CN104021474B - A kind of method, Apparatus and system improving mobile payment security - Google Patents
A kind of method, Apparatus and system improving mobile payment security Download PDFInfo
- Publication number
- CN104021474B CN104021474B CN201410280055.2A CN201410280055A CN104021474B CN 104021474 B CN104021474 B CN 104021474B CN 201410280055 A CN201410280055 A CN 201410280055A CN 104021474 B CN104021474 B CN 104021474B
- Authority
- CN
- China
- Prior art keywords
- terminal
- authentication
- identification information
- identity identification
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3278—RFID or NFC payments by means of M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a kind of method, the Apparatus and system that improve mobile payment security, belong to communication technical field.Method flow comprises: realize near-field communication NFC with the second terminal and match; When entering mobile payment flow process, gather first identity identification information of active user; First time authentication is carried out according to the authentication information of the machine registered user and described first identity identification information; If described first time authentication is passed through, judge whether the second identity identification information receiving the active user that described second terminal gathers; If have received described second identity identification information, carry out second time authentication according to described authentication information and described second identity identification information; If described second time authentication is passed through, then continue mobile payment flow process, otherwise confirm authentication failure.Adopt the present invention, when entering payment flow, first terminal with must carry out secondary identity authentication, improve the security of mobile payment.
Description
Technical field
The present invention relates to communication technical field, particularly relate to a kind of method, the Apparatus and system that improve mobile payment security.
Background technology
Along with the development of the communication technology, bring the rise of mobile e-business, mobile payment technology also grows up thereupon.Wherein, mobile payment is also called mobile-phone payment, is to allow user to use its mobile terminal (normally mobile phone) to carry out a kind of method of service of account payment to consumed commodity or service.In prior art, mobile payment mainly comprises near field and pays and remote payment two kinds of implementations: near field payment, the mode of swiping the card with mobile terminal exactly by bus, do shopping; Remote payment is by the modes of payments sending payment instruction (as Web bank, telephone bank, mobile-phone payment etc.) or undertaken by the means of payment.
Although mobile payment can make to disburse funds carry convenient, process of consumption is more simply convenient, but in prior art, mobile payment still realizes this function by single mobile terminal, once the loss or stolen of this mobile terminal, what carry out mobile payment is just no longer the user that this mobile terminal is registered, and security is poor.Therefore be necessary to provide a kind of can prevent the registered user of immobile terminal from using the mobile payment of the mobile payment function of this mobile terminal method and device, to improve the security of mobile payment.
Summary of the invention
In view of this, the technical problem to be solved in the present invention is to provide the method, the Apparatus and system that improve mobile payment security, to solve the not high problem of existing mobile payment security.
It is as follows that the present invention solves the problems of the technologies described above adopted technical scheme:
According to a first aspect of the invention, provide a kind of method improving mobile payment security, comprise the steps: that first terminal and the second terminal realize near-field communication NFC and match; When entering mobile payment flow process, described first terminal gathers first identity identification information of active user; First time authentication is carried out according to the authentication information of the machine registered user and described first identity identification information; If described first time authentication is passed through, judge whether described first terminal receives second identity identification information of the active user that described second terminal gathers; If described first terminal have received described second identity identification information, carry out second time authentication according to described authentication information and described second identity identification information; If described second time authentication is passed through, then continue mobile payment flow process, otherwise confirm authentication failure.
A kind of method as above is provided, the described identity identification information according to described authentication information and described collection carries out first time authentication, comprising: judge that whether described first identity identification information is consistent with the corresponding informance in described authentication information; If consistent, described first identity identification information is sent to described second terminal, whether consistent with the corresponding informance in the authentication information of its reception by the first identity identification information described in described second terminal judges; Receive the result that described second terminal returns; Judge that whether described the result is for being verified; If described the result is for being verified, then determine that described first time authentication is passed through, otherwise determine described first time authentication failure.
A kind of as above method is provided, describedly carries out second time authentication according to described authentication information and described first identity identification information, comprising: judge that whether described second identity identification information is consistent with the corresponding informance in described authentication information; If consistent, then determine that described second time authentication is passed through, otherwise determine described second time authentication failure; The result of described second time authentication is fed back to described second terminal.
There is provided a kind of method as above, described authentication information comprises fingerprint identifier and/or eyeball identifying information, and described first identity identification information and the second identity identification information comprise: fingerprint identifier or eyeball identifying information.
According to a second aspect of the invention, provide a kind of method improving mobile payment security, comprise the steps: that the second terminal and first terminal realize near-field communication NFC and match; Described second terminal obtains the authentication information of the first terminal registered user that described first terminal sends; Described second terminal receives the first identity identification information that described first terminal sends; Described second terminal carries out first time authentication according to described authentication information and described first identity identification information; If described first time authentication is passed through, described second terminal gathers second identity identification information of active user; Described second terminal carries out second time authentication according to described authentication information and described second identity identification information; If described second time authentication is passed through, then continue mobile payment flow process, otherwise confirm authentication failure.
A kind of as above method is provided, describedly carries out first time authentication according to described authentication information and described first identity identification information, comprising: judge that whether described first identity identification information is consistent with the corresponding informance in described authentication information; If consistent, then determine that described first time authentication is passed through, otherwise confirm described first time authentication failure; And the result of described first time authentication is fed back to described first terminal.
A kind of as above method is provided, describedly carries out second time authentication according to described authentication information and described second identity identification information, comprising: judge that whether described second identity identification information is consistent with the corresponding informance in described authentication information; If consistent, described second identity identification information is sent to described first terminal, verify that whether described second identity identification information is consistent with the corresponding informance in described authentication information by described first terminal; Receive the result that described first terminal returns; Judge that whether described the result is for being verified; If described the result is for being verified, then determine that described second time authentication is passed through, otherwise confirm described second time authentication failure.
According to a third aspect of the present invention, provide a kind of first terminal of mobile payment, described first terminal comprises: a NFC pairing unit, matches for realizing near-field communication NFC with the second terminal; First collecting unit, for when entering mobile payment flow process, gathers first identity identification information of active user; First receiving element, for receiving second identity identification information of the active user that described second terminal gathers; First processing unit, for carrying out first time authentication according to the authentication information of the machine registered user and described first identity identification information, and when described first time, authentication was passed through, judge whether described first receiving element receives the second identity identification information, and when described first receiving element have received the second identity identification information, second time authentication is carried out according to described authentication information and described second identity identification information, and when described second time authentication is passed through, continue mobile payment flow process, otherwise confirm authentication failure.
There is provided a kind of described first terminal, whether described first terminal also comprises the first transmitting element, described first processing unit, also consistent with the corresponding informance in described authentication information for judging described first identity identification information; Described first transmitting element, also for when described first processing unit judges that described first identity identification information is consistent with described authentication information, described first identity identification information is sent to described second terminal, whether consistent with the corresponding informance in the authentication information of its reception by the first identity identification information described in described second terminal judges; Described first receiving element, also for receiving the result that described second terminal returns; Described first processing unit, also for judging that whether described the result is for being verified, and determine that when described the result is for being verified described first time authentication is passed through, described the result for checking not by time determine the authentication failure of described first time.
A kind of described first terminal is provided, described first processing unit, also whether consistent with the corresponding informance in described authentication information for judging described second identity identification information, and when consistent, determine that described second time authentication is passed through, otherwise determine described second time authentication failure; Described first transmitting element, also for the result of described first processing unit to described second time authentication is fed back to described second terminal.
According to a fourth aspect of the present invention, provide a kind of second terminal of mobile payment, described second terminal comprises: the 2nd NFC pairing unit, matches for realizing near-field communication NFC with first terminal; Authorization information acquiring unit, for obtaining the authentication information of the first terminal registered user that described first terminal sends; Second receiving element, for receiving the first identity identification information that described first terminal sends; Second processing unit, carries out first time authentication for the authentication information that obtains according to described authorization information acquiring unit and described first identity identification information; Second collecting unit, for determine at described second processing unit described first time authentication by time, gather second identity identification information of active user; Described second processing unit, also for carrying out second time authentication according to described authentication information and described second identity identification information, and when described second time authentication is passed through, continue mobile payment flow process, when described second time authentication is not passed through, confirm authentication failure.
A kind of second terminal as above is provided, described second processing unit, also whether consistent with the corresponding informance in described authentication information for judging described first identity identification information, and determine that when judging consistent described first time authentication is passed through, or determine described first time authentication failure when judging inconsistent; Described second terminal also comprises: the second transmitting element, for the result of first time authentication described in described second processing unit team is fed back to described first terminal.
There is provided a kind of second terminal as above, described second processing unit, also whether consistent with the corresponding informance in described authentication information for judging described second identity identification information; Described second transmitting element, also for described second identity identification information being sent to described first terminal when described second processing unit judges consistent, judge that whether described second identity identification information is consistent with the corresponding informance in described authentication information by described first terminal; Described second receiving element, also for receiving the result that described first terminal returns; Described second processing unit, also for judging that whether described the result is for being verified, and determines that when described the result is for being verified described second time authentication is passed through, otherwise confirms described second time authentication failure.
The method of raising mobile payment of the present invention, Apparatus and system, when entering payment flow, it is no matter the first terminal as payer, or as paying second terminal of take over party, the identity of captured identity identifying information to active user is all needed to identify, and send to the other side to carry out secondary identity authentication the identity identification information gathered separately, improve the accuracy of authentication, and authentication adopts fingerprint recognition or eyeball identification, only have this talent of registered user of first terminal may be paid by checking, even if therefore first terminal is lost or is not stolenly also worried the loss bringing fund, security is very high.
Accompanying drawing explanation
A kind of module diagram improving the system of mobile payment security that Fig. 1 provides for the embodiment of the present invention;
A kind of process flow diagram improving the method for mobile payment security that Fig. 2 provides for the embodiment of the present invention;
The process flow diagram of the method for the another kind raising mobile payment security that Fig. 3 provides for the embodiment of the present invention;
The process flow diagram of the method for another raising mobile payment security that Fig. 4 provides for the embodiment of the present invention.
Embodiment
In order to make technical matters to be solved by this invention, technical scheme and beneficial effect clearly, understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
Refer to Fig. 1, the invention provides a kind of system of mobile payment, adopt this system can improve the security of mobile payment.This system comprises first terminal 110 and the second terminal 120.
First terminal 110 comprises: the first near-field communication (NearFieldCommunication, NFC) pairing unit 111, first collecting unit 112, first receiving element 113, first processing unit 114 and the first transmitting element 115.
One NFC pairing unit 111, matches for realizing near-field communication NFC with the 2nd NFC pairing unit 121 of the second terminal 120.
First transmitting element 115, after realizing the pairing of point-to-point near-field communication NFC in a NFC pairing unit and the second terminal, sends to this second terminal by this authentication information.
Concrete, this authentication information comprises fingerprint identifier and/or eyeball identifying information.In actual applications, this authentication information also can not be sent to the second terminal by first terminal 110, and the third party (as bank) directly registered from this first terminal by the second terminal 120 obtains.
First collecting unit 112, for when entering mobile payment flow process, gathers first identity identification information of active user.
Concrete, this first identity identification information can be fingerprint identifier, also can be eyeball identifying information.
First receiving element 113, for receiving second identity identification information of the active user that this second terminal 120 gathers.
Concrete, this second identity identification information can be fingerprint identifier, also can be eyeball identifying information.
First processing unit 114, for carrying out first time authentication according to the authentication information of the machine registered user and this first identity identification information, and when this first time, authentication was passed through, judge whether this first receiving element 113 receives the second identity identification information, and when this first receiving element 113 have received the second identity identification information, second time authentication is carried out according to this authentication information and this second identity identification information, and when this second time authentication is passed through, continue mobile payment flow process, otherwise confirm authentication failure.
Concrete, when the first processing unit 114 carries out first time authentication according to the authentication information of the machine registered user and this first identity identification information, can carry out in the following way:
First processing unit 114 judges that whether this first identity identification information is consistent with the corresponding informance in this authentication information.When consistent both this first processing unit 114 judges, whether this first identity identification information is sent to this second terminal 120 by the first transmitting element 11, consistent with the corresponding informance in the authentication information of its reception by this first identity identification information of this second terminal judges.After this first receiving element 113 receives the result that this second terminal 120 returns, this first processing unit 114 judges that whether this result is for being verified, and determine that when this result is for being verified this first time authentication is passed through, this result for checking not by time determine that this authentication unsuccessfully first time.
When this first processing unit 114 carries out second time authentication according to this authentication information and this second identity identification information, can realize in the following way:
Judge that whether this second identity identification information is consistent with the corresponding informance in this authentication information by this first processing unit 114, and determine that this second time authentication is passed through when consistent both judging, otherwise determine this second time authentication failure.This first processing unit 114 determine this second time authentication by time, by this first transmitting element 115, the result of this second time authentication is fed back to this second terminal 120.
Second terminal 120 comprises: the 2nd NFC pairing unit 121, second collecting unit 122, second receiving element 123, second processing unit 124, second transmitting element 125 and authorization information acquiring unit 126.
2nd NFC pairing unit 121, matches for realizing near-field communication NFC with first terminal 110;
Authorization information acquiring unit 126, for obtaining the authentication information of the first terminal registered user that described first terminal sends.
This concrete authorization information acquiring unit 126 obtains the authentication information of first terminal registered user, can obtain also can obtain from the third party (as bank) of first terminal registration from first terminal 110.
Second receiving element 123, for receiving the first identity identification information that this first terminal 110 sends; Or for receiving the authentication information of the first terminal registered user that this first terminal 110 sends, thus make authorization information acquiring unit 126 obtain the authentication information of first terminal registered user.
Second processing unit 124, carries out first time authentication for the authentication information that obtains according to this authorization information acquiring unit 126 and this first identity identification information.
Second collecting unit 122, have this second processing unit 124 confirm first time authentication by time, gather second identity identification information of active user;
Second processing unit 124, also for carrying out second time authentication according to this authentication information and this second identity identification information, and when this second time authentication is passed through, continue mobile payment flow process, when this second time authentication is not passed through, confirm authentication failure.
Concrete, when the authentication information that the second processing unit 124 receives according to this second receiving element 123 and this first identity identification information carry out first time authentication, can realize in the following way:
This second processing unit 124 judges that whether this first identity identification information is consistent with the corresponding informance in this authentication information, and determine that this first time authentication is passed through when consistent both judging, or when inconsistent both judging, determine this first time authentication failure.Now, by the second transmitting element 125, the result of this first time authentication is fed back to this first terminal.
When the second processing unit 124 carries out second time authentication according to this authentication information and this second identity identification information, by such as under type realization:
This second processing unit 124 judges that whether this second identity identification information is consistent with the corresponding informance in this authentication information.When consistent both this second processing unit 124 judges, this second identity identification information is sent to this first terminal 110 by the second transmitting element 125, judges that whether this second identity identification information is consistent with the corresponding informance in this authentication information by this first terminal.After the second receiving element 123 receives the result that this first terminal 110 returns, this second processing unit 124 judges that whether this result is for being verified, and determine that when this result is for being verified this second time authentication is passed through, otherwise confirm this second time authentication failure.
The system of the mobile payment that the present embodiment provides, when entering payment flow, no matter be at the first terminal as payer or in the second terminal as take over party, all need to carry out twice identification to active user, and authentication adopts fingerprint recognition or eyeball identification, therefore only have this talent of registered user of first terminal may be paid by checking, even if first terminal is lost or stolenly also do not worried the loss bringing fund, therefore security is very high.
On the basis of above-described embodiment, the present invention, from the first terminal as payer, provides a kind of method improving mobile payment security.Refer to Fig. 2, the present embodiment is described from the angle of the first terminal as payer, and method flow comprises:
S201, first terminal and the second terminal realize near-field communication NFC and match.
Concrete, after realizing NFC pairing, the authentication information of the machine registered user is sent to this second terminal by first terminal, and this authentication information comprises this authentication information and comprises fingerprint identifier and/or eyeball identifying information.
S202, when entering mobile payment flow process, gather first identity identification information of active user.
In practical application, first terminal can gather finger print information as the first identity identification information according to its function had, and also can gather eyeball identifying information (as iris recognition information) as the second identity identification information.
Concrete, if adopt fingerprint identification information, then generate fingerprint recognition message notifying message, prompting user carries out fingerprint recognition in specified location.This fingerprint recognition can be stochastic generation, such as, can be the fingerprint recognition that forefinger is carried out in this prompting, then carry out nameless fingerprint recognition next time.If adopt eyeball identifying information, then generate fingerprint recognition message notifying message, prompting user carries out eyeball identification in specified location.
S203, carry out first time authentication according to the authentication information of the machine registered user and this first identity identification information, if first time authentication is passed through, perform S204, otherwise perform S207.
Concrete, this step can realize in the following way:
Judge that whether this first identity identification information is consistent with the corresponding informance in this authentication information;
If consistent, this first identity identification information is sent to this second terminal, whether consistent with the corresponding informance in the authentication information of its reception by this first identity identification information of this second terminal judges;
Receive the result that this second terminal returns;
Judge that whether this result is for being verified;
If this result is for being verified, then determine that this first time authentication is passed through, otherwise determine this first time authentication failure.
S204 judges whether the second identity identification information receiving the active user that this second terminal gathers, and if so, performs S205, otherwise performs step S207.
Concrete, the foundation of the second identity identification information of the second terminal collection is the authentication information that first terminal sends, and it can be identical with the first identity identification information that first terminal gathers, also can be different from the first identity identification information.
S205, carry out second time authentication according to this authentication information and this second identity identification information, if this second time authentication is passed through, perform S206, otherwise perform S207.
Concrete, this step can realize in the following way:
Judge that whether this second identity identification information is consistent with the corresponding informance in this authentication information;
If consistent, then determine that this second time authentication is passed through; Otherwise determine this second time authentication failure;
The result of described second time authentication is fed back to described second terminal.
S206, continuation mobile payment flow process,
S207, confirmation authentication failure.
In practical application, after first terminal confirms authentication failed, directly can exit payment flow, user also can be pointed out again to carry out authentication.
The method of the raising mobile payment that the present embodiment provides, when entering payment flow, first terminal as payer needs to carry out twice identification to active user under the cooperation of the second terminal, and authentication adopts fingerprint recognition or eyeball identification, therefore this talent of registered user of first terminal is only had may to be paid by checking, even if first terminal is lost or stolenly also do not worried the loss bringing fund, therefore security is very high.
On the basis of above-described embodiment, the present invention is from the second terminal as payment take over party, and the another kind provided improves the method for mobile payment security.Refer to Fig. 3, method flow comprises:
S301, the second terminal and first terminal realize near-field communication NFC and match.
S302, receive the authentication information of first terminal registered user that this first terminal sends.
Concrete, this authentication information comprises this authentication information and comprises fingerprint identifier and/or eyeball identifying information.
S303, receive this first terminal send the first identity identification information.
In practical application, first terminal can gather finger print information as the first identity identification information, also can gather eyeball identifying information (as iris recognition information) as the second identity identification information.
Concrete, if adopt fingerprint identification information, then generate fingerprint recognition message notifying message, prompting user carries out fingerprint recognition in specified location.This fingerprint recognition can be stochastic generation, such as, can be the fingerprint recognition that forefinger is carried out in this prompting, then carry out nameless fingerprint recognition next time.If adopt eyeball identifying information, then generate fingerprint recognition message notifying message, prompting user carries out eyeball identification in specified location.
S304, carry out first time authentication according to this authentication information and this first identity identification information, if this first time authentication is passed through, perform S305, otherwise perform S308;
Concrete, this step, to first time authentication, realizes by such as under type:
Judge that whether this first identity identification information is consistent with the corresponding informance in this authentication information;
If consistent, then determine that this first time authentication is passed through, otherwise confirm this first time authentication failure;
And the result of this first time authentication is fed back to this first terminal.
Second identity identification information of S305, collection active user.
Concrete, in practical application, the second terminal can gather finger print information as the first identity identification information, also can gather eyeball identifying information (as iris recognition information) as the second identity identification information.
Concrete, if adopt fingerprint identification information, then generate fingerprint recognition message notifying message, prompting user carries out fingerprint recognition in specified location.This fingerprint recognition can be stochastic generation, such as, can be the fingerprint recognition that forefinger is carried out in this prompting, then carry out nameless fingerprint recognition next time.If adopt eyeball identifying information, then generate fingerprint recognition message notifying message, prompting user carries out eyeball identification in specified location.
S306, carry out second time authentication according to this authentication information and this second identity identification information, if this second time authentication is passed through, perform S307, otherwise perform S308.
Concrete, this step carries out second time authentication, by such as under type realization:
Judge that whether this second identity identification information is consistent with the corresponding informance in this authentication information;
If consistent, this second identity identification information sent to this first terminal, verifies that whether this second identity identification information is consistent with the corresponding informance in this authentication information by this first terminal;
Receive the result that this first terminal returns;
Judge that whether this result is for being verified;
If this result is for being verified, then determine that this second time authentication is passed through, otherwise confirm this second time authentication failure.
S307, continuation mobile payment flow process.
S308, confirmation authentication failure.
In practical application, when after the second terminal check authentication failed, according to the result of first terminal, directly can exit payment flow, or prompting user carries out authentication again.
The method of the raising mobile payment that the present embodiment provides, when entering payment flow, need to carry out twice identification to active user under the cooperation of first terminal as the second terminal paying take over party, and authentication adopts fingerprint recognition or eyeball identification, therefore this talent of registered user of first terminal is only had may to be paid by checking, even if first terminal is lost or stolenly also do not worried the loss bringing fund, therefore security is very high.
In order to clearly the present invention will be described, the present invention proposes a kind of method improving mobile payment security on the basis of above-described embodiment, and refer to Fig. 4, method flow comprises:
S401, first terminal and the second terminal realize NFC and match.
The authentication information of registered user is sent to the second terminal by S402, first terminal.
S403, first terminal need carry out mobile payment, gather the fingerprint identification information of user.
In the present embodiment, fingerprint identification information is the first identity identification information.
S404, first terminal judge that whether the fingerprint identification information gathered is consistent with the fingerprint identification information in authentication information, if unanimously, perform S405, otherwise perform S417.
The fingerprint identification information of collection is sent to the second terminal by S405, first terminal.
Whether S406, this fingerprint identification information of the second terminal judges be consistent with the fingerprint identification information in authentication information.
S407, the second terminal return judged result to first terminal, and when the judged result of step S406 is consistent, perform step S409.
S408, first terminal judge that whether described the result is for being verified, and if so, perform step S412, otherwise perform step S417.
S409, the second terminal gather the iris recognition information of active user, as the second identity identification information.
In practical application, between step S408 and S409, there is no dividing of sequencing.
Whether the iris recognition information that S410, the second terminal judges gather is consistent with the iris recognition information in described authentication information, if unanimously, performs step S411, otherwise performs step S417.
Iris recognition information is sent to first terminal by S411, the second terminal.
S412, first terminal judge whether the second identity identification information that reception second terminal sends, if perform step S413, otherwise perform step S417.
S413 first terminal judges that whether this iris recognition information is consistent with the iris recognition information in authentication information.
Judged result is sent to the second terminal by S414, first terminal, and when the judged result of step S413 is consistent, performs step S416, otherwise performs step S417.
S415, the second terminal judges the result, whether for being verified, if so, perform step S416, otherwise perform step S417.
S416, determine that the authentication of active user is passed through, continue mobile payment flow process.
S417, determine active user authentication failure, stop payment flow.
The method of the raising mobile payment that the present embodiment provides, when entering payment flow, it is no matter the first terminal as payer, or as paying second terminal of take over party, the identity of captured identity identifying information to active user is all needed to identify, and send to the other side to carry out secondary identity authentication the identity identification information gathered separately, improve the accuracy of authentication, and authentication adopts fingerprint recognition or eyeball identification, only have this talent of registered user of first terminal may be paid by checking, even if therefore first terminal is lost or is not stolenly also worried the loss bringing fund, security is very high.
Above with reference to the accompanying drawings of the preferred embodiments of the present invention, not thereby limit to interest field of the present invention.Those skilled in the art do not depart from the scope and spirit of the present invention interior done any amendment, equivalent replacement and improve, all should within interest field of the present invention.
Claims (12)
1. improve a method for mobile payment security, it is characterized in that, comprise the steps:
First terminal and the second terminal realize near-field communication NFC and match;
When entering mobile payment flow process, described first terminal gathers first identity identification information of active user;
First time authentication is carried out according to the authentication information of the machine registered user and described first identity identification information;
If described first time authentication is passed through, judge whether described first terminal receives second identity identification information of the active user that described second terminal gathers;
If described first terminal have received described second identity identification information, carry out second time authentication according to described authentication information and described second identity identification information;
If described second time authentication is passed through, then continue mobile payment flow process, otherwise confirm authentication failure.
2. method according to claim 1, is characterized in that,
The described authentication information according to the machine registered user and described first identity identification information carry out first time authentication, comprising:
Judge that whether described first identity identification information is consistent with the corresponding informance in described authentication information;
If consistent, described first identity identification information is sent to described second terminal, whether consistent with the corresponding informance in the authentication information of its reception by the first identity identification information described in described second terminal judges;
Receive the result that described second terminal returns;
Judge that whether described the result is for being verified;
If described the result is for being verified, then determine that described first time authentication is passed through, otherwise determine described first time authentication failure.
3. method according to claim 2, is characterized in that, describedly carries out second time authentication according to described authentication information and described second identity identification information, comprising:
Judge that whether described second identity identification information is consistent with the corresponding informance in described authentication information;
If consistent, then determine that described second time authentication is passed through, otherwise determine described second time authentication failure;
The result of described second time authentication is fed back to described second terminal.
4. improve a method for mobile payment security, it is characterized in that, comprise the steps:
Second terminal and first terminal realize near-field communication NFC and match;
Described second terminal obtains the authentication information of the first terminal registered user that described first terminal sends;
Described second terminal receives the first identity identification information that described first terminal sends;
Described second terminal carries out first time authentication according to described authentication information and described first identity identification information;
If described first time authentication is passed through, described second terminal gathers second identity identification information of active user;
Described second terminal carries out second time authentication according to described authentication information and described second identity identification information;
If described second time authentication is passed through, then continue mobile payment flow process, otherwise confirm authentication failure.
5. method according to claim 4, is characterized in that, describedly carries out first time authentication according to described authentication information and described first identity identification information, comprising:
Judge that whether described first identity identification information is consistent with the corresponding informance in described authentication information;
If consistent, then determine that described first time authentication is passed through, otherwise confirm described first time authentication failure;
And the result of described first time authentication is fed back to described first terminal.
6. method according to claim 4, is characterized in that, describedly carries out second time authentication according to described authentication information and described second identity identification information, comprising:
Judge that whether described second identity identification information is consistent with the corresponding informance in described authentication information;
If consistent, described second identity identification information is sent to described first terminal, verify that whether described second identity identification information is consistent with the corresponding informance in described authentication information by described first terminal;
Receive the result that described first terminal returns;
Judge that whether described the result is for being verified;
If described the result is for being verified, then determine that described second time authentication is passed through, otherwise confirm described second time authentication failure.
7. a first terminal for mobile payment, is characterized in that, described first terminal comprises:
One NFC pairing unit, matches for realizing near-field communication NFC with the second terminal;
First collecting unit, for when entering mobile payment flow process, gathers first identity identification information of active user;
First receiving element, for receiving second identity identification information of the active user that described second terminal gathers;
First processing unit, for carrying out first time authentication according to the authentication information of the machine registered user and described first identity identification information, and when described first time, authentication was passed through, judge whether described first receiving element receives the second identity identification information, and when described first receiving element have received the second identity identification information, second time authentication is carried out according to described authentication information and described second identity identification information, and when described second time authentication is passed through, continue mobile payment flow process, otherwise confirm authentication failure.
8. first terminal according to claim 7, is characterized in that, described first terminal also comprises the first transmitting element,
Described first processing unit, also whether consistent with the corresponding informance in described authentication information for judging described first identity identification information;
Described first transmitting element, also for when described first processing unit judges that described first identity identification information is consistent with described authentication information, described first identity identification information is sent to described second terminal, whether consistent with the corresponding informance in the authentication information of its reception by the first identity identification information described in described second terminal judges;
Described first receiving element, also for receiving the result that described second terminal returns;
Described first processing unit, also for judging that whether described the result is for being verified, and determine that when described the result is for being verified described first time authentication is passed through, described the result for checking not by time determine the authentication failure of described first time.
9. first terminal according to claim 8, is characterized in that,
Described first processing unit, also whether consistent with the corresponding informance in described authentication information for judging described second identity identification information, and when consistent, determine that described second time authentication is passed through, otherwise determine described second time authentication failure;
Described first transmitting element, also for the result of described first processing unit to described second time authentication is fed back to described second terminal.
10. second terminal of mobile payment, is characterized in that, described second terminal comprises:
2nd NFC pairing unit, matches for realizing near-field communication NFC with first terminal;
Authorization information acquiring unit, for obtaining the authentication information of the first terminal registered user that described first terminal sends;
Second receiving element, for receiving the first identity identification information that described first terminal sends;
Second processing unit, carries out first time authentication for the authentication information that obtains according to described authorization information acquiring unit and described first identity identification information;
Second collecting unit, for determine at described second processing unit described first time authentication by time, gather second identity identification information of active user;
Described second processing unit, also for carrying out second time authentication according to described authentication information and described second identity identification information, and when described second time authentication is passed through, continue mobile payment flow process, when described second time authentication is not passed through, confirm authentication failure.
11. second terminals according to claim 10, is characterized in that,
Described second processing unit, also whether consistent with the corresponding informance in described authentication information for judging described first identity identification information, and determine that when judging consistent described first time authentication is passed through, or determine described first time authentication failure when judging inconsistent;
Described second terminal also comprises:
Second transmitting element, for feeding back to described first terminal by the result of first time authentication described in described second processing unit team.
12. second terminals according to claim 11, is characterized in that,
Described second processing unit, also whether consistent with the corresponding informance in described authentication information for judging described second identity identification information;
Described second transmitting element, also for described second identity identification information being sent to described first terminal when described second processing unit judges consistent, judge that whether described second identity identification information is consistent with the corresponding informance in described authentication information by described first terminal;
Described second receiving element, also for receiving the result that described first terminal returns;
Described second processing unit, also for judging that whether described the result is for being verified, and determines that when described the result is for being verified described second time authentication is passed through, otherwise confirms described second time authentication failure.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410280055.2A CN104021474B (en) | 2014-06-20 | 2014-06-20 | A kind of method, Apparatus and system improving mobile payment security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410280055.2A CN104021474B (en) | 2014-06-20 | 2014-06-20 | A kind of method, Apparatus and system improving mobile payment security |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104021474A CN104021474A (en) | 2014-09-03 |
| CN104021474B true CN104021474B (en) | 2016-03-02 |
Family
ID=51438214
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410280055.2A Active CN104021474B (en) | 2014-06-20 | 2014-06-20 | A kind of method, Apparatus and system improving mobile payment security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104021474B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104700270A (en) * | 2015-03-20 | 2015-06-10 | 酷派软件技术(深圳)有限公司 | Payment request processing method, payment request processing device and terminal |
| CN104715373B (en) * | 2015-04-01 | 2018-04-20 | 京东方科技集团股份有限公司 | A kind of payment devices and method |
| US20180260816A1 (en) * | 2015-09-01 | 2018-09-13 | Huawei Technologies Co., Ltd. | Payment authentication method and apparatus for mobile terminal and mobile terminal |
| CN106056380A (en) * | 2016-05-27 | 2016-10-26 | 深圳市雪球科技有限公司 | Mobile payment risk control system and mobile payment risk control method |
| CN108804263B (en) * | 2018-05-03 | 2021-08-24 | 北京金山安全软件有限公司 | Terminal verification method, device and computer readable medium |
| CN108960195B (en) * | 2018-07-25 | 2021-02-26 | 中国建设银行股份有限公司 | Identity verification method and system |
| CN110378695A (en) * | 2019-06-19 | 2019-10-25 | 深圳壹账通智能科技有限公司 | Bank card payment method, device, equipment and computer storage medium |
| CN110910142A (en) * | 2019-11-06 | 2020-03-24 | 远光软件股份有限公司 | Payment authentication method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202854880U (en) * | 2012-09-26 | 2013-04-03 | 深圳市亚略特生物识别科技有限公司 | SMS payment system based on fingerprint identification mobile phone |
| CN103106591A (en) * | 2013-01-22 | 2013-05-15 | 北京理工大学 | Smartphone short-range shopping method and system based on near field communication (NFC) function |
| CN103268547A (en) * | 2013-06-04 | 2013-08-28 | 北京邮电大学 | NFC (Near Field Communication) mobile phone payment system with fingerprint authentication mechanism |
| CN103268550A (en) * | 2013-05-17 | 2013-08-28 | 苏州通付盾信息技术有限公司 | Virtual account convenient application system based on mobile terminal and achieving method thereof |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102184377A (en) * | 2011-04-26 | 2011-09-14 | 杭州五魁首信息技术有限公司 | Identity identification device and identity identification method based on radio frequency identification technology |
-
2014
- 2014-06-20 CN CN201410280055.2A patent/CN104021474B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202854880U (en) * | 2012-09-26 | 2013-04-03 | 深圳市亚略特生物识别科技有限公司 | SMS payment system based on fingerprint identification mobile phone |
| CN103106591A (en) * | 2013-01-22 | 2013-05-15 | 北京理工大学 | Smartphone short-range shopping method and system based on near field communication (NFC) function |
| CN103268550A (en) * | 2013-05-17 | 2013-08-28 | 苏州通付盾信息技术有限公司 | Virtual account convenient application system based on mobile terminal and achieving method thereof |
| CN103268547A (en) * | 2013-06-04 | 2013-08-28 | 北京邮电大学 | NFC (Near Field Communication) mobile phone payment system with fingerprint authentication mechanism |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104021474A (en) | 2014-09-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104021474B (en) | A kind of method, Apparatus and system improving mobile payment security | |
| US10078831B2 (en) | Connected toll pass | |
| CN103489103B (en) | Vehicle mounted mobile transaction | |
| WO2007083319A3 (en) | Method and system for making a payment through a mobile communication device | |
| CN103839159A (en) | Vehicle payment system | |
| CN104753894A (en) | Data processing method, device and system | |
| CN104376456A (en) | Mobile amount transfer system with real-time communication and voice communication combined and corresponding method | |
| CN103093349A (en) | Mobile paying method and mobile terminal apparatus | |
| CN103810598A (en) | Payment system and payment method based on terminal device | |
| CN107403313A (en) | Robot near field safety of payment verification method and device | |
| CN103489028A (en) | Financial IC card and multi-protocol communication system and method | |
| CN102892096B (en) | System, method, business operation support system (BOSS) and equipment for realizing account recharge | |
| CN103108317A (en) | Method of safe writing card | |
| CN105553949A (en) | In-car payment authentication device | |
| CN112184209A (en) | Method for realizing payment by D2D terminal through NFC and terminal | |
| CN108389042B (en) | Method and device for realizing auxiliary fee settlement by intelligent mobile phone | |
| KR101288288B1 (en) | Method for Providing Collective Application of Module Type | |
| KR20160114024A (en) | Method for paying with near field communication using micro secure digital card | |
| KR20170134888A (en) | Method for Providing Two-Channel Payment by using Cigar Jack Device | |
| CN210006133U (en) | Automatic SIM card selling system | |
| KR20170034973A (en) | Method for Providing Two-Channel Payment by using Close Range Device | |
| KR102095011B1 (en) | Method for Providing Safety Authentication Number Service | |
| CN115907754A (en) | Transaction method, device, system, equipment and storage medium | |
| CN104574084A (en) | Online bank payment system based on fingerprint identification | |
| KR20180086339A (en) | Method for Providing Independent Payment in Reverse Direction |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| CB02 | Change of applicant information |
Address after: A District No. 9018 Han innovation building in Nanshan District high tech Zone in Shenzhen city of Guangdong Province, North Central Avenue, 518000 floor 10 Applicant after: Nubian Technologies Ltd. Address before: A District No. 9018 Han innovation building in Nanshan District high tech Zone in Shenzhen city of Guangdong Province, North Central Avenue, 518000 floor 10 Applicant before: Shenzhen ZTE Mobile Tech Co., Ltd. |
|
| COR | Change of bibliographic data | ||
| GR01 | Patent grant |