CN104021472A - Identity verification method and system - Google Patents
Identity verification method and system Download PDFInfo
- Publication number
- CN104021472A CN104021472A CN201410239190.2A CN201410239190A CN104021472A CN 104021472 A CN104021472 A CN 104021472A CN 201410239190 A CN201410239190 A CN 201410239190A CN 104021472 A CN104021472 A CN 104021472A
- Authority
- CN
- China
- Prior art keywords
- electronic mark
- beneficiary
- information
- paying party
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses an identity verification method and system. The method comprises: a cash collecting device receiving cash collecting information, according to the cash collecting information and payee identity information, obtaining payee electronic identification for outputting, and associating the payee identity information with a payee account, the payee electronic identification comprising an electronic identification expiration date; a payment device obtaining payee electronic identification, and verifying payee identity validity according to the payee electronic identification; the payment device, according to the payer identity information and current time information, obtaining a payer electronic identification for outputting, and associating the payer identity information with a payment account, the payer electronic identification comprising an electronic identification expiration date; and the cash collecting device obtaining the payer electronic identification, and verifying payer identity validity and according to the payer electronic identification. According to the invention, payee and/or payer identity validity are verified by use of a dynamic electronic identification, such that cheating of a phishing website is prevented; and each identity is bound with an account, and payment can be carried out without inputting a password and exposing an account medium, such that the security of the password and the account medium is ensured.
Description
Technical field
The present invention relates to computer security technique field, relate in particular to a kind of auth method and system.
Background technology
The first step that relates to payment in current E-commerce process, carries out account safety checking to the accounts information of paying party exactly, and the mode with safety provides the accounts information of paying party to beneficiary.Current existing main flow account safety verification method all exists some restrictions with not enough, and aspect security, all exists in certain defect, particularly current E-commerce process, and succeeding repeatedly of fishing website, allows user's fund sustain a loss.
Below enumerate feature and the existing deficiency of the account verification method of current main flow:
1, use bank card medium to carry out account safety checking:
Bank card medium can be point-of-sale terminal ((Point of Sale, POS), ATM (automatic teller machine) (Automatic Teller Machine, ATM) etc., for example, use POS machine (can be wired POS machine or wireless POS machine) to swipe the card, card primary input password carries out account safety checking, or uses ATM to read card, and card primary input password carries out account safety checking.This verification method must rely on specialized equipment and exclusive encryption channel, if bank card medium is lost or is replicated, and password is stolen, and bank card possessor will face high financial risks.
2, use bank card information to carry out account safety checking:
In electronic payment platform input bank card information or by bank card information and the binding of logon account information, by user, sign the mode of payment arrangement, realize quick online shopping and pay.This verification method need to be inputted payment cipher or need note code confirmation etc., if the client of user's operation exists trojan horse program, user's password and bank card information are are very likely intercepted and captured by trojan horse, thereby have greatly increased the risk of user account.In addition, this verification method cannot prevent the deception of fishing website, and user may input the account password of oneself on fishing website, causes fund loss.
3, use U shield to carry out accounts information checking:
This verification method at traction equipment (for example requires, personal computer (Personal Computer, PC), panel computer etc.) upper insertion with USB (universal serial bus) (Universal Serial Bus, USB) the U shield of interface, carry out on this basis account password input, after being verified, carry out the follow-up operation of transferring accounts.This verification method need to be furnished with U shield specialized equipment, when improving security, has also improved the complexity of using; And U shield cannot be used on a lot of e-platforms, for example, U shield, because cannot supporting the browser of certain particular version or can not using with host's machine is incompatible, also substantially can not be used on smart mobile phone equipment, therefore, the specificity of U shield has limited its usable range.In addition, this verification method can not prevent the deception of wooden horse equally, and user may carry out the operation of U shield on fake site, and input account password, causes security risk.
4, use dynamic password to carry out account safety checking:
This verification method is used particular device or software program, just-in-time construction dynamic password, and the mode by input dynamic password, completes account safety proof procedure.This verification method need to be used specific password to generate equipment or use Software Create dynamic password, in actual use, and complex operation; And password generation equipment generates dynamic password and has calibration process, increased the complicacy of using.In addition, this method can not be guarded against the false beneficiary of fishing equally, and fake site can be by the mode of transfer route, and the fund of paying party is obtained in deception.
In sum, in the account verification process of existing E-Payment, the constraint that is subject to task equipment having (as POS, ATM), the constraint that is subject to operating environment and flow process having.Said method 2,3 and 4 is inputted in the process of password user, have that password intercepted and captured by wooden horse may, and can not prevent from well the deception of fishing website from having the possibility of revealing paying party account password, threaten the fund security of paying party.
Therefore, how to carry out easily account safety checking and can effectively prevent the deception of fishing website, become problem demanding prompt solution.
Summary of the invention
The invention provides a kind of auth method and system, at least to solve account verification in existing electronic payment process, can not prevent well the deception of fishing website, may reveal user's password, threaten the problem of account safety.
According to an aspect of the present invention, a kind of auth method is provided, comprise: the Cash collecting equipment of beneficiary receives gathering information, according to described gathering information and described beneficiary, log in the beneficiary identity information that described Cash collecting equipment uses and obtain beneficiary electronic mark, and export described beneficiary electronic mark, wherein, described beneficiary identity information and beneficiary account relating, described beneficiary electronic mark comprises the term of validity of described beneficiary electronic mark; The payment equipment of paying party obtains described beneficiary electronic mark from described Cash collecting equipment, and according to described beneficiary electronic mark, verifies the identity legitimacy of described beneficiary; Paying party identity information and current time information that described payment equipment logs in described payment equipment use according to described paying party obtain paying party electronic mark, and export described paying party electronic mark, wherein, described paying party identity information and paying party account relating, described paying party electronic mark comprises the term of validity of described paying party electronic mark; Described Cash collecting equipment obtains described paying party electronic mark from described payment equipment, and according to described paying party electronic mark, verifies the identity legitimacy of described paying party; At described payment equipment, verify that described beneficiary identity is legal.
According to another aspect of the present invention, a kind of authentication system is provided, comprise: payment equipment and Cash collecting equipment, wherein, described payment equipment, for log in paying party identity information and the current time information of described payment equipment use according to paying party, obtain paying party electronic mark, and export described paying party electronic mark; And obtain beneficiary electronic mark from described Cash collecting equipment, and according to described beneficiary electronic mark, verify the identity legitimacy of described beneficiary, wherein, described paying party identity information and paying party account relating, described paying party electronic mark comprises the term of validity of described paying party electronic mark; Described Cash collecting equipment, for receiving gathering information, logs according to described gathering information and beneficiary the beneficiary identity information that described Cash collecting equipment uses and obtains described beneficiary electronic mark, and export described beneficiary electronic mark; And obtain described paying party electronic mark from described payment equipment, and according to described paying party electronic mark, verify the identity legitimacy of described paying party, wherein, described beneficiary identity information and beneficiary account relating, described beneficiary electronic mark comprises the term of validity of described beneficiary electronic mark.
By auth method of the present invention and system, the mode of take in Unified Set generates electronic mark (including identity information) as receipt and payment both sides, utilize the identity legitimacy of electronic mark checking beneficiary and/or paying party, can prevent that beneficiary false impersonation from collecting money, days of grace side can clearly know payment is to whom, avoid being subject to the deception of fishing website, by this bi-directional verification mechanism, guarantee the legitimacy of payment information and payment process.And identity information and account binding, after identity verification is legal, paying party, without input password on beneficiary equipment, also, without the account medium sticking one's chin out, can complete payment process, preventing that user cipher is recorded steals, the safety of the various account media that days of grace side holds.Above-mentioned verification method is simple and reliable and have a broad applicability.
Accompanying drawing explanation
Accompanying drawing described herein is used to provide a further understanding of the present invention, forms the application's a part, and schematic description and description of the present invention is used for explaining the present invention, does not form limitation of the invention.In the accompanying drawings:
Fig. 1 is the process flow diagram one of the auth method of the embodiment of the present invention;
Fig. 2 is the flowchart 2 of the auth method of the embodiment of the present invention;
Fig. 3 a is the interaction diagrams that the Cash collecting equipment of the embodiment of the present invention obtains beneficiary electronic mark;
Fig. 3 b is the interaction diagrams of the payment equipment side of the collecting payment electronic mark of the embodiment of the present invention;
Fig. 4 is the detail flowchart of the checking beneficiary identity legitimacy of the embodiment of the present invention;
Fig. 5 a is the flow chart 3 of the auth method of the embodiment of the present invention;
Fig. 5 b is the process flow diagram four of the auth method of the embodiment of the present invention;
Fig. 6 is the detail flowchart of the checking paying party identity legitimacy of the embodiment of the present invention;
Fig. 7 is the schematic diagram one of the authentication system of the embodiment of the present invention;
Fig. 8 is the schematic diagram two of the authentication system of the embodiment of the present invention;
Fig. 9 is the detail flowchart one of the auth method of the specific embodiment of the invention;
Figure 10 is the detail flowchart two of the auth method of the specific embodiment of the invention;
Figure 11 is the detail flowchart three of the auth method of the specific embodiment of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Based on embodiments of the invention, those of ordinary skills, not making the every other embodiment obtaining under creative work prerequisite, belong to protection scope of the present invention.
The embodiment of the present invention provides a kind of auth method, and Fig. 1 is the process flow diagram one of the auth method of the embodiment of the present invention.As shown in Figure 1, the method comprises the steps:
Step S101, the Cash collecting equipment of beneficiary receives gathering information, according to gathering information and beneficiary, log in the beneficiary identity information that Cash collecting equipment uses and obtain beneficiary electronic mark, and export beneficiary electronic mark, wherein, beneficiary identity information and beneficiary account relating, beneficiary electronic mark comprises the term of validity of beneficiary electronic mark;
Step S102, the payment equipment of paying party obtains beneficiary electronic mark from Cash collecting equipment, and according to the identity legitimacy of beneficiary electronic mark checking beneficiary;
Step S103, paying party identity information and current time information that payment equipment logs in payment equipment use according to paying party obtain paying party electronic mark, and export paying party electronic mark, wherein, paying party identity information and paying party account relating, paying party electronic mark comprises the term of validity of paying party electronic mark;
Step S104, Cash collecting equipment obtains paying party electronic mark from payment equipment, and according to the identity legitimacy of paying party electronic mark checking paying party.
It should be noted that, beneficiary and paying party can obtain in advance electronic mark (both sides obtain electronic mark separately and can carry out simultaneously) separately in this payment process, when verifying, export the electronic mark of oneself; Can in the situation that needs are verified, obtain corresponding electronic mark output, for example, if only need carry out the checking to beneficiary, only perform step S101 and step S102, payment equipment does not need to obtain its electronic mark yet.When the identity of beneficiary and paying party all needs to verify, beneficiary identity can be first verified, also paying party identity can be first verified.Electronic mark in the embodiment of the present invention is the electronic information generating for specific element of transaction, and this electronic information can comprise relevant participant's identity information and relevant Transaction Information.Concrete authentication process itself can be carried out by payment equipment and/or Cash collecting equipment, the electronic mark obtaining is resolved, in conjunction with the term of validity, determine that electronic mark is legal, networking pre-stored log-on message (or being called related information) from database is searched and is resolved the identity information that electronic mark obtains, with the legitimacy tentatively determining one's identity; For the accuracy of authentication, can also show resolving the identity information that electronic mark obtain, by paying party or beneficiary confirm beneficiary identity or paying party identity whether legal.Certainly, authentication process itself also can for example, by auxiliary realization of other equipment (electronic mark that, below can mention generates equipment and electronic mark Authentication devices).
By above-mentioned auth method, utilize the identity legitimacy of dynamic electron sign checking beneficiary and/or paying party, can prevent that beneficiary false impersonation from collecting money, days of grace side can clearly know payment is to whom, avoid being subject to the deception of fishing website, by this bi-directional verification mechanism, guarantee the legitimacy of payment information and payment process.And identity information and account binding, after identity verification is legal, paying party is without input password on beneficiary equipment, also without the account medium sticking one's chin out, can complete payment process, prevent from that user cipher is recorded to steal the safety of the various account media that days of grace side holds.
In the present embodiment, can also carry out authentication according to alternative condition, thus, can only carry out the checking to beneficiary identity, or only carry out the checking to paying party identity, or carry out bidirectional identification checking.Fig. 2 is the flowchart 2 of the auth method of the embodiment of the present invention, and as shown in Figure 2, above-mentioned auth method can also comprise the steps:
Step S105, payment equipment receives the first information of paying party input, and judges according to the first information whether paying party trusts beneficiary; If paying party is distrusted beneficiary, perform step S101 Cash collecting equipment output beneficiary electronic mark and step S102 payment equipment according to the identity legitimacy of beneficiary electronic mark checking beneficiary; If paying party is trusted beneficiary, perform step S103 payment equipment output paying party electronic mark, and perform step S104 Cash collecting equipment according to the identity legitimacy of paying party electronic mark checking paying party.Certainly, if paying party is trusted beneficiary, also can not verify the identity of paying party, direct payment, to complete fast payment (also can be described as transfer accounts, transaction, accounting processing etc.).
The above-mentioned first information can be paying party pass through that the modes such as button or voice input about whether trusting the information of beneficiary.Concrete, payment equipment can select whether trust beneficiary on its screen or by voice message paying party, and whether paying party can for example, trust beneficiary by button (virtual key showing on the physical button on payment equipment or screen) or phonetic entry.In the present embodiment, electronic mark can be that subscriber equipment obtains in advance for this payment process, then according to the judged result of whether trusting beneficiary, exports its electronic mark for method, apparatus is obtained; Also can be according to the judged result of whether trusting beneficiary, subscriber equipment determines whether to obtain the electronic mark of oneself, does not need like this side that verifies, just, without obtaining the electronic mark of oneself, has avoided unnecessary operation.
User need to register the identity information that obtains oneself on corresponding equipment, then request generates electronic mark and passes through electronic mark identity verification legitimacy.User as beneficiary can register on electronic mark generation equipment, as the user of paying party, can on electronic mark Authentication devices, register.
Concrete, beneficiary is registered and can be realized by following steps on electronic mark generation equipment: electronic mark generation equipment receives the application for registration of beneficiary, generates beneficiary identity information; Electronic mark generates equipment by beneficiary identity information and beneficiary account relating, and stores the information after association.When information is transferred accounts in follow-up generation, can from the related information of storage, obtain the account that identity information is corresponding, this by the mode of beneficiary identity and the binding of its account, when carrying out accounting processing, without beneficiary, expose its account medium, to guarantee the security of beneficiary account medium.
Paying party is registered and can be realized by following steps on electronic mark Authentication devices: electronic mark Authentication devices receives the application for registration of paying party, generates paying party identity information; Electronic mark Authentication devices is paying party identity information and paying party account relating, and stores the information after association.When information is transferred accounts in follow-up generation, can from the related information of storage, obtain the account that identity information is corresponding, this by the mode of paying party identity and the binding of its account, when carrying out accounting processing, without paying party, expose its account medium, with the security of days of grace side's account medium, and without paying party, on Cash collecting equipment, input password while paying, prevent that password from being intercepted and captured by wooden horse.
It should be noted that, user on electronic mark generation equipment or the identity information of registering on electronic mark Authentication devices can be consistent with the identity information that user registers when bank's background system is opened an account.The related information of storing in the related information of storing in electronic mark Authentication devices and electronic mark generation equipment all can be transferred to background system, generates while transferring accounts information, can network and obtain account from background system.
After having registered, receipt and payment both sides want to carry out accounting processing, need first on equipment separately, to login, concrete, beneficiary on Cash collecting equipment, inputs beneficiary identity information and corresponding password is logined, and paying party inputs paying party identity information on payment equipment and corresponding password is logined.
Before passing through electronic mark identifying user identity legitimacy, user need to obtain it corresponding to the electronic mark of current transaction, concrete, and user can obtain from electronic mark generation equipment the electronic mark of oneself.
As shown in Figure 3 a, Cash collecting equipment can obtain beneficiary electronic mark by following flow process: Cash collecting equipment receives after gathering information, to electronic mark generation equipment, send beneficiary electronic mark and generate request, wherein, beneficiary electronic mark generates request and comprises beneficiary identity information and gathering information, and gathering information comprises collection amount and Currency Type information; Electronic mark generates equipment and according to the first electronic mark generating mode, the beneficiary electronic mark receiving is generated and asks to process, and generates beneficiary electronic mark, and sends beneficiary electronic mark to Cash collecting equipment; Cash collecting equipment receives beneficiary electronic mark, exports beneficiary electronic mark when needs are verified beneficiary identity, for payment equipment, reads.Wherein, the first electronic mark generating mode is carried at beneficiary electronic mark and generates in request or electronic mark generates that equipment and Cash collecting equipment consult in advance.
As shown in Figure 3 b, payment equipment can be by the following flow process side of collecting payment electronic mark: before Cash collecting equipment obtains paying party electronic mark from payment equipment, said method also comprises: payment equipment generates equipment Sending Payments side electronic mark to electronic mark and generates request, wherein, paying party electronic mark generates and asks to comprise paying party identity information and current time information; Electronic mark generates equipment and according to the second electronic mark generating mode, the paying party electronic mark receiving is generated and asks to process, and generates paying party electronic mark, and to payment equipment Sending Payments side electronic mark; Payment equipment receives paying party electronic mark, exports paying party electronic mark when needs are verified paying party identity, for Cash collecting equipment, reads.Wherein, the second electronic mark generating mode is carried at paying party electronic mark and generates in request or electronic mark generates that equipment and payment equipment consult in advance.
It should be noted that, electronic mark can be generated by special equipment, for example above-mentioned electronic mark generates equipment, also the function that generates electronic mark can be integrated in to subscriber equipment (for example Cash collecting equipment and payment equipment) or accounting processing equipment, thereby generate electronic mark by subscriber equipment or accounting processing equipment.Electronic mark generating mode can be one or more in sound, image, readable numeral and readable character.Certainly, also can in multiple generating mode, select according to user definite generating mode to generate electronic mark, can also generate electronic mark according to the generating mode of acquiescence.Corresponding to different generating modes, the output form of electronic mark can have multiple, for example, sound (can be rapidly and continuous sound etc.), image (can be two-dimension code image, bar code, broken line graph etc.), numeric string or the various ways such as character string that can manual read, subscriber equipment can adopt suitable mode read electric sign according to the concrete output form of electronic mark.Concrete, subscriber equipment receives after electronic mark, electronic mark can be presented on its screen or pronunciation equipment (for example loudspeaker) upper, for other equipment, read.Subscriber equipment can use the recording (for example microphone), shooting or the Data Enter function that self possess to carry out read electric sign, for example, subscriber equipment can pass through the electronic mark that its image collecting device (for example camera) obtains Quick Response Code form, also can pass through its voice collection device (for example microphone) and obtain the electronic mark that form of sound is play, can also by paying party or beneficiary, be read the electronic mark of numeral or character style, be directly inputted on subscriber equipment.Each electronic mark generating all has uniqueness, and is wherein associated with timestamp information and the term of validity, and the electronic mark that surpasses the term of validity is considered as illegal sign.
Below identity legitimacy proof procedure will be described.
1, the identity legitimacy of verifying beneficiary in step S102 can realize as follows, as shown in Figure 4:
Step S1021, payment equipment sends beneficiary electronic mark and paying party identity information to electronic mark Authentication devices; Concrete, electronic mark can be converted to data stream, by network delivery to electronic mark Authentication devices.
Step S1022, electronic mark Authentication devices is resolved the term of validity that the beneficiary electronic mark receiving obtains beneficiary identity information, gathering information and beneficiary electronic mark, if the term of validity of beneficiary electronic mark is not exceeded the time limit, determine that beneficiary electronic mark is legal; Concrete, electronic mark Authentication devices can be resolved the data stream receiving, if determine that electronic mark does not exceed the time limit, parsing of the data stream is reduced to identity information and gathering information, and forms structural data storage, for follow-up.
Step S1023, electronic mark Authentication devices generates the first authorization information and the information of transferring accounts according to beneficiary identity information, gathering information and paying party identity information, wherein, the information of transferring accounts comprises: beneficiary account, paying party account, collection amount, Currency Type information and the term of validity of transferring accounts, and beneficiary account and paying party account obtain from pre-stored related information according to beneficiary identity information and paying party identity information respectively; Concrete, electronic mark Authentication devices can obtain the beneficiary account associated with beneficiary identity information from background system by real-time interconnection.
Step S1024, electronic mark Authentication devices sends the first authorization information and the information of transferring accounts to accounting processing equipment, indication accounting processing equipment records the first authorization information and transfer accounts information and in the term of validity of transferring accounts, again receive the first authorization information or receive second authorization information corresponding with the first authorization information after according to the information of transferring accounts, carry out accounting processing;
Step S1025, electronic mark Authentication devices sends beneficiary identity information and the first authorization information to payment equipment;
Step S1026, payment equipment is according to the identity legitimacy of the second Information Authentication beneficiary of the beneficiary identity information receiving and paying party input.
It should be noted that, authorization information in the present embodiment can be the information that the expressions such as numbering or character are verified, if need to carry out bi-directional verification (being that beneficiary is verified paying party and paying party is verified beneficiary), the authorization information that twice checking generates can be identical or corresponding, as long as can inform that two authorization informations of accounting processing equipment are for the same processing of transferring accounts.Above-mentioned the second information can be the consistent information of identity of whether claiming with it about beneficiary identity that paying party is inputted by modes such as button or voice.Concrete, payment equipment can be on its screen or the beneficiary identity information receiving by voice message, and paying party can for example, by button (virtual key showing on the physical button on payment equipment or screen) or phonetic entry the second information.Certainly, payment equipment also can be pointed out gathering information together with beneficiary identity information, for paying party, confirms.
In the present embodiment, electronic mark Authentication devices first judges the legitimacy of beneficiary electronic mark by the term of validity of beneficiary electronic mark, under the legal prerequisite of beneficiary electronic mark, by paying party, judged again the legitimacy (the beneficiary identity being obtained by electronic mark whether claim with it identity consistent) of beneficiary identity, guaranteed the accuracy of authentication, and, avoid paying party to be subject to the deception of fishing website.
After payment equipment checking beneficiary identity is legal, as shown in Fig. 5 a and Fig. 5 b, said method can also comprise:
Step S106, payment equipment receives the 3rd information of paying party input, and judges whether direct payment according to the 3rd information; If direct payment, performs step S107; If not direct payment, performs step S103 payment equipment output paying party electronic mark, and perform step S104 Cash collecting equipment paying party is carried out to authentication;
Step S107, payment equipment sends the first authorization information to accounting processing equipment, and indication accounting processing equipment carries out accounting processing according to the first authorization information and the information of transferring accounts.
Above-mentioned the 3rd information can be the explicit information about whether that paying party passes through that the modes such as button or voice input.Concrete, payment equipment can be on its screen or by whether direct payment of voice message, and paying party can for example, by whether direct payment of button (virtual key showing on the physical button on payment equipment or screen) or phonetic entry.After confirming that beneficiary identity is legal, paying party can be selected direct payment, to accounting processing equipment, send authorization information, now, accounting processing equipment finds the authorization information identical with this authorization information and the corresponding information of transferring accounts, if in the term of validity of transferring accounts, carries out accounting processing, days of grace side can not cheated by fishing website, and then days of grace side's account safety; In the present embodiment, beneficiary is not verified paying party identity legitimacy, and beneficiary also there will not be fund loss, certainly, also can carry out authentication to paying party, further to guarantee transaction security and account safety.In the present embodiment, electronic mark can be that subscriber equipment obtains in advance for this payment process, then according to judged result (whether trust beneficiary, whether direct payment), exports its electronic mark for method, apparatus is obtained; Also can be according to judged result, subscriber equipment determines whether to obtain the electronic mark of oneself, does not need like this side that verifies, just, without obtaining the electronic mark of oneself, has avoided unnecessary operation.
2, the identity legitimacy of step S104 checking paying party can realize as follows, as shown in Figure 6:
Step S1041, Cash collecting equipment is to electronic mark Authentication devices Sending Payments side electronic mark, gathering information and beneficiary identity information, and wherein, gathering information comprises collection amount and Currency Type information; Concrete, electronic mark can be converted to data stream, by network delivery to electronic mark Authentication devices.
Step S1042, electronic mark Authentication devices is resolved the term of validity that the paying party electronic mark receiving obtains paying party identity information and paying party electronic mark, if the term of validity of paying party electronic mark is not exceeded the time limit, determine that paying party electronic mark is legal and paying party identity is legal; Concrete, electronic mark Authentication devices can be resolved the data stream receiving, if determine that electronic mark does not exceed the time limit, parsing of the data stream is reduced to identity information, and forms structural data storage, for follow-up.
Step S1043, electronic mark Authentication devices generates the second authorization information and the information of transferring accounts according to beneficiary identity information, gathering information and paying party identity information;
Step S1044, electronic mark Authentication devices sends the second authorization information and the information of transferring accounts to accounting processing equipment, and indication accounting processing equipment carries out accounting processing according to the second authorization information and the term of validity of transferring accounts of transferring accounts in information to the information of transferring accounts.
Certainly, in the present embodiment, at electronic mark Authentication devices, to accounting processing equipment, send the second authorization information and transfer accounts after information, electronic mark Authentication devices can also send to Cash collecting equipment by paying party identity information and the second authorization information, after Cash collecting equipment determines that according to the information of beneficiary input paying party identity is legal, the second authorization information is issued to accounting processing equipment, the information that accounting processing equipment can send according to Cash collecting equipment is carried out accounting processing, the information of being inputted by beneficiary is verified paying party identity, has further guaranteed transaction security.
In the present embodiment, after accounting processing equipment carries out accounting processing, accounting processing result can also be returned to payment equipment and/or Cash collecting equipment, for user, check.Concrete, payment equipment receives the accounting processing result that accounting processing equipment sends, and shows accounting processing result; And/or Cash collecting equipment receives the accounting processing result that accounting processing equipment sends, and shows accounting processing result.Certainly, also can for user, listen to by formal output accounting processing results such as voice.
By the auth method of the above embodiment of the present invention, the mode of take in Unified Set generates electronic mark as receipt and payment both sides, utilize the identity legitimacy of electronic mark checking beneficiary and/or paying party, can prevent that beneficiary false impersonation from collecting money, days of grace side can clearly know payment is to whom, avoid being subject to the deception of fishing website, by this bi-directional verification mechanism, guarantee the legitimacy of payment information and payment process.And, user identity and account relating, paying party, without the account medium sticking one's chin out, can complete payment process, has guaranteed the safety of the various account media that paying party is held.Above-mentioned verification method is simple and reliable and have a broad applicability.In addition, from whole payment process, can see, in the process that paying party pays after payment equipment in login, without input password on equipment, thereby effectively prevent that password from being intercepted and captured by wooden horse, guarantee account safety.
The embodiment of the present invention also provides a kind of authentication system, can be for realizing above-mentioned auth method, because the principle that authentication system is dealt with problems is similar to auth method, therefore the enforcement of authentication system can, referring to the enforcement of auth method, repeat part and repeat no more.Fig. 7 is the schematic diagram one of the authentication system of the embodiment of the present invention, and as shown in Figure 7, this authentication system comprises: payment equipment 71 and Cash collecting equipment 72.Dotted line in Fig. 7 represents between payment equipment 71 and Cash collecting equipment 72, can obtain electronic mark by wireless mode, such as sound transmission, image acquisition, Bluetooth transmission etc.
Payment equipment 71, obtains paying party electronic mark for log in paying party identity information and the current time information of payment equipment use according to paying party, and exports paying party electronic mark; And obtain beneficiary electronic mark from Cash collecting equipment 72, and according to the identity legitimacy of beneficiary electronic mark checking beneficiary, wherein, paying party identity information and paying party account relating, paying party electronic mark comprises the term of validity of paying party electronic mark;
Cash collecting equipment 72, for receiving gathering information, logs according to gathering information and beneficiary the beneficiary identity information that Cash collecting equipment uses and obtains beneficiary electronic mark, and export beneficiary electronic mark; And obtain paying party electronic mark from payment equipment 71, and according to the identity legitimacy of paying party electronic mark checking paying party, wherein, beneficiary identity information and beneficiary account relating, beneficiary electronic mark comprises the term of validity of beneficiary electronic mark.
Except directly carrying out authentication, also can carry out authentication according to condition, concrete, payment equipment 71, also for receiving the first information of paying party input, and judges according to the first information whether paying party trusts beneficiary; And in the situation that paying party is distrusted beneficiary, obtain beneficiary electronic mark from Cash collecting equipment 72, and according to the identity legitimacy of beneficiary electronic mark checking beneficiary; In the situation that paying party is trusted beneficiary, output paying party electronic mark obtains for Cash collecting equipment 72, makes Cash collecting equipment 72 can verify according to the paying party electronic mark obtaining the identity legitimacy of paying party.
Concrete authentication process itself can be carried out by payment equipment 71 or Cash collecting equipment 72, the electronic mark obtaining is resolved, determine that electronic mark is legal, networking pre-stored log-on message from database is searched and is resolved the identity information obtaining, with the legitimacy tentatively determining one's identity; For the accuracy of authentication, the identity information that parsing can also be obtained shows, by paying party or beneficiary confirm beneficiary or paying party identity whether legal.Certainly, authentication process itself also can for example, by auxiliary realization of other equipment (electronic mark that, below can mention generates equipment 74 and electronic mark Authentication devices 75).
User need to register the identity information that obtains oneself, then logins corresponding equipment, and request generates electronic mark and passes through electronic mark identity verification legitimacy.User as beneficiary can register on electronic mark generation equipment, as the user of paying party, can on electronic mark Authentication devices, register.
Concrete, as shown in Figure 8, said system can also comprise: electronic mark generates equipment 74, for receiving the application for registration of beneficiary, generates beneficiary identity information; And by beneficiary identity information and beneficiary account relating, and store the information after association.Electronic mark generates equipment 74 and is connected with payment equipment 71, Cash collecting equipment 72 respectively.
Said system can also comprise: electronic mark Authentication devices 75, for receiving the application for registration of paying party, generates paying party identity information; And by paying party identity information and paying party account relating, and store the information after association.Electronic mark Authentication devices 75 is connected with payment equipment 71, Cash collecting equipment 72 respectively.
Payment equipment 71, also for receiving the paying party identity information of paying party input and corresponding password, to realize the login of paying party.
For the process of applying for electronic sign, payment equipment 71, also generates request for generate equipment 74 Sending Payments side's electronic marks to electronic mark, and wherein, paying party electronic mark generates request and comprises paying party identity information and current time information; Receive after paying party electronic mark; And output paying party electronic mark; Electronic mark generates equipment 74, also for the paying party electronic mark receiving being generated to request according to the second electronic mark generating mode, process, generate paying party electronic mark, and to payment equipment 71 Sending Payments side's electronic marks, wherein, the second electronic mark generating mode is carried at paying party electronic mark and generates in request or electronic mark generates that equipment and payment equipment consult in advance.
Cash collecting equipment 72, also for receiving the beneficiary identity information of beneficiary input and corresponding password, to realize the login of beneficiary.
Process for applying for electronic sign, Cash collecting equipment 72, also for receiving after gathering information, to electronic mark, generate equipment 74 and send beneficiary electronic mark generation request, wherein, beneficiary electronic mark generates request and comprises beneficiary identity information and gathering information, and gathering information comprises collection amount and Currency Type information; And receive after beneficiary electronic mark output beneficiary electronic mark; Electronic mark generates equipment 74, also for the beneficiary electronic mark receiving being generated to request according to the first electronic mark generating mode, process, generate beneficiary electronic mark, and send beneficiary electronic mark to Cash collecting equipment 72, wherein, the first electronic mark generating mode is carried at beneficiary electronic mark and generates in request or electronic mark generates that equipment and Cash collecting equipment consult in advance.
For beneficiary identity legitimacy proof procedure, payment equipment 71, also for sending beneficiary electronic mark and paying party identity information to electronic mark Authentication devices 75; And according to the identity legitimacy of the second Information Authentication beneficiary of the beneficiary identity information receiving and paying party input; Electronic mark Authentication devices 75, also for resolving the beneficiary electronic mark receiving, obtain the term of validity of beneficiary identity information, gathering information and beneficiary electronic mark, if the term of validity of beneficiary electronic mark is not exceeded the time limit, determine that beneficiary electronic mark is legal; According to beneficiary identity information, gathering information and paying party identity information, generate the first authorization information and the information of transferring accounts, wherein, the information of transferring accounts comprises: beneficiary account, paying party account, collection amount, Currency Type information and the term of validity of transferring accounts, and beneficiary account and paying party account obtain from pre-stored related information according to beneficiary identity information and paying party identity information respectively; To accounting processing equipment 73 (referring to Fig. 8, accounting processing equipment 73 is connected with payment equipment 71, Cash collecting equipment 72 and electronic mark Authentication devices 75 respectively) send the first authorization information and the information of transferring accounts, indication accounting processing equipment 73 record the first authorization informations and transfer accounts information and in the term of validity of transferring accounts, again receive the first authorization information or receive second authorization information corresponding with the first authorization information after according to the information of transferring accounts, carry out accounting processing; And send beneficiary identity information and the first authorization information to payment equipment.
After confirming that beneficiary identity is legal, paying party can be selected direct payment, to accounting processing equipment, sends authorization information, also can verify paying party identity legitimacy.Concrete, payment equipment 71, also, for after checking beneficiary identity is legal, receives the 3rd information of paying party input, and judges whether direct payment according to the 3rd information; And in explicit situation, to accounting processing equipment 73, sending the first authorization information, indication accounting processing equipment 73 carries out accounting processing according to the first authorization information and the information of transferring accounts; In not explicit situation, output paying party electronic mark obtains for Cash collecting equipment 72, makes Cash collecting equipment 72 can verify according to the paying party electronic mark obtaining the identity legitimacy of paying party.
For paying party identity legitimacy proof procedure, Cash collecting equipment 72, also for to electronic mark Authentication devices 75 Sending Payments side's electronic marks, gathering information and beneficiary identity information, wherein, gathering information comprises collection amount and Currency Type information; Electronic mark Authentication devices 75, also for resolving the paying party electronic mark receiving, obtain the term of validity of paying party identity information and paying party electronic mark, if the term of validity of paying party electronic mark is not exceeded the time limit, determine that the legal and described paying party identity of paying party electronic mark is legal; According to beneficiary identity information, gathering information and paying party identity information, generate the second authorization information and the information of transferring accounts; And sending the second authorization information and the information of transferring accounts to accounting processing equipment 73, indication accounting processing equipment 73 carries out accounting processing according to the second authorization information and the term of validity of transferring accounts of transferring accounts in information to the information of transferring accounts.
After accounting processing equipment 73 carries out accounting processing, payment equipment 71, the accounting processing result also sending for receiving accounting processing equipment 73, and show accounting processing result; Same, Cash collecting equipment 72, the accounting processing result also sending for receiving accounting processing equipment 73, and show accounting processing result.
Above-mentioned electronic mark generates equipment and electronic mark Authentication devices can be software and/or the hardware of realizing predetermined function, and its function also can realize on subscriber equipment or accounting processing equipment.
By above embodiment, can find out, in the mode of bi-directional verification, guarantee that paying party pays to the beneficiary of expectation, has got rid of the illegal use of third party to paying party account.And identity information and account binding, after being proved to be successful, paying party, without input password on beneficiary equipment, also, without the account medium sticking one's chin out, can complete payment process, preventing that user cipher is recorded steals, the safety of the various account media that days of grace side holds.In addition, without adopting the task equipments such as POS, ATM, as long as existing intelligent subscriber equipment is improved, can realize above-mentioned simple and reliable checking and payment process.
Below with reference to specific embodiment, technical scheme of the present invention is elaborated.Certainly, following examples are only not form the present invention the present invention is limited improperly in order to illustrate better.
Authentication system as shown in Figure 8, Cash collecting equipment 72 and payment equipment 71 can for example, carry out hardware repacking and/or related application be installed and be realized in terminal (, PC, mobile phone, panel computer etc.), also can manufacture special equipment and realize; Accounting processing equipment 73 can be the background server for the treatment of various transaction of bank; Electronic mark generates the correlation function of equipment 74 and electronic mark Authentication devices 75 and also can in an integrated equipment, realize, and for example, in accounting processing equipment 73, realizes.Below each equipment is elaborated.
Payment equipment 71 can read the beneficiary electronic mark representing on Cash collecting equipment 72, this beneficiary electronic mark can comprise beneficiary in identity information and the gathering information of banking system registration, to electronic mark Authentication devices 75, send the beneficiary electronic mark reading, to verify the identity legitimacy of beneficiary.Payment equipment 71 can also represent the result information that electronic mark Authentication devices 75 returns, if the identity of checking beneficiary is legal, payment equipment 71 sends and confirms payment information to accounting processing equipment 73, to carry out accounting processing.In addition, payment equipment 71 can also receive the accounting processing result that accounting processing equipment 73 sends, and this result presentation is checked to paying party.
Cash collecting equipment 72 can be for the typing information of collecting money, and the beneficiary identity ID (Identity) of gathering information and this Cash collecting equipment 72 of login is committed to electronic mark generation equipment 74, to obtain the beneficiary electronic mark that can represent to paying party (or payment equipment).Simultaneously, in order to realize receipt and payment both sides' bi-directional verification, Cash collecting equipment 72 can also read the paying party electronic mark representing on payment equipment 71, together with the gathering information of the paying party electronic mark reading and typing, sends to electronic mark Authentication devices 75, to verify the identity legitimacy of paying party.If paying party identity is legal, can the result and relationship trading information be issued to accounting processing equipment 73 by Cash collecting equipment 72 or electronic mark Authentication devices 75 and carry out transfer of financial resources; If paying party identity is illegal, authentication failed, points out authentication failed information to user.In addition, Cash collecting equipment 72 can also receive the accounting processing result of accounting processing equipment 73 transmissions and represent to beneficiary and check.
Accounting processing equipment 73 can, receiving authorization information and transferring accounts after information, complete the process of capital transfer; Can also be by the result feedback of transferring accounts to Cash collecting equipment 72 and/or payment equipment 71.
The beneficiary identity ID that electronic mark generation equipment 74 can be uploaded according to Cash collecting equipment 72, gathering information (comprising collection amount and gathering Currency Type information) and electronic mark generating mode are (certain, electronic mark generating mode can make Cash collecting equipment upload, also can adopt the generating mode of acquiescence) etc. Information generation beneficiary electronic mark, and this beneficiary electronic mark is returned to Cash collecting equipment 72; The paying party identity ID that payment equipment 71 can also be uploaded and current time information generate paying party electronic mark, and this paying party electronic mark is returned to payment equipment 71.
Electronic mark Authentication devices 75 can be resolved the electronic mark that payment equipment 71 is submitted to, and the result is returned to payment equipment 71 or sends to accounting processing equipment 73, indication accounting processing equipment 73 operation of transferring accounts.Can also resolve the electronic mark that Cash collecting equipment 72 is submitted to, and the result is sent to accounting processing equipment 73, the result can also be sent to Cash collecting equipment 72.
Concrete, the electronic mark being read can be converted into data stream, by network delivery, to electronic mark Authentication devices, electronic mark Authentication devices is resolved the electronic mark data stream receiving, and analysis result is returned to application equipment (Cash collecting equipment or payment equipment).If find in resolving that electronic mark surpasses the term of validity, think that this is that this electronic mark is the electronic information of cancelling, i.e. illegal electronic mark.For electronic mark before the deadline, from electronic mark parsing of the data stream, be reduced to original element of transaction, and form structural data and carry out follow-up use.
User's (comprising beneficiary and paying party) wants to use the authentication system shown in above-mentioned Fig. 8 to complete safely payment process, need on corresponding equipment, register, then can login corresponding Cash collecting equipment and payment equipment, to carry out bi-directional verification and transaction.Concrete registration can realize in the following manner: user registers on corresponding equipment, obtains user's identity ID, and this equipment carries out user's identity ID and user's account associated, and stores the information after association, for follow-up use.
Beneficiary generates registration on equipment 74 at electronic mark, obtains beneficiary identity ID, and electronic mark generates equipment 74 by beneficiary identity ID and beneficiary account relating, and log-on message (or being called related information) is recorded in beneficiary Registry.Beneficiary Registry is as shown in table 1:
Table 1: beneficiary Registry
| Field sequence number | Field name | Describe |
| 1 | Beneficiary identity ID | Beneficiary identity ID |
| 2 | Beneficiary account | The account that beneficiary is associated with identity ID |
Paying party is registered on electronic mark Authentication devices 75, the side of collecting payment identity ID, and electronic mark Authentication devices 75 is by paying party identity ID and paying party account relating, and related information is recorded in paying party Registry.Paying party Registry is as shown in table 2:
Table 2: paying party Registry
| Field sequence number | Field name | Describe |
| 1 | Payer's identity ID | Payer's identity ID |
| 2 | Paying party account | The account that paying party is associated with identity ID |
After having registered, user can use identity ID and the corresponding corresponding equipment of password login, as beneficiary or paying party, enters payment process.
Based on above-mentioned authentication system, can realize payment process as shown in Figure 9, in the present embodiment, the electronic mark of form of sound and image format of take describes as example, and electronic mark generating mode is carried in solicited message.As shown in Figure 9, this process comprises the steps:
Step S901, paying party are before needs payment, with identity ID and the password login payment equipment of oneself.
Step S902, payment equipment, after paying party logins successfully, send the solicited message that generates electronic mark to electronic mark generation equipment, this solicited message comprises: paying party identity ID, current time and indication generate the information of form of sound electronic mark.For example, can use 0 indication to generate the electronic mark of form of sound, 1 indicates the electronic mark of synthetic image form etc.In solicited message, use respectively fixing bit to represent user identity ID, current time and electronic mark generating mode.
Electronic mark generation equipment receives after solicited message, paying party identity ID, current time and the electronic mark term of validity are carried out to acoustic coding, obtain corresponding voice signal (simulating signal, the sound for example ticking), electronic mark A as paying party, and by coding decoder, this voice signal is converted to data stream (being the digital signal that voice signal is corresponding), by network, this digital data transmission is given to payment equipment.
Payment equipment is reduced to simulating signal by coding decoder by the data stream receiving, and obtains the electronic mark A of form of sound.Payment equipment can for example, play back the electronic mark A of form of sound by its sound play device (loudspeaker), supplies the voice collection device (for example microphone) of Cash collecting equipment to gather this voice signal, so that paying party identity is verified.
Step S903, paying party confirm whether beneficiary is the gathering object of its expectation, and whether paying party trusts beneficiary.If paying party is trusted beneficiary, enter step S914, the electronic mark A that Cash collecting equipment reads the form of sound of payment equipment broadcasting, initiates the checking flow process to paying party; If paying party is distrusted beneficiary, enter step S904, payment equipment reads the electronic mark B that Cash collecting equipment represents, and initiates the checking flow process to beneficiary.
Step S904, paying party for example, gather the image (being electronic mark B, for example Quick Response Code) representing on Cash collecting equipment by the image collecting device on payment equipment (camera), initiate the checking flow process to beneficiary.
Step S905, payment equipment are converted to data stream by the image of collection, and by network, this data stream is sent to electronic mark Authentication devices with the paying party identity ID that login payment equipment is used, by electronic mark Authentication devices, electronic mark B is verified, the identity that confirmation beneficiary is claimed with it is identical.
Step S906, electronic mark Authentication devices are resolved the data stream receiving, if this data stream to be electronic mark Authentication devices analysable and electronic mark B in its term of validity, represent that electronic mark B corresponding to this data stream is legal, data stream is reduced to element of transaction, and forms structural data follow-up use altogether.Electronic mark Authentication devices generates verification number (this verification number has represented the required all information elements of transferring accounts) and the relevant information of transferring accounts, this information of transferring accounts comprises: receipt and payment both sides' account, collection amount, Currency Type information and the term of validity of transferring accounts, wherein, the paying party identity ID inquiry Registry that the beneficiary identity ID that receipt and payment both sides' account can obtain according to parsing electronic mark B and payment equipment send obtains, the gathering information acquisition that the amount of money and the Currency Type information of transferring accounts can obtain from resolving electronic mark B.If electronic mark B is illegal, electronic mark Authentication devices returns to authentication failed information to payment equipment, enters step S907.
Electronic mark Authentication devices sends verification number and the information of transferring accounts to accounting processing equipment, the verification number that accounting processing equipment records receives and the information of transferring accounts, if in the term of validity of transferring accounts, accounting processing equipment receives that a legal verification number (can be identical with above-mentioned verification number or corresponding, as long as can confirm the two corresponding same processings of transferring accounts), accounting processing equipment is according to the processing of transferring accounts of the verification number recording and the information of transferring accounts.
At electronic mark Authentication devices, to accounting processing equipment, send verification number and transfer accounts after information, electronic mark Authentication devices can also and be resolved the beneficiary identity information obtaining by verification number and be sent to payment equipment, and the beneficiary identity information that paying party represents according to payment equipment confirms that its identity information of whether claiming with beneficiary is consistent.If consistent (being that beneficiary identity is legal) that beneficiary identity information is claimed with beneficiary, enters step S908; If inconsistent (being that beneficiary identity is illegal) that beneficiary identity information and beneficiary are claimed, enters step S907.
After step S907, authentication failed, feedback authentication failed information.Concrete, if the proof procedure of being initiated by payment equipment represents authentication failed information on payment equipment; If the proof procedure that Cash collecting equipment is initiated shows authentication failed information on Cash collecting equipment.After feedback authentication failed information, enter step S910.
Step S908, payment equipment initiate to after being proved to be successful of beneficiary identity, the whether direct payment of payment equipment present the bill for payment side, if so, enters step S909; If not, enter step S914 payment equipment and play electronic mark A, enter the checking flow process to paying party that beneficiary is initiated.
After the payment button at step S909, the payment interface on paying party click payment equipment, payment equipment (is verification number to the instruction of accounting processing equipment Sending Payments, this verification number is that electronic mark Authentication devices is issued payment equipment), request accounting processing equipment completes the corresponding operation of transferring accounts.
If step S910 checking electronic mark is failed or completed the process of transferring accounts, payment flow finishes.
Step S911, before payment process starts, beneficiary identity ID and password with oneself on Cash collecting equipment logined.
Step S912, beneficiary before gathering, the gathering information that typing is relevant, gathering information can comprise collection amount and Currency Type information.
Step S913, Cash collecting equipment send the solicited message that generates electronic mark to electronic mark generation equipment, request electronic mark generation equipment generates the electronic mark B of beneficiary, and this solicited message comprises: the information of beneficiary identity ID, gathering information (comprising collection amount and Currency Type information) and indication synthetic image form electronic mark.
Electronic mark generation equipment receives after solicited message, and beneficiary identity ID, gathering information and the electronic mark term of validity are processed, and obtains corresponding image, as the electronic mark B of beneficiary, and converts the image to data stream and sends to Cash collecting equipment.
Cash collecting equipment receives data stream, through processing, this data stream is reduced to image, obtains the electronic mark B of image format.Cash collecting equipment can show the electronic mark B of this image format by screen, for payment equipment collection, so that beneficiary is verified.Certainly, Cash collecting equipment also can show with Currency Type information collection amount together with electronic mark B, for paying party, checks gathering information.
Step S914, at paying party, trust beneficiary or allow after beneficiary gathering, Cash collecting equipment utilizes its microphone to gather the voice signal (being electronic mark A) that payment equipment is play.
Step S915, Cash collecting equipment are converted to data stream by the voice signal collecting, and by network, this data stream is sent to electronic mark Authentication devices with beneficiary identity ID, gathering information together with (comprising collection amount and Currency Type information), to verify the legitimacy of electronic mark A by electronic mark Authentication devices.
Step S916, electronic mark Authentication devices are resolved the data stream receiving, if this data stream be analysable and electronic mark A before the deadline, represent that electronic mark A corresponding to this data stream is legal, electronic mark Authentication devices generates verification number, and this verification number and the relevant information of transferring accounts are sent to accounting processing equipment execution step S917, carry out accounting processing; If electronic mark A is illegal, electronic mark Authentication devices returns to authentication failed information to Cash collecting equipment, enters step S907.Wherein, the information of transferring accounts comprises: receipt and payment both sides' account, collection amount, Currency Type information and the term of validity of transferring accounts; The term of validity of herein transferring accounts is set to 0 (Instant Transfer sign), so that accounting processing equipment receives above-mentioned verification number and transfers accounts after information, the processing of immediately transferring accounts; Receipt and payment both sides' account can find the account associated with this identity ID according to receipt and payment both sides' identity ID in Registry.
Step S917, accounting processing equipment receive verification number and the information of transferring accounts (can be that Cash collecting equipment, electronic mark Authentication devices or payment equipment send), if the term of validity of transferring accounts of transferring accounts in information is 0, and the processing of immediately transferring accounts; If the term of validity of transferring accounts of transferring accounts in information is not 0, first record this information of transferring accounts as the pending information of transferring accounts, follow-uply transfer accounts again when again receiving this verification number or receiving the verification number corresponding with this verification number in the term of validity of transferring accounts.Certainly, the term of validity of transferring accounts also can arrange 1 for Instant Transfer sign, and other numerals or character are non-Instant Transfer sign, do not limit herein.
Step S918, accounting processing equipment feed back to Cash collecting equipment and/or payment equipment by result after transferring accounts and processing, and Cash collecting equipment and/or payment equipment manifest the result receiving, and for beneficiary or paying party, check.In this step, accounting processing equipment can be only to Cash collecting equipment and one of them transmission processing result of payment equipment, also can be simultaneously to Cash collecting equipment and the equal transmission processing result of payment equipment.After feedback processing result, enter step S910 and finish payment flow.
In the present embodiment, what step S901 and S902 described is the process that paying party electronic mark generates, what step S911 to S913 described is the process that beneficiary electronic mark generates, the generative process of the generative process of paying party electronic mark and beneficiary electronic mark is not distinguished sequencing, can first generate paying party electronic mark, also beneficiary electronic mark can be first generated, above-mentioned two processes can also be carried out simultaneously.In the embodiment shown in fig. 9, electronic mark A and electronic mark B also can adopt identical generating mode to generate, and for example, are all electronic marks etc. of form of sound.
Based on above-mentioned authentication system, also can realize payment process as shown in figure 10, in the present embodiment, the identity legitimacy by electronic mark Authentication devices checking beneficiary, if identity is legal, pays.In the present embodiment, the electronic mark of form of sound and image format combination of take describes as example, and the generating mode of electronic mark is that subscriber equipment and electronic mark generate equipment and consult in advance.As shown in figure 10, this payment process comprises the steps:
Step S1001, paying party are before needs payment, with identity ID and the password login payment equipment of oneself.
Step S1002, before payment process starts, beneficiary identity ID and password with oneself on Cash collecting equipment logined.
Step S1003, beneficiary before gathering, the gathering information that typing is relevant, gathering information can comprise collection amount and Currency Type information.
Step S1004, Cash collecting equipment send the solicited message that generates electronic mark to electronic mark generation equipment, request electronic mark generation equipment generates the electronic mark of beneficiary, and this solicited message comprises: beneficiary identity ID, gathering information (comprising collection amount and Currency Type information).
Electronic mark generation equipment receives after solicited message, according to the generating mode of consulting in advance (sound and image combination), beneficiary identity ID, gathering information and the electronic mark term of validity are processed, obtain corresponding voice signal and image, as the electronic mark of beneficiary.And this voice signal and image are converted to data stream send to Cash collecting equipment.
Cash collecting equipment receives data stream, through processing, this data stream is reduced to voice signal and image, obtains the electronic mark of form of sound and image format combination.Cash collecting equipment shows image by its display screen, and for example, by sound play device (loudspeaker) signal that plays sound, for payment equipment collection, (payment equipment can only gather wherein a kind of electronic mark of form; Also electronic mark that can two kinds of forms all gathers, and the analysis result of the electronic mark of two kinds of forms is compared, to guarantee to resolve the correctness of the content obtaining).Certainly, Cash collecting equipment also can show with Currency Type information collection amount together with electronic mark, for paying party, checks gathering information.
Step S1005, paying party gather the image format of Cash collecting equipment output and/or the electronic mark of form of sound by the camera on payment equipment and/or microphone, initiate the checking flow process to beneficiary.
Step S1006, payment equipment are converted to data stream by the electronic mark of the image format collecting and/or form of sound, together with the paying party identity ID using with login payment equipment, send to electronic mark Authentication devices, by the legitimacy of electronic mark Authentication devices checking electronic mark.
Step S1007, electronic mark Authentication devices are resolved the data stream receiving, if to be electronic mark Authentication devices analysable and electronic mark does not surpass the term of validity for this data stream, represent that electronic mark corresponding to this data stream is legal, data stream is reduced to element of transaction, and forms structural data follow-up use altogether.Electronic mark Authentication devices generates verification number (this verification number has represented the required all information elements of transferring accounts) and the relevant information of transferring accounts, this information of transferring accounts comprises: receipt and payment both sides' account, collection amount, Currency Type information and the term of validity of transferring accounts, wherein, the paying party identity ID inquiry Registry that the beneficiary identity ID that receipt and payment both sides' account can obtain according to parsing electronic mark and payment equipment send obtains, the gathering information acquisition that the amount of money and the Currency Type information of transferring accounts can obtain from resolving electronic mark.If electronic mark is illegal, electronic mark Authentication devices returns to authentication failed information to payment equipment, enters step S1008.
Electronic mark Authentication devices sends verification number and the information of transferring accounts to accounting processing equipment, enters afterwards step S1009.Corresponding, accounting processing equipment receives the verification number of electronic mark Authentication devices transmission and transfers accounts after information, the verification number that record receives and the information of transferring accounts, if in the term of validity of transferring accounts, accounting processing equipment receives this verification number again, and accounting processing equipment is according to the verification number of record and the information of the transferring accounts processing of transferring accounts.
At electronic mark Authentication devices, to accounting processing equipment, send verification number and transfer accounts after information, electronic mark Authentication devices can also and be resolved the beneficiary identity information obtaining by verification number and be sent to payment equipment, and the beneficiary identity information that paying party represents according to payment equipment confirms that its identity information of whether claiming with beneficiary is consistent.If consistent (being that beneficiary identity is legal) that beneficiary identity information is claimed with beneficiary, enters step S1009; If inconsistent (being that beneficiary identity is illegal) that beneficiary identity information and beneficiary are claimed, enters step S1008.
After step S1008, authentication failed, feedback authentication failed information.Concrete, the proof procedure of being initiated by payment equipment, feeds back to payment equipment by authentication failed information, and payment equipment represents authentication failed information to be checked to paying party.After feedback authentication failed information, enter step S1012.
Step S1009, payment equipment are to the instruction of accounting processing equipment Sending Payments (be verification number, this verification number is that electronic mark Authentication devices is issued payment equipment), and request accounting processing equipment completes the corresponding operation of transferring accounts.
Step S1010, accounting processing equipment receive verification number and the information of transferring accounts of sending from electronic mark Authentication devices or payment equipment, if the term of validity of transferring accounts of transferring accounts in information is 0, and the processing of immediately transferring accounts; If the term of validity of transferring accounts of transferring accounts in information is not 0, first record this information of transferring accounts as the pending information of transferring accounts, follow-uply transfer accounts again while again receiving this verification number in the term of validity of transferring accounts.Certainly, the term of validity also can arrange 1 for Instant Transfer sign, and other numerals or character are non-Instant Transfer sign, do not limit herein.
Step S1011, accounting processing equipment feed back to Cash collecting equipment and/or payment equipment by result after transferring accounts and processing, and Cash collecting equipment and/or payment equipment manifest the result receiving, and for beneficiary or paying party, check.In this step, accounting processing equipment can be only to Cash collecting equipment and one of them transmission processing result of payment equipment, also can be simultaneously to Cash collecting equipment and the equal transmission processing result of payment equipment.After feedback processing result, enter step S1012 and finish payment flow.
If step S1012 checking electronic mark is failed or completed the process of transferring accounts, payment flow finishes.
Based on above-mentioned authentication system, can also realize payment process as shown in figure 11, in the present embodiment, the identity legitimacy by electronic mark Authentication devices checking beneficiary, if identity is legal, pays.In the present embodiment, the electronic mark of readable digital form combination of take describes as example, and the generating mode of electronic mark is that subscriber equipment and electronic mark generate equipment and consult in advance.As shown in figure 11, this payment process comprises the steps:
Step S1101, paying party are before needs payment, with identity ID and the password login payment equipment of oneself.
Step S1102, before payment process starts, beneficiary identity ID and password with oneself on Cash collecting equipment logined.
Step S1103, beneficiary before gathering, the gathering information that typing is relevant, gathering information can comprise collection amount and Currency Type information.
Step S1104, Cash collecting equipment send the solicited message that generates electronic mark to electronic mark generation equipment, request electronic mark generation equipment generates the electronic mark of beneficiary, and this solicited message comprises: beneficiary identity ID, gathering information (comprising collection amount and Currency Type information).
Electronic mark generation equipment receives after solicited message, according to the generating mode (readable digital form) of consulting in advance, beneficiary identity ID, gathering information and the electronic mark term of validity are processed, obtain corresponding readable numeral (for example 342178), as the electronic mark of beneficiary.And this readable numeral is converted to data stream sends to Cash collecting equipment.
Cash collecting equipment receives data stream, through processing this data stream reduction, obtains the electronic mark of readable digital form.Cash collecting equipment shows the readable numeral obtaining by its display screen.Certainly, Cash collecting equipment also can show with Currency Type information collection amount together with electronic mark, for paying party, checks gathering information.
Step S1105, paying party or beneficiary are input to payment equipment by the button on payment equipment by the readable numeral of seeing from Cash collecting equipment, initiate the checking flow process to beneficiary.
Step S1106, payment equipment are converted to data stream by the electronic mark of the readable digital form collecting, together with the paying party identity ID using with login payment equipment, send to electronic mark Authentication devices, by the legitimacy of electronic mark Authentication devices checking electronic mark.
Step S1107, electronic mark Authentication devices are resolved the data stream receiving, if to be electronic mark Authentication devices analysable and electronic mark does not surpass the term of validity for this data stream, represent that electronic mark corresponding to this data stream is legal, data stream is reduced to element of transaction, and forms structural data follow-up use altogether.Electronic mark Authentication devices generates verification number (this verification number has represented the required all information elements of transferring accounts) and the relevant information of transferring accounts, this information of transferring accounts comprises: receipt and payment both sides' account, collection amount, Currency Type information and the term of validity of transferring accounts, wherein, the paying party identity ID inquiry Registry that the beneficiary identity ID that receipt and payment both sides' account can obtain according to parsing electronic mark and payment equipment send obtains, the gathering information acquisition that the amount of money and the Currency Type information of transferring accounts can obtain from resolving electronic mark.If electronic mark is illegal, electronic mark Authentication devices returns to authentication failed information to payment equipment, enters step S1108.
Electronic mark Authentication devices sends verification number and the information of transferring accounts to accounting processing equipment, enters afterwards step S1109.Corresponding, accounting processing equipment receives the verification number of electronic mark Authentication devices transmission and transfers accounts after information, the verification number that record receives and the information of transferring accounts, if in the term of validity of transferring accounts, accounting processing equipment receives this verification number again, and accounting processing equipment is according to the verification number of record and the information of the transferring accounts processing of transferring accounts.
At electronic mark Authentication devices, to accounting processing equipment, send verification number and transfer accounts after information, electronic mark Authentication devices can also and be resolved the beneficiary identity information obtaining by verification number and be sent to payment equipment, and the beneficiary identity information that paying party represents according to payment equipment confirms that its identity information of whether claiming with beneficiary is consistent.If consistent (being that beneficiary identity is legal) that beneficiary identity information is claimed with beneficiary, enters step S1109; If inconsistent (being that beneficiary identity is illegal) that beneficiary identity information and beneficiary are claimed, enters step S1108.
After step S1108, authentication failed, feedback authentication failed information.Concrete, the proof procedure of being initiated by payment equipment, feeds back to payment equipment by authentication failed information, and payment equipment represents authentication failed information to be checked to paying party.After feedback authentication failed information, enter step S1112.
Step S1109, payment equipment are to the instruction of accounting processing equipment Sending Payments (be verification number, this verification number is that electronic mark Authentication devices is issued payment equipment), and request accounting processing equipment completes the corresponding operation of transferring accounts.
Step S1110, accounting processing equipment receive verification number and the information of transferring accounts of sending from electronic mark Authentication devices or payment equipment, if the term of validity of transferring accounts of transferring accounts in information is 0, and the processing of immediately transferring accounts; If the term of validity of transferring accounts of transferring accounts in information is not 0, first record this information of transferring accounts as the pending information of transferring accounts, follow-uply transfer accounts again while again receiving this verification number in the term of validity of transferring accounts.Certainly, the term of validity also can arrange 1 for Instant Transfer sign, and other numerals or character are non-Instant Transfer sign, do not limit herein.
Step S1111, accounting processing equipment feed back to Cash collecting equipment and/or payment equipment by result after transferring accounts and processing, and Cash collecting equipment and/or payment equipment manifest the result receiving, and for beneficiary or paying party, check.In this step, accounting processing equipment can be only to Cash collecting equipment and one of them transmission processing result of payment equipment, also can be simultaneously to Cash collecting equipment and the equal transmission processing result of payment equipment.After feedback processing result, enter step S1112 and finish payment flow.
If step S1112 checking electronic mark is failed or completed the process of transferring accounts, payment flow finishes.
Certainly, based on above-mentioned authentication system, also can, trusting under the prerequisite of beneficiary, after only verifying that paying party identity is legal, carry out accounting processing; Can also not carry out condition selection, directly carry out checking beneficiary identity legitimacy and checking paying party identity legitimacy (order in no particular order), determine one's identity after legal and carry out accounting processing.The present invention is not limited to this, and it is replaced, distortion should be included in protection scope of the present invention.
In sum, auth method of the present invention and system, based on dynamic electron sign, carry out account safety checking, make full use of the characteristic of the current various smart machines that are widely used, user bound identity ID and bank account in advance, the mode of take in Unified Set generates dynamic electronic mark as receipt and payment both sides, receipt and payment both sides exchang electron sign (can be wireless mode) is carried out authentication, by bi-directional verification mechanism, the legitimacy of payment confirming information and payment process, prevents from being subject to the deception of fishing website; And paying party, without inputting password and expose account medium on beneficiary equipment, can complete payment process, and the safety that ensures paying party account medium with this, prevents that password from being intercepted and captured, and has solved the existing variety of issue of existing electronic payment mode.
And above-mentioned proof procedure is simple, safe and reliable, can be widely used in the scenes such as electronic payment or daily small amount payment.For example, in ecommerce process, businessman represents the Quick Response Code form of electronic mark or digital word string form to buyer in payment interface, buyer by mobile phone photograph or directly on mobile phone typing dynamic electron identified checking and payment process.And for example in retail domain, the amount of money that retailer collects needs, after typing Cash collecting equipment, automatically represent the electronic mark being generated by backstage, payer sees after electronic mark, directly, by mobile phone photograph electronic mark or input electronic mark word string, after payment information and beneficiary identity that confirmation electronic mark represents, can complete payment process.This will greatly reduce the use of cash.
In process flow diagram or any process of otherwise describing at this or method describe and can be understood to, represent to comprise that one or more is for realizing module, fragment or the part of code of executable instruction of the step of specific logical function or process, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can be not according to order shown or that discuss, comprise according to related function by the mode of basic while or by contrary order, carry out function, this should be understood by embodiments of the invention person of ordinary skill in the field.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, a plurality of steps or method can realize with being stored in storer and by software or the firmware of suitable instruction execution system execution.For example, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: have for data-signal being realized to the discrete logic of the logic gates of logic function, the special IC with suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is to come the hardware that instruction is relevant to complete by program, described program can be stored in a kind of computer-readable recording medium, this program, when carrying out, comprises step of embodiment of the method one or a combination set of.
The above-mentioned storage medium of mentioning can be ROM (read-only memory), disk or CD etc.
In the description of this instructions, the description of reference term " embodiment ", " some embodiment ", " example ", " concrete example " or " some examples " etc. means to be contained at least one embodiment of the present invention or example in conjunction with specific features, structure, material or the feature of this embodiment or example description.In this manual, the schematic statement of above-mentioned term is not necessarily referred to identical embodiment or example.And the specific features of description, structure, material or feature can be with suitable mode combinations in any one or more embodiment or example.
Above-described specific embodiment; object of the present invention, technical scheme and beneficial effect are further described; institute is understood that; the foregoing is only specific embodiments of the invention; the protection domain being not intended to limit the present invention; within the spirit and principles in the present invention all, any modification of making, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (24)
1. an auth method, is characterized in that, comprising:
The Cash collecting equipment of beneficiary receives gathering information, according to described gathering information and described beneficiary, log in the beneficiary identity information that described Cash collecting equipment uses and obtain beneficiary electronic mark, and export described beneficiary electronic mark, wherein, described beneficiary identity information and beneficiary account relating, described beneficiary electronic mark comprises the term of validity of described beneficiary electronic mark;
The payment equipment of paying party obtains described beneficiary electronic mark from described Cash collecting equipment, and according to described beneficiary electronic mark, verifies the identity legitimacy of described beneficiary;
Paying party identity information and current time information that described payment equipment logs in described payment equipment use according to described paying party obtain paying party electronic mark, and export described paying party electronic mark, wherein, described paying party identity information and paying party account relating, described paying party electronic mark comprises the term of validity of described paying party electronic mark;
Described Cash collecting equipment obtains described paying party electronic mark from described payment equipment, and according to described paying party electronic mark, verifies the identity legitimacy of described paying party.
2. method according to claim 1, is characterized in that, before described payment equipment obtains described beneficiary electronic mark from described Cash collecting equipment, described method also comprises:
Described payment equipment receives the first information of described paying party input, and judges according to the described first information whether described paying party trusts described beneficiary;
If described paying party is distrusted described beneficiary, described payment equipment obtains described beneficiary electronic mark from described Cash collecting equipment, and according to described beneficiary electronic mark, verifies the identity legitimacy of described beneficiary;
If described paying party is trusted described beneficiary, described payment equipment is exported described paying party electronic mark, described Cash collecting equipment obtains described paying party electronic mark from described payment equipment, and according to described paying party electronic mark, verifies the identity legitimacy of described paying party.
3. method according to claim 1, is characterized in that, described Cash collecting equipment logs according to described gathering information and described beneficiary beneficiary identity information that described Cash collecting equipment uses and obtains beneficiary electronic mark and comprise:
Described Cash collecting equipment sends beneficiary electronic mark to electronic mark generation equipment and generates request, wherein, described beneficiary electronic mark generates request and comprises described beneficiary identity information and described gathering information, and described gathering information comprises collection amount and Currency Type information;
Described electronic mark generates equipment and according to the first electronic mark generating mode, the described beneficiary electronic mark receiving is generated and asks to process, generate described beneficiary electronic mark, and send described beneficiary electronic mark to described Cash collecting equipment, wherein, described the first electronic mark generating mode is carried at described beneficiary electronic mark and generates in request or described electronic mark generates that equipment and described Cash collecting equipment consult in advance.
4. method according to claim 3, is characterized in that, described payment equipment verifies that according to described beneficiary electronic mark the identity legitimacy of described beneficiary comprises:
Described payment equipment sends described beneficiary electronic mark and described paying party identity information to electronic mark Authentication devices;
Described electronic mark Authentication devices is resolved the term of validity that the described beneficiary electronic mark receiving obtains described beneficiary identity information, described gathering information and described beneficiary electronic mark, if the term of validity of described beneficiary electronic mark is not exceeded the time limit, determine that described beneficiary electronic mark is legal;
Described electronic mark Authentication devices generates the first authorization information and the information of transferring accounts according to described beneficiary identity information, described gathering information and described paying party identity information, wherein, the described information of transferring accounts comprises: beneficiary account, paying party account, collection amount, Currency Type information and the term of validity of transferring accounts, and described beneficiary account and described paying party account obtain from pre-stored related information according to described beneficiary identity information and described paying party identity information respectively;
Described electronic mark Authentication devices to accounting processing equipment send described the first authorization information and described in the information of transferring accounts, indicate described in described accounting processing equipment records the first authorization information and described in transfer accounts information and in the described term of validity of transferring accounts, again receive described the first authorization information or receive second authorization information corresponding with described the first authorization information after according to described in the information of transferring accounts carry out accounting processing;
Described electronic mark Authentication devices sends described beneficiary identity information and described the first authorization information to described payment equipment;
Described payment equipment is according to the identity legitimacy of beneficiary described in the second Information Authentication of the described beneficiary identity information receiving and the input of described paying party.
5. method according to claim 4, is characterized in that, after described payment equipment verifies that described beneficiary identity is legal, described method also comprises:
Described payment equipment receives the 3rd information of described paying party input, and judges whether direct payment according to described the 3rd information;
If direct payment, described payment equipment sends described the first authorization information to described accounting processing equipment, indicate described accounting processing equipment according to described the first authorization information and described in the information of transferring accounts carry out accounting processing;
If not direct payment, described payment equipment is exported described paying party electronic mark, and described Cash collecting equipment obtains described paying party electronic mark from described payment equipment, and according to described paying party electronic mark, verifies the identity legitimacy of described paying party.
6. method according to claim 1, is characterized in that, before described Cash collecting equipment receives gathering information, described method also comprises:
Described electronic mark generation equipment receives the application for registration of described beneficiary, generates described beneficiary identity information;
Described electronic mark generates equipment by described beneficiary identity information and beneficiary account relating, and stores the information after association.
7. method according to claim 1, is characterized in that, before described Cash collecting equipment receives gathering information, described method also comprises:
Described Cash collecting equipment receives described beneficiary identity information and the corresponding password of described beneficiary input.
8. according to the method described in any one in claim 1 to 7, it is characterized in that, described payment equipment logs in paying party identity information that described payment equipment uses and current time information according to described paying party and obtains paying party electronic mark and comprise:
Described payment equipment generates equipment Sending Payments side electronic mark to electronic mark and generates request, and wherein, described paying party electronic mark generates request and comprises described paying party identity information and described current time information;
Described electronic mark generates equipment and according to the second electronic mark generating mode, the described paying party electronic mark receiving is generated and asks to process, generate described paying party electronic mark, and send described paying party electronic mark to described payment equipment, wherein, described the second electronic mark generating mode is carried at described paying party electronic mark and generates in request or described electronic mark generates that equipment and described payment equipment consult in advance.
9. method according to claim 8, is characterized in that, described Cash collecting equipment verifies that according to described paying party electronic mark the identity legitimacy of described paying party comprises:
Described Cash collecting equipment sends described paying party electronic mark, described gathering information and described beneficiary identity information to electronic mark Authentication devices;
Described electronic mark Authentication devices is resolved the term of validity that the described paying party electronic mark receiving obtains described paying party identity information and described paying party electronic mark, if the term of validity of described paying party electronic mark is not exceeded the time limit, determine that the legal and described paying party identity of described paying party electronic mark is legal;
Described electronic mark Authentication devices generates the second authorization information and the information of transferring accounts according to described beneficiary identity information, described gathering information and described paying party identity information;
Described electronic mark Authentication devices to accounting processing equipment send described the second authorization information and described in the information of transferring accounts, indicate described accounting processing equipment according to described the second authorization information and described in the term of validity of transferring accounts of transferring accounts in information the described information of transferring accounts is carried out to accounting processing.
10. method according to claim 8, is characterized in that, logs in before paying party identity information that described payment equipment uses and current time information obtain paying party electronic mark at described payment equipment according to described paying party, and described method also comprises:
Described electronic mark Authentication devices receives the application for registration of described paying party, generates described paying party identity information;
Described electronic mark Authentication devices is described paying party identity information and paying party account relating, and stores the information after association.
11. methods according to claim 8, is characterized in that, log in before paying party identity information that described payment equipment uses and current time information obtain paying party electronic mark at described payment equipment according to described paying party, and described method also comprises:
Described payment equipment receives described paying party identity information and the corresponding password of described paying party input.
12. methods according to claim 8, is characterized in that, the first electronic mark generating mode and described the second electronic mark generating mode include following one of at least: sound, image, readable numeral, readable character.
13. 1 kinds of authentication systems, is characterized in that, comprising: payment equipment and Cash collecting equipment, wherein,
Described payment equipment, obtains paying party electronic mark for log in paying party identity information and the current time information of described payment equipment use according to paying party, and exports described paying party electronic mark; And obtain beneficiary electronic mark from described Cash collecting equipment, and according to described beneficiary electronic mark, verify the identity legitimacy of described beneficiary, wherein, described paying party identity information and paying party account relating, described paying party electronic mark comprises the term of validity of described paying party electronic mark;
Described Cash collecting equipment, for receiving gathering information, logs according to described gathering information and beneficiary the beneficiary identity information that described Cash collecting equipment uses and obtains described beneficiary electronic mark, and export described beneficiary electronic mark; And obtain described paying party electronic mark from described payment equipment, and according to described paying party electronic mark, verify the identity legitimacy of described paying party, wherein, described beneficiary identity information and beneficiary account relating, described beneficiary electronic mark comprises the term of validity of described beneficiary electronic mark.
14. systems according to claim 13, is characterized in that,
Described payment equipment, also for receiving the first information of paying party input, and judges according to the described first information whether described paying party trusts described beneficiary; And in the situation that described paying party is distrusted described beneficiary, from described Cash collecting equipment, obtain described beneficiary electronic mark, and according to described beneficiary electronic mark, verify the identity legitimacy of described beneficiary; In the situation that described paying party is trusted described beneficiary, export described paying party electronic mark and obtain for described Cash collecting equipment.
15. systems according to claim 13, is characterized in that, described system also comprises: electronic mark generates equipment;
Described Cash collecting equipment, also for sending beneficiary electronic mark to described electronic mark generation equipment, generate request, wherein, described beneficiary electronic mark generates request and comprises described beneficiary identity information and described gathering information, and described gathering information comprises collection amount and Currency Type information; Receive described beneficiary electronic mark; And export described beneficiary electronic mark;
Described electronic mark generates equipment, also for the described beneficiary electronic mark receiving being generated to request according to the first electronic mark generating mode, process, generate described beneficiary electronic mark, and send described beneficiary electronic mark to described Cash collecting equipment, wherein, described the first electronic mark generating mode is carried at described beneficiary electronic mark and generates in request or described electronic mark generates that equipment and described Cash collecting equipment consult in advance.
16. systems according to claim 15, is characterized in that, described system also comprises: electronic mark Authentication devices;
Described payment equipment, also for sending described beneficiary electronic mark and described paying party identity information to described electronic mark Authentication devices; And according to the identity legitimacy of beneficiary described in the second Information Authentication of the described beneficiary identity information receiving and the input of described paying party;
Described electronic mark Authentication devices, for resolving the term of validity that the described beneficiary electronic mark receiving obtains described beneficiary identity information, described gathering information and described beneficiary electronic mark, if the term of validity of described beneficiary electronic mark is not exceeded the time limit, determine that described beneficiary electronic mark is legal; According to described beneficiary identity information, described gathering information and described paying party identity information, generate the first authorization information and the information of transferring accounts, wherein, the described information of transferring accounts comprises: beneficiary account, paying party account, collection amount, Currency Type information and the term of validity of transferring accounts, and described beneficiary account and described paying party account obtain from pre-stored related information according to described beneficiary identity information and described paying party identity information respectively; To accounting processing equipment send described the first authorization information and described in the information of transferring accounts, indicate described in described accounting processing equipment records the first authorization information and described in transfer accounts information and in the described term of validity of transferring accounts, again receive described the first authorization information or receive second authorization information corresponding with described the first authorization information after according to described in the information of transferring accounts carry out accounting processing; And send described beneficiary identity information and described the first authorization information to described payment equipment.
17. systems according to claim 16, is characterized in that,
Described payment equipment, also, for after the described beneficiary identity of checking is legal, receives the 3rd information of described paying party input, and judges whether direct payment according to described the 3rd information; And in explicit situation, to described accounting processing equipment, send described the first authorization information, indicate described accounting processing equipment according to described the first authorization information and described in the information of transferring accounts carry out accounting processing; In not explicit situation, export described paying party electronic mark and obtain for described Cash collecting equipment.
18. systems according to claim 15, is characterized in that, described electronic mark generates equipment, also for receiving the application for registration of described beneficiary, generates described beneficiary identity information; And by described beneficiary identity information and beneficiary account relating, and store the information after association.
19. systems according to claim 15, is characterized in that, described Cash collecting equipment, also for receiving described beneficiary identity information and the corresponding password of described beneficiary input.
20. according to claim 13 to the system described in any one in 19, it is characterized in that,
Described payment equipment, also generates request for generating equipment Sending Payments side electronic mark to electronic mark, and wherein, described paying party electronic mark generates request and comprises described paying party identity information and current time information; Receive described paying party electronic mark; And export described paying party electronic mark;
Described electronic mark generates equipment, also for the described paying party electronic mark receiving being generated to request according to the second electronic mark generating mode, process, generate described paying party electronic mark, and send described paying party electronic mark to described payment equipment, wherein, described the second electronic mark generating mode is carried at described paying party electronic mark and generates in request or described electronic mark generates that equipment and described payment equipment consult in advance.
21. systems according to claim 20, is characterized in that,
Described Cash collecting equipment, also for sending described paying party electronic mark, described gathering information and described beneficiary identity information to electronic mark Authentication devices;
Described electronic mark Authentication devices, also for resolving the described paying party electronic mark receiving, obtain the term of validity of described paying party identity information and described paying party electronic mark, if the term of validity of described paying party electronic mark is not exceeded the time limit, determine that the legal and described paying party identity of described paying party electronic mark is legal; According to described beneficiary identity information, described gathering information and described paying party identity information, generate the second authorization information and the information of transferring accounts; And to accounting processing equipment send described the second authorization information and described in the information of transferring accounts, indicate described accounting processing equipment according to described the second authorization information and described in the term of validity of transferring accounts of transferring accounts in information the described information of transferring accounts is carried out to accounting processing.
22. systems according to claim 20, is characterized in that, described electronic mark Authentication devices, also for receiving the application for registration of described paying party, generates described paying party identity information; And by described paying party identity information and paying party account relating, and store the information after association.
23. systems according to claim 20, is characterized in that, described payment equipment, also for receiving described paying party identity information and the corresponding password of described paying party input.
24. systems according to claim 20, is characterized in that, the first electronic mark generating mode and described the second electronic mark generating mode include following one of at least: sound, image, readable numeral, readable character.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410239190.2A CN104021472A (en) | 2014-05-30 | 2014-05-30 | Identity verification method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410239190.2A CN104021472A (en) | 2014-05-30 | 2014-05-30 | Identity verification method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104021472A true CN104021472A (en) | 2014-09-03 |
Family
ID=51438212
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410239190.2A Pending CN104021472A (en) | 2014-05-30 | 2014-05-30 | Identity verification method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104021472A (en) |
Cited By (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104394022A (en) * | 2014-12-09 | 2015-03-04 | 安科智慧城市技术(中国)有限公司 | Network equipment identification method and device |
| CN105069621A (en) * | 2015-07-20 | 2015-11-18 | 中商交在线(北京)科技发展有限公司 | Payment processing server, payment system and payment method |
| CN105243539A (en) * | 2015-09-15 | 2016-01-13 | 重庆智韬信息技术中心 | Identity authentication method for realizing two-dimensional code safety payment |
| CN105303374A (en) * | 2015-09-15 | 2016-02-03 | 重庆智韬信息技术中心 | Two-dimensional code fast payment method based on multi-display |
| CN105608571A (en) * | 2015-12-11 | 2016-05-25 | 深圳市神州通行科技有限公司 | Fast character code payment method and system |
| WO2017012011A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Method and server for rejecting electronic certificate |
| WO2017012048A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Method, device, and system for receiving certificate |
| CN106651347A (en) * | 2016-10-09 | 2017-05-10 | 邹城众达知识产权咨询服务有限公司 | Telecommunication fraud and theft preventive financial trading system and the trading method thereof |
| CN106789839A (en) * | 2015-11-20 | 2017-05-31 | 北京奇虎科技有限公司 | The method and device that mobile terminal safety pays |
| CN107507007A (en) * | 2017-08-30 | 2017-12-22 | 努比亚技术有限公司 | One kind pays 2 D code verification method, terminal and computer-readable recording medium |
| WO2018001120A1 (en) * | 2016-06-28 | 2018-01-04 | 阿里巴巴集团控股有限公司 | Method and device facilitating expansion of primary payment instruments |
| CN108123867A (en) * | 2015-04-30 | 2018-06-05 | 广东欧珀移动通信有限公司 | Method for message interaction and relevant apparatus and communication system |
| CN108229967A (en) * | 2018-01-04 | 2018-06-29 | 深圳怡化电脑股份有限公司 | A kind of transfer account method, device, equipment and storage medium |
| CN108460591A (en) * | 2017-02-22 | 2018-08-28 | 阿里巴巴集团控股有限公司 | Payment processing method and device, method of commerce and mobile device |
| CN108566641A (en) * | 2018-03-06 | 2018-09-21 | 阿里巴巴集团控股有限公司 | Pay householder method, device and equipment |
| CN109102280A (en) * | 2018-08-01 | 2018-12-28 | 福州市晋安区绿奇鑫环保科技有限公司 | A kind of the safety verification method and server of barcode scanning payment environment |
| CN109214801A (en) * | 2018-08-17 | 2019-01-15 | 惠龙易通国际物流股份有限公司 | A kind of e-payment confirmation method, device and storage medium |
| CN109446774A (en) * | 2018-09-30 | 2019-03-08 | 山东知味行网络科技有限公司 | A kind of identification application method and system |
| CN109891450A (en) * | 2016-12-13 | 2019-06-14 | 连株式会社 | Method of payment and system |
| CN110009322A (en) * | 2018-12-25 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Auth method and device in transfer procedure |
| CN110766397A (en) * | 2019-10-21 | 2020-02-07 | 深圳市丰鑫科技服务有限公司 | Near-field payment method based on data identification model |
| CN110838010A (en) * | 2019-10-30 | 2020-02-25 | 腾讯科技(深圳)有限公司 | Service processing method, device, terminal, server and storage medium |
| CN111105225A (en) * | 2019-11-29 | 2020-05-05 | 中移动金融科技有限公司 | Transfer method, device, equipment and storage medium |
| CN111523627A (en) * | 2015-11-27 | 2020-08-11 | 阿里巴巴集团控股有限公司 | Information generation, acquisition and processing method and device, payment method and client |
| CN111784332A (en) * | 2020-06-29 | 2020-10-16 | 中国工商银行股份有限公司 | Mobile payment method based on electronic cash register label and label issuing method |
| CN112348510A (en) * | 2019-08-09 | 2021-02-09 | 深圳市优克联新技术有限公司 | Information processing method, information processing device, electronic equipment and storage medium |
| CN113421087A (en) * | 2018-06-12 | 2021-09-21 | 创新先进技术有限公司 | Payment processing method and device and server |
| CN113822674A (en) * | 2021-05-31 | 2021-12-21 | 中国银联股份有限公司 | Biometric identification terminal, user terminal, payment server and related methods |
| CN115271735A (en) * | 2022-07-05 | 2022-11-01 | 浙江省能源集团财务有限责任公司 | Log analysis method and system in proxy payment service scene |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1642078A (en) * | 2004-01-13 | 2005-07-20 | 华为技术有限公司 | Audio intelligent card identify verifying system and method thereof |
| CN102496125A (en) * | 2011-12-21 | 2012-06-13 | 成都英黎科技有限公司 | Transferring method and system based on mobile terminal |
| CN102509216A (en) * | 2011-11-08 | 2012-06-20 | 南京音优行信息技术有限公司 | Method and device for realizing on-site mobile payment by using audio signal |
| CN103186851A (en) * | 2011-12-30 | 2013-07-03 | 上海博泰悦臻电子设备制造有限公司 | Electronic payment system based on cloud data processing technology |
| CN103312865A (en) * | 2012-03-11 | 2013-09-18 | 闻泰通讯股份有限公司 | Method using mobile phone built-in chip to realize payment |
| CN103714458A (en) * | 2013-12-20 | 2014-04-09 | 江苏大学 | Two-dimension code-based mobile terminal transaction encryption method |
-
2014
- 2014-05-30 CN CN201410239190.2A patent/CN104021472A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1642078A (en) * | 2004-01-13 | 2005-07-20 | 华为技术有限公司 | Audio intelligent card identify verifying system and method thereof |
| CN102509216A (en) * | 2011-11-08 | 2012-06-20 | 南京音优行信息技术有限公司 | Method and device for realizing on-site mobile payment by using audio signal |
| CN102496125A (en) * | 2011-12-21 | 2012-06-13 | 成都英黎科技有限公司 | Transferring method and system based on mobile terminal |
| CN103186851A (en) * | 2011-12-30 | 2013-07-03 | 上海博泰悦臻电子设备制造有限公司 | Electronic payment system based on cloud data processing technology |
| CN103312865A (en) * | 2012-03-11 | 2013-09-18 | 闻泰通讯股份有限公司 | Method using mobile phone built-in chip to realize payment |
| CN103714458A (en) * | 2013-12-20 | 2014-04-09 | 江苏大学 | Two-dimension code-based mobile terminal transaction encryption method |
Cited By (41)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104394022A (en) * | 2014-12-09 | 2015-03-04 | 安科智慧城市技术(中国)有限公司 | Network equipment identification method and device |
| CN108123867A (en) * | 2015-04-30 | 2018-06-05 | 广东欧珀移动通信有限公司 | Method for message interaction and relevant apparatus and communication system |
| CN105069621A (en) * | 2015-07-20 | 2015-11-18 | 中商交在线(北京)科技发展有限公司 | Payment processing server, payment system and payment method |
| WO2017012447A1 (en) * | 2015-07-20 | 2017-01-26 | 中商交在线(北京)科技发展有限公司 | Payment processing server, payment system, and payment method |
| WO2017012011A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Method and server for rejecting electronic certificate |
| WO2017012048A1 (en) * | 2015-07-21 | 2017-01-26 | 深圳市银信网银科技有限公司 | Method, device, and system for receiving certificate |
| CN105243539A (en) * | 2015-09-15 | 2016-01-13 | 重庆智韬信息技术中心 | Identity authentication method for realizing two-dimensional code safety payment |
| CN105303374A (en) * | 2015-09-15 | 2016-02-03 | 重庆智韬信息技术中心 | Two-dimensional code fast payment method based on multi-display |
| CN106789839A (en) * | 2015-11-20 | 2017-05-31 | 北京奇虎科技有限公司 | The method and device that mobile terminal safety pays |
| CN106789839B (en) * | 2015-11-20 | 2021-09-28 | 北京奇虎科技有限公司 | Method and device for secure payment of mobile terminal |
| CN111523627B (en) * | 2015-11-27 | 2023-06-20 | 创新先进技术有限公司 | Information generation, acquisition and processing method and device, payment method and client |
| CN111523627A (en) * | 2015-11-27 | 2020-08-11 | 阿里巴巴集团控股有限公司 | Information generation, acquisition and processing method and device, payment method and client |
| CN105608571A (en) * | 2015-12-11 | 2016-05-25 | 深圳市神州通行科技有限公司 | Fast character code payment method and system |
| WO2018001120A1 (en) * | 2016-06-28 | 2018-01-04 | 阿里巴巴集团控股有限公司 | Method and device facilitating expansion of primary payment instruments |
| US11531984B2 (en) | 2016-06-28 | 2022-12-20 | Advanced New Technologies Co., Ltd. | Method and device facilitating expansion of primary payment instruments |
| CN106651347A (en) * | 2016-10-09 | 2017-05-10 | 邹城众达知识产权咨询服务有限公司 | Telecommunication fraud and theft preventive financial trading system and the trading method thereof |
| CN109891450B (en) * | 2016-12-13 | 2023-09-22 | 连株式会社 | Payment method and system |
| CN109891450A (en) * | 2016-12-13 | 2019-06-14 | 连株式会社 | Method of payment and system |
| CN108460591A (en) * | 2017-02-22 | 2018-08-28 | 阿里巴巴集团控股有限公司 | Payment processing method and device, method of commerce and mobile device |
| CN107507007A (en) * | 2017-08-30 | 2017-12-22 | 努比亚技术有限公司 | One kind pays 2 D code verification method, terminal and computer-readable recording medium |
| CN108229967A (en) * | 2018-01-04 | 2018-06-29 | 深圳怡化电脑股份有限公司 | A kind of transfer account method, device, equipment and storage medium |
| WO2019169958A1 (en) * | 2018-03-06 | 2019-09-12 | 阿里巴巴集团控股有限公司 | Payment assistance method, apparatus and device |
| CN108566641A (en) * | 2018-03-06 | 2018-09-21 | 阿里巴巴集团控股有限公司 | Pay householder method, device and equipment |
| TWI688281B (en) * | 2018-03-06 | 2020-03-11 | 香港商阿里巴巴集團服務有限公司 | Payment assistance method, device and equipment |
| CN108566641B (en) * | 2018-03-06 | 2020-03-13 | 阿里巴巴集团控股有限公司 | Payment assistance method, device and equipment |
| CN113421087A (en) * | 2018-06-12 | 2021-09-21 | 创新先进技术有限公司 | Payment processing method and device and server |
| CN109102280A (en) * | 2018-08-01 | 2018-12-28 | 福州市晋安区绿奇鑫环保科技有限公司 | A kind of the safety verification method and server of barcode scanning payment environment |
| CN109214801A (en) * | 2018-08-17 | 2019-01-15 | 惠龙易通国际物流股份有限公司 | A kind of e-payment confirmation method, device and storage medium |
| CN109214801B (en) * | 2018-08-17 | 2022-01-11 | 惠龙易通国际物流股份有限公司 | Electronic payment confirmation method, device and storage medium |
| CN109446774A (en) * | 2018-09-30 | 2019-03-08 | 山东知味行网络科技有限公司 | A kind of identification application method and system |
| CN109446774B (en) * | 2018-09-30 | 2021-11-30 | 山东知味行网络科技有限公司 | Identity recognition application method and system |
| CN110009322A (en) * | 2018-12-25 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Auth method and device in transfer procedure |
| CN112348510A (en) * | 2019-08-09 | 2021-02-09 | 深圳市优克联新技术有限公司 | Information processing method, information processing device, electronic equipment and storage medium |
| CN110766397B (en) * | 2019-10-21 | 2023-07-25 | 深圳市丰鑫科技服务有限公司 | Near field payment method based on data identification model |
| CN110766397A (en) * | 2019-10-21 | 2020-02-07 | 深圳市丰鑫科技服务有限公司 | Near-field payment method based on data identification model |
| CN110838010B (en) * | 2019-10-30 | 2021-04-30 | 腾讯科技(深圳)有限公司 | Service processing method, device, terminal, server and storage medium |
| CN110838010A (en) * | 2019-10-30 | 2020-02-25 | 腾讯科技(深圳)有限公司 | Service processing method, device, terminal, server and storage medium |
| CN111105225A (en) * | 2019-11-29 | 2020-05-05 | 中移动金融科技有限公司 | Transfer method, device, equipment and storage medium |
| CN111784332A (en) * | 2020-06-29 | 2020-10-16 | 中国工商银行股份有限公司 | Mobile payment method based on electronic cash register label and label issuing method |
| CN113822674A (en) * | 2021-05-31 | 2021-12-21 | 中国银联股份有限公司 | Biometric identification terminal, user terminal, payment server and related methods |
| CN115271735A (en) * | 2022-07-05 | 2022-11-01 | 浙江省能源集团财务有限责任公司 | Log analysis method and system in proxy payment service scene |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104021472A (en) | Identity verification method and system | |
| US11620621B2 (en) | Enrolling a payer by a merchant server operated by or for the benefit of a payee and processing a payment from the payer by a secure server | |
| US20230306417A1 (en) | Systems and methods for two-way account onboarding and linking across multiple service providers | |
| US11455682B2 (en) | Instant bank account verification through debit card network | |
| US20140136418A1 (en) | System and method for application security | |
| US20120066758A1 (en) | Online User Authentication | |
| US9911122B2 (en) | Audio-based electronic transaction authorization system and method | |
| KR102277060B1 (en) | System and method for encryption | |
| US11924347B2 (en) | Identity authentication and validation | |
| WO2015195176A1 (en) | Two factor authentication for invoicing payments | |
| EP2579198A1 (en) | Secure payment system | |
| WO2021082466A1 (en) | Offline payment | |
| JP2013505601A (en) | Reliable message storage, transfer protocol and system | |
| US10990968B2 (en) | Acoustic based pre-staged transaction processing | |
| CN103310139A (en) | Input validation method and input validation device | |
| US10755264B2 (en) | Methods and systems for secure online payment | |
| WO2021257645A1 (en) | System and method for facilitating transfer of electronic payment information | |
| KR20110107311A (en) | A transaction system and mehod using mobile network, computer program therefor | |
| CN113592650B (en) | Transaction method, device and equipment based on blockchain intelligent contract | |
| CN114612245A (en) | Self-service investment processing method, device, equipment and readable storage medium | |
| KR20080083731A (en) | Method and system for processing payment of credit card using by soft phone |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140903 |