CN105809441A - Online banking transaction method - Google Patents
Online banking transaction method Download PDFInfo
- Publication number
- CN105809441A CN105809441A CN201410836438.3A CN201410836438A CN105809441A CN 105809441 A CN105809441 A CN 105809441A CN 201410836438 A CN201410836438 A CN 201410836438A CN 105809441 A CN105809441 A CN 105809441A
- Authority
- CN
- China
- Prior art keywords
- dynamic password
- background server
- business based
- bank business
- net silver
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The present invention discloses an online banking transaction method, belonging to the field of online banking transactions. The method comprises the steps that an online banking background server generates a two-dimensional code according to the transaction data sent by a PC and sends the two-dimensional code to the PC for displaying; a mobile intelligent terminal scans the two-dimensional code, analyzes the two-dimensional code through the trusted execution environment (TEE), and obtains the analyzed transaction data; then the mobile intelligent terminal prompts a user to input a safety login code, the transaction data is displayed to be confirmed by a user after the verification approval, a first dynamic password OTP is generated by the TEE according to the transaction data after user confirmation, then the first dynamic password OTP is sent to the online banking background server, and the online banking background server verifies the password and then carries out online banking transaction. According to the method, the analysis of the transaction information and the generation of the dynamic password are completed through the TEE of the mobile intelligent terminal, and the safety of the transaction is greatly improved.
Description
Technical field
The present invention relates to Net silver technical field, be specifically related to a kind of network bank business based method.
Background technology
Net silver and Web bank, refer to the financial service that bank is provided by information network, including traditional bank business and the emerging service that brings because of information technology application.Along with the needs that fast development and the people of network live, Net silver has become as an indispensable part in people's daily life and work, can be stayed indoors by Net silver user application and just can complete required various transaction easily, such as online payment, transfer accounts.
In order to better ensure network bank business based safety, dynamic password OTP arises at the historic moment.Traditional network bank business based based on OTP, its flow process is connected when being traded generally by the browser of PC with Net silver background server, Net silver background server can generate a dynamic password according to the transaction data of user and store, and transaction data is sent in dynamic token, dynamic token can also generate a dynamic password according to the transaction data received, the dynamic password that dynamic token generates is input on PC transaction interface by user, and it is sent to Net silver background server, by Net silver background server, the dynamic password of its generation is compared with the dynamic password received, carry out the checking of dynamic password, if both unanimously, are verified, server completes subsequent transaction according to transaction data.But this transaction needs to rely on dynamic token to be completed, and adopts this network bank business based mode to rely on the interaction of PC operating system and background server, and the safety of process of exchange still can not well be ensured.
Summary of the invention
For the defect existed in prior art, it is an object of the invention to provide a kind of new network bank business based method, network bank business based safety can be effectively improved by the method.
For achieving the above object, the technical solution used in the present invention is: a kind of network bank business based method, comprises the following steps:
(1) user logs in network bank business based interface by PC, PC receives the network bank business based request of user, and described network bank business based request is sent to Net silver background server, Net silver background server generates Quick Response Code according to the transaction data of described network bank business based request, and Quick Response Code is sent to PC on display;
(2) first mobile intelligent terminals scan described Quick Response Code by photographic head, the Quick Response Code that scanning obtains is sent to its credible execution environment TEE and resolves, the transaction data after being resolved;Described first mobile intelligent terminal includes Mobile operating system and credible execution environment TEE;
(3) first mobile intelligent terminal prompting users input the secure log code of credible execution environment TEE, and secure log code is verified, and after being verified, are shown on mobile intelligent terminal by the transaction data after described parsing and confirm for user;
(4) user confirms that on the first mobile intelligent terminal after the transaction data of display, described credible execution environment TEE generates the first dynamic password OTP according to transaction data;
(5) described first dynamic password OTP being sent to Net silver background server, described first dynamic password OTP is verified by Net silver background server, after being verified, carries out network bank business based according to described transaction data.
Optionally, a kind of network bank business based method as above, in step (5), described first dynamic password OTP is sent to Net silver background server, including:
Dynamic password is input to the network bank business based interface of PC, by PC, described first dynamic password OTP is sent to Net silver background server.
Optionally, a kind of network bank business based method as above, in step (5), described first dynamic password OTP is sent to Net silver background server, including:
User logs in described network bank business based interface by described first mobile intelligent terminal, by the first mobile intelligent terminal, described first dynamic password OTP is sent to Net silver background server.
Optionally, a kind of network bank business based method of Net silver as above, in step (5), described first dynamic password OTP is sent to Net silver background server, including:
User logs in described network bank business based interface by the second mobile intelligent terminal, by the second mobile intelligent terminal, described first dynamic password OTP is sent to Net silver background server.
Optionally, a kind of network bank business based method of Net silver as above, in step (3), described secure log code includes character, recognition of face, fingerprint recognition or pattern.
Optionally, a kind of network bank business based method of Net silver as above, in step (1), after Net silver background server receives described network bank business based request, generate the second dynamic password OTP according to the transaction data of network bank business based request and store;In step (5), described first dynamic password OTP is verified by Net silver background server, including:
The the first dynamic password OTP received is compared by Net silver background server with described second dynamic password, if both are identical, is then verified.
The beneficial effects of the present invention is: method of the present invention, in Net silver process, parsing and the digital signature of Transaction Information is completed by the credible execution environment TEE of mobile intelligent terminal, network bank business based safety can be effectively provided, and in process of exchange, by performing twice at equipment safety verification, further ensure transaction and completed by terminal use, further improve transaction security.
Accompanying drawing explanation
The flow chart of the Fig. 1 a kind of network bank business based method for providing in the embodiment of the present invention;
The schematic diagram of the Fig. 2 a kind of network bank business based system for providing in the embodiment of the present invention.
Detailed description of the invention
Below in conjunction with Figure of description, the present invention is described in further detail with detailed description of the invention.
Fig. 1 illustrates the flow chart of a kind of network bank business based method provided in the embodiment of the present invention, and the method may comprise steps of:
Step S100: Net silver background server generates Quick Response Code according to transaction data and Quick Response Code is sent to PC on display;
In the present embodiment, first user logs in Net silver by the Net silver page in personal computer PC, after login, the PC that requires over according to oneself sends network bank business based request to Net silver background server, wherein, network bank business based request includes transaction data, and transaction data mainly includes Transaction Name (as transferred accounts on the net or online payment etc.), dealing money and Transaction Account number etc..Wherein, Net silver background server refers to the background server that Net silver is corresponding, is typically all the background server referring to bank, and the Net silver background server in the present embodiment includes verifying dynamic password server simultaneously.The described Net silver page includes the webpage version Internet bank (including Private Banking's masses' version, personal version, E-commerce Specialty version etc.) and Net silver client and APP, and Net silver client includes popular version and professional version etc. equally.
After Net silver background server receives the PC network bank business based request sent, generate Quick Response Code according to the transaction data of described network bank business based request, and Quick Response Code is sent to PC on display.Wherein, Net silver background server generates Quick Response Code according to transaction data, it is possible to be that the transaction data filled according to user generates, it is also possible to be directly generate according to network bank business based webpage, as user has needed online payment, it is possible to directly according to e-Bank payment auto-building html files Quick Response Code.
In this step, Net silver background server, after receiving described network bank business based request, also can generate the second dynamic password according to transaction data, and be stored by the second dynamic password, in order to the follow-up checking carrying out dynamic password.
Step S200: the first mobile intelligent terminal is obtained by photographic head and resolves described Quick Response Code in its credible execution environment TEE;
In the present embodiment, described first mobile intelligent terminal includes Mobile operating system (such as Android operation system, IOS etc.) and credible execution environment TEE (TrustedExecutionEnvironment) simultaneously.
After the display screen of PC demonstrates Quick Response Code, the first mobile intelligent terminal scans described Quick Response Code by its photographic head, and is sent in the credible execution environment TEE of mobile intelligent terminal by the Quick Response Code that obtains of scanning and resolves, the transaction data after being resolved.
User is carried out authentication by the step S300: the first mobile intelligent terminal;
After first mobile intelligent terminal obtains described transaction data by step S200, the credible execution environment TEE platform of mobile intelligent terminal can point out user to input the secure log code of credible execution environment TEE by the display screen of mobile intelligent terminal equipment, after user's input, described secure log code is verified by credible execution environment TEE platform, after being verified, again the transaction data after described parsing is shown on the display screen of mobile intelligent terminal, for user, described transaction data is carried out examination & verification and confirm.
In the present embodiment, described safety verification code refers to the login password needed when user signs in the credible execution environment TEE platform of mobile intelligent terminal.The credible execution environment TEE platform of mobile intelligent terminal prestores the login password logging in this platform of user setup, user is when needs log in this platform, need to input the login password of its setting, credible execution environment TEE platform is by login password user inputted and its login password comparison prestored, if both are consistent, then illustrating that Password Input is correct, user can log in credible execution environment TEE platform, otherwise login failure.Wherein, described secure log code can be character (numeral and/or word password), recognition of face, fingerprint recognition or pattern etc..
Step S400: after user confirms transaction data, the first mobile intelligent terminal utilizes its credible execution environment TEE to generate the first dynamic password OTP according to transaction data;
Step S500: described first dynamic password OTP is sent to Net silver background server, described first dynamic password OTP is verified by Net silver background server, after being verified, carries out network bank business based according to described transaction data.
User is after signing in the credible execution environment TEE platform of the first mobile intelligent terminal, TEE is credible, and transaction data is shown on the display screen of the first mobile intelligent terminal by execution environment, the information such as such as trading account, account, dealing money, the transaction data of display is checked by user, if confirmation, first mobile intelligent terminal carries out confirm operation, after the credible execution environment TEE platform of the first mobile intelligent terminal receives the confirmation instruction of user afterwards, carry out OTP correlation computations according to described transaction data, generate the first dynamic password OTP.Wherein, dynamic password be generated as employing prior art.
After completing the generation of the first dynamic password OTP, information after signature is sent to Net silver background server, after Net silver background server receives the information after described signature, this information is verified, carries out according to described transaction data follow-up network bank business based after being verified.Wherein the described first dynamic password OTP process being verified is by Net silver background server: described second dynamic password in the first dynamic password OTP received and step S100 is compared by the verifying dynamic password server in Net silver background server, if both are identical, then it is verified.
The present embodiment provides three kinds information after credible execution environment TEE signs is sent to the mode of Net silver background server:
The first is: the first dynamic password OTP is input to the network bank business based interface of PC by user, by PC, described first dynamic password OTP is sent to Net silver background server;
The second, user signs in described network bank business based interface by described first mobile intelligent terminal, and on the described network bank business based interface of the first mobile intelligent terminal, input the first dynamic password OTP, by the first mobile intelligent terminal, described first dynamic password OTP is sent to Net silver background server;
The third, user logs in described network bank business based interface by the second mobile intelligent terminal, and on the described network bank business based interface of the second mobile intelligent terminal, input the first dynamic password OTP, by the second mobile intelligent terminal, described first dynamic password OTP is sent to Net silver background server.
Wherein, the second is required for user with the third and logs in the described network bank business based page on the first mobile intelligent terminal or the second mobile intelligent terminal, to set up the connection between itself and Net silver background server, such as carrying out network bank business based bank is agricultural bank, user can pass through to install Mobile banking of agricultural bank application app on the first or second mobile intelligent terminal, then pass through wireless network and connect bank's background server, the dynamic password that user inputs is sent to bank's background server.And the first can be directly input dynamic password on the network bank business based interface logged in before, therefore, it is generally preferable to first kind of way.
In the present embodiment, described first mobile intelligent terminal includes but not limited to smart mobile phone and panel computer, it is also possible to be that other can carry out having Quick Response Code scan function and contain Mobile operating system and the terminal unit of credible execution environment TEE simultaneously.
In the said method provided in the embodiment of the present invention, step S200-S400 is completed by the credible execution environment TEE of mobile intelligent terminal, does not use Mobile operating system control, effectively increases the safety of transaction.
Corresponding with the method shown in Fig. 1, the embodiment of the present invention additionally provides a kind of network bank business based system, as in figure 2 it is shown, this system includes PC100, Net silver background server 200 and the first mobile intelligent terminal 300.
Described PC100 includes data transmit-receive module 101 and Quick Response Code display module 102.
Data transmit-receive module 101, for, after user logs in network bank business based interface by PC, receiving the network bank business based request of user, and described network bank business based request be sent to Net silver background server;It is additionally operable to receive the Quick Response Code that Net silver background server sends;
Quick Response Code display module 102, is used for showing described Quick Response Code.
Described Net silver background server 200 includes two-dimensional code generation module the 201, second dynamic password generation module 202 and verifying dynamic password module 203.
Two-dimensional code generation module 201, for generating Quick Response Code according to the transaction data of described network bank business based request, and is sent to PC on display by Quick Response Code;
Second dynamic password generation module 202, generates the second dynamic password OTP for the transaction data according to network bank business based request and stores;
Verifying dynamic password module 203, for receiving and verifying the first dynamic password OTP received, after being verified, carries out network bank business based according to described transaction data;This module includes:
Verifying dynamic password unit: for the first dynamic password OTP received is compared with described second dynamic password, if both are identical, be then verified.
Described first mobile intelligent terminal 300 includes Quick Response Code parsing module 301, secure verification module 302, data display confirmation module 303 and the first dynamic password generation module 304.
Quick Response Code parsing module 301, for scanning the Quick Response Code of display on PC by photographic head, resolves the credible execution environment TEE that the Quick Response Code that scanning obtains is sent to the first mobile intelligent terminal, the transaction data after being resolved;Described mobile intelligent terminal includes Mobile operating system and credible execution environment TEE;
Secure verification module 302, for pointing out user the secure log code inputting credible execution environment TEE, and is verified secure log code;Described secure log code includes character, recognition of face, fingerprint recognition or pattern.
Data display confirms module 303, for, after secure log code is verified, being shown on mobile intelligent terminal by the transaction data after described parsing and confirm for user;
User, first dynamic password generation module 304, for confirming that on the first mobile intelligent terminal after the transaction data of display, described credible execution environment TEE generates the first dynamic password OTP. according to transaction data
Additionally, the network bank business based system described in the present embodiment also includes one first dynamic password sending module, this module is for being sent to Net silver background server 200 by described first dynamic password OTP.Wherein, this first dynamic password sending module can be provided in PC, after dynamic password is input to the network bank business based interface of PC by user, described first dynamic password OTP is sent to Net silver background server;Or described first dynamic password sending module can be arranged in described first mobile intelligent terminal, after user is logged in described network bank business based interface by described first mobile intelligent terminal and dynamic password is input to the network bank business based interface of the first mobile intelligent terminal, described first dynamic password OTP is sent to Net silver background server;Or described first dynamic password sending module is arranged in the second mobile intelligent terminal, after being logged in described network bank business based interface for user by described second mobile intelligent terminal and dynamic password is input to the network bank business based interface of the second mobile intelligent terminal, described first dynamic password OTP is sent to Net silver background server by block.
Obviously, the present invention can be carried out various change and modification without deviating from the spirit and scope of the present invention by those skilled in the art.So, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technology thereof, then the present invention is also intended to comprise these change and modification.
Claims (6)
1. a network bank business based method, comprises the following steps:
(1) user logs in network bank business based interface by PC, PC receives the network bank business based request of user, and described network bank business based request is sent to Net silver background server, Net silver background server generates Quick Response Code according to the transaction data of described network bank business based request, and Quick Response Code is sent to PC on display;
(2) first mobile intelligent terminals scan described Quick Response Code by photographic head, the Quick Response Code that scanning obtains is sent to its credible execution environment TEE and resolves, the transaction data after being resolved;Described first mobile intelligent terminal includes Mobile operating system and credible execution environment TEE;
(3) first mobile intelligent terminal prompting users input the secure log code of credible execution environment TEE, and secure log code is verified, and after being verified, are shown on mobile intelligent terminal by the transaction data after described parsing and confirm for user;
(4) user confirms that on the first mobile intelligent terminal after the transaction data of display, described credible execution environment TEE generates the first dynamic password OTP according to transaction data;
(5) described first dynamic password OTP being sent to Net silver background server, described first dynamic password OTP is verified by Net silver background server, after being verified, carries out network bank business based according to described transaction data.
2. a kind of network bank business based method of Net silver according to claim 1, it is characterised in that in step (5), described first dynamic password OTP is sent to Net silver background server, including:
Dynamic password is input to the network bank business based interface of PC, by PC, described first dynamic password OTP is sent to Net silver background server.
3. the network bank business based method of one according to claim 1, it is characterised in that in step (5), is sent to Net silver background server by described first dynamic password OTP, including:
User logs in described network bank business based interface by described first mobile intelligent terminal, by the first mobile intelligent terminal, described first dynamic password OTP is sent to Net silver background server.
4. the network bank business based method of one according to claim 1, it is characterised in that in step (5), is sent to Net silver background server by described first dynamic password OTP, including:
User logs in described network bank business based interface by the second mobile intelligent terminal, by the second mobile intelligent terminal, described first dynamic password OTP is sent to Net silver background server.
5. the network bank business based method of one according to claim 1, it is characterised in that in step (3), described secure log code includes character, recognition of face, fingerprint recognition or pattern.
6. according to the network bank business based method of the one one of claim 1 to 5 Suo Shu, it is characterized in that, in step (1), after Net silver background server receives described network bank business based request, generate the second dynamic password OTP according to the transaction data of network bank business based request and store;In step (5), described first dynamic password OTP is verified by Net silver background server, including:
The the first dynamic password OTP received is compared by Net silver background server with described second dynamic password, if both are identical, is then verified.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410836438.3A CN105809441A (en) | 2014-12-29 | 2014-12-29 | Online banking transaction method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410836438.3A CN105809441A (en) | 2014-12-29 | 2014-12-29 | Online banking transaction method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105809441A true CN105809441A (en) | 2016-07-27 |
Family
ID=56980660
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410836438.3A Pending CN105809441A (en) | 2014-12-29 | 2014-12-29 | Online banking transaction method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105809441A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102054258A (en) * | 2010-12-16 | 2011-05-11 | 中国建设银行股份有限公司 | Electronic bank safety certificating method and system based on mobile equipment |
| CN103152330A (en) * | 2013-02-07 | 2013-06-12 | 百度在线网络技术(北京)有限公司 | Login method, login system and cloud server |
| CN103218740A (en) * | 2013-03-13 | 2013-07-24 | 北京宏基恒信科技有限责任公司 | Trading system, method and device using two-dimension codes |
| CN104102876A (en) * | 2014-07-17 | 2014-10-15 | 北京握奇智能科技有限公司 | Device for safeguarding operational security of client side |
-
2014
- 2014-12-29 CN CN201410836438.3A patent/CN105809441A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102054258A (en) * | 2010-12-16 | 2011-05-11 | 中国建设银行股份有限公司 | Electronic bank safety certificating method and system based on mobile equipment |
| CN103152330A (en) * | 2013-02-07 | 2013-06-12 | 百度在线网络技术(北京)有限公司 | Login method, login system and cloud server |
| CN103218740A (en) * | 2013-03-13 | 2013-07-24 | 北京宏基恒信科技有限责任公司 | Trading system, method and device using two-dimension codes |
| CN104102876A (en) * | 2014-07-17 | 2014-10-15 | 北京握奇智能科技有限公司 | Device for safeguarding operational security of client side |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20190179652A1 (en) | Helper software developer kit for native device hybrid applications | |
| US10235672B2 (en) | Securely receiving from a remote user sensitive information and authorization to perform a transaction using the sensitive information | |
| TWI634496B (en) | Data processing method, device and system thereof | |
| US9799029B2 (en) | Securely receiving data input at a computing device without storing the data locally | |
| KR20190014124A (en) | Two factor authentication | |
| TWI633506B (en) | A message sending method, system and device thereof | |
| CN105809419A (en) | Online banking transaction system | |
| CN108667622A (en) | Electron underwriting authentication method, system, computer equipment and storage medium | |
| AU2016324490A1 (en) | System for validating a biometric input | |
| JP6704009B2 (en) | Mobile payment method using barcodes, device, and server for using the method | |
| US9894053B2 (en) | Method and system for authenticating service | |
| CN104468531A (en) | Authorization method, device and system for sensitive data | |
| CN105809433A (en) | Online banking transaction method | |
| CN107241306B (en) | Man-machine identification method, server, client and man-machine identification system | |
| CN111523102B (en) | Applet login method, device, equipment and computer readable storage medium | |
| WO2020073078A1 (en) | Secure service interaction | |
| US20150100490A1 (en) | Computer-based method for linking user account information from a mobile computing device | |
| CN110351672A (en) | Information-pushing method, device and electronic equipment | |
| CN101321066B (en) | Information safety device for internetwork communication | |
| KR101027228B1 (en) | User-authentication apparatus for internet security, user-authentication method for internet security, and recorded medium recording the same | |
| JP6657265B2 (en) | Method and apparatus for service authentication | |
| CN112968797A (en) | Application configuration method, system and storage medium of cloud service software | |
| KR101459283B1 (en) | 2 Channel authentication device and method | |
| CN115175183B (en) | Authentication method and authentication device based on 5G message | |
| TWI665624B (en) | Online mall identity verification method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160727 |