CN104486356A - Data transmission method based on internet online tractions - Google Patents

Data transmission method based on internet online tractions Download PDF

Info

Publication number
CN104486356A
CN104486356A CN201410842099.XA CN201410842099A CN104486356A CN 104486356 A CN104486356 A CN 104486356A CN 201410842099 A CN201410842099 A CN 201410842099A CN 104486356 A CN104486356 A CN 104486356A
Authority
CN
China
Prior art keywords
client
information
payment
control platform
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410842099.XA
Other languages
Chinese (zh)
Inventor
高辉
赵迪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhu Leruisi Information Consulting Co Ltd
Original Assignee
Wuhu Leruisi Information Consulting Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhu Leruisi Information Consulting Co Ltd filed Critical Wuhu Leruisi Information Consulting Co Ltd
Priority to CN201410842099.XA priority Critical patent/CN104486356A/en
Publication of CN104486356A publication Critical patent/CN104486356A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/16Payments settled via telecommunication systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Abstract

The invention relates to the technical field of network communication, in particular to a data transmission method based on internet online tractions. The data transmission method based on internet online tractions is especially suitable for an online e-commerce platform, high in secrecy and good in safety. The data transmission method based on internet online tractions comprises the steps that a client-side sends login request information to a control platform, the control platform correspondingly requests and requires to provide authentication request information, the control platform receives a request and feeds back a login application form to the client-side, and the client-side receives user login information, generates a user public and private key pair and stores a public key and a private key; the client-side sends the login application form loaded with a public key certificate and the login information, the control center receives the request and checks the integrity of the application form, the user public key of the application form meeting the requirement is signed through the CA private key, the user public key certificate is generated and stored, and the user public key certificate is issued to the client-side. Compared with the prior art, the method has the advantages of being small in computation burden, low in cost, safe, reliable, and the like.

Description

Based on the data transmission method of the Internet online transaction
Technical field:
The present invention relates to network communication technical field, specifically a kind of strong security, data transmission method based on the Internet online transaction that fail safe is good being specially adapted to online e-commerce platform.
Background technology:
Along with the development of information technology and the universal of smart mobile phone, complete commodity transaction become a reality on the net, ecommerce brings aspectant chance not only to user and enterprise, optimizes resource distribution, and saves retail shop's expense.Current ecommerce develop rapidly, safety and honesty issue become the key link of restriction e-commerce development.Investigation display, have the ability in the consumer of net purchase and not net purchase, 80% is the worry for credit and secure context.Owing to distrusting, current block trade will in off-line transaction, and with high costs, if there is believable service provider, Science in Future in China internet business amount is also by sustainable growth.
Summary of the invention:
The present invention is directed to the shortcoming and defect existed in prior art, propose a kind of strong security, the data transmission method based on the Internet online transaction that fail safe is good that are specially adapted to online e-commerce platform.
The present invention can be reached by following measures:
Based on a data transmission method for the Internet online transaction, it is characterized in that comprising the following steps:
Step 1: client sends registration information to control platform, control platform receives request and client returns application form for registration, and client receives user's registration information, generates user's public private key pair, and stores PKI and private key;
Step 2: client sends the application form for registration being loaded with public key certificate and log-on message to control platform, the request of management and control receive centre also audits the integrality of application form, CA private key is adopted to sign to client public key for satisfactory application form, generate and store client public key certificate, issue client public key certificate to client;
Step 3: client sends to control platform and pays application information, and control platform receives backward client and returns information;
Step 4: client is according to the information input payment information received and Transaction Information, usage data encryption key obtains payment information ciphertext to affiliated payment information encryption, and Hash operation generating messages summary is carried out to payment information ciphertext and Transaction Information, the private key of applications client carries out signature computing to this eap-message digest and generates signing messages, and client sends the payment request message comprising payment information ciphertext, Transaction Information, signing messages and client public key certificate again to control platform;
Step 5: after control platform receives above-mentioned message, application CA PKI carries out parsing to client public key certificate and obtains client public key, user application PKI carries out analytical operation to the signing messages received, form eap-message digest, the hash function that application and client are arranged carries out Hash operation to the payment information ciphertext received and Transaction Information, obtain operation result, operation result and eap-message digest are compared, if identical, then generate payment authentication successful information, payment authentication success, otherwise payment authentication failure, payment failure information is returned to client, or return step 3 and pay next time.
After control platform receives the registration information of client in step 1 of the present invention, back-up storage is carried out to it.
The present invention is when after payment authentication success, control platform application data encryption key is decrypted process to payment information ciphertext, thus acquisition payment information, and the backup information of storage is verified when the payment accounts comprised in payment information and password and control platform being carried out certification, if be verified, then from the payment accounts that payment information comprises, deduct the respective pay amount of money, and payment transaction Transaction Information is fed back to client, otherwise, return payment failure information to client.
Data encryption key of the present invention is that management and control center and client are made an appointment.
The present invention compared with prior art, has operand little, and cost is low, significant advantage such as safe and reliable grade.
Accompanying drawing illustrates:
Accompanying drawing 1 is flow chart of the present invention.
Embodiment:
Below in conjunction with accompanying drawing, the present invention is further illustrated.
As shown in the figure, the present invention proposes a kind of data transmission method based on the Internet online transaction, it is characterized in that comprising the following steps:
Step 1: client sends registration information to control platform, control platform receives request and client returns application form for registration, and client receives user's registration information, generates user's public private key pair, and stores PKI and private key;
Step 2: client sends the application form for registration being loaded with public key certificate and log-on message to control platform, the request of management and control receive centre also audits the integrality of application form, CA private key is adopted to sign to client public key for satisfactory application form, generate and store client public key certificate, issue client public key certificate to client;
Step 3: client sends to control platform and pays application information, and control platform receives backward client and returns information;
Step 4: client is according to the information input payment information received and Transaction Information, usage data encryption key obtains payment information ciphertext to affiliated payment information encryption, and Hash operation generating messages summary is carried out to payment information ciphertext and Transaction Information, the private key of applications client carries out signature computing to this eap-message digest and generates signing messages, and client sends the payment request message comprising payment information ciphertext, Transaction Information, signing messages and client public key certificate again to control platform;
Step 5: after control platform receives above-mentioned message, application CA PKI carries out parsing to client public key certificate and obtains client public key, user application PKI carries out analytical operation to the signing messages received, form eap-message digest, the hash function that application and client are arranged carries out Hash operation to the payment information ciphertext received and Transaction Information, obtain operation result, operation result and eap-message digest are compared, if identical, then generate payment authentication successful information, payment authentication success, otherwise payment authentication failure, return payment failure information to client.
After control platform receives the registration information of client in step 1 of the present invention, back-up storage is carried out to it.
The present invention is when after payment authentication success, control platform application data encryption key is decrypted process to payment information ciphertext, thus acquisition payment information, and the backup information of storage is verified when the payment accounts comprised in payment information and password and control platform being carried out certification, if be verified, then from the payment accounts that payment information comprises, deduct the respective pay amount of money, and payment transaction Transaction Information is fed back to client, otherwise, return payment failure information to client.
Data encryption key of the present invention is that management and control center and client are made an appointment.
The present invention compared with prior art, has operand little, and cost is low, significant advantage such as safe and reliable grade.

Claims (4)

1., based on a data transmission method for the Internet online transaction, it is characterized in that comprising the following steps:
Step 1: client sends registration information to control platform, control platform receives request and client returns application form for registration, and client receives user's registration information, generates user's public private key pair, and stores PKI and private key;
Step 2: client sends the application form for registration being loaded with public key certificate and log-on message to control platform, the request of management and control receive centre also audits the integrality of application form, CA private key is adopted to sign to client public key for satisfactory application form, generate and store client public key certificate, issue client public key certificate to client;
Step 3: client sends to control platform and pays application information, and control platform receives backward client and returns information;
Step 4: client is according to the information input payment information received and Transaction Information, usage data encryption key obtains payment information ciphertext to affiliated payment information encryption, and Hash operation generating messages summary is carried out to payment information ciphertext and Transaction Information, the private key of applications client carries out signature computing to this eap-message digest and generates signing messages, and client sends the payment request message comprising payment information ciphertext, Transaction Information, signing messages and client public key certificate again to control platform;
Step 5: after control platform receives above-mentioned message, application CA PKI carries out parsing to client public key certificate and obtains client public key, user application PKI carries out analytical operation to the signing messages received, form eap-message digest, the hash function that application and client are arranged carries out Hash operation to the payment information ciphertext received and Transaction Information, obtain operation result, operation result and eap-message digest are compared, if identical, then generate payment authentication successful information, payment authentication success, otherwise payment authentication failure, return payment failure information to client.
2. a kind of data transmission method based on the Internet online transaction according to claim 1, after it is characterized in that in step 1, control platform receives the registration information of client, carries out back-up storage to it.
3. a kind of data transmission method based on the Internet online transaction according to claim 1, it is characterized in that when after payment authentication success, control platform application data encryption key is decrypted process to payment information ciphertext, thus acquisition payment information, and the backup information of storage is verified when the payment accounts comprised in payment information and password and control platform being carried out certification, if be verified, then from the payment accounts that payment information comprises, deduct the respective pay amount of money, and payment transaction Transaction Information is fed back to client, otherwise, payment failure information is returned to client.
4. a kind of data transmission method based on the Internet online transaction according to claim 3, is characterized in that described data encryption key is that management and control center and client are made an appointment.
CN201410842099.XA 2014-12-29 2014-12-29 Data transmission method based on internet online tractions Pending CN104486356A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410842099.XA CN104486356A (en) 2014-12-29 2014-12-29 Data transmission method based on internet online tractions

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410842099.XA CN104486356A (en) 2014-12-29 2014-12-29 Data transmission method based on internet online tractions

Publications (1)

Publication Number Publication Date
CN104486356A true CN104486356A (en) 2015-04-01

Family

ID=52760860

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410842099.XA Pending CN104486356A (en) 2014-12-29 2014-12-29 Data transmission method based on internet online tractions

Country Status (1)

Country Link
CN (1) CN104486356A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106022917A (en) * 2016-05-08 2016-10-12 杭州复杂美科技有限公司 Block chain matching exchange scheme
CN106934619A (en) * 2017-03-13 2017-07-07 杭州复杂美科技有限公司 A kind of method and system of transaction record
CN107146079A (en) * 2017-02-15 2017-09-08 中国银联股份有限公司 Transaction payment method and system
CN107301522A (en) * 2017-06-26 2017-10-27 深圳前海华深安信物联技术有限公司 A kind of warehouse receipt system and application method based on block chain
CN107506986A (en) * 2017-08-04 2017-12-22 深圳市雪球科技有限公司 Method of payment and payment system based on security context or credible performing environment
CN107707507A (en) * 2016-08-08 2018-02-16 深圳中电长城信息安全系统有限公司 Control method and system based on safe pool network data transmission
CN107919963A (en) * 2017-12-27 2018-04-17 飞天诚信科技股份有限公司 A kind of authenticator and its implementation
CN111865893A (en) * 2020-05-27 2020-10-30 福建亿能达信息技术股份有限公司 Budget expenditure declaration system, equipment and medium based on public and private key encryption
WO2022116734A1 (en) * 2020-12-04 2022-06-09 华为技术有限公司 Digital certificate issuing method and apparatus, terminal entity, and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020144109A1 (en) * 2001-03-29 2002-10-03 International Business Machines Corporation Method and system for facilitating public key credentials acquisition
CN101719250A (en) * 2009-12-10 2010-06-02 中国联合网络通信集团有限公司 Payment authentication method, platform and system
CN101895847A (en) * 2010-08-02 2010-11-24 刘明晶 Short message service authenticated encryption system and method based on digital certificate
CN102609841A (en) * 2012-01-13 2012-07-25 东北大学 Remote mobile payment system based on digital certificate and payment method
CN103067402A (en) * 2013-01-10 2013-04-24 天地融科技股份有限公司 Method and system for digital certificate generation

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020144109A1 (en) * 2001-03-29 2002-10-03 International Business Machines Corporation Method and system for facilitating public key credentials acquisition
CN101719250A (en) * 2009-12-10 2010-06-02 中国联合网络通信集团有限公司 Payment authentication method, platform and system
CN101895847A (en) * 2010-08-02 2010-11-24 刘明晶 Short message service authenticated encryption system and method based on digital certificate
CN102609841A (en) * 2012-01-13 2012-07-25 东北大学 Remote mobile payment system based on digital certificate and payment method
CN103067402A (en) * 2013-01-10 2013-04-24 天地融科技股份有限公司 Method and system for digital certificate generation

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106022917A (en) * 2016-05-08 2016-10-12 杭州复杂美科技有限公司 Block chain matching exchange scheme
CN107707507A (en) * 2016-08-08 2018-02-16 深圳中电长城信息安全系统有限公司 Control method and system based on safe pool network data transmission
CN107146079A (en) * 2017-02-15 2017-09-08 中国银联股份有限公司 Transaction payment method and system
CN107146079B (en) * 2017-02-15 2020-05-22 中国银联股份有限公司 Transaction payment method and system
CN106934619B (en) * 2017-03-13 2021-07-06 杭州复杂美科技有限公司 Transaction recording method and system
CN106934619A (en) * 2017-03-13 2017-07-07 杭州复杂美科技有限公司 A kind of method and system of transaction record
CN107301522A (en) * 2017-06-26 2017-10-27 深圳前海华深安信物联技术有限公司 A kind of warehouse receipt system and application method based on block chain
CN107506986A (en) * 2017-08-04 2017-12-22 深圳市雪球科技有限公司 Method of payment and payment system based on security context or credible performing environment
CN107919963A (en) * 2017-12-27 2018-04-17 飞天诚信科技股份有限公司 A kind of authenticator and its implementation
CN107919963B (en) * 2017-12-27 2020-10-27 飞天诚信科技股份有限公司 Authenticator and implementation method thereof
CN111865893A (en) * 2020-05-27 2020-10-30 福建亿能达信息技术股份有限公司 Budget expenditure declaration system, equipment and medium based on public and private key encryption
CN111865893B (en) * 2020-05-27 2022-04-01 福建亿能达信息技术股份有限公司 Budget expenditure declaration system, equipment and medium based on public and private key encryption
WO2022116734A1 (en) * 2020-12-04 2022-06-09 华为技术有限公司 Digital certificate issuing method and apparatus, terminal entity, and system

Similar Documents

Publication Publication Date Title
CN104486356A (en) Data transmission method based on internet online tractions
US11270299B2 (en) Methods and systems of using a cryptocurrency system to manage payments and payment alternatives
US11182783B2 (en) Electronic payment method and electronic device using ID-based public key cryptography
US20110085667A1 (en) Various methods and apparatuses for securing an application container
TW201710969A (en) Method and apparatus for facilitating electronic payments using a wearable device
CN110930147B (en) Offline payment method and device, electronic equipment and computer-readable storage medium
CN102722816B (en) A kind of method, system and device of mobile payment
Hassinen et al. Utilizing national public-key infrastructure in mobile payment systems
CN103123706A (en) Management method, device and system of bill payment for another
CN104408622B (en) System and method for realizing electronic transaction confirmation based on independent password equipment
CN102790767B (en) Information safety control method, information safety display equipment and electronic trading system
CN103839157A (en) Electronic payment method, device and system
US20150294309A1 (en) Method, Device and Service Provision Unit for Authenticating a Customer for a Service to be Provided by the Service Provision Unit
JP2015537399A (en) Application system for mobile payment and method for providing and using mobile payment means
CN103914774A (en) O2O safety payment method and system
CN102693478A (en) Trading method of bid security during bidding procedure and system thereof
CN103139210A (en) Method of safety authentication
CN103139737B (en) Cryptographic key negotiation method and device, note secondary-confirmation method, system and equipment
CN111091430A (en) Billing two-dimensional code processing method and system
CN106204034B (en) Using the mutual authentication method and system of interior payment
CN111461799B (en) Data processing method, data processing device, computer equipment and medium
CN110610385A (en) System, method and apparatus for processing information
CN115760082A (en) Digital payment processing method, device, equipment, system and medium
CN106980977B (en) Payment method and system based on Internet of things
KR102263220B1 (en) E-commerce Payment Method using Block Chain

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20150401

WD01 Invention patent application deemed withdrawn after publication