CN103457728B - Security information interaction system, Apparatus and method for - Google Patents
Security information interaction system, Apparatus and method for Download PDFInfo
- Publication number
- CN103457728B CN103457728B CN201210175384.1A CN201210175384A CN103457728B CN 103457728 B CN103457728 B CN 103457728B CN 201210175384 A CN201210175384 A CN 201210175384A CN 103457728 B CN103457728 B CN 103457728B
- Authority
- CN
- China
- Prior art keywords
- service provider
- information interaction
- safety information
- data processing
- processing server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
Abstract
The present invention proposes security information interaction system, Apparatus and method for.Wherein, described security information interaction system includes service provider terminal, safety information interaction device and data processing server, and wherein said safety information interaction device obtains service provider identifier from described service provider terminal, and construct safety information interaction request based on the safety information interactive instruction from user, and described safety information interaction request is sent to described data processing server to complete follow-up safety information interaction.Security information interaction system disclosed in this invention, Apparatus and method for have high data transmission security and reliability.
Description
Technical field
The present invention relates to information interaction system, Apparatus and method for, more specifically it relates to security information interaction system, Apparatus and method for.
Background technology
At present, the becoming increasingly abundant of class of business along with computer technology and the increasingly extensive and different field of network communication applications, become more and more important alternately by what network (especially mobile network) carried out safety information (i.e. higher to security requirement information, such as financial transaction information).
Existing security information interaction system based on mobile terminal and method generally use the following two kinds pattern: (1) service provider (the least trade company) inserts specific IC-card card reader in the audio interface of its mobile terminal;Client in the mobile terminal of this service provider obtains the authentication information of described specific IC-card card reader and is transferred to data processing server to complete verification process;After service provider and user (such as consumer) confirm certification success, its IC-card (such as fiscard) and described specific card reader are interacted (such as carry out swiping the card action) by user;Client in the mobile terminal of this service provider obtains a part of information (ciphertext of such as Shou Dan trade company relevant information) with safety information intercorrelation from described specific card reader;User inputs privately owned another information (the such as spending amount of this transaction, financial card paying password etc.) with this safety information intercorrelation on the mobile terminal of described service provider;Client in the mobile terminal of this service provider sends safety information interaction request by described specific IC-card card reader to described data processing server, thus completes follow-up safety information interaction;(2) service provider signs in data processing server and by a part of information (such as dealing money) of user interface input and safety information intercorrelation to produce and the record (such as trading order form) of this safety information intercorrelation connection;User utilizes the mobile terminal of self sign in described data processing server and select safety information interactive mode (such as bar code payment) by user interface, and described data processing server generates the unique message identification (such as Quick Response Code) with this safety information intercorrelation connection and sends it to the mobile terminal of described user;Described service provider uses the information collecting device of oneself to obtain this message identification (such as scanning the Quick Response Code on the mobile terminal of user with mobile phone camera or barcode scanner), thus confirms the identity of user;After user confirms the safety information carrying out reality mutual (such as paying), this safety information interaction is done subsequently.
But, there are the following problems for above-mentioned existing technical scheme: (a) is for pattern (1), owing to user needs to input privately owned safety information (such as fiscard password) on the mobile terminal of service provider, thus there is the risk that this privately owned safety information is stolen, in addition, owing to needs use this specific IC-card card reader, (this card reader does not the most have safety chip, therefore be prone to be imitated) read the safety information (such as fiscard magnetic track information) that user is privately owned, therefore there is the risk that the safety information on IC-card is stolen;(2) for pattern (2), owing to service provider uses the information collecting device of oneself to obtain message identification (such as scanning the Quick Response Code on the mobile terminal of user with mobile phone camera or barcode scanner) to confirm user identity, therefore there is the risk that this message identification is stolen, thus cause the possibility that there is Replay Attack.
Accordingly, there exist following demand: provide and there is the security information interaction system of high safety, Apparatus and method for.
Summary of the invention
In order to solve the problem existing for above-mentioned prior art, the present invention proposes has the security information interaction system of high safety, Apparatus and method for.
The purpose of the present invention can be achieved through the following technical solutions:
A kind of security information interaction system, described security information interaction system includes:
Service provider terminal, described service provider terminal is used for completing the preprocessing process with safety information intercorrelation to obtain service provider identifier from data processing server based on the pre-processing instruction from service provider;
Safety information interaction device, described safety information interaction device is for obtaining described service provider identifier from described service provider terminal, and construct safety information interaction request based on the safety information interactive instruction from user, and described safety information interaction request is sent to described data processing server to complete follow-up safety information interaction;
Data processing server, described data processing server is used for performing described preprocessing process to provide described service provider identifier to described service provider terminal, and resolve and process the described safety information interaction request received, and result is sent back described safety information interaction device and described service provider terminal.
In scheme disclosed above, it is preferable that described service provider identifier is associated with described service provider and uniquely identifies described service provider.
In scheme disclosed above, it is preferable that described safety information interaction device is that described user is privately owned.
In scheme disclosed above, it is preferable that described safety information interaction device is mobile terminal.
In scheme disclosed above, it is preferable that service provider terminal is the form of mobile terminal or personal computer.
In scheme disclosed above, it is preferable that described service provider terminal farther includes:
End user interface, described end user interface is for receiving described pre-processing instruction from described service provider and described pre-processing instruction being sent to main control module, and the described result sent back by described data processing server that display receives;
Main control module, described main control module is for based on the described pre-processing instruction structure pretreatment request message received and being sent to described data processing server through principal communication interface by described pretreatment request message;
Principal communication interface, described principal communication interface is for performing the data interaction between described service provider terminal and described data processing server.
In scheme disclosed above, it is preferable that described principal communication interface performs the data interaction between described service provider terminal and described data processing server by mobile network or the Internet.
In scheme disclosed above, preferably, described service provider terminal farther includes Registering modules, and described Registering modules sends registration request for instruction based on described service provider before described preprocessing process to described data processing server and performs the registration process relevant to described service provider terminal.
In scheme disclosed above, it is preferable that described safety information interaction device farther includes:
User interface, described user interface is for receiving described safety information interactive instruction from described user, and described safety information interactive instruction is sent to master controller, and the described result sent back by described data processing server that display receives;
Master controller, described master controller is for constructing safety information interaction request based on the described safety information interactive instruction received and the described service provider identifier obtained from described service provider terminal, and through the first communication interface, described safety information interaction request is sent to described data processing server;
First communication interface, described first communication interface is for performing the data interaction between described safety information interaction device and described data processing server.
In scheme disclosed above, it is preferable that described first communication interface performs the data interaction between described safety information interaction device and described data processing server by mobile network.
In scheme disclosed above, it is preferable that described data processing server farther includes:
Service provider identifier generation module, described service provider identifier generation module is used for receiving described pretreatment request message, and the service provider identifier being associated with described service provider terminal is generated based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal, wherein, described service provider identifier generation module is further used for generating the record of the mapping relations recorded between described service provider identifier and described service provider terminal and being stored in a storage module by described record;
Data processing module, described data processing module is used for receiving and processing described safety information interaction request, and result sends back described safety information interaction device and described service provider terminal;
Memory module, described memory module is for storing the record of the mapping relations between described record described service provider identifier and described service provider terminal.
In scheme disclosed above, it is preferable that described data processing server farther includes Registering modules, described Registering modules is for receiving and process described registration request to complete the registration process relevant to described service provider terminal.
The purpose of the present invention can also be achieved through the following technical solutions:
A kind of service provider terminal, described service provider terminal includes:
End user interface, described end user interface is for receiving pre-processing instruction from service provider and described pre-processing instruction being sent to main control module, and the result sent back by data processing server that display receives, wherein, described result includes service provider identifier;
Main control module, described main control module is for by the described pre-processing instruction received structure pretreatment request message and being sent to described data processing server through principal communication interface by described pretreatment request message;
Principal communication interface, described principal communication interface is for performing the data interaction between described service provider terminal and described data processing server.
In scheme disclosed above, preferably, described service provider terminal farther includes Registering modules, and described Registering modules sends registration request for instruction based on described service provider before described preprocessing process to described data processing server and performs the registration process relevant to described service provider terminal.
The purpose of the present invention can also be achieved through the following technical solutions:
A kind of safety information interaction device, described safety information interaction device includes:
User interface, described user interface is for receiving the safety information interactive instruction from user, and described safety information interactive instruction is sent to master controller, and the result sent back by data processing server that display receives;
Master controller, described master controller is for constructing safety information interaction request based on the described safety information interactive instruction received and the service provider identifier obtained from service provider terminal, and through the first communication interface, described safety information interaction request is sent to described data processing server;
First communication interface, described first communication interface is for performing the data interaction between described safety information interaction device and described data processing server.
The purpose of the present invention can also be achieved through the following technical solutions:
A kind of data processing server, described data processing server includes:
Service provider identifier generation module, described service provider identifier generation module is for receiving the pretreatment request message from service provider terminal, and the service provider identifier being associated with described service provider terminal is generated based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal, wherein, described service provider identifier generation module is further used for generating the record of the mapping relations recorded between described service provider identifier and described service provider terminal and described record being stored in memory module;
Data processing module, described data processing module is for receiving and processing the safety information interaction request from safety information interaction device, and result sends back described safety information interaction device;
Memory module, described memory module is for storing the record of the mapping relations between described record described service provider identifier and described service provider terminal.
In scheme disclosed above, preferably, described data processing server farther includes Registering modules, and described Registering modules is for receiving and process the registration request from described service provider terminal to complete the registration process relevant to described service provider terminal.
The purpose of the present invention can also be achieved through the following technical solutions:
A kind of safety information interaction method, described safety information interaction method comprises the following steps:
(A1) service provider terminal constructs pretreatment request message based on the pre-processing instruction from service provider and described pretreatment request message is sent to data processing server;
(A2) described data processing server generates the service provider identifier being associated with described service provider terminal based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal;
(A3) safety information interaction device obtains described service provider identifier from described service provider terminal, and construct safety information interaction request based on the safety information interactive instruction from user, and described safety information interaction request is sent to described data processing server;
(A4) described data processing server resolves and processes the described safety information interaction request received, and result sends back described safety information interaction device and described service provider terminal.
Security information interaction system disclosed in this invention, Apparatus and method for have the advantage that owing to user uses privately owned safety information interaction device to carry out the mutual of safety information, therefore have high data transmission security and reliability.
Accompanying drawing explanation
Will be more fully understood that by those skilled in the art, wherein in conjunction with accompanying drawing, the technical characteristic of the present invention and advantage:
Fig. 1 is the structure chart of security information interaction system according to an embodiment of the invention;
Fig. 2 is the flow chart of safety information interaction method according to an embodiment of the invention.
Detailed description of the invention
Fig. 1 is the structure chart of security information interaction system according to an embodiment of the invention.As it is shown in figure 1, security information interaction system disclosed in this invention includes service provider terminal 1, safety information interaction device 2 and data processing server 3.Wherein, described service provider terminal 1 is for completing with the preprocessing process of safety information intercorrelation based on the pre-processing instruction from service provider (such as trade company) to obtain service provider identifier from described data processing server 3.Described safety information interaction device 2 is for obtaining described service provider identifier from described service provider terminal 1, and construct safety information interaction request based on the safety information interactive instruction from user (such as consumer), and described safety information interaction request is sent to the receipts list payment platform in described data processing server 3(such as financial field) to complete follow-up safety information interaction (such as payment process).Described data processing server 3 is used for performing described preprocessing process to provide described service provider identifier to described service provider terminal 1, and resolve and process the described safety information interaction request received, and result is sent back described safety information interaction device 2 and described service provider terminal 1.
Preferably, in security information interaction system disclosed in this invention, described service provider identifier is associated with described service provider and uniquely identifies described service provider.
Preferably, in security information interaction system disclosed in this invention, described safety information interaction device 2 is that described user is privately owned.
Preferably, in security information interaction system disclosed in this invention, described safety information interaction device 2 is mobile terminal.
Exemplarily, in security information interaction system disclosed in this invention, service provider terminal 1 is the form of mobile terminal or personal computer.
Preferably, in security information interaction system disclosed in this invention, described service provider terminal 1 farther includes main control module 5, principal communication interface 6, end user interface 7.Wherein, described end user interface 7 is for receiving described pre-processing instruction from described service provider and described pre-processing instruction being sent to described main control module 5, and the described result sent back by described data processing server 3 that display receives.Described main control module 5 is for based on the described pre-processing instruction structure pretreatment request message received and being sent to described data processing server 3 through described principal communication interface 6 by described pretreatment request message.Described principal communication interface 6 is for performing the data interaction between described service provider terminal 1 and described data processing server 3.
Preferably, in security information interaction system disclosed in this invention, described principal communication interface 6 performs the data interaction between described service provider terminal 1 and described data processing server 3 by mobile network or the Internet.
Preferably, in security information interaction system disclosed in this invention, described service provider terminal 1 farther includes Registering modules 4.Described Registering modules 4 sends registration request (through described principal communication interface 6) for instruction based on described service provider before described preprocessing process to described data processing server 3 and performs the registration process relevant to described service provider terminal 1.
Preferably, in security information interaction system disclosed in this invention, described safety information interaction device 2 farther includes master controller the 9, first communication interface 10 and user interface 12.Wherein, described user interface 12 is for receiving described safety information interactive instruction (exemplarily from described user, in the case of described safety information interaction device 2 does not includes security module, described safety information interactive instruction can include fiscard account number and/or password), and described safety information interactive instruction is sent to described master controller 9, and the described result sent back by described data processing server 3 that display receives.Described master controller 9 is for constructing safety information interaction request (exemplarily based on the described safety information interactive instruction received and the described service provider identifier obtained from described service provider terminal 1, in the case of described safety information interaction device 2 includes security module, described master controller 9 can obtain the such as data of safety such as fiscard account number and/or password from this security module), and described safety information interaction request is sent to described data processing server 3 through described first communication interface 10.Described first communication interface 10 is for performing the data interaction between described safety information interaction device 2 and described data processing server 3.
Preferably, in security information interaction system disclosed in this invention, described first communication interface 10 performs the data interaction between described safety information interaction device 2 and described data processing server 3 by mobile network.
Preferably, in security information interaction system disclosed in this invention, described data processing server 3 farther includes service provider identifier generation module 15, data processing module 16 and memory module 17.Wherein, described service provider identifier generation module 15 is used for receiving described pretreatment request message, and the service provider identifier being associated with described service provider terminal 1 is generated based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal 1, wherein, described service provider identifier generation module 15 is further used for generating the record of the mapping relations recorded between described service provider identifier and described service provider terminal 1 and described record being stored in described memory module 17.Described data processing module 16 is used for receiving and processing described safety information interaction request, and result sends back described safety information interaction device 2 and described service provider terminal 1.Described memory module 17 is for storing the record of the mapping relations between described record described service provider identifier and described service provider terminal 1.
Preferably, in security information interaction system disclosed in this invention, described data processing server 3 farther includes Registering modules 14.Described Registering modules 14 is for receiving and process described registration request to complete the registration process relevant to described service provider terminal 1.
Exemplarily, in security information interaction system disclosed in this invention, described data processing server 3 may be located in single physical entity, or can be realized by multiple physical entities.
Exemplarily, in the first embodiment of security information interaction system disclosed in this invention, described service provider identifier is numeric data code, and described safety information interaction device 2 obtains described service provider identifier from described service provider terminal 1 by the way of user manually enters.
Exemplarily, in the second embodiment of security information interaction system disclosed in this invention, described service provider identifier is bar code or Quick Response Code, and described safety information interaction device 2 farther includes information extraction modules 13, described information extraction modules 13 for extracting the service provider identifier (exemplarily, described information extraction modules 13 is the photographic head in mobile terminal) of described bar code or Quick Response Code form from described service provider terminal 1.
Exemplarily, in the 3rd embodiment of security information interaction system disclosed in this invention, described safety information interaction device 2 farther includes the second communication interface 11 and described service provider terminal 1 farther includes secondary communication interface 8, described second communication interface 11 obtains described service provider identifier by communicating with described secondary communication interface 8 from described service provider terminal 1, wherein, (can directly communicate between described second communication interface 11 and described secondary communication interface 8 can also pass through one or more intermediarys (such as external storage equipment) carry out indirect communication) is communicated by usb protocol or audio protocols between described second communication interface 11 and described secondary communication interface 8.
Exemplarily, in the 4th embodiment of security information interaction system disclosed in this invention, described safety information interaction device 2 farther includes the second communication interface 11 and security module 19 and described service provider terminal 1 farther includes to include secondary communication interface 8 and terminal security module 18, described second communication interface 11 obtains described service provider identifier by communicating with described secondary communication interface 8 from described service provider terminal 1, wherein, (the most described safety information interaction device 2 can be simulated card reader pattern and obtain described service provider identifier from described service provider terminal 1) is communicated by NFC protocol between described second communication interface 11 and described secondary communication interface 8.
Exemplarily, in security information interaction system disclosed in this invention, in the case of described safety information interaction device 2 includes security module 19, described master controller 9 can communicate to obtain the safety information constructed needed for described safety information interaction request with described security module 19 by NFC protocol or usb protocol or audio protocols.
Exemplarily, in security information interaction system disclosed in this invention, in the case of described service provider terminal 1 includes terminal security module 18, described service provider terminal 1 guarantees the safety of the communication between described data processing server 3 by the way of RSA or symmetric cryptography or MAC, and the described service provider identifier that described data processing server 3 sends back is stored in described terminal security module 18.
Exemplarily, in security information interaction system disclosed in this invention, in the case of described service provider terminal 1 does not includes security module, described service provider terminal 1 guarantees the safety of the communication between described data processing server 3 by ssl protocol.
As it is shown in figure 1, the invention discloses a kind of service provider terminal 1, described service provider terminal 1 includes main control module 5, principal communication interface 6, end user interface 7.Wherein, described end user interface 7 is for receiving pre-processing instruction from service provider and described pre-processing instruction being sent to described main control module 5, and the result sent back by data processing server 3 that display receives, wherein, described result includes service provider identifier (described service provider identifier is associated with described service provider and uniquely identifies described service provider).Described main control module 5 is for by the described pre-processing instruction received structure pretreatment request message and being sent to described data processing server 3 through described principal communication interface 6 by described pretreatment request message.Described principal communication interface 6 is for performing the data interaction between described service provider terminal 1 and described data processing server 3.
Preferably, in service provider terminal disclosed in this invention, described principal communication interface 6 performs the data interaction between described service provider terminal 1 and described data processing server 3 by mobile network or the Internet.
Preferably, in service provider terminal disclosed in this invention, described service provider terminal 1 farther includes Registering modules 4.Described Registering modules 4 sends registration request (through described principal communication interface 6) for instruction based on described service provider before described preprocessing process to described data processing server 3 and performs the registration process relevant to described service provider terminal 1.
As it is shown in figure 1, the invention discloses a kind of safety information interaction device 2, described safety information interaction device 2 includes master controller the 9, first communication interface 10 and user interface 12.Wherein, described user interface 12 is for receiving safety information interactive instruction (exemplarily from user, in the case of described safety information interaction device 2 does not includes security module, described safety information interactive instruction can include fiscard account number and/or password), and described safety information interactive instruction is sent to described master controller 9, and the result sent back by data processing server 3 that display receives.Described master controller 9 is for constructing safety information interaction request (exemplarily based on the described safety information interactive instruction received and the service provider identifier (described service provider identifier be associated with described service provider and uniquely identify described service provider) obtained from service provider terminal 1, in the case of described safety information interaction device 2 includes security module, described master controller 9 can obtain the such as data of safety such as fiscard account number and/or password from this security module), and described safety information interaction request is sent to described data processing server 3 through described first communication interface 10.Described first communication interface 10 is for performing the data interaction between described safety information interaction device 2 and described data processing server 3.
Preferably, in safety information interaction device disclosed in this invention, described first communication interface 10 performs the data interaction between described safety information interaction device 2 and described data processing server 3 by mobile network.
As it is shown in figure 1, the invention discloses a kind of data processing server 3, described data processing server 3 includes service provider identifier generation module 15, data processing module 16 and memory module 17.Wherein, described service provider identifier generation module 15 is for receiving the pretreatment request message from service provider terminal 1, and the service provider identifier being associated with described service provider terminal 1 is generated based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal 1, wherein, described service provider identifier generation module 15 is further used for generating the record of the mapping relations recorded between described service provider identifier and described service provider terminal 1 and described record being stored in described memory module 17.Described data processing module 16 is for receiving and processing the safety information interaction request from safety information interaction device 2, and result sends back described safety information interaction device 2.Described memory module 17 is for storing the record of the mapping relations between described record described service provider identifier and described service provider terminal 1.
Preferably, data processing server 3 disclosed in this invention farther includes Registering modules 14.Described Registering modules 14 is for receiving and process the registration request from described service provider terminal 1 to complete the registration process relevant to described service provider terminal 1.
Fig. 2 is the flow chart of safety information interaction method according to an embodiment of the invention.As in figure 2 it is shown, safety information interaction method disclosed in this invention comprises the following steps: that (A1) service provider terminal constructs pretreatment request message based on the pre-processing instruction from service provider (such as trade company) and described pretreatment request message is sent to data processing server;(A2) described data processing server generates the service provider identifier being associated with described service provider terminal based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal;(A3) safety information interaction device obtains described service provider identifier from described service provider terminal, and construct safety information interaction request based on the safety information interactive instruction from user (such as consumer), and described safety information interaction request is sent to described data processing server (the receipts list payment platform in such as financial field);(A4) described data processing server resolves and processes the described safety information interaction request received, and result sends back described safety information interaction device and described service provider terminal.
Preferably, in safety information interaction method disclosed in this invention, described service provider identifier is associated with described service provider and uniquely identifies described service provider.
Preferably, in safety information interaction method disclosed in this invention, described safety information interaction device is that described user is privately owned.
Preferably, in safety information interaction method disclosed in this invention, described safety information interaction device is mobile terminal.
Exemplarily, in safety information interaction method disclosed in this invention, described service provider terminal is the form of mobile terminal or personal computer.
Preferably, in security information interaction system disclosed in this invention, described step (A4) farther includes: described service provider terminal displays reception to the described result sent back by described data processing server.
Preferably, in safety information interaction method disclosed in this invention, described service provider terminal carries out data interaction by mobile network or the Internet with described data processing server.
Preferably, in safety information interaction method disclosed in this invention, described step (A1) farther includes: the instruction based on described service provider before receiving described pre-processing instruction of described service provider terminal sends registration request to described data processing server and performs the registration process relevant to described service provider terminal.
Preferably, in safety information interaction method disclosed in this invention, described step (A4) farther includes: described safety information interaction device shows the described result sent back by described data processing server received.
Preferably, in safety information interaction method disclosed in this invention, described safety information interaction device carries out data interaction by mobile network with described data processing server.
Preferably, in safety information interaction method disclosed in this invention, described step (A2) farther includes: described data processing server generates the service provider identifier being associated with described service provider terminal based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal, wherein, described data processing server generates and stores the record of the mapping relations recorded between described service provider identifier and described service provider terminal further.
Preferably, safety information interaction method disclosed in this invention farther includes: described data processing server receives and process described registration request to complete the registration process relevant to described service provider terminal.
Exemplarily, in safety information interaction method disclosed in this invention, described data processing server may be located in single physical entity, or can be realized by multiple physical entities.
Exemplarily, in the first embodiment of safety information interaction method disclosed in this invention, described service provider identifier is numeric data code, and described safety information interaction device obtains described service provider identifier from described service provider terminal by the way of user manually enters.
Exemplarily, in the second embodiment of safety information interaction method disclosed in this invention, described service provider identifier is bar code or Quick Response Code, and described safety information interaction device extracts described bar code or the service provider identifier (exemplarily, described information extraction modules is the photographic head in mobile terminal) of Quick Response Code form by information extraction modules from described service provider terminal.
Exemplarily, in the 3rd embodiment of safety information interaction method disclosed in this invention, described safety information interaction device communicates to obtain described service provider identifier with described service provider terminal by usb protocol or audio protocols.
Exemplarily, in the 4th embodiment of safety information interaction method disclosed in this invention, described safety information interaction device includes that security module and described service provider terminal include terminal security module, wherein, described safety information interaction device communicates to obtain described service provider identifier (the most described safety information interaction device can be simulated card reader pattern and obtain described service provider identifier from described service provider terminal) by NFC protocol and described service provider terminal.
Exemplarily, in safety information interaction method disclosed in this invention, in the case of described service provider terminal includes terminal security module, described service provider terminal guarantees the safety of the communication between described data processing server by the way of RSA or symmetric cryptography or MAC, and the described service provider identifier that described data processing server sends back is stored in described terminal security module.
Exemplarily, in safety information interaction method disclosed in this invention, in the case of described service provider terminal does not includes security module, described service provider terminal guarantees the safety of the communication between described data processing server by ssl protocol.
Although the present invention is to be described by above-mentioned preferred implementation, but its way of realization is not limited to above-mentioned embodiment.It will be appreciated that in the case of without departing from spirit and scope of the present invention, the present invention can be made different changing and modifications by those skilled in the art.
Claims (18)
1. a security information interaction system, described security information interaction system includes:
Service provider terminal, described service provider terminal is used for completing the preprocessing process with safety information intercorrelation to obtain service provider identifier from data processing server based on the pre-processing instruction from service provider;
Safety information interaction device, described safety information interaction device is for obtaining described service provider identifier from described service provider terminal, and construct safety information interaction request based on the safety information interactive instruction from user, and described safety information interaction request is sent to described data processing server to complete follow-up safety information interaction;
Data processing server, described data processing server is used for performing described preprocessing process to provide described service provider identifier to described service provider terminal, and resolve and process the described safety information interaction request received, and result is sent back described safety information interaction device and described service provider terminal.
Security information interaction system the most according to claim 1, it is characterised in that described service provider identifier is associated with described service provider and uniquely identifies described service provider.
Security information interaction system the most according to claim 2, it is characterised in that described safety information interaction device is that described user is privately owned.
Security information interaction system the most according to claim 3, it is characterised in that described safety information interaction device is mobile terminal.
Security information interaction system the most according to claim 4, it is characterised in that service provider terminal is the form of mobile terminal or personal computer.
Security information interaction system the most according to claim 5, it is characterised in that described service provider terminal farther includes:
End user interface, described end user interface is for receiving described pre-processing instruction from described service provider and described pre-processing instruction being sent to main control module, and the described result sent back by described data processing server that display receives;
Main control module, described main control module is for based on the described pre-processing instruction structure pretreatment request message received and being sent to described data processing server through principal communication interface by described pretreatment request message;
Principal communication interface, described principal communication interface is for performing the data interaction between described service provider terminal and described data processing server.
Security information interaction system the most according to claim 6, it is characterised in that described principal communication interface performs the data interaction between described service provider terminal and described data processing server by mobile network or the Internet.
Security information interaction system the most according to claim 7, it is characterized in that, described service provider terminal farther includes Registering modules, and described Registering modules sends registration request for instruction based on described service provider before described preprocessing process to described data processing server and performs the registration process relevant to described service provider terminal.
Security information interaction system the most according to claim 8, it is characterised in that described safety information interaction device farther includes:
User interface, described user interface is for receiving described safety information interactive instruction from described user, and described safety information interactive instruction is sent to master controller, and the described result sent back by described data processing server that display receives;
Master controller, described master controller is for constructing safety information interaction request based on the described safety information interactive instruction received and the described service provider identifier obtained from described service provider terminal, and through the first communication interface, described safety information interaction request is sent to described data processing server;
First communication interface, described first communication interface is for performing the data interaction between described safety information interaction device and described data processing server.
Security information interaction system the most according to claim 9, it is characterised in that described first communication interface performs the data interaction between described safety information interaction device and described data processing server by mobile network.
11. security information interaction systems according to claim 10, it is characterised in that described data processing server farther includes:
Service provider identifier generation module, described service provider identifier generation module is used for receiving described pretreatment request message, and the service provider identifier being associated with described service provider terminal is generated based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal, wherein, described service provider identifier generation module is further used for generating the record of the mapping relations recorded between described service provider identifier and described service provider terminal and being stored in a storage module by described record;
Data processing module, described data processing module is used for receiving and processing described safety information interaction request, and result sends back described safety information interaction device and described service provider terminal;
Memory module, described memory module is for storing the record of the mapping relations between described record described service provider identifier and described service provider terminal.
12. security information interaction systems according to claim 11, it is characterized in that, described data processing server farther includes Registering modules, and described Registering modules is for receiving and process described registration request to complete the registration process relevant to described service provider terminal.
13. 1 kinds of service provider terminals, described service provider terminal includes:
End user interface, described end user interface is for receiving pre-processing instruction from service provider and described pre-processing instruction being sent to main control module, and the result sent back by data processing server that display receives, wherein, described result includes service provider identifier;
Main control module, described main control module is for by the described pre-processing instruction received structure pretreatment request message and being sent to described data processing server through principal communication interface by described pretreatment request message;
Principal communication interface, described principal communication interface is for performing the data interaction between described service provider terminal and described data processing server.
14. service provider terminals according to claim 13, it is characterized in that, described service provider terminal farther includes Registering modules, and described Registering modules sends registration request for instruction based on described service provider before described preprocessing process to described data processing server and performs the registration process relevant to described service provider terminal.
15. 1 kinds of safety information interaction device, described safety information interaction device includes:
User interface, described user interface is for receiving the safety information interactive instruction from user, and described safety information interactive instruction is sent to master controller, and the result sent back by data processing server that display receives;
Master controller, described master controller is for constructing safety information interaction request based on the described safety information interactive instruction received and the service provider identifier obtained from service provider terminal, and through the first communication interface, described safety information interaction request is sent to described data processing server;
First communication interface, described first communication interface is for performing the data interaction between described safety information interaction device and described data processing server.
16. 1 kinds of data processing servers, described data processing server includes:
Service provider identifier generation module, described service provider identifier generation module is for receiving the pretreatment request message from service provider terminal, and the service provider identifier being associated with described service provider terminal is generated based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal, wherein, described service provider identifier generation module is further used for generating the record of the mapping relations recorded between described service provider identifier and described service provider terminal and described record being stored in memory module;
Data processing module, described data processing module is for receiving and processing the safety information interaction request from safety information interaction device, and result sends back described safety information interaction device;
Memory module, described memory module is for storing the record of the mapping relations between described record described service provider identifier and described service provider terminal.
17. data processing servers according to claim 16, it is characterized in that, described data processing server farther includes Registering modules, and described Registering modules is for receiving and process the registration request from described service provider terminal to complete the registration process relevant to described service provider terminal.
18. 1 kinds of safety information interaction methods, described safety information interaction method comprises the following steps:
(A1) service provider terminal constructs pretreatment request message based on the pre-processing instruction from service provider and described pretreatment request message is sent to data processing server;
(A2) described data processing server generates the service provider identifier being associated with described service provider terminal based on described pretreatment request message, and described service provider identifier is sent back described service provider terminal;
(A3) safety information interaction device obtains described service provider identifier from described service provider terminal, and construct safety information interaction request based on the safety information interactive instruction from user, and described safety information interaction request is sent to described data processing server;
(A4) described data processing server resolves and processes the described safety information interaction request received, and result sends back described safety information interaction device and described service provider terminal.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210175384.1A CN103457728B (en) | 2012-05-31 | 2012-05-31 | Security information interaction system, Apparatus and method for |
| PCT/CN2013/076479 WO2013178080A1 (en) | 2012-05-31 | 2013-05-30 | Security information exchange system, device, and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210175384.1A CN103457728B (en) | 2012-05-31 | 2012-05-31 | Security information interaction system, Apparatus and method for |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103457728A CN103457728A (en) | 2013-12-18 |
| CN103457728B true CN103457728B (en) | 2016-12-14 |
Family
ID=49672430
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210175384.1A Active CN103457728B (en) | 2012-05-31 | 2012-05-31 | Security information interaction system, Apparatus and method for |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN103457728B (en) |
| WO (1) | WO2013178080A1 (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1658203A (en) * | 2004-02-22 | 2005-08-24 | 陈童 | Method for implementing mobile electronic business |
| CN101546401A (en) * | 2008-03-28 | 2009-09-30 | 海尔集团公司 | Electronic payment method and system based on NFC mobile terminal |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110270751A1 (en) * | 2009-12-14 | 2011-11-03 | Andrew Csinger | Electronic commerce system and system and method for establishing a trusted session |
-
2012
- 2012-05-31 CN CN201210175384.1A patent/CN103457728B/en active Active
-
2013
- 2013-05-30 WO PCT/CN2013/076479 patent/WO2013178080A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1658203A (en) * | 2004-02-22 | 2005-08-24 | 陈童 | Method for implementing mobile electronic business |
| CN101546401A (en) * | 2008-03-28 | 2009-09-30 | 海尔集团公司 | Electronic payment method and system based on NFC mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2013178080A1 (en) | 2013-12-05 |
| CN103457728A (en) | 2013-12-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11756026B2 (en) | Systems and methods for incorporating QR codes | |
| US10248952B2 (en) | Automated account provisioning | |
| US11726841B2 (en) | Adapter for providing unified transaction interface | |
| CN102763115B (en) | Device pairing is carried out by reading the address provided according to device readable form | |
| US20150193765A1 (en) | Method and System for Mobile Payment and Access Control | |
| CN103854170A (en) | Payment system and payment method based on two-dimension code | |
| WO2015000365A1 (en) | Quick payment method and system based on location information | |
| US10885509B2 (en) | Bridge device for linking wireless protocols | |
| CN103577983A (en) | Load method of electronic currency for off-line consumption | |
| CN106779673B (en) | Electronic payment method and system | |
| US11816048B2 (en) | Chip card socket communication | |
| CN104123647A (en) | Payment method and system | |
| CN101841809A (en) | Mobile phone terminal supporting simulated POS transactions and system | |
| CN105160531B (en) | Transaction data processing method and processing device | |
| KR20170051916A (en) | Mobile simple payment support device based on the connection information and operating method thereof | |
| CN103457728B (en) | Security information interaction system, Apparatus and method for | |
| WO2014048319A1 (en) | Security information exchange system, apparatus, and method | |
| TWI730282B (en) | Transaction system without card readers and method for operating transaction system without card readers | |
| CN102542696A (en) | Security information interaction system and method | |
| RU2780821C2 (en) | Adapter for providing unified transaction interface | |
| CN103581126A (en) | Security information interaction system, device and method | |
| CN107180347B (en) | Payment method and device and terminal | |
| CN106096966A (en) | A kind of fingerprint payment system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |