CN104270246A

CN104270246A - Dynamic key device and payment system based on dynamic key

Info

Publication number: CN104270246A
Application number: CN201410451653.1A
Authority: CN
Inventors: 不公告发明人
Original assignee: Kuang Chi Innovative Technology Ltd
Current assignee: Kuang Chi Intelligent Photonic Technology Ltd
Priority date: 2014-09-05
Filing date: 2014-09-05
Publication date: 2015-01-07

Abstract

The invention discloses a dynamic key device and a payment system based on a dynamic key, and aims to improve the safety of the whole payment system and ensure fund security in a payment flow. According to a technical scheme, encryption and decryption schemes are designed at a payment end, a consumption end and an account management server end respectively in the whole payment system. Multi-layer and multi-system encryption processing is performed on the transmission and storage of data, and dynamic update of keys is designed. Compared with a conventional magnetic card payment way and on-line payment ways of third-party accounts such as alipay, the dynamic key device and the payment system have the advantages that the convenience and safety are enhanced at different degrees.

Description

Dynamic key device and the payment system based on dynamic key

Technical field

The present invention relates to a kind of payment system, particularly relate to a kind of be applied to pay environment and key is the encrypting and deciphering system of dynamic change.

Background technology

At present, consumer to swipe the card clearing by bank card (such as, credit or debit card or third party's bank card) when transacting business and paying on POS end.This traditional " card-scanning type ", although method of payment can allow consumer avoid carrying with buckets of cash, consumer still must carry bank card to carry out payment of swiping the card, and this makes transaction payment be restricted.

In addition, the medium of the mode of this card-scanning type is magnetic stripe card, magnetic stripe card be with liquid magnetic material or magnetic stripe for information carrier, liquid magnetic Material coating is overlayed on card on card or by the magnetic stripe of wide about 614mm.Magnetic stripe card, generally as identification card use, can write, stores, rewrite the information content.

But, magnetic stripe card information storage is little, magnetic stripe easily reads and forge, confidentiality is poor, especially the confidentiality difference problem of easily forging, makes offender not need how advanced knowledge and skill, only needs the equipment buying a set of hundreds of unit just can complete the object of stealing card internal information.

Except the method for payment of this card-scanning type, the method for payment of electronic money packet mode is promoted just rapidly, common such as " Alipay " stored value card.This stored value card mode installs an application program app at mobile phone terminal, a stored value card account (Alipay account) can be generated while register account number, user can prior bank card to Alipay account charging, directly withhold by the remaining sum in Alipay account in follow-up process of consumption.

This electronic-purse transaction mode as Alipay also also exists a lot of deficiency, such as, need unimpeded network environment, this transaction relies on communication network to complete, need, by networking condition, easily to cause Fail Transaction when network is obstructed or network speed is inadequate.Next is safety problem, and account and the encrypted message of electronic account transmit in a network, are easily truncated to by illegal person, is more easily stolen when especially transmitting accounts information in Wifi network.And, this efficient public security system of Alipay itself also has deficiency, its information such as accounts information, payment cipher only does encryption and checking on the server of Alipay self, and depend on the verification mode such as mobile phone short message verification, the checking of U shield at present, the level of security system is not strong.

Summary of the invention

Below provide the brief overview of one or more aspect to provide the basic comprehension to these aspects.Detailed the combining of this not all aspect contemplated of general introduction is look at, and both not intended to be pointed out out the scope of key or decisive any or all aspect of elements nor delineate of all aspects.Its unique object is the sequence that some concepts that will provide one or more aspect in simplified form think the more detailed description provided after a while.

The object of the invention is to solve the problem, provide a kind of dynamic key device and the payment system based on dynamic key, improve the fail safe of whole payment system, ensured the fund security in payment flow.

Present invention is disclosed a kind of payment system based on dynamic key, comprise payment terminals, consumption end and account management server, wherein:

Payment terminals comprises further:

Signal madulation module, is sent to consumption end after payment information needed is modulated into signal transmission;

Consumption end comprises signal receiving unit further, and this signal receiving unit comprises further:

Signal transition module, signal transmission payment terminals being sent to consumption end is transformed into the signal of telecommunication and is transferred to account management server;

Account management server comprises further:

Signal receiving module, receives the signal of telecommunication and carries out demodulation, obtaining described payment information needed;

Payment system comprises encryption and decryption further, wherein:

Encryption: consumption end also comprises consumption encrypting module, connection signal transition module, is encrypted the signal of telecommunication be transformed into, and/or payment terminals comprises payment encrypting module further, connection signal modulation module, was first encrypted before payment information needed is modulated into signal transmission;

Deciphering: account management server comprises consumption deciphering module, first be decrypted by the decipherment algorithm that consumption deciphering module is corresponding according to the cryptographic algorithm of consumption encrypting module, information transmission after deciphering carries out demodulation to signal receiving module, and/or account management server comprises payment deciphering module further, connection signal demodulation module, the decipherment algorithm corresponding according to the cryptographic algorithm paying encrypting module to the information after demodulation is decrypted, to obtain described payment information needed;

Payment system comprises further:

Dynamic key device, for the encryption and decryption of payment terminals/consumption end provides dynamic key.

According to an embodiment of the payment system based on dynamic key of the present invention, dynamic key device is arranged in account management server, and device generates different delivering keys to payment terminals/consumption end at every turn; Or,

Disposable generation one group key and at every turn select at least one to be handed down to payment terminals/consumption end according to algorithm; Or,

Each generation one group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption end; Or,

Generate a group key according to pre-defined rule and be handed down to payment terminals/consumption end, select at least one when payment terminals/consumption end uses from this group key, wherein pre-defined rule is regularly generate, or generates after networking, or generates after paying pre-determined number.

According to an embodiment of the payment system based on dynamic key of the present invention, dynamic key device is arranged at this locality of payment terminals/consumption end, and device generates different keys by this locality at every turn; Or,

Disposable generation one group key again according to algorithm select wherein at every turn at least one; Or,

Each generation one group key again according to algorithm select wherein at every turn at least one; Or,

Generate a group key according to pre-defined rule and from this group key, select at least one again, wherein pre-defined rule is regularly generate, or generates after networking, or generates after paying pre-determined number.

According to an embodiment of the payment system based on dynamic key of the present invention, payment system also comprises scrambling and descrambling, wherein:

Scrambling: payment terminals comprises payment scrambling module further, be positioned at before paying encrypting module first to carry out scrambling before encryption to payment information needed, or be connected to and pay between encrypting module and signal madulation module, to carry out scrambling more after encryption to payment information needed;

Descrambling: account management server comprises payment descrambling module further, be connected to after paying deciphering module, again scramble process is carried out to the information after demodulation after being decrypted, or be connected to signal receiving module and pay between deciphering module, first scramble process was carried out to the information after demodulation before being decrypted.

According to an embodiment of the payment system based on dynamic key of the present invention, encryption method comprise in symmetric cryptography, asymmetric encryption, oval encryption, digital signature one or more.

According to an embodiment of the payment system based on dynamic key of the present invention, be encrypted together with the information that consumption encrypting module is encrypted the signal of telecommunication or the signal of telecommunication and consumption is held.

According to an embodiment of the payment system based on dynamic key of the present invention, the information of consumption end comprises one or more combinations in the identification information of signal receiving unit, the temporal information of consumption end or the geographical location information of consumption end.

According to an embodiment of the payment system based on dynamic key of the present invention, account management server comprises further:

Account management module, stores the account related information of user profile, payment account information or the payment account that payment terminals is uploaded, and the account identification after encryption and key are together sent it back payment terminals; Or the account identification after encryption is sent it back payment terminals, and payment terminals this locality generates key.

According to an embodiment of the payment system based on dynamic key of the present invention, payment system also comprises payment processes server, to hold and account management module is connected with consumption, the payment information needed that consumption end exports is issued account management module, account management module finds corresponding payment account information or the account related information of payment account, return to payment processes server again, or

Only be connected with account management module, the payment information needed that consumption end exports issues account management module, and account management module finds corresponding payment account information or the account related information of payment account, then returns to payment processes server.

According to an embodiment of the payment system based on dynamic key of the present invention, between account management module and payment processes server, the process also encrypted and decrypted between payment processes server and consumption end.

According to an embodiment of the payment system based on dynamic key of the present invention, payment processes server comprise receive Single-Server, account settlement server, ebanking server one or more.

According to an embodiment of the payment system based on dynamic key of the present invention, pay encrypting module and also the information needed for the payment stage is encrypted, comprise and use the information needed for the double secret key payment stage to be encrypted.

According to an embodiment of the payment system based on dynamic key of the present invention, described key to comprise for payment terminals paying that information needed is encrypted, payment terminals carries out to paying information needed at least one key that scrambling or payment terminals be encrypted the local information that need store.

According to an embodiment of the payment system based on dynamic key of the present invention, account management server also comprises:

With the signal receiving unit administration module that is connected of consumption deciphering module, the identification number of storage signal receiving element or the information be associated with identification number, whether legal to judge the signal receiving unit of current use.

According to an embodiment of the payment system based on dynamic key of the present invention, the identification number of signal receiving unit comprise the MAC Address of signal receiving unit, one or more or signal receiving unit MAC Address related information of the IMEI code of consumption end or IMSI code or SIM card information, the IMEI code related information of consumption end, IMSI code related information or SIM card related information one or more.

According to an embodiment of the payment system based on dynamic key of the present invention, described user profile is the hardware identification information of payment terminals.

According to an embodiment of the payment system based on dynamic key of the present invention, payment terminals is mobile terminal, and hardware identification information comprises one or more of the IMEI of mobile terminal or related information or SIM card identifying information or related information or IMSI code or related information.

According to an embodiment of the payment system based on dynamic key of the present invention, in the module that signal receiving unit is integrated in chip or comprises chip or terminal equipment.

According to an embodiment of the payment system based on dynamic key of the present invention, the key of consumption end is that account management module sends it back or consumption end is local generates.

According to an embodiment of the payment system based on dynamic key of the present invention, described signal transmission comprises any one or multi-signal in lightwave signal, acoustic signals, infrared signal, radiofrequency signal.

Present invention further teaches a kind of payment system based on dynamic key, comprise payment terminals, consumption end and account management server, wherein:

Payment terminals comprises further:

Signal transition module, signal transmission payment terminals being sent to consumption end changes the signal of telecommunication into;

Signal receiving module, more further demodulation is carried out to the signal of telecommunication, obtain described payment information needed;

Payment system also comprises encryption and decryption, wherein:

Deciphering: account management server comprises consumption deciphering module, first be decrypted by the decipherment algorithm that consumption deciphering module is corresponding according to the cryptographic algorithm of consumption encrypting module, and/or consumption end comprises payment deciphering module further, the decipherment algorithm corresponding according to the cryptographic algorithm paying encrypting module to the information after demodulation is decrypted, to obtain described payment information needed, and/or account management server comprises payment deciphering module further, the decipherment algorithm corresponding according to the cryptographic algorithm paying encrypting module to the information after demodulation is decrypted, to obtain described payment information needed,

Payment system comprises further:

Descrambling: consumption end comprises payment descrambling module further, be connected to after paying deciphering module, again scramble process is carried out to the information after demodulation after being decrypted, or be connected to signal receiving module and pay between deciphering module, first scramble process was carried out to the information after demodulation before being decrypted.

According to an embodiment of the payment system based on dynamic key of the present invention, consumption end encrypting module was encrypted or combined consumption end information to the signal of telecommunication is encrypted.

According to an embodiment of the payment system based on dynamic key of the present invention, account management server comprises:

Present invention further teaches a kind of dynamic key device, comprising:

Key generation module, the different key of each generation is also issued to receiving equipment.

Present invention further teaches a kind of dynamic key device, comprising:

Key generation module, disposable generation one group key;

Key selects module, connects key generation module, selects at least one to be issued to receiving equipment from this group key at every turn.

Present invention further teaches a kind of dynamic key device, comprising:

Key generation module, each generation one group key;

Key selects module, connects key generation module, selects at least one to be issued to receiving equipment from each this group key generated at every turn.

Present invention further teaches a kind of dynamic key device, comprising:

Key generation module, generate a group key according to pre-defined rule and be issued to receiving equipment, from this group key, select at least one in use by receiving equipment, wherein pre-defined rule is for regularly generating or generating after networking or generate after paying pre-determined number.

According to an embodiment of dynamic key device of the present invention, this dynamic key device is arranged in the server or in receiving equipment itself.

The present invention contrasts prior art following beneficial effect:: the solution of the present invention is in whole payment system, designs encrypting and decrypting scheme respectively at payment terminals (cell phone), consumption end (POS) and account management server end.The transmission of data (data that especially safe class such as transaction data, accounts information, password is high) and storage are carried out to the encrypting and decrypting process of multi-level many body system, and verify the legitimacy of the hardware device (such as signal receiving unit) of connecting system.In addition, in order to promote secret effect, are dynamic changes for the key of encryption and decryption in the present invention.Compared to the payment way of traditional third party's account such as the magnetic card means of payment, Alipay, its convenience, fail safe all obtain raising in various degree.

Accompanying drawing explanation

Fig. 1 shows the schematic diagram of payment system of the present invention.

Fig. 2 shows the schematic diagram of the first embodiment of the payment system based on dynamic key of the present invention.

Fig. 3 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Fig. 4 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Fig. 5 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Fig. 6 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Fig. 7 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Fig. 8 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Fig. 9 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Figure 10 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Figure 11 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Figure 12 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Figure 13 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Figure 14 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Figure 15 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Figure 16 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.

Figure 17 shows the schematic diagram of an embodiment of dynamic key device of the present invention.

Figure 18 shows the schematic diagram of another embodiment of dynamic key device of the present invention.

Embodiment

After the detailed description of reading embodiment of the present disclosure in conjunction with the following drawings, above-mentioned feature and advantage of the present invention can be understood better.In the accompanying drawings, each assembly is not necessarily drawn in proportion, and the assembly with similar correlation properties or feature may have identical or close Reference numeral.

The principle that Fig. 1 shows Payment System Design of the present invention and realizes.As shown in Figure 2, whole payment system is mainly made up of payment terminals, consumption end, account settlement server and account management server four members payment system general architecture.At consumption end, be by signal receiving unit and POS two module compositions.And encrypting and deciphering system of the present invention is Design and implementation on the framework of payment system as shown in Figure 1.Fig. 2 shows the principle of the preferred embodiment of the payment system based on dynamic key of the present invention.Refer to Fig. 2, the payment system based on dynamic key of the present embodiment forms primarily of three subsystems, respectively: payment terminals, consumption end and account management server.

Incorporated by reference to Fig. 1 and Fig. 2, just carry out the elaboration in principle below respectively based on three subsystems of the payment system of dynamic key.

Payment terminals 1a comprises payment encrypting module 10a and signal madulation module 11a.Pay encrypting module 10a to be first encrypted before payment information needed is modulated into signal transmission, signal madulation module 11a then by being connected with payment encrypting module 10a, will be sent to consumption end after the payment information needed of encryption be modulated into signal transmission.Paying information needed can be one or more, is specifically as follows one or more in the information such as the account related information of such as account identification, user profile, payment account information or payment account, the trade name of payment, order number or payment.Account identification is that account management server is distributed based on the account related information/user profile etc. of accounts information/payment account, for distinguishing numerous users, can be string number, or comprise the numeral etc. of other characters.Preferably the account related information/user profile etc. of each accounts information/payment account only distributes an account identification.If when the payment account certainly not getting rid of certain user is many, multiple account identification can be distributed for it.And user profile wherein can comprise the hardware identification information etc. of the ID card No. of user, name, social security card number, payment terminals.Payment account information can be the draw bank card information of user, pay bills or evidence for payment information.Payment account information association information can be the relevant corresponding informance of above-mentioned payment account information, can find corresponding payment account information according to payment account information association information.Can be such as a part for payment account information, or can be the unique pet name corresponding with all payment account information, the such as login name of each bank professional version/popular version.

Information needed for the payment stage generally includes the account related information etc. of account identification, user profile, payment account information or payment account.Payment terminals can realize two-way communication by the mode such as mobile radio communication or wifi accessing Internet/application program and account management server.Therefore can support that payment terminals is to the inquiry of consumption information as the information such as integration, coupons.

And consumption end 2a comprises signal receiving unit 20a, comprise again signal transition module 200a in signal receiving unit, payment terminals is sent to after the signal transmission consuming end is transformed into the signal of telecommunication and is transferred to account management server 3a by signal transition module 200a.The signal of telecommunication that consumption end exports comprises the payment information needed that payment terminals is sent.Account management server 3a comprises signal receiving module 30a and pays deciphering module 31a, and signal receiving module 30a receives the signal of telecommunication and carries out demodulation, thus obtains payment information needed.The payment information needed obtained after demodulation remains through encryption, therefore, needs the payment deciphering module 31a be connected to after signal receiving module 30a, is decrypted the information after demodulation, to obtain original payment information needed.

In the present embodiment, the signal transmission that payment terminals is sent to consumption end can have various ways, includes but not limited to any one signal in lightwave signal, acoustic signals, infrared signal, radiofrequency signal.

In the present embodiment, pay encrypting module 10a for the key encrypted and to pay deciphering module 31a for the key deciphered be all generated by the dynamic key device 4a in account management server 3a, and this key is dynamic key.

Dynamic key device 4a dynamically updates key four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4a to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4a disposable generation one group key according to algorithm.The third mode be by dynamic key device 4a generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode generates a group key according to pre-defined rule to be handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generates after networking, or generates after paying pre-determined number.

In fig. 2, dynamic key device 4a is arranged in account management server 3a.In addition, dynamic key device 4a can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1a) of payment terminals/consumption end, also has four kinds of key updating modes accordingly.

At every turn first kind of way generates different keys by dynamic key device by this locality; The second way be local disposable generation one group key again according to algorithm select wherein at every turn at least one; The third mode be local each generate a group key again according to algorithm select wherein at every turn at least one; 4th kind of mode generates a group key according to pre-defined rule in this locality from this group key, to select at least one again, and wherein pre-defined rule is regularly generate, or generates after networking, or generates after paying pre-determined number.

Fig. 3 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Fig. 3 and Fig. 1, in the present embodiment, include payment scrambling module 10b in payment terminals 1b, pay encrypting module 11b and signal madulation module 12b.Payment scrambling module 10b first carries out scrambling before encryption to payment information needed before being positioned at and paying encrypting module 11b.Through being encrypted the information after scrambling process by payment encrypting module 11b again after scrambling process.Then, consumption end is sent to after signal transmission being modulated into the payment information needed after scrambling, encryption by signal madulation module 12b.

Consumption end 2b comprises signal receiving unit 20b, comprises again signal transition module 200b in signal receiving unit, and payment terminals is sent to after the signal transmission consuming end is transformed into the signal of telecommunication and is transferred to account management server 3b by signal transition module 200b.

Account management server 3b comprises signal receiving module 30b, pays deciphering module 31b and pay descrambling module 32b.Signal receiving module 30b receives the signal of telecommunication that signal transition module 200b transmits, and carries out demodulation, obtains and pays information needed.In the present embodiment, the payment information needed after demodulation is still scrambling and encryption.Therefore, need first by being connected to the payment deciphering module 31b after signal receiving module 30b, information after demodulation is decrypted, again through being connected to the payment descrambling module 32b paid after deciphering module 31b, descrambling is carried out to the information after deciphering, finally obtains original payment information needed.

Dynamic key device 4b is arranged in account management server 3b.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4b to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4b disposable generation one group key according to algorithm.The third mode be by dynamic key device 4b generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4b generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In figure 3, dynamic key device 4b is arranged in account management server 3b.In addition, dynamic key device 4b can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1b) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Fig. 4 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Fig. 4 and Fig. 1, in the present embodiment, include payment encrypting module 10c in payment terminals 1c, pay scrambling module 11c and signal madulation module 12c.Paying encrypting module 10c to be first encrypted original payment information needed, then by being connected to the payment scrambling module 11c paid between encrypting module 10c and signal madulation module 12c, scrambling process being carried out to the payment information needed through encryption.Then, consumption end is sent to after signal transmission being modulated into the payment information needed after encryption, scrambling process by signal madulation module 12c.

Consumption end 2c comprises signal receiving unit 20c, comprises again signal transition module 200c in signal receiving unit, and payment terminals is sent to after the signal transmission consuming end is transformed into the signal of telecommunication and is transferred to account management server 3c by signal transition module 200c.

Account management server 3c comprises signal receiving module 30c, pays descrambling module 31c and pay deciphering module 32c.Signal receiving module 30c receives the signal of telecommunication that signal transition module 200c transmits, and carries out demodulation, obtains and pays information needed.In the present embodiment, payment information needed after demodulation is still encryption and scrambling.Therefore, need first by being connected to the payment descrambling module 31c after signal receiving module 30c, descrambling is carried out to the information after demodulation, again through being connected to the payment deciphering module 32c paid after descrambling module 31c, information after descrambling is decrypted, finally obtains original payment information needed.

Dynamic key device 4c is arranged in account management server 3c.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4c to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4c disposable generation one group key according to algorithm.The third mode be by dynamic key device 4c generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4c generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In the diagram, dynamic key device 4c is arranged in account management server 3c.In addition, dynamic key device 4c can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1c) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Fig. 5 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Fig. 5 and Fig. 1, in the present embodiment, payment terminals 1d comprises signal madulation module 10d, is sent to consumption end after payment information needed is modulated into signal transmission.And consumption end 2d comprises signal receiving unit 20d and consumption encrypting module 21d, comprise again signal transition module 200d in signal receiving unit, the signal transmission that payment terminals is sent to consumption end by signal transition module 200d is transformed into the signal of telecommunication.Consumption encrypting module 21d is encrypted the signal of telecommunication be transformed into, is then transferred to account management server 3d after being connected to signal transition module 200d.The cipher mode of consumption encrypting module 21d can be directly be encrypted the signal of telecommunication, also can be encrypted in conjunction with the information of consumption end, the information of consumption end mentioned here comprises one or more combinations in the identification information of signal receiving unit 20d, the temporal information of consumption end or the geographic location information of consumption end.And encryption method can be any one in symmetric cryptography, asymmetric encryption or oval encryption, common is such as des encryption, 3DES encryption, IDEA encryption, rsa encryption, AES encryption etc.

Account management server 3d comprises consumption deciphering module 30d and signal receiving module 31d.The decipherment algorithm that consumption deciphering module 30d is first corresponding according to the cryptographic algorithm of consumption encrypting module 21d is decrypted, and the message retransmission after deciphering carries out demodulation to signal receiving module 31d, thus obtains original payment information needed.

Dynamic key device 4d is arranged in account management server 3d.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4d to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4d disposable generation one group key according to algorithm.The third mode be by dynamic key device 4d generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4d generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In Figure 5, dynamic key device 4d is arranged in account management server 3d.In addition, dynamic key device 4d can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1d and consumption end 2d) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Fig. 6 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Fig. 6 and Fig. 1, in the present embodiment, in payment terminals 1e, include payment encrypting module 10e and signal madulation module 11e.Pay encrypting module 10e to be first encrypted before payment information needed is modulated into signal transmission, signal madulation module 11e then by being connected with payment encrypting module 10e, will be sent to consumption end after the payment information needed of encryption be modulated into signal transmission.

Consumption end 2e comprises signal receiving unit 20e and consumption encrypting module 21e, and comprise again signal transition module 200e in signal receiving unit, the signal transmission that payment terminals is sent to consumption end by signal transition module 200e is transformed into the signal of telecommunication.Consumption encrypting module 21e is encrypted the signal of telecommunication be transformed into, is then transferred to account management server 3e after being connected to signal transition module 200e.The cipher mode of consumption encrypting module 21e can be directly be encrypted the signal of telecommunication, also can be encrypted in conjunction with the information of consumption end, the information of consumption end mentioned here comprises one or more combinations in the identification information of signal receiving unit 20e, the temporal information of consumption end or the geographic location information of consumption end.And encryption method can be any one in symmetric cryptography, asymmetric encryption or oval encryption, common is such as des encryption, 3DES encryption, IDEA encryption, rsa encryption, AES encryption etc.

Account management server 3e comprises consumption deciphering module 30e, signal receiving module 31e and pays deciphering module 32e.The decipherment algorithm that consumption deciphering module 30e is first corresponding according to the cryptographic algorithm of consumption encrypting module 21e is decrypted, message retransmission after deciphering carries out demodulation to signal receiving module 31e, then be decrypted by the decipherment algorithm paying deciphering module 32e corresponding according to the cryptographic algorithm paying encrypting module 10e, thus obtain original payment information needed.

Dynamic key device 4e is arranged in account management server 3e.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4e to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4e disposable generation one group key according to algorithm.The third mode be by dynamic key device 4e generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4e generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In figure 6, dynamic key device 4e is arranged in account management server 3e.In addition, dynamic key device 4e can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1e and consumption end 2e) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Fig. 7 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Fig. 7 and Fig. 1, in the present embodiment, payment terminals 1f comprises payment encrypting module 10f and signal madulation module 11f.Pay encrypting module 10f to be first encrypted payment information needed, after then the payment information needed after encryption being modulated into signal transmission by signal madulation module 11f, be sent to consumption end.And consumption end 2f comprises signal receiving unit 20f, comprise again signal transition module 200f in signal receiving unit, payment terminals is sent to after the signal transmission consuming end is transformed into the signal of telecommunication and is transferred to account management server end 3f by signal transition module 200f.Account management server 3f comprises signal receiving module 30f and pays deciphering module 31f, signal receiving module 30f receives the signal of telecommunication and carries out demodulation, then obtains original payment information needed by paying after deciphering module 31f is decrypted the signal of telecommunication after demodulation.

In addition, in account management server 3f, also comprise account management module 32f, store the account related information of user profile, payment account information or the payment account that payment terminals is uploaded, and the accounts information after encryption and key are together sent it back payment terminals.The information that account management module 32f stores is be encrypted by paying encrypting module 10f in payment terminals the earliest, and cryptographic object comprises the key etc. of account identification that cryptographic storage accounts information, account management server distribute based on accounts information and payment terminals.The key of payment terminals is the key that account management server issues to payment terminals, or the key that payment terminals this locality generates.

Also comprise in whole payment system and consumption hold and payment processes server 4f that account management module 31f is connected, payment processes server 4f comprises one or more of receipts Single-Server, account settlement server, ebanking server etc.The payment information needed that consumption end exports is issued account management module 31f by payment processes server 4f, and account management module 31f finds corresponding payment account information or the account related information of payment account, then returns to payment processes server 4f.Also the process encrypted and decrypted between account management module 31f and payment processes server 4f, between payment processes server 4f and consumption end, the such as transmission of related account information between account management module 31f and payment processes server 4f, between payment processes server 4f and consumption end about the transmission etc. of payment information, the process that also can encrypt and decrypt.

In addition, there is a change case position of payment processes server, and payment processes server discord consumption end connects, and is only connected with account management module.The payment information needed that consumption end exports issues account management module, and account management module finds corresponding payment account information or the account management information of payment account, then returns to payment processes server.

Dynamic key device 4f is arranged in account management server 3f.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4f to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4f disposable generation one group key according to algorithm.The third mode be by dynamic key device 4f generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4f generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In the figure 7, dynamic key device 4f is arranged in account management server 3f.In addition, dynamic key device 4f can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1f) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Fig. 8 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Fig. 8 and Fig. 1, in the present embodiment, in payment terminals 1g, include payment encrypting module 10g and signal madulation module 11g.Pay encrypting module 10g to be first encrypted before payment information needed is modulated into signal transmission, signal madulation module 11g then by being connected with payment encrypting module 10g, will be sent to consumption end after the payment information needed of encryption be modulated into signal transmission.

Consumption end 2h comprises signal receiving unit 20g and consumption encrypting module 21g.Signal receiving unit 20g is integrated in chip or terminal equipment, and signal receiving unit 20g comprises again signal transition module 200g, and the signal transmission that payment terminals is sent to consumption end by signal transition module 200g is transformed into the signal of telecommunication.Consumption encrypting module 21g is encrypted the signal of telecommunication be transformed into, is then transferred to account management server 3g after being connected to signal transition module 200g.The cipher mode of consumption encrypting module 21g can be directly be encrypted the signal of telecommunication, also can be encrypted in conjunction with the information of consumption end, the information of consumption end mentioned here comprises one or more combinations in the identification information of signal receiving unit 20g, the temporal information of consumption end or the geographic location information of consumption end.And encryption method can be any one in symmetric cryptography, asymmetric encryption or oval encryption, common is such as des encryption, 3DES encryption, IDEA encryption, rsa encryption, AES encryption etc.

Account management server 3g comprises consumption deciphering module 30g, signal receiving module 31g and pays deciphering module 32g.The decipherment algorithm that consumption deciphering module 30g is first corresponding according to the cryptographic algorithm of consumption encrypting module 21g is decrypted, message retransmission after deciphering carries out demodulation to signal receiving module 31g, then be decrypted by the decipherment algorithm paying deciphering module 32g corresponding according to the cryptographic algorithm paying encrypting module 10g, thus obtain original payment information needed.

Also be provided with in account management server 3g and the signal receiving unit administration module 33g consuming deciphering module 30g and be connected, the identification number of storage signal receiving element 20g or the information be associated with identification number, whether legal to judge the signal receiving unit 20g of current use.Identification number herein specifically comprises one or more of the MAC Address of signal receiving unit 20g, the IMEI code related information of the IMEI code of consumption end or one or more or signal receiving device unit MAC Address related information of IMSI code or SIM card information or consumption end, IMSI code related information or SIM card related information.

Dynamic key device 4g is arranged in account management server 3g.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4g to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4g disposable generation one group key according to algorithm.The third mode be by dynamic key device 4g generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4g generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In fig. 8, dynamic key device 4g is arranged in account management server 3g.In addition, dynamic key device 4g can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1g and consumption end 2g) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Fig. 9 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Fig. 9 and Fig. 1, in the present embodiment, payment terminals 1h, consumption end 2h and account management server 3h is included.Be provided with in payment terminals 1h wherein and pay encrypting module 10h and signal madulation module 11h, pay encrypting module 10h to be first encrypted before payment information needed is modulated into signal transmission, then after being connected to the signal madulation module 11h after paying encrypting module 10h encrypted payment information needed is modulated into signal transmission, be sent to consumption end 2h.

Signal receiving unit 20h is provided with in consumption end 2h.Be provided with again signal transition module 200h, signal receiving module 201h in signal receiving unit 20h and pay decryption unit 202h.The signal transmission that payment terminals is sent to consumption end by signal transition module 200h changes the signal of telecommunication into.Signal receiving module 201h then carries out demodulation to the signal of telecommunication further.Information after demodulation is decrypted, to obtain original payment information needed finally by payment decryption unit 202h.

In the present embodiment, this signal transmission comprises any one signal in lightwave signal, acoustic signals, infrared signal, radiofrequency signal.

Dynamic key device 4h is arranged in account management server 3h.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4h to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4h disposable generation one group key according to algorithm.The third mode be by dynamic key device 4h generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4h generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In fig .9, dynamic key device 4h is arranged in account management server 3h.In addition, dynamic key device 4h can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1h and consumption end 2h) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Figure 10 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Figure 10 and Fig. 1, in the present embodiment, payment terminals 1k, consumption end 2k and account management server 3k is included.

Be provided with in payment terminals 1k and pay encrypting module 10k and signal madulation module 11k.Pay encrypting module 10k to be first encrypted before payment information needed is modulated into signal transmission, then after being connected to the signal madulation module 11k after paying encrypting module 10k encrypted payment information needed is modulated into signal transmission, be sent to consumption end.

Signal receiving unit 20k is provided with in consumption end 2k.Signal transition module 200k, signal receiving module 201k is provided with again in signal receiving unit 20k.The signal transmission that payment terminals is sent to consumption end by signal transition module 200k changes the signal of telecommunication into.Signal receiving module 201k then carries out demodulation to the signal of telecommunication further.

Be provided with in account management server 3k and pay deciphering module 30k.Pay deciphering module 30k to be decrypted the information after demodulation, to obtain original payment information needed.

Dynamic key device 4k is arranged in account management server 3k.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4k to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4k disposable generation one group key according to algorithm.The third mode be by dynamic key device 4k generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4k generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In Fig. 10, dynamic key device 4k is arranged in account management server 3k.In addition, dynamic key device 4k can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1k) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Figure 11 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Figure 11 and Fig. 1, in the present embodiment, payment terminals 1m, consumption end 2m and account management server 3m is included.

Be provided with in payment terminals 1m and pay scrambling module 10m, pay encrypting module 11m and signal madulation module 12m.First payment scrambling module 10m carries out scrambling process to payment information needed before being positioned at and paying encrypting module 11m.Then in payment encrypting module 11m, the payment information needed through scrambling is encrypted.Consumption end is sent to finally by being connected to after the payment information needed of encrypting through scrambling is modulated into signal transmission by the signal madulation module 12m after paying encrypting module 11m.

Signal receiving unit 20m is provided with in consumption end 2m.Be provided with again signal transition module 200m, signal receiving module 201m in signal receiving unit 20m, pay deciphering module 202m and pay descrambling module 203m.The signal transmission that payment terminals is sent to consumption end by signal transition module 200m changes the signal of telecommunication into.Signal receiving module 201m then carries out demodulation to the signal of telecommunication further.Subsequently, pay deciphering module 202m to be decrypted the information after demodulation.Finally, in payment descrambling module 203m, the information after close to demodulation carries out scramble process, thus obtains original payment information needed.

Dynamic key device 4m is arranged in account management server 3m.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4m to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4m disposable generation one group key according to algorithm.The third mode be by dynamic key device 4m generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4m generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In fig. 11, dynamic key device 4m is arranged in account management server 3m.In addition, dynamic key device 4m can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1m and consumption end 2m) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Figure 12 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Figure 12 and Fig. 1, in the present embodiment, payment terminals 1n, consumption end 2n and account management server 3n is included.

Be provided with in payment terminals 1n and pay encrypting module 10n, pay scrambling module 11n and signal madulation module 12n.First by paying encrypting module 10n, payment information needed being encrypted, then by being connected to the payment scrambling module 11n paid between encrypting module 10n and signal madulation module 12n, scrambling process being carried out to the payment information needed through encryption.Consumption end is sent to after the payment information needed through encrypting scrambling being modulated into signal transmission finally by signal madulation module 12n.

Signal receiving unit 20n is provided with in consumption end 2n.Be provided with again signal transition module 200n, signal receiving module 201n in signal receiving unit 20n, pay descrambling module 202n and pay deciphering module 203n.The signal transmission that payment terminals is sent to consumption end by signal transition module 200n changes the signal of telecommunication into.Signal receiving module 201n then carries out demodulation to the signal of telecommunication further.Subsequently, in payment descrambling module 202n, scramble process is carried out to the information after demodulation.Finally, in payment deciphering module 203n, the demodulation information after process of disturbing is decrypted, thus obtains original payment information needed.

Dynamic key device 4n is arranged in account management server 3n.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4n to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4n disposable generation one group key according to algorithm.The third mode be by dynamic key device 4n generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4n generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In fig. 12, dynamic key device 4n is arranged in account management server 3n.In addition, dynamic key device 4n can also be arranged at this locality (in the present embodiment such as can this locality of payment terminals 1n and consumption end 2n) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Figure 13 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Figure 13 and Fig. 1, in the present embodiment, payment terminals 1p, consumption end 2p and account management server 3p is included.

Be provided with signal madulation module 10p in payment terminals 1p, after payment information needed is modulated into signal transmission, be sent to consumption end.

Signal receiving unit 20p and consumption encrypting module 21p is provided with in consumption end 2p.Signal transition module 200p and signal receiving module 201p is provided with again in signal receiving unit 20p.The signal transmission that payment terminals is sent to consumption end by signal transition module 200p changes the signal of telecommunication into.Signal receiving module 201p then carries out demodulation to the signal of telecommunication further.Consumption encrypting module 21p connection signal transition module 200p, is encrypted the signal of telecommunication be transformed into.Encryption method can be any one in symmetric cryptography, asymmetric encryption or oval encryption, such as common des encryption, 3DES encryption, IDEA encryption, rsa encryption, DSA encryption, AES encryption etc.Consumption encrypting module 21p can be directly be encrypted the signal of telecommunication to the encryption of the signal of telecommunication, also can be combine consumption end information be encrypted, consumption end information comprise signal receiving unit 20p identification information, consumption end temporal information or consumption end geography information in one or more.

In account management server 3p, also comprise consumption deciphering module 30p, be first decrypted by the decipherment algorithm that consumption deciphering module 30p is corresponding according to the cryptographic algorithm of consumption encrypting module 21p, then carry out follow-up operation.

Dynamic key device 4p is arranged in account management server 3p.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4p to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4p disposable generation one group key according to algorithm.The third mode be by dynamic key device 4p generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4p generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In fig. 13, dynamic key device 4p is arranged in account management server 3p.In addition, dynamic key device 4p can also be arranged at this locality (such as can hold this locality of 2p in the present embodiment in consumption) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Figure 14 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Figure 14 and Fig. 1, in the present embodiment, payment terminals 1q, consumption end 2q and account management server 3q is included.

Be provided with in payment terminals 1q and pay encrypting module 10q and signal madulation module 11q.Pay encrypting module 10q to be first encrypted before payment information needed is modulated into signal transmission, then after being connected to the signal madulation module 11q after paying encrypting module 10q encrypted payment information needed is modulated into signal transmission, be sent to consumption end.

Signal receiving unit 20q and consumption encrypting module 21q is provided with in consumption end 2q.Signal transition module 200q and signal receiving module 201q is provided with again in signal receiving unit 20q.Consumption encrypting module 21q connection signal transition module 200q, is encrypted the signal of telecommunication be transformed into.Encryption method can be any one in symmetric cryptography, asymmetric encryption or oval encryption, such as common des encryption, 3DES encryption, IDEA encryption, rsa encryption, DSA encryption, AES encryption etc.Consumption encrypting module 21q can be directly be encrypted the signal of telecommunication to the encryption of the signal of telecommunication, also can be combine consumption end information be encrypted, consumption end information comprise signal receiving unit 20q identification information, consumption end temporal information or consumption end geography information in one or more.

In account management server 3q, be provided with consumption deciphering module 31q and pay deciphering module 32q.First be decrypted by the decipherment algorithm that consumption deciphering module 31q is corresponding according to the cryptographic algorithm of consumption encrypting module 21q.Information transmission after deciphering carries out demodulation to signal receiving module 201q.Signal receiving module 201q then carries out demodulation to the signal of telecommunication further.Finally be decrypted by the decipherment algorithm paying deciphering module 32q corresponding according to the cryptographic algorithm of payment terminals.

Dynamic key device 4q is arranged in account management server 3q.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4q to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4q disposable generation one group key according to algorithm.The third mode be by dynamic key device 4q generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4q generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In fig. 14, dynamic key device 4q is arranged in account management server 3q.In addition, dynamic key device 4q can also be arranged at this locality (such as can hold this locality of 2q in the present embodiment at payment terminals 1q and consumption) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Figure 15 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Figure 15 and Fig. 1, in the present embodiment, payment terminals 1r, consumption end 2r and account management server 3r is included.

Be provided with in payment terminals 1r and pay encrypting module 10r and signal madulation module 11r.Pay encrypting module 10r to be encrypted payment information needed, after then encrypted payment information needed being modulated into signal transmission in signal madulation module 11r, be sent to consumption end.

Signal receiving unit 20r is provided with in consumption end 2r.Be provided with again signal transition module 200r, signal receiving module 201r in signal receiving unit 20r and pay deciphering module 202r.The signal transmission that payment terminals is sent to consumption end by signal transition module 200r changes the signal of telecommunication into.Signal receiving module 201r then carries out demodulation to the signal of telecommunication further.Pay deciphering module 202r and process is decrypted to the information after demodulation.

And in account management server 3r, also comprise account management module 30r, for storing the account related information of user profile, payment account information or payment account that payment terminals is uploaded, and the accounts information after encryption and key are together sent it back payment terminals.Pay the encryption of encrypting module 10r to the information needed for the payment stage to comprise: the key etc. of the account identification that cryptographic storage accounts information, account management server are distributed based on accounts information and payment terminals.

The payment system of the present embodiment includes payment processes server 4r, payment processes server 4r comprise receive Single-Server, account settlement server, ebanking server one or more.The position of payment processes server 4r can be hold with consumption and account management module 30r is connected, and also can not be connected and only connect with account management module 30r with consuming to hold.For the former, payment processes server 4r issues account management module 30r the payment information needed that consumption end exports, account management module 30r finds corresponding payment account information or the account related information of payment account, then returns to payment processes server 4r.For the latter, the payment information needed that consumption end exports issues account management module 30r, and account management module 30r finds corresponding payment account information or the account related information of payment account, then returns to payment processes server 4r.And, between account management module 30r and payment processes server 4r, between payment processes server 4r and consumption end, also carry out the process of encryption and decryption.

Dynamic key device 4r is arranged in account management server 3r.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4r to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4r disposable generation one group key according to algorithm.The third mode be by dynamic key device 4r generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4r generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In fig .15, dynamic key device 4r is arranged in account management server 3r.In addition, dynamic key device 4r can also be arranged at this locality (such as can hold this locality of 2r in the present embodiment at payment terminals 1r and consumption) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Figure 16 shows the schematic diagram of another embodiment of the payment system based on dynamic key of the present invention.Shown in Figure 16 and Fig. 1, in the present embodiment, payment terminals 1s, consumption end 2s and account management server 3s is included.

Be provided with in payment terminals 1s and pay encrypting module 10s and signal madulation module 11s.Pay encrypting module 10s to be encrypted payment information needed, and transfer to signal madulation module 11s that the payment information needed of encryption is modulated into signal transmission.In addition, pay encrypting module 10s also read the hardware identification information of payment terminals and be encrypted.Payment terminals is mobile terminal, hardware identification information be the IMEI of mobile terminal or related information, IMSI code or related information or SIM card identifying information or related information one or more.

Signal receiving unit 20s and consumption encrypting module 21s is provided with in consumption end 2s.Signal receiving unit 20s is integrated in chip or terminal equipment, is provided with again signal transition module 200s and signal receiving module 201s.Consumption encrypting module 21s connection signal transition module 200s, is encrypted the signal of telecommunication be transformed into.Encryption method can be any one in symmetric cryptography, asymmetric encryption or oval encryption, such as common des encryption, 3DES encryption, IDEA encryption, rsa encryption, DSA encryption, AES encryption etc.Consumption encrypting module 21s can be directly be encrypted the signal of telecommunication to the encryption of the signal of telecommunication, also can be combine consumption end information be encrypted, consumption end information comprise signal receiving unit 20s identification information, consumption end temporal information or consumption end geography information in one or more.

In account management server 3s, be provided with consumption deciphering module 31s and pay deciphering module 32s.First be decrypted by the decipherment algorithm that consumption deciphering module 31s is corresponding according to the cryptographic algorithm of consumption encrypting module 21s.Information transmission after deciphering carries out demodulation to signal receiving module 201s.Signal receiving module 201s then carries out demodulation to the signal of telecommunication further.Finally be decrypted by the decipherment algorithm paying deciphering module 32s corresponding according to the cryptographic algorithm of payment terminals.

In addition, in account management server 3s, signal receiving unit administration module 33s is also provided with, for the identification number of storage signal receiving element 20s or the information that is associated with identification number, whether legal to judge the signal receiving unit 20s of current use.The identification number of receiving element 20s comprise the MAC Address of signal receiving unit, one or more or signal receiving unit MAC Address related information of the IMEI code of consumption end or IMSI code or SIM card information, the IMEI code related information of consumption end, IMSI code related information or SIM card related information one or more.

Dynamic key device 4s is arranged in account management server 3s.Dynamically update key and have four kinds of processing modes:

At every turn first kind of way generates different delivering keys by dynamic key device 4s to hold to payment terminals/consumption.At every turn the second way selects at least one to be handed down to payment terminals/consumption end by dynamic key device 4s disposable generation one group key according to algorithm.The third mode be by dynamic key device 4s generate at every turn a group key again according to algorithm select wherein at every turn at least one be handed down to payment terminals/consumption and hold.4th kind of mode is that dynamic key device 4s generates a group key according to pre-defined rule and is handed down to payment terminals/consumption end, from this group key, at least one is selected when payment terminals/consumption end uses, wherein pre-defined rule is regularly generate, or generate after networking, or generate after paying pre-determined number.

In figure 16, dynamic key device 4s is arranged in account management server 3s.In addition, dynamic key device 4s can also be arranged at this locality (such as can hold this locality of 2s in the present embodiment at payment terminals 1s and consumption) of payment terminals/consumption end, also has four kinds of key updating modes accordingly:

Present invention further teaches dynamic key device.As shown in figure 17, contain key generation module in dynamic key device, key generation module generates different keys at every turn and is issued to receiving equipment.In another embodiment, key generation module generates a group key according to pre-defined rule and is issued to receiving equipment, from this group key, select at least one in use by receiving equipment, wherein pre-defined rule is for regularly generating or generating after networking or generate after paying pre-determined number.

As shown in figure 18, dynamic key device of the present invention comprises key generation module and key selection module.Wherein key generation module disposable generation one group key, and key selects model calling key generation module, selects at least one to be issued to receiving equipment from this group key at every turn.

In another embodiment, key generation module generates a group key at every turn.Key selects model calling key generation module, selects at least one to be issued to receiving equipment from each this group key generated at every turn.

The dynamic key device of above-described embodiment indication is arranged in the server or in receiving equipment itself.

Said method illustrated although simplify for making explanation and is described as a series of actions, it should be understood that and understand, these methods not limit by the order of action, because according to one or more embodiment, some actions can occur by different order and/or with from illustrating herein and describe or not shown and to describe but other actions that it will be appreciated by those skilled in the art that occur concomitantly herein.

Those skilled in the art will understand further, and the various illustrative logic plates, module, circuit and the algorithm steps that describe in conjunction with embodiment disclosed herein can be embodied as electronic hardware, computer software or the combination of both.For clearly explaining orally this interchangeability of hardware and software, various illustrative components, frame, module, circuit and step are done vague generalization above with its functional form and are described.This type of is functional is implemented as hardware or software depends on embody rule and puts on the design constraint of total system.Technical staff can realize described functional by different modes for often kind of application-specific, but such realize decision-making and should not be interpreted to and cause having departed from scope of the present invention.

The various illustrative logic plates, module and the circuit that describe in conjunction with embodiment disclosed herein can realize with general processor, digital signal processor (DSP), application-specific integrated circuit (ASIC) (ASIC), field programmable gate array (FPGA) or other programmable logic device, discrete door or transistor logic, discrete nextport hardware component NextPort or its any combination being designed to perform function described herein or perform.General processor can be microprocessor, but in alternative, and this processor can be the processor of any routine, controller, microcontroller or state machine.Processor can also be implemented as the combination of computing equipment, the combination of such as DSP and microprocessor, multi-microprocessor, with one or more microprocessor of DSP central cooperation or any other this type of configure.

The method described in conjunction with embodiment disclosed herein or the step of algorithm can be embodied directly in hardware, in the software module performed by processor or in the combination of both and embody.Software module can reside in the storage medium of RAM memory, flash memory, ROM memory, eprom memory, eeprom memory, register, hard disk, removable dish, CD-ROM or any other form known in the art.Exemplary storage medium is coupled to processor and can reads and written information from/to this storage medium to make this processor.In alternative, storage medium can be integrated into processor.Processor and storage medium can reside in ASIC.ASIC can be in the user terminal resident.In alternative, it is in the user terminal resident that processor and storage medium can be used as discrete assembly.

In one or more exemplary embodiment, described function can realize in hardware, software, firmware or its any combination.If be embodied as computer program in software, then each function can as one or more bar instruction or code storage on a computer-readable medium or mat its transmit.Computer-readable medium comprises computer-readable storage medium and communication media, and it comprises facilitates computer program from a ground to any medium that another ground shifts.Storage medium can be can by any usable medium of computer access.Exemplarily non-limiting, such computer-readable medium can comprise RAM, ROM, EEPROM, CD-ROM or other optical disc storage, disk storage or other magnetic storage apparatus, maybe can be used to carry or store instruction or data structure form desirable program code and can by other medium any of computer access.Any connection is also properly termed a computer-readable medium.Such as, if software be use coaxial cable, fiber optic cables, twisted-pair feeder, digital subscribe lines (DSL) or such as infrared, radio and microwave and so on wireless technology from web site, server or other remote source transmission, then this coaxial cable, fiber optic cables, twisted-pair feeder, DSL or such as infrared, radio and microwave and so on wireless technology are just included among the definition of medium.Dish as used herein (disk) and dish (disc) comprise compact disc (CD), laser dish, laser disc, digital versatile dish (DVD), floppy disk and blu-ray disc, its mid-game (disk) is often with the mode rendering data of magnetic, and dish (disc) laser rendering data to be optically.Above-mentioned combination also should be included in the scope of computer-readable medium.

Thering is provided previous description of the present disclosure is for making any person skilled in the art all can make or use the disclosure.To be all apparent for a person skilled in the art to various amendment of the present disclosure, and generic principles as defined herein can be applied to other variants and can not depart from spirit or scope of the present disclosure.Thus, the disclosure not intended to be is defined to example described herein and design, but the widest scope consistent with principle disclosed herein and novel features should be awarded.

Claims

1., based on a payment system for dynamic key, comprise payment terminals, consumption end and account management server, wherein:

Payment terminals comprises further:

Account management server comprises further:

Payment system comprises encryption and decryption further, wherein:

Payment system comprises further:

2. the payment system based on dynamic key according to claim 1, is characterized in that, dynamic key device is arranged in account management server, and device generates different delivering keys to payment terminals/consumption end at every turn; Or,

3. the payment system based on dynamic key according to claim 1, is characterized in that, dynamic key device is arranged at this locality of payment terminals/consumption end, and device generates different keys by this locality at every turn; Or,

4. the payment system based on dynamic key according to claim 1, is characterized in that, payment system also comprises scrambling and descrambling, wherein:

5. the payment system based on dynamic key according to claim 1, is characterized in that, is encrypted together with the information that consumption encrypting module is encrypted the signal of telecommunication or the signal of telecommunication and consumption is held.

6. the payment system based on dynamic key according to claim 5, is characterized in that, the information of consumption end comprises one or more combinations in the identification information of signal receiving unit, the temporal information of consumption end or the geographical location information of consumption end.

7. the payment system based on dynamic key according to claim 1 or 4, it is characterized in that, account management server comprises further:

8. the payment system based on dynamic key according to claim 7, it is characterized in that, payment system also comprises payment processes server, to hold and account management module is connected with consumption, the payment information needed that consumption end exports is issued account management module, and account management module finds corresponding payment account information or the account related information of payment account, then returns to payment processes server, or

9. the payment system based on dynamic key according to claim 7, is characterized in that, pays encrypting module and is also encrypted the information needed for the payment stage, comprises and uses the information needed for the double secret key payment stage to be encrypted.

10. the payment system based on dynamic key according to claim 1, it is characterized in that, account management server also comprises:

11. payment systems based on dynamic key according to claim 10, it is characterized in that, the identification number of signal receiving unit comprise the MAC Address of signal receiving unit, one or more or signal receiving unit MAC Address related information of the IMEI code of consumption end or IMSI code or SIM card information, the IMEI code related information of consumption end, IMSI code related information or SIM card related information one or more.

12. payment systems based on dynamic key according to claim 7, is characterized in that, described user profile is the hardware identification information of payment terminals.

13. payment systems based on dynamic key according to claim 1, is characterized in that, described signal transmission comprises any one or multi-signal in lightwave signal, acoustic signals, infrared signal, radiofrequency signal.

14. 1 kinds of payment systems based on dynamic key, comprise payment terminals, consumption end and account management server, wherein:

Payment terminals comprises further:

Payment system also comprises encryption and decryption, wherein:

Payment system comprises further:

15. payment systems based on dynamic key according to claim 14, is characterized in that, described signal transmission comprises any one or multi-signal in lightwave signal, acoustic signals, infrared signal, radiofrequency signal.

16. payment systems based on dynamic key according to claim 14, it is characterized in that, dynamic key device is arranged in account management server, and device generates different delivering keys to payment terminals/consumption end at every turn; Or,

17. payment systems based on dynamic key according to claim 14, is characterized in that, dynamic key device is arranged at this locality of payment terminals/consumption end, and device generates different keys by this locality at every turn; Or,

18. payment systems based on dynamic key according to claim 14, it is characterized in that, payment system also comprises scrambling and descrambling, wherein:

19. payment systems based on dynamic key according to claim 14, is characterized in that, encryption method comprise in symmetric cryptography, asymmetric encryption, oval encryption, digital signature one or more.

20. payment systems based on dynamic key according to claim 14, is characterized in that, consumption end encrypting module was encrypted or combined consumption end information to the signal of telecommunication is encrypted.

21. payment systems based on dynamic key according to claim 20, is characterized in that, the information of consumption end comprises one or more combinations in the identification information of signal receiving unit, the temporal information of consumption end or the geographical location information of consumption end.

22. payment systems based on dynamic key according to claim 14 or 18, it is characterized in that, account management server comprises:

23. payment systems based on dynamic key according to claim 22, it is characterized in that, payment system also comprises payment processes server, to hold and account management module is connected with consumption, the payment information needed that consumption end exports is issued account management module, and account management module finds corresponding payment account information or the account related information of payment account, then returns to payment processes server, or

24. payment systems based on dynamic key according to claim 23, is characterized in that, between account management module and payment processes server, and the process also encrypted and decrypted between payment processes server and consumption end.

25. payment systems based on dynamic key according to claim 23, is characterized in that, payment processes server comprise receive Single-Server, account settlement server, ebanking server one or more.

26. payment systems based on dynamic key according to claim 22, is characterized in that, pay encrypting module and are also encrypted the information needed for the payment stage, comprise and use the information needed for the double secret key payment stage to be encrypted.

27. payment systems based on dynamic key according to claim 22, it is characterized in that, described key to comprise for payment terminals paying that information needed is encrypted, payment terminals carries out to paying information needed at least one key that scrambling or payment terminals be encrypted the local information that need store.

28. payment systems based on dynamic key according to claim 14, it is characterized in that, account management server also comprises:

29. payment systems based on dynamic key according to claim 28, it is characterized in that, the identification number of signal receiving unit comprise the MAC Address of signal receiving unit, one or more or signal receiving unit MAC Address related information of the IMEI code of consumption end or IMSI code or SIM card information, the IMEI code related information of consumption end, IMSI code related information or SIM card related information one or more.

30. payment systems based on dynamic key according to claim 22, is characterized in that, described user profile is the hardware identification information of payment terminals.

31. payment systems based on dynamic key according to claim 30, it is characterized in that, payment terminals is mobile terminal, and hardware identification information comprises one or more of the IMEI of mobile terminal or related information or SIM card identifying information or related information or IMSI code or related information.

32. payment systems based on dynamic key according to claim 14, is characterized in that, in the module that signal receiving unit is integrated in chip or comprises chip or terminal equipment.

33. payment systems based on dynamic key according to claim 22, is characterized in that, the key of consumption end is that account management module sends it back or consumption end is local generates.

34. 1 kinds of dynamic key devices, is characterized in that, comprising:

35. 1 kinds of dynamic key devices, is characterized in that, comprising:

Key generation module, disposable generation one group key;

36. 1 kinds of dynamic key devices, is characterized in that, comprising:

Key generation module, each generation one group key;

37. 1 kinds of dynamic key devices, is characterized in that, comprising:

38. dynamic key devices according to any one of claim 34 to 37, is characterized in that, this dynamic key device is arranged in the server or in receiving equipment itself.