enhanced authentication scheme for telecare medical information systems
US20160323272A1 (en) Method using a single authentication device to authenticate a user to a service provider among a plurality of service providers and device for performing such a method
Chang et al. Untraceable dynamic‐identity‐based remote user authentication scheme with verifiable password update
CN105245340B (en) It is a kind of based on the identity identifying method remotely opened an account and system
RU2638741C2 (en) Method and user authentication system through mobile device with usage of certificates
US8549308B2 (en) Data certification method and system
US10003582B2 (en) Technologies for synchronizing and restoring reference templates
CN106104562B (en) System and method for securely storing and recovering confidential data
CN103124269B (en) Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment
CN101674304B (en) Network identity authentication system and method
TWI486045B (en) Method and system for on-screen authentication using secret visual message
US8737624B2 (en) Secure email communication system
US6073237A (en) Tamper resistant method and apparatus
CN102882847B (en) Secure digital (SD)-password-card-based secure communication method of Internet of things healthcare service system
JP2012044670A (en) User authentication method based on utilization of biometric identification techniques, and related architecture
CN103067401B (en) Method and system for key protection
CN106534097A (en) Block chain trading based authority control method and system
US8386647B2 (en) Method for time source calibration and system thereof
KR20160099922A (en) Method, apparatus and computer program for issuing user certificate and verifying user
US8724819B2 (en) Credential provisioning
TWI497336B (en) Data security devices and computer program
JP4776245B2 (en) Opinion registration application for universal pervasive transaction framework
CN101170407B (en) A method for securely generating secret key pair and transmitting public key or certificate application file
US8327134B2 (en) System, method and program product for checking revocation status of a biometric reference template
CN102664885B (en) Identity authentication method based on biological feature encryption and homomorphic algorithm

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
PE01 Entry into force of the registration of the contract for pledge of patent right
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: Method of signing electronic contract

Effective date of registration: 20180626

Granted publication date: 20160427

Pledgee: Bank of Jiangsu Limited by Share Ltd Shenzhen branch

Pledgor: Yaluete Biological Identification Science and Technology Co., Ltd., Shenzhen City

Registration number: 2018440020039

PC01 Cancellation of the registration of the contract for pledge of patent right
PC01 Cancellation of the registration of the contract for pledge of patent right

Date of cancellation: 20190724

Granted publication date: 20160427

Pledgee: Bank of Jiangsu Limited by Share Ltd Shenzhen branch

Pledgor: Yaluete Biological Identification Science and Technology Co., Ltd., Shenzhen City

Registration number: 2018440020039

PE01 Entry into force of the registration of the contract for pledge of patent right
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: Method of signing electronic contract

Effective date of registration: 20190729

Granted publication date: 20160427

Pledgee: Bank of Jiangsu Limited by Share Ltd Shenzhen branch

Pledgor: Yaluete Biological Identification Science and Technology Co., Ltd., Shenzhen City

Registration number: 2019440020062