A kind of card-free payment system of automatic teller machine of bank
Technical field
The invention belongs to the protection of user's bank card account number and automatic teller machine without card payment technical field, specifically, relate to a kind of card-free payment system of automatic teller machine of bank.
Background technology
User withdraws the money on automatic teller machine, if lawless person obtains bank card account number and the password of user, then clone's user's bank card, lawless person just can withdraw the money on automatic teller machine outside, brings very big economic loss to validated user.Additionally, mobile phone reservation enchashment on present automatic teller machine, user could withdraw the money, if user does not have log on traffic service after must logging in the bank site short message-authorized code of acquisition on automatic teller machine, or network traffics are finished, or network signal is bad, etc., all can not realize withdrawing the money without card on automatic teller machine, even if realizing withdrawing the money without card on automatic teller machine, whole operating process is also very loaded down with trivial details.
Summary of the invention
It is an object of the invention to overcome the deficiencies in the prior art, a kind of card-free payment system of automatic teller machine of bank is provided, user carries out, at automatic teller machine, transaction such as withdrawing the money, bank card need not be inserted, also need not log in bank site and obtain short message-authorized code, directly utilize oneself dynamic digital to generate device (mobile phone or other mobile hardware) and generate dynamic secret number, easily realize withdrawing the money to wait without card and operate conveniently, safely.
For reaching above-mentioned purpose, the present invention provides a kind of card-free payment system of automatic teller machine of bank, including dynamic digital generating mechanism, user account binding mechanism and automatic teller machine certification authority, it is characterized in that: in described dynamic digital generating mechanism, have unique sequence numbers renderer, the built-in device of unique key, it is digitally generated trigger, secret number maker and secret number renderer, unique sequence numbers renderer comprises a serial number being made up of completely a series of numerals, this serial number has uniqueness, it is different from the serial number in the unique sequence numbers renderer in other dynamic digital generating mechanism, key in the built-in device of unique key is a character string, there is uniqueness equally, and unique sequence numbers and unique key one_to_one corresponding, if being digitally generated trigger to be triggered, secret number maker begins to carry out following computing:
A () dynamically generates a character string, this character string is very regular, and namely character late string can calculate out, this character string is exactly the plaintext m encrypted, adopt AES n, with unique key, this plaintext is encrypted, and generates a ciphertext character string o;
B character conversion regime p in ciphertext character string o is wholly converted into numeric string q by (), then extract the part number in numeric string q, form a new numeric string r;
Numeric string r is shown by secret number renderer;
Account authenticator, account binder is had in user account binding mechanism, the information of proof oneself identity that user is provided by account authenticator is identified, without passing through certification, then the bank card account number of user can not be bound, if by certification, then the bank card account number of user and unique sequence numbers are bound by account binder;
Serial number loader is had in automatic teller machine certification authority, secret number loader, user cipher loader and login authentication device, user inputs unique sequence numbers in serial number loader, secret number loader inputs numeric string r, user cipher loader inputs the bank card password of user, the plaintext m that in this effect duration, encryption is required extrapolated by login authentication device, adopt the unique key that secret number maker uses, AES n and conversion regime p, plaintext m is carried out computing, if numeric string r is legal numeric string, the numeric string r then inputted is by verifying, also bank card password is verified simultaneously, only when numeric string r and bank card password are simultaneously by after verifying, user logins successfully, just can carry out operations such as withdrawing the money, simultaneously, after user logins successfully, log on before the deadline, numeric string r is still effective in input, log on outside effect duration, it is invalid that user inputs numeric string r.
The second card-free payment system of automatic teller machine of bank of the present invention, including dynamic digital generating mechanism, user account binding mechanism and automatic teller machine certification authority, it is characterized in that: in described dynamic digital generating mechanism, have unique sequence numbers renderer, the built-in device of unique key, it is digitally generated trigger, secret number maker and secret number renderer, unique sequence numbers renderer comprises a serial number being made up of completely a series of numerals, this serial number has uniqueness, it is different from the serial number in the unique sequence numbers renderer in other dynamic digital generating mechanism, key in the built-in device of unique key is a character string, there is uniqueness equally, and unique sequence numbers and unique key one_to_one corresponding, if being digitally generated trigger to be triggered, secret number maker begins to carry out following computing:
A () dynamically generates a character string, this character string is very regular, and namely character late string can calculate out, this character string is exactly the plaintext m encrypted, adopt AES n, with unique key, this plaintext is encrypted, and generates a ciphertext character string o;
B character conversion regime p in ciphertext character string o is wholly converted into numeric string q by (), then extract the part number in numeric string q, form a new numeric string r;
Numeric string r is shown by secret number renderer;
Account authenticator, account binder is had in user account binding mechanism, the information of proof oneself identity that user is provided by account authenticator is identified, without passing through certification, then the bank card account number of user can not be bound, if by certification, then the bank card account number of user and unique sequence numbers are bound by account binder;
Serial number loader is had in automatic teller machine certification authority, secret number loader and login authentication device, user inputs unique sequence numbers in serial number loader, secret number loader inputs numeric string r, the plaintext m that in this effect duration, encryption is required extrapolated by login authentication device, adopt the unique key that secret number maker uses, AES n and conversion regime p, plaintext m is carried out computing, if numeric string r is legal numeric string, the numeric string r then inputted is by verifying, user logins successfully, operations such as withdrawing the money can be carried out, simultaneously, after user logins successfully, log on before the deadline, numeric string r is still effective in input, log on outside effect duration, it is invalid that user inputs numeric string r.
The third card-free payment system of automatic teller machine of bank of the present invention, including dynamic digital generating mechanism, user account binding mechanism and automatic teller machine certification authority, it is characterized in that: in described dynamic digital generating mechanism, have unique sequence numbers renderer, the built-in device of unique key, it is digitally generated trigger, secret number maker and secret number renderer, unique sequence numbers renderer comprises a serial number being made up of completely a series of numerals, this serial number has uniqueness, it is different from the serial number in the unique sequence numbers renderer in other dynamic digital generating mechanism, key in the built-in device of unique key is a character string, there is uniqueness equally, and unique sequence numbers and unique key one_to_one corresponding, if being digitally generated trigger to be triggered, secret number maker begins to carry out following computing:
A () dynamically generates string number, the plaintext m namely encrypted, and adopts AES n, with unique key, this plaintext is encrypted, and generates a ciphertext character string o;
B character conversion regime p in ciphertext character string o is wholly converted into numeric string q by (), then extract the part number in numeric string q, form a new numeric string r;
C plaintext m and numeric string r is combined into a new numeric string s by ();
Numeric string s is shown by secret number renderer;
Account authenticator, account binder is had in user account binding mechanism, the information of proof oneself identity that user is provided by account authenticator is identified, without passing through certification, then the bank card account number of user can not be bound, if by certification, then the bank card account number of user and unique sequence numbers are bound by account binder;
Serial number loader is had in automatic teller machine certification authority, secret number loader, user cipher loader and login authentication device, user inputs unique sequence numbers in serial number loader, secret number loader inputs numeric string s, user cipher loader inputs the bank card password of user, expressly m and numeric string r isolated by login authentication device from numeric string s, adopt the unique key that secret number maker uses, AES n and conversion regime p, plaintext m is carried out computing, if numeric string r is legal numeric string, the numeric string s then inputted is by verifying, also bank card password is verified simultaneously, only when numeric string s and bank card password are simultaneously by after verifying, user logins successfully, just can carry out operations such as withdrawing the money, simultaneously, after user logins successfully, the numeric string s of this input cancels, it is invalid that next user inputs numeric string s.
The 4th kind of card-free payment system of automatic teller machine of bank of the present invention, including dynamic digital generating mechanism, user account binding mechanism and automatic teller machine certification authority, it is characterized in that: in described dynamic digital generating mechanism, have unique sequence numbers renderer, the built-in device of unique key, it is digitally generated trigger, secret number maker and secret number renderer, unique sequence numbers renderer comprises a serial number being made up of completely a series of numerals, this serial number has uniqueness, it is different from the serial number in the unique sequence numbers renderer in other dynamic digital generating mechanism, key in the built-in device of unique key is a character string, there is uniqueness equally, and unique sequence numbers and unique key one_to_one corresponding, if being digitally generated trigger to be triggered, secret number maker begins to carry out following computing:
A () dynamically generates string number, the plaintext m namely encrypted, and adopts AES n, with unique key, this plaintext is encrypted, and generates a ciphertext character string o;
B character conversion regime p in ciphertext character string o is wholly converted into numeric string q by (), then extract the part number in numeric string q, form a new numeric string r;
C plaintext m and numeric string r is combined into a new numeric string s by ();
Numeric string s is shown by secret number renderer;
Account authenticator, account binder is had in user account binding mechanism, the information of proof oneself identity that user is provided by account authenticator is identified, without passing through certification, then the bank card account number of user can not be bound, if by certification, then the bank card account number of user and unique sequence numbers are bound by account binder;
Serial number loader is had in automatic teller machine certification authority, secret number loader and login authentication device, user inputs unique sequence numbers in serial number loader, secret number loader inputs numeric string s, expressly m and numeric string r isolated by login authentication device from numeric string s, adopt the unique key that secret number maker uses, AES n and conversion regime p, plaintext m is carried out computing, if numeric string r is legal numeric string, the numeric string s then inputted is by verifying, user logins successfully, operations such as withdrawing the money can be carried out, simultaneously, after user logins successfully, the numeric string s of this input cancels, it is invalid that next user inputs numeric string s.
The remarkable result of the present invention is in that: (1) greatly strengthens the use safety of user's bank card, and after minimizing user's bank card uses on automatic teller machine to greatest extent, bank card is by the risk of lawless person's successful clone.Lawless person can not obtain the bank card account number of user, even if obtaining bank card password, can not clone bank card.(2) conveniently, safely.User need not carry bank card, also need not log in bank site and obtain short message-authorized code, directly utilizes oneself dynamic digital and generates device (mobile phone or other mobile hardware) and generate dynamic secret number, easily realizes withdrawing the money to wait without card and operate conveniently, safely.
Accompanying drawing explanation
Fig. 1 pays, without card, the structure principle chart requiring input bank card password in the present invention.
Fig. 2 pays, without card, the structure principle chart not requiring input bank card password in the present invention.
Detailed description of the invention
Below in conjunction with the drawings and specific embodiments, the present invention is further illustrated.
Embodiment 1, as shown in Figure 1: a kind of card-free payment system of automatic teller machine of bank, including dynamic digital generating mechanism, user account binding mechanism and automatic teller machine certification authority, it is characterized in that: in described dynamic digital generating mechanism, have unique sequence numbers renderer, the built-in device of unique key, it is digitally generated trigger, secret number maker and secret number renderer, unique sequence numbers renderer comprises a serial number being made up of completely a series of numerals, this serial number has uniqueness, it is different from the serial number in the unique sequence numbers renderer in other dynamic digital generating mechanism, key in the built-in device of unique key is a character string, there is uniqueness equally, and unique sequence numbers and unique key one_to_one corresponding, if being digitally generated trigger to be triggered, secret number maker begins to carry out following computing:
A () dynamically generates a character string, this character string is very regular, and namely character late string can calculate out, this character string is exactly the plaintext m encrypted, adopt AES n, with unique key, this plaintext is encrypted, and generates a ciphertext character string o;
B character conversion regime p in ciphertext character string o is wholly converted into numeric string q by (), then extract the part number in numeric string q, form a new numeric string r;
Numeric string r is shown by secret number renderer;
Account authenticator, account binder is had in user account binding mechanism, the information of proof oneself identity that user is provided by account authenticator is identified, without passing through certification, then the bank card account number of user can not be bound, if by certification, then the bank card account number of user and unique sequence numbers are bound by account binder;
Serial number loader is had in automatic teller machine certification authority, secret number loader, user cipher loader and login authentication device, user inputs unique sequence numbers in serial number loader, secret number loader inputs numeric string r, user cipher loader inputs the bank card password of user, the plaintext m that in this effect duration, encryption is required extrapolated by login authentication device, adopt the unique key that secret number maker uses, AES n and conversion regime p, plaintext m is carried out computing, if numeric string r is legal numeric string, the numeric string r then inputted is by verifying, also bank card password is verified simultaneously, only when numeric string r and bank card password are simultaneously by after verifying, user logins successfully, just can carry out operations such as withdrawing the money, simultaneously, after user logins successfully, log on before the deadline, numeric string r is still effective in input, log on outside effect duration, it is invalid that user inputs numeric string r.
In the above-described embodiments, secret number maker dynamically generates a very regular character string, and this character string can be English alphabet or numeral etc., can using date as dynamic character string, such as: current string is " 20131218 ", character late string, it is possible to calculate out, for: " 20131219 ", i.e. plaintext m, this character string can only generate at Decembers in 2013 on the 19th, and numeric string r is determined by plaintext m, in order to strengthen safety, numeric string r suggestion is advisable with 8 bit digital.User is when automatic teller machine carries out without card delivery operation, effective at December in 2013 input numeric string r on the 19th, then invalid in the input of other date.
Embodiment 2, as shown in Figure 2: a kind of card-free payment system of automatic teller machine of bank, including dynamic digital generating mechanism, user account binding mechanism and automatic teller machine certification authority, it is characterized in that: in described dynamic digital generating mechanism, have unique sequence numbers renderer, the built-in device of unique key, it is digitally generated trigger, secret number maker and secret number renderer, unique sequence numbers renderer comprises a serial number being made up of completely a series of numerals, this serial number has uniqueness, it is different from the serial number in the unique sequence numbers renderer in other dynamic digital generating mechanism, key in the built-in device of unique key is a character string, there is uniqueness equally, and unique sequence numbers and unique key one_to_one corresponding, if being digitally generated trigger to be triggered, secret number maker begins to carry out following computing:
A () dynamically generates a character string, this character string is very regular, and namely character late string can calculate out, this character string is exactly the plaintext m encrypted, adopt AES n, with unique key, this plaintext is encrypted, and generates a ciphertext character string o;
B character conversion regime p in ciphertext character string o is wholly converted into numeric string q by (), then extract the part number in numeric string q, form a new numeric string r;
Numeric string r is shown by secret number renderer;
Account authenticator, account binder is had in user account binding mechanism, the information of proof oneself identity that user is provided by account authenticator is identified, without passing through certification, then the bank card account number of user can not be bound, if by certification, then the bank card account number of user and unique sequence numbers are bound by account binder;
Serial number loader is had in automatic teller machine certification authority, secret number loader and login authentication device, user inputs unique sequence numbers in serial number loader, secret number loader inputs numeric string r, the plaintext m that in this effect duration, encryption is required extrapolated by login authentication device, adopt the unique key that secret number maker uses, AES n and conversion regime p, plaintext m is carried out computing, if numeric string r is legal numeric string, the numeric string r then inputted is by verifying, user logins successfully, operations such as withdrawing the money can be carried out, simultaneously, after user logins successfully, log on before the deadline, numeric string r is still effective in input, log on outside effect duration, it is invalid that user inputs numeric string r.
Embodiment 2 the only difference is that with embodiment 1, and in example 2, user realizes paying without card, it is not required that input bank card password.
Embodiment 3, as shown in Figure 1: a kind of card-free payment system of automatic teller machine of bank, including dynamic digital generating mechanism, user account binding mechanism and automatic teller machine certification authority, it is characterized in that: in described dynamic digital generating mechanism, have unique sequence numbers renderer, the built-in device of unique key, it is digitally generated trigger, secret number maker and secret number renderer, unique sequence numbers renderer comprises a serial number being made up of completely a series of numerals, this serial number has uniqueness, it is different from the serial number in the unique sequence numbers renderer in other dynamic digital generating mechanism, key in the built-in device of unique key is a character string, there is uniqueness equally, and unique sequence numbers and unique key one_to_one corresponding, if being digitally generated trigger to be triggered, secret number maker begins to carry out following computing:
A () dynamically generates string number, the plaintext m namely encrypted, and adopts AES n, with unique key, this plaintext is encrypted, and generates a ciphertext character string o;
B character conversion regime p in ciphertext character string o is wholly converted into numeric string q by (), then extract the part number in numeric string q, form a new numeric string r;
C plaintext m and numeric string r is combined into a new numeric string s by ();
Numeric string s is shown by secret number renderer;
Account authenticator, account binder is had in user account binding mechanism, the information of proof oneself identity that user is provided by account authenticator is identified, without passing through certification, then the bank card account number of user can not be bound, if by certification, then the bank card account number of user and unique sequence numbers are bound by account binder;
Serial number loader is had in automatic teller machine certification authority, secret number loader, user cipher loader and login authentication device, user inputs unique sequence numbers in serial number loader, secret number loader inputs numeric string s, user cipher loader inputs the bank card password of user, expressly m and numeric string r isolated by login authentication device from numeric string s, adopt the unique key that secret number maker uses, AES n and conversion regime p, plaintext m is carried out computing, if numeric string r is legal numeric string, the numeric string s then inputted is by verifying, also bank card password is verified simultaneously, only when numeric string s and bank card password are simultaneously by after verifying, user logins successfully, just can carry out operations such as withdrawing the money, simultaneously, after user logins successfully, the numeric string s of this input cancels, it is invalid that next user inputs numeric string s.
Embodiment 3 and embodiment 1 are distinctive in that, in embodiment 1, user realizes paying without card, the secret number of input in secret number loader, it is all effective before the deadline, for instance, effect duration is one day, so within that day, any automatic teller machine inputs, is all effective;And in embodiment 3, user realizes paying without card, in secret number loader, the secret number of input does not have the restriction of effect duration, as long as secret number does not input in secret number loader and used, it is all effective, but after using, this secret number cancels, and is equivalent to one-time pad.In order to strengthen safety, the expressly length suggestion respectively 6 of m and numeric string r, and expressly m is punctured in numeric string r, such as: be expressly " 167782 ", numeric string r is " 980426 ", then numeric string s can be arranged as: " 980167426782 ", expressly m can be random digit, can also be the numeral of automatic increase, for instance: the plaintext being currently generated is: " 000001 ", and the plaintext that next time generates is: " 000002 ".
Embodiment 4, as shown in Figure 2: a kind of card-free payment system of automatic teller machine of bank, including dynamic digital generating mechanism, user account binding mechanism and automatic teller machine certification authority, it is characterized in that: in described dynamic digital generating mechanism, have unique sequence numbers renderer, the built-in device of unique key, it is digitally generated trigger, secret number maker and secret number renderer, unique sequence numbers renderer comprises a serial number being made up of completely a series of numerals, this serial number has uniqueness, it is different from the serial number in the unique sequence numbers renderer in other dynamic digital generating mechanism, key in the built-in device of unique key is a character string, there is uniqueness equally, and unique sequence numbers and unique key one_to_one corresponding, if being digitally generated trigger to be triggered, secret number maker begins to carry out following computing:
A () dynamically generates string number, the plaintext m namely encrypted, and adopts AES n, with unique key, this plaintext is encrypted, and generates a ciphertext character string o;
B character conversion regime p in ciphertext character string o is wholly converted into numeric string q by (), then extract the part number in numeric string q, form a new numeric string r;
C plaintext m and numeric string r is combined into a new numeric string s by ();
Numeric string s is shown by secret number renderer;
Account authenticator, account binder is had in user account binding mechanism, the information of proof oneself identity that user is provided by account authenticator is identified, without passing through certification, then the bank card account number of user can not be bound, if by certification, then the bank card account number of user and unique sequence numbers are bound by account binder;
Serial number loader is had in automatic teller machine certification authority, secret number loader and login authentication device, user inputs unique sequence numbers in serial number loader, secret number loader inputs numeric string s, expressly m and numeric string r isolated by login authentication device from numeric string s, adopt the unique key that secret number maker uses, AES n and conversion regime p, plaintext m is carried out computing, if numeric string r is legal numeric string, the numeric string s then inputted is by verifying, user logins successfully, operations such as withdrawing the money can be carried out, simultaneously, after user logins successfully, the numeric string s of this input cancels, it is invalid that next user inputs numeric string s.
Embodiment 3 the only difference is that with embodiment 4, and in example 4, user realizes paying without card, it is not required that input bank card password.
The AES n mentioned in embodiment 1, embodiment 2, embodiment 3 and embodiment 4, in being embodied as, it is possible to adopt symmetric key algorithm AES, DES or even the self-designed AES of company, but for the sake of security, it is proposed that adopt ripe and that Cipher Strength is significantly high aes algorithm.And conversion regime p, there is again multiple selection, general character is converted to numeral, have many ripe technology.
Embodiment 1, embodiment 2, embodiment 3 and embodiment 4 mention unique sequence numbers, it is possible to the numeral numbering being automatically generated, it is also possible to be the cell-phone number that provides of user, as long as possessing uniqueness.
About the identification to user identity of the above-mentioned account authenticator, user can directly arrive sales counter and submit the data such as identity card to, allows staff assist application automatic teller machine without card payment transaction.Certainly, user can also log in the information such as website of bank, the short message verification code that input handset number, identification card number and mobile phone receive, and account authenticator judges that whether user identity legal, if legal, user can online self-service application automatic teller machine without card payment transaction.
Above-mentioned dynamic digital generating mechanism, in concrete implementation process, it is possible to be designed to the software used on mobile phone or the hardware carried with.
It is exemplified below, how to utilize embodiments of the invention 3 to design a cell phone software, it is achieved conveniently, safely pay without card on automatic teller machine.
User can self-service carry out without blocking the service paid in bank site application on automatic teller machine, bank site service system automatically generates the data file of an encryption, the inside comprises the unique sequence numbers (requirement according to user distributing to user, this unique sequence numbers is exactly the cell-phone number of user), unique key, the unique sequence numbers and the unique key that certainly preserve all should be encrypted storage;The data file of user's download online mobile phone client software and encryption, then imports the data file of encryption in mobile phone client software, and so far, an one's own dynamic digital generating mechanism just creates.User before the withdrawal, utilizes cell phone software to generate a secret numeric string s, when user withdraws the money, and input handset number, numeric string s and bank card password, easily carry out automatic teller machine and withdraw the money without card.
Certainly; the present invention also can have other various embodiments; when without departing substantially from present invention spirit and essence thereof; those of ordinary skill in the art can make various corresponding change and deformation according to the present invention, but these change accordingly and deformation all should belong to the scope of the claims appended by the present invention.