CN104021474A - Method, device and system for improving mobile payment security - Google Patents
Method, device and system for improving mobile payment security Download PDFInfo
- Publication number
- CN104021474A CN104021474A CN201410280055.2A CN201410280055A CN104021474A CN 104021474 A CN104021474 A CN 104021474A CN 201410280055 A CN201410280055 A CN 201410280055A CN 104021474 A CN104021474 A CN 104021474A
- Authority
- CN
- China
- Prior art keywords
- authentication
- terminal
- identification information
- identity identification
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a method, device and system for improving mobile payment security and belongs to the technical field of communication. The method includes the steps that NFC pairing between a first terminal and a second terminal is achieved; when people enter mobile payment processes, first identity recognition information of a current user is collected; authentication is performed for the first time according to authentication information and the first identify recognition information of the registered user of a local machine; if authentication for the first time is passed, whether second identity recognition information, collected by the second terminal, of the current user is received or not is judged; if the second identity recognition information is received, authentication is performed for the second time according to the authentication information and the second identity recognition information; if the authentication for the second time is passed, the mobile payment processes are continued, and otherwise an authentication failure is determined. By the adoption of the method, device and system, when people enter the payment processes, both the first terminal and the second terminal need to perform authentication for the second time, and therefore the mobile payment security is improved.
Description
Technical field
The present invention relates to communication technical field, relate in particular to a kind of method, Apparatus and system that improves mobile payment security.
Background technology
Along with the development of the communication technology, brought the rise of mobile e-business, mobile payment technology also grows up thereupon.Wherein, mobile payment is called again mobile-phone payment, is to allow user to use its mobile terminal (normally mobile phone) consumed commodity or service to be carried out to a kind of method of service of account payment.In prior art, mobile payment mainly comprises that near field pays and two kinds of implementations of remote payment: near field payment, the mode of swiping the card with mobile terminal exactly by bus, do shopping etc.; Remote payment is the modes of payments by sending payment instruction (as Web bank, telephone bank, mobile-phone payment etc.) or being undertaken by the means of payment.
Although mobile payment can make to disburse funds carry convenient, process of consumption is more convenient simple, but in prior art, mobile payment still realizes this function by single mobile terminal, once this mobile terminal is lost or is stolen, that carry out mobile payment is no longer just the user of this mobile terminal registration, and security is poor.Therefore be necessary to provide method and the device of the mobile payment of the mobile payment function that a kind of registered user that can prevent non-moving terminal uses this mobile terminal, to improve the security of mobile payment.
Summary of the invention
In view of this, the technical problem to be solved in the present invention is to provide method, the Apparatus and system that improves mobile payment security, to solve the problem that existing mobile payment security is not high.
It is as follows that the present invention solves the problems of the technologies described above adopted technical scheme:
According to a first aspect of the invention, provide a kind of method that improves mobile payment security, comprise the steps: that first terminal and the second terminal realize near-field communication NFC pairing; When entering mobile payment flow process, gather the first identity identification information of active user; According to the machine registered user's authentication information and described the first identity identification information, carry out authentication for the first time; If described authentication is for the first time passed through, judge whether to receive the second identity identification information of the active user that described the second terminal gathers; If received described the second identity identification information, according to described authentication information and described the second identity identification information, carry out authentication for the second time; If described authentication is for the second time passed through, continue mobile payment flow process, otherwise confirm authentication failure.
A kind of method as above is provided, describedly according to the identity identification information of described authentication information and described collection, carry out authentication for the first time, comprising: judge that whether described the first identity identification information is consistent with the corresponding informance in described authentication information; If consistent, described the first identity identification information is sent to described the second terminal, whether the corresponding informance in the authentication information of the first identity identification information described in described the second terminal judges and its reception is consistent; Receive the result that described the second terminal is returned; Judge that whether described the result is for being verified; If described the result is for being verified, described in determining, authentication is for the first time passed through, otherwise the failure of authentication for the first time described in determining.
A kind of method as above is provided, describedly according to described authentication information and described the first identity identification information, carries out authentication for the second time, comprising: judge that whether described the second identity identification information is consistent with the corresponding informance in described authentication information; If consistent, described in determining, authentication is for the second time passed through, otherwise the failure of authentication for the second time described in determining; The result of described authentication is for the second time fed back to described the second terminal.
A kind of method as above is provided, and described authentication information comprises fingerprint authentication information and/or eyeball identifying information, and described the first identity identification information and the second identity identification information comprise: fingerprint authentication information or eyeball identifying information.
According to a second aspect of the invention, provide a kind of method that improves mobile payment security, comprise the steps: that the second terminal and first terminal realize near-field communication NFC pairing; Obtain the first terminal registered user's of described first terminal transmission authentication information; Receive the first identity identification information that described first terminal sends; According to described authentication information and described the first identity identification information, carry out authentication for the first time; If described authentication is for the first time passed through, gather the second identity identification information of active user; According to described authentication information and described the second identity identification information, carry out authentication for the second time; If described authentication is for the second time passed through, continue mobile payment flow process, otherwise confirm authentication failure.
A kind of method as above is provided, describedly according to described authentication information and described the first identity identification information, carries out authentication for the first time, comprising: judge that whether described the first identity identification information is consistent with the corresponding informance in described authentication information; If consistent, described in determining, authentication is for the first time passed through, otherwise the failure of authentication for the first time described in confirming; And the result of described authentication is for the first time fed back to described first terminal.
A kind of method as above is provided, describedly according to described authentication information and described the second identity identification information, carries out authentication for the second time, comprising: judge that whether described the second identity identification information is consistent with the corresponding informance in described authentication information; If consistent, described the second identity identification information is sent to described first terminal, by described first terminal, verify that whether the corresponding informance of described the second identity identification information in described authentication information be consistent; Receive the result that described first terminal returns; Judge that whether described the result is for being verified; If described the result is for being verified, described in determining, authentication is for the second time passed through, otherwise the failure of authentication for the second time described in confirming.
According to a third aspect of the present invention, provide a kind of first terminal of mobile payment, described first terminal comprises: a NFC pairing unit, for realizing near-field communication NFC pairing with the second terminal; The first collecting unit, for when entering mobile payment flow process, gathers the first identity identification information of active user; The first receiving element, for receiving the second identity identification information of the active user of described the second terminal collection; The first processing unit, for carrying out authentication for the first time according to the machine registered user's authentication information and described the first identity identification information, and described for the first time when authentication is passed through, judge whether described the first receiving element receives the second identity identification information, and when described the first receiving element has received the second identity identification information, according to described authentication information and described the second identity identification information, carry out authentication for the second time, and described for the second time when authentication is passed through, continue mobile payment flow process, otherwise confirm authentication failure.
A kind of described first terminal is provided, and described first terminal also comprises the first transmitting element, and whether described the first processing unit is also consistent with the corresponding informance of described authentication information for judging described the first identity identification information; Described the first transmitting element, also for when described the first processing unit judges that described the first identity identification information is consistent with described authentication information, described the first identity identification information is sent to described the second terminal, and whether the corresponding informance in the authentication information of the first identity identification information described in described the second terminal judges and its reception is consistent; Described the first receiving element, the result also returning for receiving described the second terminal; Described the first processing unit, also for judging that whether described the result is for being verified, and at described the result, be that described in determining when being verified, authentication is for the first time passed through, described the result for checking not by time determine described in authentication for the first time unsuccessfully.
A kind of described first terminal is provided, described the first processing unit, also whether consistent with the corresponding informance of described authentication information for judging described the second identity identification information, and described in determining when consistent, authentication is for the second time passed through, otherwise the failure of authentication for the second time described in determining; Described the first transmitting element, also for feeding back to described the second terminal by described the first processing unit to the result of described authentication for the second time.
According to a fourth aspect of the present invention, provide a kind of the second terminal of mobile payment, described the second terminal comprises: the 2nd NFC pairing unit, for realizing near-field communication NFC pairing with first terminal; Authorization information acquiring unit, for obtaining the first terminal registered user's of described first terminal transmission authentication information; The second receiving element, the first identity identification information sending for receiving described first terminal; The second processing unit, carries out authentication for the first time for authentication information and described the first identity identification information obtaining according to described authorization information acquiring unit; The second collecting unit, for when authentication is for the first time passed through described in described the second processing unit is determined, gathers the second identity identification information of active user; Described the second processing unit, also for carrying out authentication for the second time according to described authentication information and described the second identity identification information, and described authentication for the second time by time, continue mobile payment flow process, when described authentication for the second time is not passed through, confirm authentication failure.
A kind of the second terminal as above is provided, described the second processing unit, also whether consistent with the corresponding informance of described authentication information for judging described the first identity identification information, and described in determining when judgement is consistent, authentication is for the first time passed through, or the failure of authentication for the first time described in determining when judgement is inconsistent; Described the second terminal also comprises: the second transmitting element, and for the result of authentication for the first time described in described the second processing unit team is fed back to described first terminal.
A kind of the second terminal as above is provided, described the second processing unit, also whether consistent with the corresponding informance of described authentication information for judging described the second identity identification information; Described the second transmitting element, also for judging at described the second processing unit when consistent, described the second identity identification information is sent to described first terminal, by described first terminal, judge that whether the corresponding informance of described the second identity identification information in described authentication information be consistent; Described the second receiving element, the result also returning for receiving described first terminal; Described the second processing unit, also for judging that whether described the result is for being verified, and described in determining when being verified at described the result, authentication is for the second time passed through, otherwise the failure of authentication for the second time described in confirming.
The method of raising mobile payment of the present invention, Apparatus and system, when entering payment flow, no matter be the first terminal as payer, or as the second terminal that pays take over party, all need captured identity identifying information to identify active user's identity, and send to the other side to carry out secondary identity authentication the identity identification information gathering separately, improved the accuracy of authentication, and authentication adopts fingerprint recognition or eyeball identification, only have this talent of registered user of first terminal to pay by checking, even if therefore first terminal is lost or stolen loss of also not worrying bringing fund, security is very high.
Accompanying drawing explanation
A kind of module diagram that improves the system of mobile payment security that Fig. 1 provides for the embodiment of the present invention;
A kind of process flow diagram that improves the method for mobile payment security that Fig. 2 provides for the embodiment of the present invention;
The another kind that Fig. 3 provides for the embodiment of the present invention improves the process flow diagram of the method for mobile payment security;
Fig. 4 provide for the embodiment of the present invention another improve the process flow diagram of the method for mobile payment security.
Embodiment
In order to make technical matters to be solved by this invention, technical scheme and beneficial effect clearer, clear, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
Refer to Fig. 1, the invention provides a kind of system of mobile payment, adopt this system can improve the security of mobile payment.This system comprises first terminal 110 and the second terminal 120.
First terminal 110 comprises: the first near-field communication (Near Field Communication, NFC) pairing unit 111, the first collecting unit 112, the first receiving element 113, the first processing unit 114 and the first transmitting element 115.
The one NFC pairing unit 111, realizes near-field communication NFC pairing for the 2nd NFC pairing unit 121 with the second terminal 120.
The first transmitting element 115, for after a NFC pairing unit and the second terminal realize the pairing of point-to-point near-field communication NFC, sends to this second terminal by this authentication information.
Concrete, this authentication information comprises fingerprint authentication information and/or eyeball identifying information.In actual applications, first terminal 110 can not send to the second terminal by this authentication information yet, and directly from the third party (as bank) of this first terminal registration, is obtained by the second terminal 120.
The first collecting unit 112, for when entering mobile payment flow process, gathers the first identity identification information of active user.
Concrete, this first identity identification information can be fingerprint authorization information, can be also eyeball identifying information.
The first receiving element 113, for receiving the second identity identification information of the active user of these second terminal, 120 collections.
Concrete, this second identity identification information can be fingerprint authorization information, can be also eyeball identifying information.
The first processing unit 114, for carrying out authentication for the first time according to the machine registered user's authentication information and this first identity identification information, and at this when authentication is passed through for the first time, judge whether this first receiving element 113 receives the second identity identification information, and when this first receiving element 113 has received the second identity identification information, according to this authentication information and this second identity identification information, carry out authentication for the second time, and at this when authentication is passed through for the second time, continue mobile payment flow process, otherwise confirm authentication failure.
Concrete, when the first processing unit 114 carries out authentication for the first time according to the machine registered user's authentication information and this first identity identification information, can carry out in the following way:
The first processing unit 114 judges that whether this first identity identification information is consistent with the corresponding informance in this authentication information.When this first processing unit 114 judges that both are consistent, the first transmitting element 11 sends to this second terminal 120 by this first identity identification information, and whether the corresponding informance in the authentication information of this first identity identification information of this second terminal judges and its reception is consistent.After this first receiving element 113 receives the result that this second terminal 120 returns, 114 of this first processing units judge that whether this result is for being verified, and at this result, be to determine that this authentication for the first time passes through when being verified, this result for checking not by time determine this failure of authentication for the first time.
When this first processing unit 114 carries out authentication for the second time according to this authentication information and this second identity identification information, can realize in the following way:
By this first processing unit 114, judge that whether the corresponding informance of this second identity identification information in this authentication information be consistent, and both determine that this authentication for the second time passes through when consistent in judgement, otherwise determine this failure of authentication for the second time.When this first processing unit 114 determines that this authentication is for the second time passed through, by this first transmitting element 115, the result of this authentication is for the second time fed back to this second terminal 120.
The second terminal 120 comprises: the 2nd NFC pairing unit 121, the second collecting unit 122, the second receiving element 123, the second processing unit 124, the second transmitting element 125 and authorization information acquiring unit 126.
The 2nd NFC pairing unit 121, for realizing near-field communication NFC pairing with first terminal 110;
Authorization information acquiring unit 126, for obtaining the first terminal registered user's of described first terminal transmission authentication information.
This concrete authorization information acquiring unit 126 obtains first terminal registered user's authentication information, can obtain also and can obtain from the third party (as bank) of first terminal registration from first terminal 110.
The second receiving element 123, the first identity identification information sending for receiving this first terminal 110; Or for receiving the first terminal registered user's of these first terminal 110 transmissions authentication information, thereby make authorization information acquiring unit 126 obtain first terminal registered user's authentication information.
The second processing unit 124, carries out authentication for the first time for authentication information and this first identity identification information obtaining according to this authorization information acquiring unit 126.
The second collecting unit 122, has when this second processing unit 124 confirms that authentication is for the first time passed through, and gathers the second identity identification information of active user;
The second processing unit 124, also for carrying out authentication for the second time according to this authentication information and this second identity identification information, and this authentication for the second time by time, continue mobile payment flow process, when this authentication for the second time is not passed through, confirm authentication failure.
Concrete, when the authentication information receiving according to this second receiving element 123 when the second processing unit 124 and this first identity identification information carry out authentication for the first time, can realize in the following way:
This second processing unit 124 judges that whether this first identity identification information is consistent with the corresponding informance in this authentication information, and both determine that this authentication for the first time passes through when consistent in judgement, or both determine this failure of authentication for the first time when inconsistent in judgement.Now, by the second transmitting element 125, the result of this authentication is for the first time fed back to this first terminal.
When the second processing unit 124 carries out authentication for the second time according to this authentication information and this second identity identification information, can realize in the following way:
This second processing unit 124 judges that whether this second identity identification information is consistent with the corresponding informance in this authentication information.When this second processing unit 124 judges that both are consistent, the second transmitting element 125 sends to this first terminal 110 by this second identity identification information, by this first terminal, judges that whether the corresponding informance of this second identity identification information in this authentication information be consistent.After the result that second receiving element 123 these first terminals 110 of reception return, this second processing unit 124 judges that whether this result is for being verified, and at this result, determine that this authentication for the second time passes through when being verified, otherwise confirm this failure of authentication for the second time.
The system of the mobile payment that the present embodiment provides, when entering payment flow, no matter be at the first terminal as payer or in the second terminal as take over party, all need active user to carry out twice identification, and authentication adopts fingerprint recognition or eyeball identification, therefore only have this talent of registered user of first terminal to pay by checking, though first terminal loss or stolen loss of also not worrying bringing fund, so security is very high.
On the basis of above-described embodiment, the present invention, from the first terminal as payer, provides a kind of method that improves mobile payment security.Refer to Fig. 2, the present embodiment describes from the angle of the first terminal as payer, and method flow comprises:
S201, first terminal and the second terminal realize near-field communication NFC pairing.
Concrete, after realizing NFC pairing, first terminal sends to this second terminal by the machine registered user's authentication information, and this authentication information comprises that this authentication information comprises fingerprint authentication information and/or eyeball identifying information.
S202, when entering mobile payment flow process, gather the first identity identification information of active user.
In practical application, the function that first terminal has according to it can gather finger print information as the first identity identification information, also can gather eyeball identifying information (as iris recognition information) as the second identity identification information.
Concrete, if adopt fingerprint recognition information, generating fingerprint recognition message notifying message, prompting user carries out fingerprint recognition in specified location.This fingerprint recognition can be random generation, for example, can be the fingerprint recognition that forefinger is carried out in this prompting, carries out nameless fingerprint recognition next time.If adopt eyeball identifying information, generate fingerprint recognition message notifying message, prompting user carries out eyeball identification in specified location.
S203, according to the machine registered user's authentication information and this first identity identification information, carry out authentication for the first time, if authentication is passed through for the first time, carry out S204, otherwise carry out S207.
Concrete, this step can realize in the following way:
Judge that whether this first identity identification information is consistent with the corresponding informance in this authentication information;
If consistent, this first identity identification information is sent to this second terminal, whether the corresponding informance in the authentication information of this first identity identification information of this second terminal judges and its reception is consistent;
Receive the result that this second terminal is returned;
Judge that whether this result is for being verified;
If this result is for being verified, definite this authentication is for the first time passed through, otherwise determines this failure of authentication for the first time.
S204 judges whether to receive the second identity identification information of the active user that this second terminal gathers, if so, carries out S205, otherwise execution step S207.
Concrete, the second identity identification information of the second terminal collection according to being the authentication information that first terminal sends, it can be identical with the first identity identification information that first terminal gathers, also can be different from the first identity identification information.
S205, according to this authentication information and this second identity identification information, carry out authentication for the second time, if this authentication is for the second time passed through, carry out S206, otherwise carry out S207.
Concrete, this step can realize in the following way:
Judge that whether this second identity identification information is consistent with the corresponding informance in this authentication information;
If consistent, definite this authentication is for the second time passed through; Otherwise determine this failure of authentication for the second time;
The result of described authentication is for the second time fed back to described the second terminal.
S206, continuation mobile payment flow process,
S207, confirmation authentication failure.
In practical application, when first terminal, confirm, after authentication failed, can directly exit payment flow, also can point out user again to carry out authentication.
The method of the raising mobile payment that the present embodiment provides, when entering payment flow, first terminal as payer need to carry out twice identification to active user under the cooperation of the second terminal, and authentication adopts fingerprint recognition or eyeball identification, therefore only have this talent of registered user of first terminal to pay by checking, even if first terminal is lost or stolen loss of also not worrying bringing fund, so security is very high.
On the basis of above-described embodiment, the present invention is from the second terminal as paying take over party, and the another kind providing improves the method for mobile payment security.Refer to Fig. 3, method flow comprises:
S301, the second terminal and first terminal are realized near-field communication NFC pairing.
S302, receive the first terminal registered user's that this first terminal sends authentication information.
Concrete, this authentication information comprises that this authentication information comprises fingerprint authentication information and/or eyeball identifying information.
S303, receive the first identity identification information that this first terminal sends.
In practical application, first terminal can gather finger print information as the first identity identification information, also can gather eyeball identifying information (as iris recognition information) as the second identity identification information.
Concrete, if adopt fingerprint recognition information, generating fingerprint recognition message notifying message, prompting user carries out fingerprint recognition in specified location.This fingerprint recognition can be random generation, for example, can be the fingerprint recognition that forefinger is carried out in this prompting, carries out nameless fingerprint recognition next time.If adopt eyeball identifying information, generate fingerprint recognition message notifying message, prompting user carries out eyeball identification in specified location.
S304, according to this authentication information and this first identity identification information, carry out authentication for the first time, if this authentication is for the first time passed through, carry out S305, otherwise carry out S308;
Concrete, this step, to authentication for the first time, can realize in the following way:
Judge that whether this first identity identification information is consistent with the corresponding informance in this authentication information;
If consistent, definite this authentication is for the first time passed through, otherwise confirms this failure of authentication for the first time;
And the result of this authentication is for the first time fed back to this first terminal.
The second identity identification information of S305, collection active user.
Concrete, in practical application, the second terminal can gather finger print information as the first identity identification information, also can gather eyeball identifying information (as iris recognition information) as the second identity identification information.
Concrete, if adopt fingerprint recognition information, generating fingerprint recognition message notifying message, prompting user carries out fingerprint recognition in specified location.This fingerprint recognition can be random generation, for example, can be the fingerprint recognition that forefinger is carried out in this prompting, carries out nameless fingerprint recognition next time.If adopt eyeball identifying information, generate fingerprint recognition message notifying message, prompting user carries out eyeball identification in specified location.
S306, according to this authentication information and this second identity identification information, carry out authentication for the second time, if this authentication is for the second time passed through, carry out S307, otherwise carry out S308.
Concrete, this step is carried out authentication for the second time, can realize in the following way:
Judge that whether this second identity identification information is consistent with the corresponding informance in this authentication information;
If consistent, this second identity identification information is sent to this first terminal, by this first terminal, verify that whether the corresponding informance of this second identity identification information in this authentication information be consistent;
Receive the result that this first terminal returns;
Judge that whether this result is for being verified;
If this result is for being verified, definite this authentication is for the second time passed through, otherwise confirms this failure of authentication for the second time.
S307, continuation mobile payment flow process.
S308, confirmation authentication failure.
In practical application, after the second terminal check authentication failed, can directly exit payment flow according to the result of first terminal, or prompting user carries out authentication again.
The method of the raising mobile payment that the present embodiment provides, when entering payment flow, as the second terminal that pays take over party, need under the cooperation of first terminal, to active user, carry out twice identification, and authentication adopts fingerprint recognition or eyeball identification, therefore only have this talent of registered user of first terminal to pay by checking, even if first terminal is lost or stolen loss of also not worrying bringing fund, so security is very high.
For more clearly the present invention will be described, the present invention has proposed there is a kind of method that improves mobile payment security on the basis of above-described embodiment, refers to Fig. 4, and method flow comprises:
S401, first terminal and the second terminal realize NFC pairing.
S402, first terminal send to the second terminal by registered user's authentication information.
S403, first terminal need carry out mobile payment, gather user's fingerprint recognition information.
In the present embodiment, fingerprint recognition information is the first identity identification information.
Whether the fingerprint recognition information that S404, first terminal judgement gather is consistent with the fingerprint recognition information in authentication information, if consistent, carries out S405, otherwise carry out S417.
S405, first terminal send to the second terminal by the fingerprint recognition information of collection.
Whether S406, this fingerprint recognition information of the second terminal judges be consistent with the fingerprint recognition information in authentication information.
S407, the second terminal are returned to judged result to first terminal, and when judgment result is that of step S406 is consistent, execution step S409.
S408, first terminal judge that described the result, whether for being verified, if so, performs step S412, otherwise execution step S417.
S409, the second terminal gather active user's iris recognition information, as the second identity identification information.
In practical application, between step S408 and S409, there is no dividing of sequencing.
Whether the iris recognition information that S410, the second terminal judges gather is consistent with the iris recognition information in described authentication information, if consistent, execution step S411, otherwise execution step S417.
S411, the second terminal send to first terminal by iris recognition information.
S412, first terminal judge whether to receive the second identity identification information that the second terminal sends, if execution step S413, otherwise execution step S417.
S413 first terminal judges that whether this iris recognition information is consistent with the iris recognition information in authentication information.
S414, first terminal send to the second terminal by judged result, and when judgment result is that of step S413 is consistent, execution step S416, otherwise execution step S417.
S415, the second terminal judges the result, whether for being verified, if so, perform step S416, otherwise execution step S417.
S416, determine that active user's authentication passes through, continue mobile payment flow process.
S417, determine and active user's authentication failure stop payment flow.
The method of the raising mobile payment that the present embodiment provides, when entering payment flow, no matter be the first terminal as payer, or as the second terminal that pays take over party, all need captured identity identifying information to identify active user's identity, and send to the other side to carry out secondary identity authentication the identity identification information gathering separately, improved the accuracy of authentication, and authentication adopts fingerprint recognition or eyeball identification, only have this talent of registered user of first terminal to pay by checking, even if therefore first terminal is lost or stolen loss of also not worrying bringing fund, security is very high.
With reference to the accompanying drawings of the preferred embodiments of the present invention, not thereby limit to interest field of the present invention above.Those skilled in the art do not depart from the scope and spirit of the present invention interior done any modification, are equal to and replace and improve, all should be within interest field of the present invention.
Claims (12)
1. a method that improves mobile payment security, is characterized in that, comprises the steps:
First terminal and the second terminal realize near-field communication NFC pairing;
When entering mobile payment flow process, gather the first identity identification information of active user;
According to the machine registered user's authentication information and described the first identity identification information, carry out authentication for the first time;
If described authentication is for the first time passed through, judge whether to receive the second identity identification information of the active user that described the second terminal gathers;
If received described the second identity identification information, according to described authentication information and described the second identity identification information, carry out authentication for the second time;
If described authentication is for the second time passed through, continue mobile payment flow process, otherwise confirm authentication failure.
2. method according to claim 1, is characterized in that,
Describedly according to the identity identification information of described authentication information and described collection, carry out authentication for the first time, comprising:
Judge that whether described the first identity identification information is consistent with the corresponding informance in described authentication information;
If consistent, described the first identity identification information is sent to described the second terminal, whether the corresponding informance in the authentication information of the first identity identification information described in described the second terminal judges and its reception is consistent;
Receive the result that described the second terminal is returned;
Judge that whether described the result is for being verified;
If described the result is for being verified, described in determining, authentication is for the first time passed through, otherwise the failure of authentication for the first time described in determining.
3. method according to claim 2, is characterized in that, describedly according to described authentication information and described the first identity identification information, carries out authentication for the second time, comprising:
Judge that whether described the second identity identification information is consistent with the corresponding informance in described authentication information;
If consistent, described in determining, authentication is for the second time passed through, otherwise the failure of authentication for the second time described in determining;
The result of described authentication is for the second time fed back to described the second terminal.
4. a method that improves mobile payment security, is characterized in that, comprises the steps:
The second terminal and first terminal are realized near-field communication NFC pairing;
Obtain the first terminal registered user's of described first terminal transmission authentication information;
Receive the first identity identification information that described first terminal sends;
According to described authentication information and described the first identity identification information, carry out authentication for the first time;
If described authentication is for the first time passed through, gather the second identity identification information of active user;
According to described authentication information and described the second identity identification information, carry out authentication for the second time;
If described authentication is for the second time passed through, continue mobile payment flow process, otherwise confirm authentication failure.
5. method according to claim 4, is characterized in that, describedly according to described authentication information and described the first identity identification information, carries out authentication for the first time, comprising:
Judge that whether described the first identity identification information is consistent with the corresponding informance in described authentication information;
If consistent, described in determining, authentication is for the first time passed through, otherwise the failure of authentication for the first time described in confirming;
And the result of described authentication is for the first time fed back to described first terminal.
6. method according to claim 4, is characterized in that, describedly according to described authentication information and described the second identity identification information, carries out authentication for the second time, comprising:
Judge that whether described the second identity identification information is consistent with the corresponding informance in described authentication information;
If consistent, described the second identity identification information is sent to described first terminal, by described first terminal, verify that whether the corresponding informance of described the second identity identification information in described authentication information be consistent;
Receive the result that described first terminal returns;
Judge that whether described the result is for being verified;
If described the result is for being verified, described in determining, authentication is for the second time passed through, otherwise the failure of authentication for the second time described in confirming.
7. a first terminal for mobile payment, is characterized in that, described first terminal comprises:
The one NFC pairing unit, for realizing near-field communication NFC pairing with the second terminal;
The first collecting unit, for when entering mobile payment flow process, gathers the first identity identification information of active user;
The first receiving element, for receiving the second identity identification information of the active user of described the second terminal collection;
The first processing unit, for carrying out authentication for the first time according to the machine registered user's authentication information and described the first identity identification information, and described for the first time when authentication is passed through, judge whether described the first receiving element receives the second identity identification information, and when described the first receiving element has received the second identity identification information, according to described authentication information and described the second identity identification information, carry out authentication for the second time, and described for the second time when authentication is passed through, continue mobile payment flow process, otherwise confirm authentication failure.
8. first terminal according to claim 7, is characterized in that, described first terminal also comprises the first transmitting element,
Described the first processing unit, also whether consistent with the corresponding informance of described authentication information for judging described the first identity identification information;
Described the first transmitting element, also for when described the first processing unit judges that described the first identity identification information is consistent with described authentication information, described the first identity identification information is sent to described the second terminal, and whether the corresponding informance in the authentication information of the first identity identification information described in described the second terminal judges and its reception is consistent;
Described the first receiving element, the result also returning for receiving described the second terminal;
Described the first processing unit, also for judging that whether described the result is for being verified, and at described the result, be that described in determining when being verified, authentication is for the first time passed through, described the result for checking not by time determine described in authentication for the first time unsuccessfully.
9. according to the first terminal described in claim 7 or 8, it is characterized in that,
Described the first processing unit, also whether consistent with the corresponding informance of described authentication information for judging described the second identity identification information, and described in determining when consistent, authentication is for the second time passed through, otherwise the failure of authentication for the second time described in determining;
Described the first transmitting element, also for feeding back to described the second terminal by described the first processing unit to the result of described authentication for the second time.
10. second terminal of mobile payment, is characterized in that, described the second terminal comprises:
The 2nd NFC pairing unit, for realizing near-field communication NFC pairing with first terminal;
Authorization information acquiring unit, for obtaining the first terminal registered user's of described first terminal transmission authentication information;
The second receiving element, the first identity identification information sending for receiving described first terminal;
The second processing unit, carries out authentication for the first time for authentication information and described the first identity identification information obtaining according to described authorization information acquiring unit;
The second collecting unit, for when authentication is for the first time passed through described in described the second processing unit is determined, gathers the second identity identification information of active user;
Described the second processing unit, also for carrying out authentication for the second time according to described authentication information and described the second identity identification information, and described authentication for the second time by time, continue mobile payment flow process, when described authentication for the second time is not passed through, confirm authentication failure.
11. the second terminals according to claim 10, is characterized in that,
Described the second processing unit, also whether consistent with the corresponding informance of described authentication information for judging described the first identity identification information, and described in determining when judgement is consistent, authentication is for the first time passed through, or the failure of authentication for the first time described in determining when judgement is inconsistent;
Described the second terminal also comprises:
The second transmitting element, for feeding back to described first terminal by the result of authentication for the first time described in described the second processing unit team.
12. according to the second terminal described in claim 10 or 11, it is characterized in that,
Described the second processing unit, also whether consistent with the corresponding informance of described authentication information for judging described the second identity identification information;
Described the second transmitting element, also for judging at described the second processing unit when consistent, described the second identity identification information is sent to described first terminal, by described first terminal, judge that whether the corresponding informance of described the second identity identification information in described authentication information be consistent;
Described the second receiving element, the result also returning for receiving described first terminal;
Described the second processing unit, also for judging that whether described the result is for being verified, and described in determining when being verified at described the result, authentication is for the second time passed through, otherwise the failure of authentication for the second time described in confirming.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410280055.2A CN104021474B (en) | 2014-06-20 | 2014-06-20 | A kind of method, Apparatus and system improving mobile payment security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410280055.2A CN104021474B (en) | 2014-06-20 | 2014-06-20 | A kind of method, Apparatus and system improving mobile payment security |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104021474A true CN104021474A (en) | 2014-09-03 |
| CN104021474B CN104021474B (en) | 2016-03-02 |
Family
ID=51438214
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410280055.2A Active CN104021474B (en) | 2014-06-20 | 2014-06-20 | A kind of method, Apparatus and system improving mobile payment security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104021474B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104700270A (en) * | 2015-03-20 | 2015-06-10 | 酷派软件技术(深圳)有限公司 | Payment request processing method, payment request processing device and terminal |
| WO2016155470A1 (en) * | 2015-04-01 | 2016-10-06 | 京东方科技集团股份有限公司 | Payment device, payment system and payment method |
| CN106056380A (en) * | 2016-05-27 | 2016-10-26 | 深圳市雪球科技有限公司 | Mobile payment risk control system and mobile payment risk control method |
| CN107924516A (en) * | 2015-09-01 | 2018-04-17 | 华为技术有限公司 | A kind of payment authentication method of mobile terminal, device and mobile terminal |
| CN108804263A (en) * | 2018-05-03 | 2018-11-13 | 北京金山安全软件有限公司 | Terminal verification method, device and computer readable medium |
| CN108960195A (en) * | 2018-07-25 | 2018-12-07 | 中国建设银行股份有限公司 | Identity checking method and system |
| CN110378695A (en) * | 2019-06-19 | 2019-10-25 | 深圳壹账通智能科技有限公司 | Bank card payment method, device, equipment and computer storage medium |
| CN110910142A (en) * | 2019-11-06 | 2020-03-24 | 远光软件股份有限公司 | Payment authentication method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102184377A (en) * | 2011-04-26 | 2011-09-14 | 杭州五魁首信息技术有限公司 | Identity identification device and identity identification method based on radio frequency identification technology |
| CN202854880U (en) * | 2012-09-26 | 2013-04-03 | 深圳市亚略特生物识别科技有限公司 | SMS payment system based on fingerprint identification mobile phone |
| CN103106591A (en) * | 2013-01-22 | 2013-05-15 | 北京理工大学 | Smartphone short-range shopping method and system based on near field communication (NFC) function |
| CN103268547A (en) * | 2013-06-04 | 2013-08-28 | 北京邮电大学 | NFC (Near Field Communication) mobile phone payment system with fingerprint authentication mechanism |
| CN103268550A (en) * | 2013-05-17 | 2013-08-28 | 苏州通付盾信息技术有限公司 | Virtual account convenient application system based on mobile terminal and achieving method thereof |
-
2014
- 2014-06-20 CN CN201410280055.2A patent/CN104021474B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102184377A (en) * | 2011-04-26 | 2011-09-14 | 杭州五魁首信息技术有限公司 | Identity identification device and identity identification method based on radio frequency identification technology |
| CN202854880U (en) * | 2012-09-26 | 2013-04-03 | 深圳市亚略特生物识别科技有限公司 | SMS payment system based on fingerprint identification mobile phone |
| CN103106591A (en) * | 2013-01-22 | 2013-05-15 | 北京理工大学 | Smartphone short-range shopping method and system based on near field communication (NFC) function |
| CN103268550A (en) * | 2013-05-17 | 2013-08-28 | 苏州通付盾信息技术有限公司 | Virtual account convenient application system based on mobile terminal and achieving method thereof |
| CN103268547A (en) * | 2013-06-04 | 2013-08-28 | 北京邮电大学 | NFC (Near Field Communication) mobile phone payment system with fingerprint authentication mechanism |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104700270A (en) * | 2015-03-20 | 2015-06-10 | 酷派软件技术(深圳)有限公司 | Payment request processing method, payment request processing device and terminal |
| WO2016155470A1 (en) * | 2015-04-01 | 2016-10-06 | 京东方科技集团股份有限公司 | Payment device, payment system and payment method |
| US11244298B2 (en) | 2015-04-01 | 2022-02-08 | Boe Technology Group Co., Ltd. | Payment device, payment system and payment method |
| CN107924516A (en) * | 2015-09-01 | 2018-04-17 | 华为技术有限公司 | A kind of payment authentication method of mobile terminal, device and mobile terminal |
| CN106056380A (en) * | 2016-05-27 | 2016-10-26 | 深圳市雪球科技有限公司 | Mobile payment risk control system and mobile payment risk control method |
| CN108804263A (en) * | 2018-05-03 | 2018-11-13 | 北京金山安全软件有限公司 | Terminal verification method, device and computer readable medium |
| CN108804263B (en) * | 2018-05-03 | 2021-08-24 | 北京金山安全软件有限公司 | Terminal verification method, device and computer readable medium |
| CN108960195A (en) * | 2018-07-25 | 2018-12-07 | 中国建设银行股份有限公司 | Identity checking method and system |
| CN108960195B (en) * | 2018-07-25 | 2021-02-26 | 中国建设银行股份有限公司 | Identity verification method and system |
| CN110378695A (en) * | 2019-06-19 | 2019-10-25 | 深圳壹账通智能科技有限公司 | Bank card payment method, device, equipment and computer storage medium |
| WO2020253131A1 (en) * | 2019-06-19 | 2020-12-24 | 深圳壹账通智能科技有限公司 | Bank card payment method, apparatus and device, and computer storage medium |
| CN110910142A (en) * | 2019-11-06 | 2020-03-24 | 远光软件股份有限公司 | Payment authentication method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104021474B (en) | 2016-03-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104021474B (en) | A kind of method, Apparatus and system improving mobile payment security | |
| CN103489103B (en) | Vehicle mounted mobile transaction | |
| CN105469492A (en) | Outpatient service registration queuing server and outpatient service registration queuing method | |
| US20170154327A1 (en) | Mobile Payment Method and Apparatus and Near Field Communication Device | |
| CN104753894A (en) | Data processing method, device and system | |
| CN103577983A (en) | Load method of electronic currency for off-line consumption | |
| CN105096113B (en) | Mobile payment method and device | |
| CN105631659A (en) | Payment request processing method, payment request processing device and terminal | |
| CN105631651A (en) | Payment method and system applied to bus | |
| CN104376456A (en) | Mobile amount transfer system with real-time communication and voice communication combined and corresponding method | |
| CN109919607A (en) | Transfer benefit method and device and electronic equipment based on offline code by bus | |
| CN111935684A (en) | Bluetooth payment system and method | |
| CN104123795A (en) | POS (Point Of Sale) machine and positioning method and system thereof and cipher coder | |
| CN103093349A (en) | Mobile paying method and mobile terminal apparatus | |
| CN107403313A (en) | Robot near field safety of payment verification method and device | |
| KR20120129388A (en) | Method for Processing Transaction of Electronic Cash by using Near Field Communication, Handheld Device and Automatic Teller Machine | |
| CN103810598A (en) | Payment system and payment method based on terminal device | |
| KR20180095484A (en) | Method for Providing Independent Payment in Reverse Direction | |
| CN112184209A (en) | Method for realizing payment by D2D terminal through NFC and terminal | |
| CN108389042B (en) | Method and device for realizing auxiliary fee settlement by intelligent mobile phone | |
| KR20170057528A (en) | Method for Providing Refueling Payment by using Cigar Jack Device | |
| CN210006133U (en) | Automatic SIM card selling system | |
| KR20160147694A (en) | Method for paying with near field communication using micro secure digital card | |
| KR20170134888A (en) | Method for Providing Two-Channel Payment by using Cigar Jack Device | |
| CN104574084A (en) | Online bank payment system based on fingerprint identification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| CB02 | Change of applicant information |
Address after: A District No. 9018 Han innovation building in Nanshan District high tech Zone in Shenzhen city of Guangdong Province, North Central Avenue, 518000 floor 10 Applicant after: Nubian Technologies Ltd. Address before: A District No. 9018 Han innovation building in Nanshan District high tech Zone in Shenzhen city of Guangdong Province, North Central Avenue, 518000 floor 10 Applicant before: Shenzhen ZTE Mobile Tech Co., Ltd. |
|
| COR | Change of bibliographic data | ||
| GR01 | Patent grant |