CN105187357A - Two-dimension code verification method and system - Google Patents
Two-dimension code verification method and system Download PDFInfo
- Publication number
- CN105187357A CN105187357A CN201410244532.XA CN201410244532A CN105187357A CN 105187357 A CN105187357 A CN 105187357A CN 201410244532 A CN201410244532 A CN 201410244532A CN 105187357 A CN105187357 A CN 105187357A
- Authority
- CN
- China
- Prior art keywords
- quick response
- response code
- digital signature
- network address
- recorded information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a two-dimension code verification method and system. The method comprises the steps: obtaining two-dimension code record information in a two-dimension code; processing the two-dimension code record information, and obtaining an informative abstract value corresponding to a network address in the two-dimension code record information, and a decrypted digital signature; judging whether the informative abstract value is consistent with the decrypted digital signature or not; and generating a verification result that the two-dimension code is determined to be tampered if the informative abstract value is not consistent with the decrypted digital signature. The system comprises an information obtaining module which is used for obtaining the two-dimension code record information in the two-dimension code; a processing module which is used for processing the informative abstract value corresponding to the network address in the two-dimension code record information, and the decrypted digital signature; a judgment module which is used for judging whether the informative abstract value is consistent with the decrypted digital signature or not, and informing a result generation module if the informative abstract value is not consistent with the decrypted digital signature; and the result generation module which is used for generating the verification result that the two-dimension code is determined to be tampered. The method and system can improve the safety of the two-dimension code.
Description
Technical field
The present invention relates to internet, applications technology, particularly relate to a kind of Quick Response Code authentication method and system.
Background technology
Along with the development of development of Mobile Internet technology, user can use the various Quick Response Code scanning application in mobile terminal to carry out the scanning of Quick Response Code whenever and wherever possible, to realize functions such as paying, register.Such as, when paying for current occurred shopping, by the Quick Response Code in the mobile scanning terminal payment page to obtain the network address information paid, and then complete delivery operation by mobile terminal.
But, carry out Quick Response Code scanning to realize various payment, to register in the process of function at mobile terminal, do not need to carry out security verification to Quick Response Code, make Quick Response Code there is the limitation of fail safe deficiency.
Summary of the invention
Based on this, be necessary that pin provides a kind of Quick Response Code authentication method that can improve two-dimension code safe.
In addition, there is a need to provide a kind of Quick Response Code Verification System that can improve two-dimension code safe.
A kind of Quick Response Code authentication method, comprises the steps:
Obtain the Quick Response Code recorded information in Quick Response Code;
Process described Quick Response Code recorded information to obtain the digital signature of informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering;
Judge that whether described informative abstract value is consistent with the digital signature of described deciphering, if NO, then
Generate the authentication result judging that described Quick Response Code is tampered.
Wherein in an embodiment, before the step of the Quick Response Code recorded information in described acquisition Quick Response Code, described method also comprises:
By described mobile scanning terminal Quick Response Code, to acquire the Quick Response Code recorded information corresponding to described Quick Response Code;
Transmit described Quick Response Code recorded information.
Wherein in an embodiment, the described Quick Response Code recorded information of described process comprises with the step of the digital signature obtaining informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering:
Extract the network address in described Quick Response Code recorded information and digital signature;
Decipher described digital signature, and the network address obtained by described extraction obtains corresponding informative abstract value.
Wherein in an embodiment, before the step of the Quick Response Code recorded information in described acquisition Quick Response Code, described method also comprises:
Obtain the network address of Quick Response Code to be written;
Digital signature is generated by the network address of described Quick Response Code to be written;
Quick Response Code is formed together with being attached to the digital signature of generation the described network address of Quick Response Code to be written.
Wherein in an embodiment, the step that the described network address by described Quick Response Code to be written generates digital signature comprises:
Generate corresponding informative abstract value according to the network address of described Quick Response Code to be written, and encrypt described informative abstract value to obtain digital signature.
A kind of Quick Response Code Verification System, comprising:
Data obtaining module, for obtaining the Quick Response Code recorded information in Quick Response Code;
Processing module, for the treatment of described Quick Response Code recorded information to obtain the digital signature of informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering;
Judge module, for judging that whether described informative abstract value consistent with the digital signature of described deciphering, if NO, then advise fate generation module;
Described result-generation module is for generating the authentication result judging that described Quick Response Code is tampered.
Wherein in an embodiment, described system also comprises:
Mobile terminal, for scanning Quick Response Code, to acquire the Quick Response Code recorded information corresponding to described Quick Response Code, and transmits described Quick Response Code recorded information.
Wherein in an embodiment, described processing module comprises:
Extraction unit, for extracting the network address in described Quick Response Code recorded information and digital signature;
Deciphering computing unit, for deciphering described digital signature, and the network address obtained by described extraction obtains corresponding informative abstract value.
Wherein in an embodiment, described system also comprises:
Address acquisition module, for obtaining the network address of Quick Response Code to be written;
Signature generation module, for generating digital signature by the network address of described Quick Response Code to be written;
Quick Response Code forms module, together with being attached to the digital signature of generation the described network address of Quick Response Code to be written, form Quick Response Code.
Wherein in an embodiment, described signature generation module also for generating corresponding informative abstract value according to the network address of described Quick Response Code to be written, and encrypts described informative abstract value to obtain digital signature.
Above-mentioned Quick Response Code authentication method and system, after obtaining the Quick Response Code recorded information in Quick Response Code, by process Quick Response Code recorded information to obtain the digital signature of informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering, and then informative abstract value corresponding to the checking network address and the consistency between the digital signature of deciphering, if it is consistent with the digital signature of deciphering for determining this informative abstract value, then generate the authentication result judging that the Quick Response Code of mobile terminal Current Scan has been tampered, thus improve the fail safe of Quick Response Code.
Accompanying drawing explanation
Fig. 1 is the Computer Systems Organization schematic diagram realizing Quick Response Code certification in an embodiment;
Fig. 2 is the flow chart of Quick Response Code authentication method in an embodiment;
Fig. 3 is the flow chart of Quick Response Code authentication method in another embodiment;
Fig. 4 is for processing Quick Response Code recorded information to obtain the method flow diagram of the digital signature of informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering in an embodiment;
Fig. 5 is the flow chart of Quick Response Code authentication method in another embodiment;
Fig. 6 is the sequential chart applying Quick Response Code authentication method in an embodiment;
Fig. 7 is the structural representation of Quick Response Code Verification System in an embodiment;
Fig. 8 is the structural representation of processing module in Fig. 7;
Fig. 9 is the structural representation of Quick Response Code Verification System in another embodiment.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
In one embodiment, a kind of Quick Response Code authentication method, the computer system that the method is run as shown in Figure 1.This computer system includes mobile terminal 10 and carries out mutual certificate server 30 with mobile terminal 10.
Wherein, mobile terminal 10 can be smart mobile phone, panel computer etc.Certificate server 30 and mobile terminal 10 carry out alternately, and the Quick Response Code scanned for mobile terminal 10 carries out security verification.
In the present embodiment, as shown in Figure 2, the method comprises the steps:
Step 210, obtains the Quick Response Code recorded information in Quick Response Code.
In the present embodiment, Quick Response Code recorded information can be the information comprised in the Quick Response Code scanned in mobile terminal, also can be the Quick Response Code preserved in the computer such as PC, notebook, such as, for the Quick Response Code that mobile scanning terminal obtains, Quick Response Code is the picture in the scanning page, is obtained by mobile scanning terminal, Quick Response Code recorded information is then reduced to Quick Response Code and obtained, and it can be the form of character string; For the Quick Response Code preserved in computer, Quick Response Code is the picture be stored in computer, by computer, the process that Quick Response Code carries out is obtained to the Quick Response Code recorded information comprised in Quick Response Code.
Step 230, process Quick Response Code recorded information is to obtain the digital signature of informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering.
In the present embodiment, certificate server is after acquiring the Quick Response Code recorded information corresponding with the Quick Response Code of mobile scanning terminal, to process Quick Response Code recorded information, to obtain informative abstract value in this Quick Response Code recorded information corresponding to the network address and decrypted digital signature.
Quick Response Code recorded information includes the network address and digital signature, and the network address will be used for realizing delivery operation that mobile scanning terminal Quick Response Code carries out or operation etc. of registering; Digital signature is then corresponding with the network address in affiliated Quick Response Code recorded information, a digital signature that the network address in each Quick Response Code recorded information is all uniquely corresponding, and then ensures the fail safe of Quick Response Code.
Step 250, judges that whether informative abstract value is consistent with the digital signature of deciphering, if NO, then enters step 270, if yes, then enter step 290.
In the present embodiment, because the network address and digital signature are unique corresponding, therefore, consistency judgement is carried out by the informative abstract value extracted by Quick Response Code recorded information corresponding to the network address that obtains and digital signature, if it is consistent with the digital signature of deciphering to determine informative abstract value, then illustrating that Quick Response Code is not tampered, is legal, and the operations such as user is undertaken paying by this Quick Response Code, register are safe; If it is not consistent with the digital signature of deciphering to determine informative abstract value, then illustrating that Quick Response Code is tampered, is not original Quick Response Code, therefore will generate the authentication result judging that Quick Response Code is tampered, to point out user.
Step 270, generates the authentication result judging that Quick Response Code is tampered.
In the present embodiment, certificate server after generating and judging the authentication result that is tampered of Quick Response Code, by return authentication result, stop current undertaken by Quick Response Code payment, the operation such as to register, and then ensure that user security.
Step 290, generates the authentication result judging that Quick Response Code is not tampered.
As shown in Figure 3, in one embodiment, before above-mentioned steps 210, method as above also comprises the steps:
Step 310, by mobile scanning terminal Quick Response Code, to acquire the Quick Response Code recorded information corresponding to Quick Response Code.
In the present embodiment, the aspects such as the Quick Response Code of mobile scanning terminal can be applicable to payment, business card exchanges and register are according to the figure of certain rule in the upper distribution of plane (two-dimensional directional) with specific geometric figure.After mobile scanning terminal Quick Response Code, obtain corresponding Quick Response Code recorded information by by resolving Quick Response Code.
Step 330, transmits Quick Response Code recorded information.
In the present embodiment, after the Quick Response Code recorded information that the Quick Response Code that mobile terminal obtains scanning is corresponding, Quick Response Code recorded information is passed in certificate server, after being verified by the fail safe of certificate server to Quick Response Code, mobile terminal can use the functions such as this Quick Response Code realizes payment, business card exchanges and register safely.
As shown in Figure 4, in one embodiment, above-mentioned steps 230 comprises:
Step 231, extracts the network address in Quick Response Code recorded information and digital signature.
In the present embodiment, certificate server will obtain the network address and digital signature by extracting in Quick Response Code recorded information, and wherein, digital signature is encrypted a string character.
Step 233, decrypted digital signature, and obtain corresponding informative abstract value by extracting the network address obtained.
In the present embodiment, PKI in certificate server will be enumerated, to be decrypted the digital signature extracted, now, accordingly, also carry out Hash calculation (MD5 calculates, and Message-DigestAlgorithm5 calculates), to obtain the informative abstract value corresponding to the network address by extracting the network address obtained.
As shown in Figure 5, in another embodiment, before above-mentioned steps 210, method as above also comprises the steps:
Step 510, obtains the network address of Quick Response Code to be written.
In the present embodiment, the provider by the network address is acquired the network address of Quick Response Code to be written, so that generate corresponding Quick Response Code by the network address of this acquisition.Such as, the network address of Quick Response Code to be written can be the network address that user passes through to pay when scanning Quick Response Code realizes paying corresponding to the page, also can be that user passes through to scan the network address of registering corresponding to the page when Quick Response Code realization is registered.
The user of corresponding application Quick Response Code is sent to certificate server by the network address of Quick Response Code to be written, such as, the businessman of user corresponding to current shopping of application Quick Response Code, or the server of registering corresponding to the page, so that generated the Quick Response Code that can ensure its fail safe by certificate server.
Step 530, generates digital signature by the network address of Quick Response Code to be written.
In the present embodiment, the detailed process of above-mentioned steps 530 is: generate corresponding informative abstract value according to the network address of Quick Response Code to be written, and enciphered message digest value is to obtain digital signature.
Hash calculation is carried out to the network address of Quick Response Code to be written and obtains informative abstract value, and then the informative abstract value obtained is encrypted and can be obtained.Wherein, the encryption that informative abstract value is carried out is realized by the private key distributed.
Concrete, for the user of each application Quick Response Code, certificate server is its PKI being assigned with a pair pairing and private key, wherein, the user that private key is applied Quick Response Code had, corresponding PKI is then stored in certificate server so that in follow-up Quick Response Code proof procedure decrypted digital signature.
Step 550, forms Quick Response Code together with being attached to the network address of Quick Response Code to be written with the digital signature of generation.
In the present embodiment, the digital signature of generation is added in the network address of lower Quick Response Code to be written, concrete, first the network address of Quick Response Code to be written is formed character string according to certain format, then the digital signature of generation is additional in formed character string, such as, the digital signature of generation can be additional to the tail of string formed by the network address of Quick Response Code to be written, together with being attached to the digital signature of generation the network address of Quick Response Code to be written.
Now, the character string formed together with being attached to the digital signature of generation the network address of Quick Response Code to be written carries out changing to be formed the form of figure, and this picture is Quick Response Code.
After server to be certified generates Quick Response Code, the user of application Quick Response Code will be returned to, so that be shown in the scanning carrying out Quick Response Code in the corresponding page for mobile terminal.
Above-mentioned Quick Response Code authentication method is elaborated below in conjunction with a specific embodiment.In this embodiment, the Quick Response Code shown by the scan for networks page is realized payment function.Concrete, the purchase address under the effect of certificate server corresponding to each commodity is provided corresponding Quick Response Code by businessman, and user's hand-held mobile terminal scanning Quick Response Code can realize paying, to complete the purchase of commodity.
As shown in Figure 6, businessman is the user of application Quick Response Code, and certificate server is PKI and the private key that businessman is assigned with a pair pairing, and wherein, PKI is stored in certificate server, and it is all to be labeled as this businessman, and private key then returns to businessman.
Businessman can to the purchase address of each commodity to the corresponding Quick Response Code of certificate server application, so that the Quick Response Code realizing commodity pays.
Businessman is using the network address of the purchase address of commodity as Quick Response Code to be written, be sent in the lump in certificate server with private key, by certificate server, Hash calculation is carried out to obtain informative abstract value to the network address, and by the private key that receives in the lump, informative abstract value is encrypted and obtains digital signature.
Together with the digital signature obtained is attached to the network address by certificate server, such as form the < network address | the form of digital signature >, and then the Quick Response Code of generating pictures form, and return to businessman, to be shown in the page corresponding to commodity.
The user buying commodity will by mobile scanning terminal Quick Response Code, and parsing obtains Quick Response Code recorded information, is sent in certificate server.
Certificate server is by the network address in extraction Quick Response Code recorded information and digital signature, enumerate several PKIs of storage, to obtain the PKI being applicable to carrying out digital signature, the PKI namely belonging to businessman, and then the deciphering that the PKI obtained carries out digital signature is enumerated in employing.
Accordingly, certificate server also will calculate the informative abstract value in Quick Response Code recorded information corresponding to the network address, carry out consistency checking with the digital signature by deciphering and the current informative abstract value calculated.
If the digital signature and the current informative abstract value calculated that determine deciphering are consistent, the situation that the Quick Response Code that mobile terminal scans is not distorted then is described, is that businessman provides originally, therefore, by the authentication result that generation Quick Response Code is not tampered, and return to mobile terminal.
If the digital signature and the current informative abstract value calculated that determine deciphering are not consistent, the Quick Response Code that then explanation mobile terminal scans there occurs to be distorted, this Quick Response Code can not be used to pay, this Quick Response Code may be a Quick Response Code forged, therefore, by the authentication result that generation Quick Response Code is tampered, and return to mobile terminal.
As shown in Figure 7, in one embodiment, a kind of Quick Response Code Verification System, comprises data obtaining module 710, processing module 730, judge module 750 and result-generation module 770.
Data obtaining module 710, for obtaining the Quick Response Code recorded information in Quick Response Code.
In the present embodiment, Quick Response Code recorded information can be the information comprised in the Quick Response Code scanned in mobile terminal, also can be the Quick Response Code preserved in the computer such as PC, notebook, such as, for the Quick Response Code that mobile scanning terminal obtains, Quick Response Code is the picture in the scanning page, is obtained by mobile scanning terminal, Quick Response Code recorded information is then reduced to Quick Response Code and obtained, and it can be the form of character string; For the Quick Response Code preserved in computer, Quick Response Code is the picture be stored in computer, by computer to processing of carrying out of Quick Response Code the Quick Response Code recorded information that comprises in Quick Response Code.
Processing module 730, for the treatment of Quick Response Code recorded information to obtain the digital signature of informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering.
In the present embodiment, certificate server is after acquiring the Quick Response Code recorded information corresponding with the Quick Response Code of mobile scanning terminal, processing module 730 will process Quick Response Code recorded information, to obtain informative abstract value in this Quick Response Code recorded information corresponding to the network address and decrypted digital signature.
Quick Response Code recorded information includes the network address and digital signature, and the network address will be used for realizing delivery operation that mobile scanning terminal Quick Response Code carries out or operation etc. of registering; Digital signature is then corresponding with the network address in affiliated Quick Response Code recorded information, a digital signature that the network address in each Quick Response Code recorded information is all uniquely corresponding, and then ensures the fail safe of Quick Response Code.
Judge module 750, for judging that whether informative abstract value is consistent with the digital signature of deciphering, if NO, then advise fate generation module 770 generates the authentication result judging that Quick Response Code is tampered, if yes, then advise fate generation module 770 generates the authentication result judging that Quick Response Code is not tampered.
In the present embodiment, because the network address and digital signature are unique corresponding, therefore, judge module 750 carries out consistency judgement by the informative abstract value extracted by Quick Response Code recorded information corresponding to the network address that obtains and digital signature, if it is consistent with the digital signature of deciphering to determine informative abstract value, then illustrating that Quick Response Code is not tampered, is legal, and the operations such as user is undertaken paying by this Quick Response Code, register are safe; If it is not consistent with the digital signature of deciphering to determine informative abstract value, then illustrating that Quick Response Code is tampered, is not original Quick Response Code, therefore will generate the authentication result judging that Quick Response Code is tampered, to point out user.
Result-generation module 770 in certificate server after generating and judging the authentication result that is tampered of Quick Response Code, and returns this authentication result, stop current undertaken by Quick Response Code payment, the operation such as to register, and then ensure that user security.
In one embodiment, Quick Response Code Verification System as above further comprises mobile terminal, and this mobile terminal, for scanning Quick Response Code, to acquire the Quick Response Code recorded information corresponding to Quick Response Code, and transmits Quick Response Code recorded information.
In the present embodiment, the aspects such as the Quick Response Code of mobile scanning terminal can be applicable to payment, business card exchanges and register are according to the figure of certain rule in the upper distribution of plane (two-dimensional directional) with specific geometric figure.After mobile scanning terminal Quick Response Code, obtain corresponding Quick Response Code recorded information by by resolving Quick Response Code.
After the Quick Response Code recorded information that the Quick Response Code that mobile terminal obtains scanning is corresponding, Quick Response Code recorded information is passed in certificate server, after being verified by the fail safe of certificate server to Quick Response Code, mobile terminal can use the functions such as this Quick Response Code realizes payment, business card exchanges and register safely.
As shown in Figure 8, in one embodiment, above-mentioned processing module 730 includes extraction unit 731 and deciphering computing unit 733.
Extraction unit 731, for extracting the network address in Quick Response Code recorded information and digital signature.
In the present embodiment, extraction unit 731 will obtain the network address and digital signature by extracting in Quick Response Code recorded information, and wherein, digital signature is encrypted a string character.
Deciphering computing unit 733, for decrypted digital signature, and obtains corresponding informative abstract value by extracting the network address obtained.
In the present embodiment, deciphering computing unit 733 will enumerate the PKI in certificate server, to be decrypted the digital signature extracted, now, accordingly, also Hash calculation is carried out, to obtain the informative abstract value corresponding to the network address by extracting the network address obtained.
As shown in Figure 9, in one embodiment, system as above further comprises address acquisition module 910, signature generation module 930 and Quick Response Code and forms module 950.
Address acquisition module 910, for obtaining the network address of Quick Response Code to be written.
In the present embodiment, the provider by the network address is acquired the network address of Quick Response Code to be written by address acquisition module 910, so that generate corresponding Quick Response Code by the network address of this acquisition.Such as, the network address of Quick Response Code to be written can be the network address that user passes through to pay when scanning Quick Response Code realizes paying corresponding to the page, also can be that user passes through to scan the network address of registering corresponding to the page when Quick Response Code realization is registered.
The user of corresponding application Quick Response Code is sent to certificate server by the network address of Quick Response Code to be written, such as, the businessman of user corresponding to current shopping of application Quick Response Code, or the server of registering corresponding to the page, so that generated the Quick Response Code that can ensure its fail safe by certificate server.
Signature generation module 930, for generating digital signature by the network address of Quick Response Code to be written.
In the present embodiment, signature generation module 930 generates corresponding informative abstract value according to the network address of Quick Response Code to be written, and enciphered message digest value is to obtain digital signature.
Signature generation module 930 is carried out Hash calculation to the network address of Quick Response Code to be written and is obtained informative abstract value, and then is encrypted can obtains the informative abstract value obtained.Wherein, the encryption that informative abstract value is carried out is realized by the private key distributed.
Concrete, for the user of each application Quick Response Code, certificate server is its PKI being assigned with a pair pairing and private key, wherein, the user that private key is applied Quick Response Code had, corresponding PKI is then stored in certificate server so that in follow-up Quick Response Code proof procedure decrypted digital signature.
Quick Response Code forms module 950, together with being attached to the digital signature of generation the network address of Quick Response Code to be written, form Quick Response Code.
In the present embodiment, Quick Response Code forms module 950 and the digital signature of generation is added in the network address of lower Quick Response Code to be written, concrete, first the network address of Quick Response Code to be written is formed character string according to certain format, then the digital signature of generation is additional in formed character string, such as, the digital signature of generation can be additional to the tail of string formed by the network address of Quick Response Code to be written, together with being attached to the digital signature of generation the network address of Quick Response Code to be written.
Now, the character string formed together with being attached to the digital signature of generation the network address of Quick Response Code to be written carries out changing to be formed the form of figure, and this picture is Quick Response Code.
After server to be certified generates Quick Response Code, the user of application Quick Response Code will be returned to, so that be shown in the scanning carrying out Quick Response Code in the corresponding page for mobile terminal.
One of ordinary skill in the art will appreciate that all or part of flow process realized in above-described embodiment method, that the hardware that can carry out instruction relevant by computer program has come, described program can be stored in a computer read/write memory medium, as in the embodiment of the present invention, this program can be stored in the storage medium of computer system, and performed by least one processor in this computer system, to realize the flow process of the embodiment comprised as above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-OnlyMemory, ROM) or random store-memory body (RandomAccessMemory, RAM) etc.
The above embodiment only have expressed several execution mode of the present invention, and it describes comparatively concrete and detailed, but therefore can not be interpreted as the restriction to the scope of the claims of the present invention.It should be pointed out that for the person of ordinary skill of the art, without departing from the inventive concept of the premise, can also make some distortion and improvement, these all belong to protection scope of the present invention.Therefore, the protection range of patent of the present invention should be as the criterion with claims.
Claims (10)
1. a Quick Response Code authentication method, comprises the steps:
Obtain the Quick Response Code recorded information in Quick Response Code;
Process described Quick Response Code recorded information to obtain the digital signature of informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering;
Judge that whether described informative abstract value is consistent with the digital signature of described deciphering, if NO, then
Generate the authentication result judging that described Quick Response Code is tampered.
2. method according to claim 1, is characterized in that, before the step of the Quick Response Code recorded information in described acquisition Quick Response Code, described method also comprises:
By described mobile scanning terminal Quick Response Code, to acquire the Quick Response Code recorded information corresponding to described Quick Response Code;
Transmit described Quick Response Code recorded information.
3. method according to claim 1, is characterized in that, the described Quick Response Code recorded information of described process comprises with the step of the digital signature obtaining informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering:
Extract the network address in described Quick Response Code recorded information and digital signature;
Decipher described digital signature, and the network address obtained by described extraction obtains corresponding informative abstract value.
4. method according to claim 1, is characterized in that, before the step of the Quick Response Code recorded information in described acquisition Quick Response Code, described method also comprises:
Obtain the network address of Quick Response Code to be written;
Digital signature is generated by the network address of described Quick Response Code to be written;
Quick Response Code is formed together with being attached to the digital signature of generation the described network address of Quick Response Code to be written.
5. method according to claim 4, is characterized in that, the step that the described network address by described Quick Response Code to be written generates digital signature comprises:
Generate corresponding informative abstract value according to the network address of described Quick Response Code to be written, and encrypt described informative abstract value to obtain digital signature.
6. a Quick Response Code Verification System, is characterized in that, comprising:
Data obtaining module, for obtaining the Quick Response Code recorded information in Quick Response Code;
Processing module, for the treatment of described Quick Response Code recorded information to obtain the digital signature of informative abstract value in Quick Response Code recorded information corresponding to the network address and deciphering;
Judge module, for judging that whether described informative abstract value consistent with the digital signature of described deciphering, if NO, then advise fate generation module;
Described result-generation module is for generating the authentication result judging that described Quick Response Code is tampered.
7. system according to claim 6, is characterized in that, described system also comprises:
Mobile terminal, for scanning Quick Response Code, to acquire the Quick Response Code recorded information corresponding to described Quick Response Code, and transmits described Quick Response Code recorded information.
8. method according to claim 6, is characterized in that, described processing module comprises:
Extraction unit, for extracting the network address in described Quick Response Code recorded information and digital signature;
Deciphering computing unit, for deciphering described digital signature, and the network address obtained by described extraction obtains corresponding informative abstract value.
9. system according to claim 6, is characterized in that, described system also comprises:
Address acquisition module, for obtaining the network address of Quick Response Code to be written;
Signature generation module, for generating digital signature by the network address of described Quick Response Code to be written;
Quick Response Code forms module, together with being attached to the digital signature of generation the described network address of Quick Response Code to be written, form Quick Response Code.
10. system according to claim 9, is characterized in that, described signature generation module also for generating corresponding informative abstract value according to the network address of described Quick Response Code to be written, and encrypts described informative abstract value to obtain digital signature.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410244532.XA CN105187357A (en) | 2014-06-04 | 2014-06-04 | Two-dimension code verification method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410244532.XA CN105187357A (en) | 2014-06-04 | 2014-06-04 | Two-dimension code verification method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105187357A true CN105187357A (en) | 2015-12-23 |
Family
ID=54909203
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410244532.XA Pending CN105187357A (en) | 2014-06-04 | 2014-06-04 | Two-dimension code verification method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105187357A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105182396A (en) * | 2015-06-29 | 2015-12-23 | 苏州瑞派宁科技有限公司 | Detector signal readout channel multiplexing method |
| CN106022738A (en) * | 2016-06-02 | 2016-10-12 | 中国联合网络通信集团有限公司 | Two-dimensional code safety payment method, terminal, and system |
| CN107464105A (en) * | 2017-09-15 | 2017-12-12 | 深圳天珑无线科技有限公司 | Device pays interactive authentication method and its system |
| CN108347469A (en) * | 2017-01-24 | 2018-07-31 | 西门子公司 | Item Information transmission method, device and system in a kind of Internet of Things |
| CN109495268A (en) * | 2017-09-12 | 2019-03-19 | 中国移动通信集团公司 | A kind of two dimension code authentication method, device and computer readable storage medium |
| CN109658091A (en) * | 2018-12-13 | 2019-04-19 | 青岛博宁福田智能交通科技发展有限公司 | Service implementation method, system, equipment and storage medium based on two-dimension code |
| CN111583482A (en) * | 2020-04-29 | 2020-08-25 | 三仟(杭州)数字科技有限公司 | Access control system based on two-dimensional code and control method thereof |
| CN112804320A (en) * | 2021-01-04 | 2021-05-14 | 德施曼机电(中国)有限公司 | Lock control APP downloading method and system of intelligent door lock |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1349179A (en) * | 2001-12-03 | 2002-05-15 | 上海电子商务安全证书管理中心有限公司 | Electronic signature anti-fake method and device |
| EP2211499A1 (en) * | 2007-11-16 | 2010-07-28 | Fujitsu Ten Limited | Authentication method, authentication system, on-vehicle device, and authentication device |
| CN102750510A (en) * | 2012-06-19 | 2012-10-24 | 袁开国 | Credible two-dimensional code scheme based on public key infrastructure (PKI) and HASH algorithm |
| CN102779263A (en) * | 2012-06-19 | 2012-11-14 | 袁开国 | Credible two-dimensional code scheme based on public key infrastructure (PKI) and digital signature |
| CN103065244A (en) * | 2011-10-18 | 2013-04-24 | 杨筑平 | Two-dimensional barcode anti-counterfeiting, checking and service method |
| CN103226688A (en) * | 2013-02-28 | 2013-07-31 | 中国地质大学(武汉) | Authentication method for preventing two-dimension code from being tampered and faked |
| CN103295046A (en) * | 2013-06-13 | 2013-09-11 | 北京网秦天下科技有限公司 | Method and device for generating and using safe two-dimensional codes |
-
2014
- 2014-06-04 CN CN201410244532.XA patent/CN105187357A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1349179A (en) * | 2001-12-03 | 2002-05-15 | 上海电子商务安全证书管理中心有限公司 | Electronic signature anti-fake method and device |
| EP2211499A1 (en) * | 2007-11-16 | 2010-07-28 | Fujitsu Ten Limited | Authentication method, authentication system, on-vehicle device, and authentication device |
| CN103065244A (en) * | 2011-10-18 | 2013-04-24 | 杨筑平 | Two-dimensional barcode anti-counterfeiting, checking and service method |
| CN102750510A (en) * | 2012-06-19 | 2012-10-24 | 袁开国 | Credible two-dimensional code scheme based on public key infrastructure (PKI) and HASH algorithm |
| CN102779263A (en) * | 2012-06-19 | 2012-11-14 | 袁开国 | Credible two-dimensional code scheme based on public key infrastructure (PKI) and digital signature |
| CN103226688A (en) * | 2013-02-28 | 2013-07-31 | 中国地质大学(武汉) | Authentication method for preventing two-dimension code from being tampered and faked |
| CN103295046A (en) * | 2013-06-13 | 2013-09-11 | 北京网秦天下科技有限公司 | Method and device for generating and using safe two-dimensional codes |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105182396A (en) * | 2015-06-29 | 2015-12-23 | 苏州瑞派宁科技有限公司 | Detector signal readout channel multiplexing method |
| CN106022738A (en) * | 2016-06-02 | 2016-10-12 | 中国联合网络通信集团有限公司 | Two-dimensional code safety payment method, terminal, and system |
| CN108347469A (en) * | 2017-01-24 | 2018-07-31 | 西门子公司 | Item Information transmission method, device and system in a kind of Internet of Things |
| US10755238B2 (en) | 2017-01-24 | 2020-08-25 | Siemens Aktiengesellschaft | Transmission method, apparatus and system |
| CN108347469B (en) * | 2017-01-24 | 2021-11-16 | 西门子公司 | Method, device and system for transmitting article information in Internet of things |
| CN109495268A (en) * | 2017-09-12 | 2019-03-19 | 中国移动通信集团公司 | A kind of two dimension code authentication method, device and computer readable storage medium |
| CN109495268B (en) * | 2017-09-12 | 2020-12-29 | 中国移动通信集团公司 | Two-dimensional code authentication method and device and computer readable storage medium |
| CN107464105A (en) * | 2017-09-15 | 2017-12-12 | 深圳天珑无线科技有限公司 | Device pays interactive authentication method and its system |
| CN109658091A (en) * | 2018-12-13 | 2019-04-19 | 青岛博宁福田智能交通科技发展有限公司 | Service implementation method, system, equipment and storage medium based on two-dimension code |
| CN111583482A (en) * | 2020-04-29 | 2020-08-25 | 三仟(杭州)数字科技有限公司 | Access control system based on two-dimensional code and control method thereof |
| CN112804320A (en) * | 2021-01-04 | 2021-05-14 | 德施曼机电(中国)有限公司 | Lock control APP downloading method and system of intelligent door lock |
| CN112804320B (en) * | 2021-01-04 | 2023-02-28 | 德施曼机电(中国)有限公司 | Lock control APP downloading method and system of intelligent door lock |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11323272B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| CN105187357A (en) | Two-dimension code verification method and system | |
| KR101853610B1 (en) | Digital signature authentication system based on biometric information and digital signature authentication method thereof | |
| KR102477453B1 (en) | Transaction messaging | |
| RU2018105186A (en) | VERIFICATION OF PORTABLE CONSUMER DEVICES | |
| US9734091B2 (en) | Remote load and update card emulation support | |
| CN111742314B (en) | Biometric sensor on portable device | |
| JP6585038B2 (en) | Systems and methods for encryption | |
| CN105515783A (en) | Identity authentication method, server and authentication terminal | |
| CN102801710A (en) | Networked transaction method and system | |
| CN102790767B (en) | Information safety control method, information safety display equipment and electronic trading system | |
| KR20190038938A (en) | SYSTEM, METHOD, AND SERVER COMPUTER SYSTEM FOR IMPLEMENTING CONVERTING ONE entity in a heterogeneous communication network environment to a verifiably authenticated entity | |
| CN104715370A (en) | Method and system for carrying out safety payment based on encrypted two-dimension code | |
| EP3151180A1 (en) | Identification method and system | |
| CN111161056A (en) | Method, system and equipment for improving transaction security of digital assets | |
| KR101638787B1 (en) | Mobile ticket security system and method of based location information and terminal unique number | |
| CN107872321B (en) | Electronic identity authentication method and electronic identity terminal equipment | |
| CN114463012A (en) | Authentication method, payment method, device and equipment | |
| KR20130009890A (en) | The security online payment system and those methods based on two dimensions code scanning with a device containing encrypted payment authentication information | |
| CN103746802A (en) | Data processing method based on coordination secret keys and mobile phone | |
| KR20130016145A (en) | The security online payment system and those methods based on two dimensions code scanning with a device containing encrypted payment authentication information | |
| CN103813321B (en) | Agreement key based data processing method and mobile phone | |
| CN105427102A (en) | Financial IC card based authentication method and corresponding device and system | |
| CN110197245B (en) | Double-code two-dimensional code and cross-platform interaction method thereof | |
| CN105634741A (en) | Identity authentication method based on trusted tag and identity authentication system based on trusted tag |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151223 |
|
| RJ01 | Rejection of invention patent application after publication |