CN105373924B - System for providing safe payment function for terminal equipment - Google Patents

System for providing safe payment function for terminal equipment Download PDF

Info

Publication number
CN105373924B
CN105373924B CN201510654031.3A CN201510654031A CN105373924B CN 105373924 B CN105373924 B CN 105373924B CN 201510654031 A CN201510654031 A CN 201510654031A CN 105373924 B CN105373924 B CN 105373924B
Authority
CN
China
Prior art keywords
data
user
chip
data security
biological characteristic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510654031.3A
Other languages
Chinese (zh)
Other versions
CN105373924A (en
Inventor
程杰
刘宏伟
高万鹏
芦嘉鹏
赵建波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Zhongtian Xin'an Technology Co ltd
Howell Technology Beijing Co ltd
Original Assignee
Beijing Zhongtian Xin'an Technology Co ltd
Howell Technology Beijing Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Zhongtian Xin'an Technology Co ltd, Howell Technology Beijing Co ltd filed Critical Beijing Zhongtian Xin'an Technology Co ltd
Priority to CN201510654031.3A priority Critical patent/CN105373924B/en
Publication of CN105373924A publication Critical patent/CN105373924A/en
Application granted granted Critical
Publication of CN105373924B publication Critical patent/CN105373924B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a system for providing a safe payment function for terminal equipment, which comprises: the system comprises a baseband chip, a standard transmission interface, a biological characteristic collector and a data security chip which are integrated together; wherein: the biological characteristic collector is used for collecting the characteristics of the face, the iris, the fingerprint, the finger vein and the voiceprint of the user; the data security chip is used for carrying out data security processing and storage on the acquired biological characteristics of the user and the transaction data and is also used for carrying out user identity verification based on the user characteristics after the data security processing during payment; the standard transmission interface is used for realizing data communication between the baseband chip and the biological characteristic collector and the data security chip; and the baseband chip is used for realizing the data communication between the system and the server so as to realize mobile payment and/or authentication. The method disclosed by the invention aims to solve the problem of encryption of the biological characteristic data, does not need to expand an external interface, and has high integration level and low cost.

Description

System for providing safe payment function for terminal equipment
Technical Field
The invention relates to the technical field of security authentication, in particular to a system for providing a security payment function for terminal equipment.
Background
With the continuous reduction of the cost and the gradual improvement of the precision of a microprocessor and various electronic components, the biological identification system is widely applied to the fields of commercial authorization control such as entrance guard, enterprise attendance management, system security authentication, online payment authentication and the like. The biological characteristics used for biological recognition include human face, iris, fingerprint, finger vein, voice print, etc. Based on these features, various biometric identification technologies such as face recognition, iris recognition, fingerprint recognition, finger vein recognition, voice print recognition, and the like have been developed.
Although the biometric-based authentication technology is convenient to use and unique and reliable in authentication, the fatal problems are that logout cannot be performed once the biometric-based authentication technology is stolen, ways of revealing the biometric feature are numerous, and revocation cannot be performed once the biometric-based authentication technology is forged, so that encryption of biometric information is particularly important.
Disclosure of Invention
The invention aims to provide a system for providing a secure payment function for terminal equipment, which aims to solve the problem of encryption of biological characteristic data, does not need to expand an external interface, and has high integration level and low cost.
The purpose of the invention is realized by the following technical scheme:
a system for providing secure payment functionality towards a terminal device, comprising: the system comprises a baseband chip, a standard transmission interface, a biological characteristic collector and a data security chip which are integrated together; wherein:
the biological characteristic collector is used for collecting the characteristics of the face, the iris, the fingerprint, the finger vein and the voiceprint of the user;
the data security chip is used for carrying out data security processing and storage on the acquired biological characteristics of the user and the transaction data and is also used for carrying out user identity verification based on the user characteristics after the data security processing during payment;
the standard transmission interface is used for realizing data communication between the baseband chip and the biological characteristic collector and the data security chip;
and the baseband chip is used for realizing the data communication between the system and the server so as to realize mobile payment and/or authentication.
The biometric collector comprises: image sensor, fingerprint sensor and adapter.
The data security chip includes:
the data encryption module is used for generating new public and private key pairs or encrypting the acquired user biological characteristics and the transaction data by using the existing public and private key pairs;
the digital signature module is used for carrying out digital signature on the encrypted data and the user information;
the safe storage area is used for storing the data processed by the data encryption module and the digital signature module;
and the identity authentication module is used for verifying the identity of the user based on the data stored in the secure storage area during payment and also used for verifying the identity of the server side during payment.
The baseband chip includes: a communication chip supporting a wireless communication mode and/or supporting a non-contact communication mode.
The standard transmission interface comprises: MIPI interface, I2C or SPI interface.
The terminal device includes: cell phones, tablet computers, and other handheld devices.
According to the technical scheme provided by the invention, the biological characteristic collector and the data security chip are integrated on one module, so that the integration level is high, and the cost is saved; meanwhile, the security of the related data can be ensured by encrypting the biological characteristics through the data security chip.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
Fig. 1 is a schematic diagram of a system for providing a secure payment function to a terminal device according to an embodiment of the present invention;
fig. 2 is a flowchart of a system for providing a secure payment function to a terminal device according to an embodiment of the present invention;
fig. 3 is a flowchart of a system for providing a secure payment function to a terminal device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a schematic diagram of a system for providing a secure payment function for a terminal device according to an embodiment of the present invention. As shown in fig. 1, it mainly includes:
the system comprises a baseband chip, a standard transmission interface, a biological characteristic collector and a data security chip which are integrated together; wherein:
the biological characteristic collector is used for collecting the characteristics of the face, the iris, the fingerprint, the finger vein and the voiceprint of the user;
the data security chip is used for carrying out data security processing and storage on the acquired biological characteristics of the user and the transaction data and is also used for carrying out user identity verification based on the user characteristics after the data security processing during payment;
the standard transmission interface is used for realizing data communication between the baseband chip and the biological characteristic collector and the data security chip;
and the baseband chip is used for realizing the data communication between the system and the server so as to realize mobile payment and/or authentication.
Further, the biometric collector includes: image sensor, fingerprint sensor and adapter.
Further, the data security chip includes:
the data encryption module is used for generating new public and private key pairs or encrypting the acquired user biological characteristics and transaction data by using the existing public and private key pairs so as to protect the data from being illegally stolen;
the digital signature module is used for carrying out digital signature on the encrypted data and the user information to ensure the uniqueness and integrity of transaction contents and the non-repudiation of the transaction;
the safe storage area is used for storing the data processed by the data encryption part and the digital signature part;
and the identity authentication module is used for verifying the identity of the user based on the data stored in the secure storage area during payment and also used for verifying the identity of the server side during payment.
In the embodiment of the invention, in order to better encrypt the biological characteristic data, the data security chip only stores the extracted biological characteristic information, and the original image or sound can not be restored through the biological characteristic information. All biological characteristic information is only encrypted by an encryption algorithm in a data encryption module, each chip has a unique secret key, the chip can be written once when leaving a factory, cannot be read and modified from the outside, and cannot be read by any third-party program. Meanwhile, the encrypted and signed data are stored in a safe storage area, and the data in the area cannot be read and modified from the outside, so that the safety of user data is ensured.
Further, the baseband chip includes: a communication chip supporting a wireless communication mode and/or supporting a non-contact communication mode.
Further, the standard transmission interface includes: MIPI interface, I2C or SPI interface.
Further, the terminal devices include mobile phones, tablet computers and other handheld devices.
For ease of understanding, the following description is made in detail with respect to the workflow of the above-described system. The working process is shown in fig. 2, and mainly comprises:
(1) the biological characteristic information is collected through a sensor, and the method mainly comprises the step of collecting characteristics such as human faces, irises, fingerprints, finger veins and voiceprints by utilizing an image sensor or a sound pick-up.
(2) The data security chip encrypts and stores the characteristic information in a security storage area, and data in the area cannot be read and modified from the outside, so that the security of user data is ensured.
(3) When the third-party program carries out payment or related identity authentication, the user acquires biological characteristics through the sensor;
(4) performing authentication, preferably, within the data security zone;
(5) encrypting and digitally signing transaction data and the like provided by a third-party program, transmitting the encrypted and digitally signed data through a baseband chip, verifying the validity of the user identity by a server side, and completing payment or related identity authentication according to a verification result;
(6) to exit or pay again.
On the other hand, in the embodiment of the present invention, according to some requirements of the third-party application program, the third-party application program may call its own algorithm to perform feature extraction, and store the encrypted and signed data in the cloud. The flow is shown in fig. 3, and mainly comprises the following steps:
(1) the third party application issues a collection request.
(2) The system judges whether the application program has the authority, and exits if the application program does not have the authority.
(3) The third party application collects the biometric by its own algorithm through a sensor (i.e., biometric collector). The method mainly comprises the steps of collecting characteristics of a human face, an iris, a fingerprint, a finger vein, a voiceprint and the like by using an image sensor, a fingerprint sensor or a sound pick-up.
(4) The biological characteristics are sent to the data security chip through the transmission interface for encryption, and the data security chip can generate new public and private key pairs for the encryption operation or use the existing public and private key pairs.
(5) Carrying out digital signature on the encrypted feature data, the public key, the user information and the like, and transmitting the signature to the cloud for storage; at this time, whether to store one copy in the secure storage area may also be selected according to the requirement.
(6) When the user pays through the third-party program, the third-party application program collects the user image or sound through the sensor.
(7) The third-party application program extracts the biological characteristic information through a self-owned algorithm;
(8) the biological characteristic information is encrypted through the data security chip, and is transmitted to the cloud end through the baseband chip after being digitally signed.
(9) And verifying the digital signature and the biological characteristic information at the cloud.
(10) And judging whether the payment or the related identity authentication is successfully completed or not according to the verification structure.
(11) To exit or pay again.
In the scheme of the embodiment of the invention, the biological characteristic collector and the data security chip are integrated on one module, so that the integration level is high, and the cost is saved; meanwhile, the security of the related data can be ensured by encrypting the biological characteristics through the data security chip.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (5)

1. A system for providing secure payment functionality to a terminal device, comprising: the system comprises a baseband chip, a standard transmission interface, a biological characteristic collector and a data security chip which are integrated together; wherein:
the biological characteristic collector is used for collecting the characteristics of the face, the iris, the fingerprint, the finger vein and the voiceprint of the user;
the data security chip is used for carrying out data security processing and storage on the acquired biological characteristics of the user and the transaction data and is also used for carrying out user identity verification based on the user characteristics after the data security processing during payment; wherein, the data security chip includes: the data encryption module is used for generating new public and private key pairs or encrypting the acquired user biological characteristics and the transaction data by using the existing public and private key pairs; the digital signature module is used for carrying out digital signature on the encrypted data and the user information; the safe storage area is used for storing the data processed by the data encryption module and the digital signature module; the identity authentication module is used for verifying the identity of the user based on the data stored in the safe storage area during payment and verifying the identity of the server side during payment;
the standard transmission interface is used for realizing data communication between the baseband chip and the biological characteristic collector and the data security chip;
and the baseband chip is used for realizing the data communication between the system and the server so as to realize mobile payment and/or authentication.
2. The system of claim 1, wherein the biometric collector comprises: image sensor, fingerprint sensor and adapter.
3. The system of claim 1, wherein the baseband chip comprises:
a communication chip supporting a wireless communication mode and/or supporting a non-contact communication mode.
4. The system of claim 1, wherein the standard transmission interface comprises:
MIPI interface, I2C or SPI interface.
5. The system of claim 1, wherein the terminal device comprises: cell phones, tablet computers, and other handheld devices.
CN201510654031.3A 2015-10-10 2015-10-10 System for providing safe payment function for terminal equipment Active CN105373924B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510654031.3A CN105373924B (en) 2015-10-10 2015-10-10 System for providing safe payment function for terminal equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510654031.3A CN105373924B (en) 2015-10-10 2015-10-10 System for providing safe payment function for terminal equipment

Publications (2)

Publication Number Publication Date
CN105373924A CN105373924A (en) 2016-03-02
CN105373924B true CN105373924B (en) 2022-04-12

Family

ID=55376103

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510654031.3A Active CN105373924B (en) 2015-10-10 2015-10-10 System for providing safe payment function for terminal equipment

Country Status (1)

Country Link
CN (1) CN105373924B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105827625A (en) * 2016-04-27 2016-08-03 乐视控股(北京)有限公司 Authentication method and authentication system, electronic device based on biological identification information
CN105975838A (en) * 2016-06-12 2016-09-28 北京集创北方科技股份有限公司 Secure chip, biological feature identification method and biological feature template registration method
CN106203033A (en) * 2016-06-29 2016-12-07 联想(北京)有限公司 A kind of mandate wearable device and authorization method
CN107332829B (en) * 2017-06-13 2020-04-24 中国电力科学研究院 Electric vehicle payment information authentication encryption system and method based on biological feature fusion
CN109842491B (en) * 2017-11-28 2021-08-24 上海耕岩智能科技有限公司 Electronic equipment
WO2019196683A1 (en) 2018-04-12 2019-10-17 Oppo广东移动通信有限公司 Method and device for image processing, computer-readable storage medium, and electronic device
CN108573170B (en) * 2018-04-12 2020-06-12 Oppo广东移动通信有限公司 Information processing method and device, electronic equipment and computer readable storage medium
CN108769011A (en) * 2018-05-29 2018-11-06 北京华大智宝电子系统有限公司 A kind of electronic signature equipment, auth method and system
CN110460580B (en) * 2019-07-11 2022-02-22 中国银联股份有限公司 Image acquisition device, server and encryption and decryption methods
CN110544098B (en) * 2019-08-01 2023-04-07 张桓 Novel payment method and device applying vein recognition
CN113034152A (en) * 2021-03-26 2021-06-25 上海云从企业发展有限公司 Transaction method, device, machine readable medium and equipment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101692277A (en) * 2009-10-16 2010-04-07 中山大学 Biometric encrypted payment system and method for mobile communication equipment
CN101901517A (en) * 2009-05-27 2010-12-01 上海点佰趣信息科技有限公司 Fingerprint payment certificate server, fingerprint payment method and system thereof
CN102195778A (en) * 2010-03-16 2011-09-21 无锡指网生物识别科技有限公司 Fingerprint authentication method for Internet electronic payment
CN102542449A (en) * 2011-12-27 2012-07-04 中兴通讯股份有限公司 Wireless communication device and payment authentication method
CN103258269A (en) * 2013-04-09 2013-08-21 深圳市亚略特生物识别科技有限公司 Electronic payment device for mobile equipment
CN204631935U (en) * 2015-05-25 2015-09-09 北京中天信安科技有限责任公司 A kind of safety certification device based on mobile terminal
CN104899737A (en) * 2015-04-21 2015-09-09 安徽新华学院 Fingerprint IRLRD characteristic encryption method, and mobile payment system and method based on encryption method

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101593325A (en) * 2008-05-29 2009-12-02 北京方维银通科技有限公司 Secure processing method for financial transaction data, payment platform, portable terminal and system
US8799666B2 (en) * 2009-10-06 2014-08-05 Synaptics Incorporated Secure user authentication using biometric information
EP2367128B1 (en) * 2010-03-16 2015-10-14 Stepover GmbH Device and method for electronic signatures
US20130054473A1 (en) * 2011-08-23 2013-02-28 Htc Corporation Secure Payment Method, Mobile Device and Secure Payment System
EP2688026A1 (en) * 2012-07-19 2014-01-22 Dagny Halldorsdottir Method of performing a mobile transaction and system for performing a mobile transaction
US20150067786A1 (en) * 2013-09-04 2015-03-05 Michael Stephen Fiske Visual image authentication and transaction authorization using non-determinism
CN203260066U (en) * 2013-04-09 2013-10-30 深圳市亚略特生物识别科技有限公司 Electronic payment device based on fingerprint identification and audio interface
US20150178729A1 (en) * 2013-12-20 2015-06-25 Mediatek Inc. Electronic transaction between a mobile device, a touch panel device and a server
CN104361494A (en) * 2014-11-24 2015-02-18 成都卫士通信息产业股份有限公司 Bank counter authorization and certification method and system based on fingerprint recognition
CN104408615A (en) * 2014-12-10 2015-03-11 福建联迪商用设备有限公司 POS (Point of Sale) transaction method and system adopting fingerprint recognition
CN204302996U (en) * 2014-12-23 2015-04-29 深圳中科讯联科技有限公司 A kind of fingerprint identification device for authentication

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101901517A (en) * 2009-05-27 2010-12-01 上海点佰趣信息科技有限公司 Fingerprint payment certificate server, fingerprint payment method and system thereof
CN101692277A (en) * 2009-10-16 2010-04-07 中山大学 Biometric encrypted payment system and method for mobile communication equipment
CN102195778A (en) * 2010-03-16 2011-09-21 无锡指网生物识别科技有限公司 Fingerprint authentication method for Internet electronic payment
CN102542449A (en) * 2011-12-27 2012-07-04 中兴通讯股份有限公司 Wireless communication device and payment authentication method
CN103258269A (en) * 2013-04-09 2013-08-21 深圳市亚略特生物识别科技有限公司 Electronic payment device for mobile equipment
CN104899737A (en) * 2015-04-21 2015-09-09 安徽新华学院 Fingerprint IRLRD characteristic encryption method, and mobile payment system and method based on encryption method
CN204631935U (en) * 2015-05-25 2015-09-09 北京中天信安科技有限责任公司 A kind of safety certification device based on mobile terminal

Also Published As

Publication number Publication date
CN105373924A (en) 2016-03-02

Similar Documents

Publication Publication Date Title
CN105373924B (en) System for providing safe payment function for terminal equipment
CN107251477B (en) System and method for securely managing biometric data
US10440019B2 (en) Method, computer program, and system for identifying multiple users based on their behavior
US9531710B2 (en) Behavioral authentication system using a biometric fingerprint sensor and user behavior for authentication
US8296573B2 (en) System and method for remote self-enrollment in biometric databases
US9218473B2 (en) Creation and authentication of biometric information
CA2813855C (en) Methods and systems for conducting smart card transactions
US20080305769A1 (en) Device Method & System For Facilitating Mobile Transactions
EP2813961A1 (en) Biometric verification with improved privacy and network performance in client-server networks
CN110998574B (en) Authentication terminal, authentication device, and authentication method and system using the same
CN112232814B (en) Encryption and decryption methods of payment key, payment authentication method and terminal equipment
EP2628133B1 (en) Authenticate a fingerprint image
JP2015138545A (en) Electronic payment system and electronic payment method
CN106936775A (en) A kind of authentication method and system based on fingerprint recognition
JP2011165102A (en) Biometrics authentication system and portable terminal
KR100546775B1 (en) Method for issuing a note of authentication and identification of MOC user using human features
KR101500947B1 (en) Creation and authentication of biometric information
CN115967581A (en) Login verification method and device, electronic equipment and storage medium
CN204904342U (en) System for provide safe function of paying towards terminal equipment
CN107959669B (en) Password verification method for handheld mobile communication device
EP4246404A2 (en) System, user device and method for an electronic transaction
KR20170142983A (en) Method for Providing Appointed Service by using Biometric Information
KR102165105B1 (en) Method for Providing Appointed Service by using Biometric Information
KR20170111942A (en) Electronic commercial transaction authentication method and system by specific infomation related otp
KR101693271B1 (en) Method for Providing Appointed Service by using Biometric Information

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: Room 603, unit 3, 6 / F, building 2, yard 9, FengHao East Road, Haidian District, Beijing 100085

Applicant after: Howell Technology (Beijing) Co.,Ltd.

Applicant after: Beijing Zhongtian Xinan Technology Co., Ltd

Address before: 100085, room two, floor 7, Hao Hai building, No. 201, five street, Haidian District, Beijing

Applicant before: BEIJING SUPERPIX MICRO TECHNOLOGY Co.,Ltd.

Applicant before: Beijing Zhongtian Xinan Technology Co., Ltd

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant