CN105897721B - Verify the method and device of fiscard user identity reliability - Google Patents

Verify the method and device of fiscard user identity reliability Download PDF

Info

Publication number
CN105897721B
CN105897721B CN201610289386.1A CN201610289386A CN105897721B CN 105897721 B CN105897721 B CN 105897721B CN 201610289386 A CN201610289386 A CN 201610289386A CN 105897721 B CN105897721 B CN 105897721B
Authority
CN
China
Prior art keywords
data
fiscard
authentication
result
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610289386.1A
Other languages
Chinese (zh)
Other versions
CN105897721A (en
Inventor
陈明宇
熊飞
张雲瑞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdian Yuntong Financial Electronic Co Ltd
Original Assignee
Guangdian Yuntong Financial Electronic Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdian Yuntong Financial Electronic Co Ltd filed Critical Guangdian Yuntong Financial Electronic Co Ltd
Priority to CN201610289386.1A priority Critical patent/CN105897721B/en
Publication of CN105897721A publication Critical patent/CN105897721A/en
Priority to PCT/CN2017/082457 priority patent/WO2017190633A1/en
Application granted granted Critical
Publication of CN105897721B publication Critical patent/CN105897721B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources

Abstract

A kind of method and device for verifying fiscard user identity reliability, this is comprising steps of be sent to fiscard for the reply data that fiscard needs, it is interacted with fiscard and obtains the cyphertext responses information including card number information, the first application cryptogram, receive the trading password information of user's input;Cyphertext responses information, trading password information and reply data are sent to card issuer's server, it is interacted with card issuer's server and obtains the first authentication result and the first authentication data, first authentication data is sent to fiscard, obtain the second authentication result obtained after fiscard is verified based on first authentication data, according to the first authentication result, the second authentication result, the legitimacy of user identity is determined.The embodiment of the present invention does not need additional hardware device, can it is convenient, fast, be reliably completed verifying to user identity and distribution, avoid because of security risk brought by fraud, protect information security.

Description

Verify the method and device of fiscard user identity reliability
Technical field
The present invention relates to information security field, more particularly to a kind of method for verifying fiscard user identity reliability, A kind of device for verifying fiscard user identity reliability.
Background technique
As constantly improve for computer network is increasingly mature with Intemet data traffic industrial chain, cell phone internet is used Family is increasing, and the verifying of user identity reliability is also faced with stern challenge.For example, Mobile banking steps in financial field It the transaction such as records, transfer accounts, inquiring, managing money matters and all suffering from identity legitimacy verifying, part bank is when Mobile banking transfers accounts at present The legitimacy that user identity is verified by the U-shield of bank's excess issue not only increases cost, and U-shield also needs with oneself It carries, it is easy to be lost, increase the use difficulty of user.There are also other fields, such as personal credit evaluation platform, verifying is used Family identity legitimacy needs bank card, U-shield and mobile phone, if user does not handle U-shield and will have certain risk of leakage.This Outside, in mobile payment field, the problem of user identity legitimate verification is similarly faced.
For mobile device end, the transaction such as mobile phone Web bank, shopping pay, transfer accounts all suffer from user's identity legitimacy and test The problem of card, some realize verifying only by username and password, verify somewhat by SMS transmission identifying code, These modes are all easy to be intercepted, and mobile phone is also easy to be stolen, somewhat by U shield for bank or distribution encrypting module verifying The legitimacy of user identity, not only increases the difficulty of user's carrying, and increases the cost of user.
Summary of the invention
Based on this, a kind of method for being designed to provide verifying fiscard user identity reliability of the embodiment of the present invention, A kind of device for verifying fiscard user identity reliability, can be fast reliably to the legitimacy of the identity of financial card user It is verified, protects information security.
In order to achieve the above objectives, the embodiment of the present invention uses following technical scheme:
A method of verifying fiscard user identity reliability, comprising steps of
Obtain data corresponding with the data type of data of financial card request terminal transmission, and using the data of acquisition as Reply data is sent to the fiscard;
The cyphertext responses information that the fiscard returns is received, the cyphertext responses information includes the card number of the fiscard Information, the fiscard carry out the first application cryptogram of encryption acquisition with storage Si Yue to the reply data;
Receive the trading password information of the fiscard of user's input;
Checking request is sent to card issuer's server of the fiscard, the checking request includes that first application is close Literary, the described card number information, the trading password information and the reply data;
Receive the auth response that card issuer's server is returned according to the checking request, the auth response includes the One authentication result and the first authentication data, first authentication result include: card issuer's server obtain storage with The corresponding Si Yue of the card number information, using the Si Yue to the reply data carry out encryption obtain the second application cryptogram after, will Second application cryptogram be compared with first application cryptogram acquisition card people's consistency desired result result, to it is described transaction it is close Code information carry out verification acquisition password correctness check results, first authentication data include second application cryptogram and Verification result mark;
First authentication data is sent to the fiscard, and receives the fiscard and identifies the verification result Processing acquisition process data is carried out with first application cryptogram, encryption acquisition is carried out to the process data with storage Si Yue The second determining certification is compared after second authentication data, by second authentication data and first authentication data to tie Fruit;
According to first authentication result, second authentication result, the legitimacy of fiscard user identity is determined.
A method of verifying fiscard user identity reliability, comprising steps of
The reply data that terminal is sent is received, the reply data includes that the terminal is sent according to financial card request terminal Data data type obtain data corresponding with the data type;
Encryption is carried out to the reply data with storage Si Yue and obtains the first application cryptogram, and is close to terminal return Literary response message, the cyphertext responses information include the card number information of the fiscard of storage, first application cryptogram;
The first authentication data that the terminal is sent is received, first authentication data includes the second application cryptogram and tests Demonstrate,prove result mark;
Verification result mark is subjected to processing with first application cryptogram and obtains process data, with storage Si Yue Encryption is carried out to the process data and obtains the second authentication data, and by second authentication data and first authentication data into Row, which compares, determines the second authentication result;
Second authentication result is sent to the terminal, by the terminal according to second authentication result and hair The first authentication result that card side's server returns determines the legitimacy of fiscard user identity.
A method of verifying fiscard user identity reliability, comprising steps of
Receive terminal send checking request, the checking request include the first application cryptogram, fiscard card number information, Trading password information and reply data;
It obtains Si Yue corresponding with the card number information, encryption acquisition second is carried out to the reply data using the Si Yue Application cryptogram, and second application cryptogram is compared to acquisition card people's consistency desired result result with first application cryptogram;
Verification is carried out to the trading password information and obtains password correctness check results;
Auth response is generated, the auth response includes the first authentication result and the first authentication data, and described first recognizes Demonstrate,proving result includes card people's consistency desired result result, the password correctness check results, and first authentication data includes Second application cryptogram and verification result mark;
Return to the auth response to the terminal, by the terminal by first authentication data be sent to fiscard, After the second authentication result for receiving fiscard return, gold is determined according to first authentication result, second authentication result Melt the legitimacy of card user identity.
A kind of device for verifying fiscard user identity reliability, comprising:
Data acquisition module, for obtaining data corresponding with the data type of data of financial card request terminal transmission;
Terminal first information interactive module, data for obtaining the data acquisition module are as reply data to institute Fiscard transmission is stated, and receives the cyphertext responses information that the fiscard returns, the cyphertext responses information includes the finance The card number information of card, the fiscard carry out the first application cryptogram of encryption acquisition with storage Si Yue to the reply data; Received first authentication data of the second information exchange module of terminal is sent to the fiscard, and receives the fiscard and returns The second authentication result;
Encrypted message receiving module, the trading password information of the fiscard for receiving user's input;
The second information exchange module of terminal, it is described for sending checking request to card issuer's server of the fiscard Checking request includes first application cryptogram, the card number information, the trading password information and the reply data;And Receive the auth response that card issuer's server is returned according to the checking request;
Validity decision module, for determining that fiscard is used according to first authentication result, second authentication result The legitimacy of family identity;
The auth response includes the first authentication result and the first authentication data, and first authentication result includes: institute Card issuer's server is stated to obtain the Si Yue corresponding with the card number information of storage, carry out the reply data using the Si Yue The card people one of acquisition is compared after encryption the second application cryptogram of acquisition, by second application cryptogram with first application cryptogram Cause property check results, the password correctness check results that verification acquisition is carried out to the trading password information, first certification Data include second application cryptogram and verification result mark;
The verification result is identified by the fiscard and is handled with first application cryptogram by the second authentication result Obtain process data, with storage Si Yue to the process data carry out encryption obtain the second authentication data after, by described second Authentication data and first authentication data compare determination.
A kind of device for verifying fiscard user identity reliability, comprising:
Card client information interactive module, receives the reply data that terminal is sent, the reply data include the terminal according to The data corresponding with the data type that the data type for the data that financial card request terminal is sent obtains, and to the terminal Cyphertext responses information is returned to, the cyphertext responses information includes the card number information of the fiscard of storage, the generation of card end encrypting module The first application cryptogram;And the first authentication data that the terminal is sent is received, first authentication data is answered including second It is identified with ciphertext and verification result, and second authentication result is sent to the terminal, by the terminal according to certification The first authentication result that the second authentication result and card issuer's server that module determines return determines fiscard user identity Legitimacy;
Process data determining module being handled with first application cryptogram for identifying the verification result, being obtained Obtain process data;
Card end encrypting module obtains described first using close for carrying out encryption to the reply data with storage Si Yue Text, and encryption is carried out to the process data with the Si Yue of storage and obtains the second authentication data;
Authentication module determines described second for comparing second authentication data and first authentication data Authentication result.
A kind of device for verifying fiscard user identity reliability, comprising:
Server-side information exchange module, for receiving the checking request of terminal transmission, the checking request is answered including first With ciphertext, the card number information of fiscard, trading password information and reply data, and tested what auth response generation module generated Card response is sent to the terminal, and the first authentication data in auth response is sent to fiscard by the terminal, is received After the second authentication result that fiscard returns, determined according to the first authentication result, second authentication result in auth response The legitimacy of fiscard user identity;
Block people's consistency desired result module, for obtaining Si Yue corresponding with the card number information, using the Si Yue to described Reply data carries out encryption and obtains the second application cryptogram, and second application cryptogram is compared with first application cryptogram Obtain card people's consistency desired result result;
Cryptographic check module obtains password correctness check results for carrying out verification to the trading password information;
Auth response generation module, for generating the auth response, the auth response include the first authentication result with And first authentication data, first authentication result include card people's consistency desired result result, password correctness verification As a result, first authentication data includes second application cryptogram and verification result mark.
According to the scheme of embodiment present invention as described above, additional hardware device is not needed, uses existing gold Melt card combination terminal (such as smart phone), can it is convenient, fast, be reliably completed to the identity of financial card user and testing for distribution Card avoids because of security risk brought by fraud, protects information security.The verifying finance card user body of the embodiment of the present invention The method and apparatus of part reliability, are applicable to the fields such as mobile payment, in conjunction with NFC technique, realize user's body to fiscard Part is verified, and the safety of mobile payment is improved.
Detailed description of the invention
Fig. 1 is the working environment schematic diagram of the present invention program in one embodiment;
Fig. 2 is the composed structure schematic diagram of terminal in one embodiment;
Fig. 3 is the composed structure schematic diagram of card issuer's server in one embodiment;
Fig. 4 is the flow diagram of the method for verifying fiscard user identity reliability of the invention in one embodiment;
Fig. 5 is the process signal of the method for verifying fiscard user identity reliability of the invention in another embodiment Figure;
Fig. 6 is the process signal of the method for verifying fiscard user identity reliability of the invention in another embodiment Figure;
Interaction flow schematic diagram when Fig. 7 is the verifying user identity reliability an of specific example;
Fig. 8 is the structural schematic diagram of the device of verifying fiscard user identity reliability of the invention in one embodiment.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention more comprehensible, with reference to the accompanying drawings and embodiments, to this Invention is described in further detail.It should be appreciated that the specific embodiments described herein are only used to explain the present invention, And the scope of protection of the present invention is not limited.
Fig. 1 shows the working environment schematic diagram in one embodiment of the invention.The working environment is related to fiscard 101 (such as financial IC card, or the financial card with information storage function), terminal 102 (such as smart phone) and card issuer's server 103, while may also relate to cloud payment platform 100, fiscard 101 is carried out by near-field communication modes (NFC) and terminal 102 Interaction, realize 101 side of fiscard identity reliability verifying, terminal 102 by network directly with card issuer's server 103 into Row interaction, or interacted via cloud payment platform 100 and card issuer's server 103, to realize card issuer's server The identity reliability demonstration of 103 sides.The embodiment of the present invention is what is involved is terminal 102 when needing using fiscard 101 The scheme that fiscard user identity reliability is verified.
The structural schematic diagram of terminal 102 in one embodiment is as shown in Figure 2.The terminal includes being connected by system bus Processor, power supply module, storage medium, memory, communication interface, display screen and input equipment.Wherein, the storage of terminal is situated between Operating system and a kind of device for verifying fiscard user identity reliability are stored in matter, which can Device by property is for realizing a kind of method for verifying fiscard user identity reliability.The communication interface of terminal is used for and hair fastener 100 connection communication of square server 103 or cloud payment platform.Input information of the input equipment of terminal to receive user, Such as the trading password information in the embodiment of the present invention.The difference of type of the input equipment based on user terminal can not Together.User terminal can be mobile terminal, such as mobile phone, tablet computer etc.;It is also possible to other equipment with above structure.
The structural schematic diagram of card issuer's server 103 in one embodiment is as shown in Figure 3.Server 103 includes passing through Processor, power supply module, storage medium, memory and the communication interface of system bus connection.Wherein, the storage of server 103 is situated between Matter is stored with operating system, database and a kind of device for verifying fiscard user identity reliability, which is used for and terminal 102,101 cooperating of fiscard, and realize a kind of method for verifying fiscard user identity reliability.Server 103 leads to Letter interface is for being attached and communicating with terminal 102 or cloud payment platform 100.
The flow diagram of the method for the verifying fiscard user identity reliability in one embodiment is shown in Fig. 4, It is to be illustrated by taking the treatment process of terminal 102 as an example in the embodiment.
As shown in figure 4, the method in the embodiment includes:
Step S401: data corresponding with the data type of data that financial card request terminal is sent are obtained, and will be obtained Data sent as reply data to the fiscard;
Step S402: the cyphertext responses information that the fiscard returns is received, the cyphertext responses information includes the gold Card number information, the fiscard for melting card are close with the first application that Si Yue carries out encryption acquisition to the reply data is stored Text;
Step S403: the trading password information of the fiscard of user's input is received;
Step S404: checking request is sent to card issuer's server of the fiscard, the checking request includes described First application cryptogram, the card number information, the trading password information and the reply data;
Step S405: the auth response that card issuer's server is returned according to the checking request, the verifying are received Response includes the first authentication result and the first authentication data, and first authentication result includes: that card issuer's server obtains It takes the Si Yue corresponding with the card number information of storage, the second application of encryption acquisition is carried out to the reply data using the Si Yue Be compared after ciphertext, by second application cryptogram with first application cryptogram acquisition card people consistency (fiscard with hold Card people it is consistent) check results, to the trading password information carry out verification acquisition password correctness check results, described first Authentication data includes second application cryptogram and verification result mark;
Step S406: first authentication data is sent to the fiscard, and receives the fiscard and is tested described Card result mark with first application cryptogram carry out processing obtain process data, with storage Si Yue to the process data into Row encryption obtain the second authentication data after, second authentication data and first authentication data compared determining the Two authentication results;
Step S407: according to first authentication result, second authentication result, the conjunction of fiscard user identity is determined Method.
According to the scheme of embodiment present invention as described above, additional hardware device is not needed, uses existing gold Melt card combination terminal, can it is convenient, fast, be reliably completed verifying to fiscard user identity and distribution, avoid because taking advantage of Security risk brought by cheating, protects information security.
In view of the safety of terminal and financial cartoon letters, in a specific example, terminal can pass through near-field communication (Near Field Communication, is abbreviated as NFC, near field communication (NFC)) interacts with fiscard.On and Stating reply data can also be obtained based on the demand of fiscard.
Accordingly, in a specific example, as shown in figure 4, the method in the present embodiment is also before above-mentioned steps S401 May include:
Step S4002: pass through fiscard sending application order of the near-field communication near field communication range;
Step S4003: receiving the utility command response message that the fiscard is returned based on the utility command, described to answer With the information for the data type in command response message including the data for requiring terminal to send.
As it can be seen that being based on this embodiment scheme, terminal and fiscard are interacted by near-field communication, and then may insure gold Melt the safety of communication process between card and terminal.Furthermore, it is possible to allow fiscard to be communicated with terminal again when needed.According to This, as shown in figure 4, can also include: before above-mentioned steps S4002
Step S4001: the prompt information by fiscard close to terminal near-field communication induction region is provided.
The process signal of the method for the verifying fiscard user identity reliability in another embodiment is shown in Fig. 5 Scheme, in the embodiment is illustrated by taking the treatment process of fiscard 101 as an example.
As shown in figure 5, the method in the embodiment includes:
Step S501: the reply data that terminal is sent is received, the reply data includes that the terminal is wanted according to fiscard The data corresponding with the data type that the data type for the data for asking terminal to send obtains;
Step S502: encryption is carried out to the reply data with storage Si Yue and obtains the first application cryptogram, and to described Terminal returns to cyphertext responses information, and the cyphertext responses information includes the card number information of the fiscard of storage, first application Ciphertext;
Step S503: receiving the first authentication data that the terminal is sent, and first authentication data includes the second application Ciphertext and verification result mark;
Step S504: verification result mark is subjected to processing with first application cryptogram and obtains process data, is used Storage Si Yue carries out encryption to the process data and obtains the second authentication data, and by second authentication data and described first Authentication data, which compares, determines the second authentication result;
Step S505: second authentication result is sent to the terminal, by the terminal according to second certification As a result and the first authentication result for returning of card issuer's server determines the legitimacy of fiscard user identity.
In view of the safety of terminal and financial cartoon letters, in a specific example, terminal can pass through near-field communication (Near Field Communication, is abbreviated as NFC, near field communication (NFC)) interacts with fiscard.On and Stating reply data can also be obtained based on the demand of fiscard.
Accordingly, in a specific example, as shown in figure 5, the method in the present embodiment is also before above-mentioned steps S501 May include:
Step S5001: the utility command that terminal is sent by near-field communication is received;
Step S5002: utility command response message, the utility command are returned to the terminal according to the utility command It include the information of the data type for the data for requiring terminal to send in response message.
The process signal of the method for the verifying fiscard user identity reliability in another embodiment is shown in Fig. 6 Scheme, in the embodiment is illustrated by taking the processing of card issuer's server 103 as an example.
As shown in fig. 6, the method in the embodiment includes:
Step S601: the checking request that terminal is sent is received, the checking request includes the first application cryptogram, fiscard Card number information, trading password information and reply data;
Step S602: it obtains Si Yue corresponding with the card number information, the reply data is added using the Si Yue The second application cryptogram of close acquisition, and second application cryptogram is compared to acquisition card people's consistency with first application cryptogram Check results;
Step S603: verification is carried out to the trading password information and obtains password correctness check results;
Step S604: generating auth response, and the auth response includes the first authentication result and the first authentication data, institute Stating the first authentication result includes card people's consistency desired result result, the password correctness check results, first certification Data include second application cryptogram and verification result mark;
Step S605: the auth response is returned to the terminal, is sent first authentication data by the terminal To fiscard, receive fiscard return the second authentication result after, according to first authentication result, it is described second certification tie Fruit determines the legitimacy of fiscard user identity.
Method in order to better understand inventive embodiments shows in a specific example in Fig. 7 and verifies user identity Interaction flow schematic diagram when reliability.In view of the application of the reliability demonstration of mobile terminal identity and demand are more universal, It is to be illustrated so that terminal 102 is mobile terminal as an example, those skilled in the art can manage in exemplary explanation shown in Fig. 7 Solution, as long as the correlation function for the proof scheme being able to carry out in the embodiment of the present invention, in addition to mobile terminals other Terminal is equally applicable.
When needing to carry out the verifying of user identity reliability, such as when carrying out mobile payment using stored value card etc., Using (such as Mobile banking's APP software etc.) when safety verification during financial terminal, shopping class software logged in or When authentication when being done shopping etc., as shown in fig. 7, mobile terminal can first provide fiscard is close close to mobile terminal The prompt information of field communication induction region, the prompt information can be carried out using any possible mode, such as in mobile terminal Related display interface on shown, by voice carry out voice reminder, display interface display and voice reminder simultaneously into Row etc..
Based on the prompt information, user can place fiscard or the induction region of close mobile terminal near-field communication, Mobile terminal passes through fiscard sending application order of the near-field communication into its near field communication range.
After fiscard receives the utility command, the selected related application of mobile terminal is activated, fiscard is in and opens Beginning state, and utility command response message is returned to mobile terminal, it include that terminal is required to send in the utility command response message Data data type information.In a specific example, the information of the data type in the utility command response message, It can be and sent in a manner of lists of data types.
By taking the user identity reliability demonstration during the transaction payments such as pay, do shopping as an example, in a specific example, Here it includes: exchange hour, type of transaction, transaction amount, transaction currency code, random number, terminal that data type, which can be, Performance.It will be understood by those skilled in the art that the needs based on real trade process, can also be other data types.
After mobile terminal receives the command response message, the data class of the data sent with financial card request terminal is obtained The corresponding data of type, and the data of acquisition composition reply data is sent to the fiscard.As described above, sending answer number When according to sending, and passes through near-field communication (NFC) and be sent to fiscard.In a specific example, data obtained can be with It is to be sent to fiscard as reply data in a manner of data list.
After fiscard receives the reply data, encryption is carried out to the reply data with fiscard itself storage Si Yue and is obtained Application cryptogram (for convenient for other ciphertexts distinguish, hereon referred to as the first application cryptogram), and to mobile terminal return ciphertext ring Information is answered, includes that the card number information of the fiscard of fiscard storage and above-mentioned first are applied in the cyphertext responses information Ciphertext.
It, can be to the trading password for selling user and inputting the fiscard after mobile terminal receives the cyphertext responses information Prompt information, which can be is prompted by voice, is also possible to directly be mentioned by interface for password input Show, be also possible to interface for password input and carried out simultaneously with voice prompting, and receives user and pass through interface for password input or password The trading password information of the fiscard of input equipment input.
Then, mobile terminal sends checking request to card issuer's server of the fiscard, is passing through cloud payment platform In the case that 100 carry out payment transaction, which is sent to the cloud payment platform by mobile terminal, is paid by cloud flat Platform is sent to card issuer's server.Include in the checking request: above-mentioned first application cryptogram, above-mentioned card number information, above-mentioned friendship Easy encrypted message and above-mentioned reply data.It is understood that in order to reinforce mobile terminal and card issuer's server communication mistake The safety of journey, mobile terminal can be and sending after encrypting when sending the checking request, correspondingly, card issuer's clothes Device be engaged in after receiving the checking request of the encryption, then executes subsequent operation.Specific encryption and decryption mode can use any Possible encryption and decryption mode carries out, and the embodiment of the present invention is not specifically limited.For the purpose of concise explanation, in following the description not Encryption process is illustrated.
After card issuer's server receives the checking request, the corresponding with the card number information in checking request of storage is obtained Si Yue, use the Si Yue to the reply data in checking request carry out encryption obtain application cryptogram (for convenient for distinguishing, referred to as the Two application cryptograms), and the second application cryptogram is compared with the first application cryptogram in checking request, to obtain card people one Cause property check results.It is understood that under normal conditions, due to obtaining the encryption of the first application cryptogram, the second application cryptogram Mode be it is the same, therefore, under normal circumstances, it is consistent that the second application cryptogram obtained, which should be with the first application cryptogram, , i.e., under the second application cryptogram and the first application cryptogram unanimous circumstances, card issuer can determine that card people is consistent, otherwise It is inconsistent.
In addition, card issuer's server is also based on the account information in checking request to the trading password information in checking request It is verified, judges whether the trading password information whether corresponding with the account information of storage in verification request is consistent, from And obtain password correctness check results.To the mode that password is verified, it can use existing at present and may go out later Existing any mode carries out.
Then, card issuer's server generates auth response, and the auth response is sent to mobile terminal, or passes through Cloud transaction platform is sent to mobile terminal.It include the first authentication result and the first authentication data in the auth response, In, the first authentication result includes above-mentioned card people consistency desired result result, above-mentioned password correctness check results, the first authentication data It is identified including above-mentioned second application cryptogram and the verification result of generation.Wherein, in first authentication data, the second application cryptogram and The combination of verification result mark can be any possible mode, such as verification result mark can be the first certification number Posterior byte either preceding byte in.
After mobile terminal receives the auth response, the first authentication data is sent to fiscard.
After fiscard receives the auth response, the verification result mark in the first authentication data itself is generated with above-mentioned The first application cryptogram carry out processing obtain process data, and with fiscard itself storage Si Yue the process data is added The second authentication data of close acquisition, and second authentication data and above-mentioned first authentication data are compared, determine the second certification As a result, and second authentication result is sent to mobile terminal.Fiscard can in any manner to verification result mark with First application cryptogram carries out processing and obtains process data, in a specific example, can be verification result mark and first Application cryptogram carries out exclusive or processing and obtains above process data.
Mobile terminal is after receiving the second authentication result, by the second authentication result in conjunction with the first authentication result, determines The legitimacy of user identity.Wherein, the first authentication result represents card issuer's server to the authentication result of card people's consistency, and Two authentication results represent the authentication result of the card to card people's consistency of finance, and the combination of the two further enhances financial card user The reliability of identity legitimacy verifying.
It is mobile whole after the legitimacy that confirmed fiscard user identity in the case where being used in trading payment system End may further determine that transaction payment as a result, and transaction payment result is shown, to inform user authentication result and friendship Easy payment result.
Based on thought same as mentioned above, it is reliable that the embodiment of the present invention also provides a kind of verifying fiscard user identity The device of property shows the structural schematic diagram of the device in a specific example in Fig. 8.In structural schematic diagram shown in Fig. 8, It is to combine the device being arranged on fiscard 81, setting device 82 at the terminal and be arranged on card issuer's server Device 83 for be illustrated.
As shown in figure 8, the verifying fiscard user identity reliability in terminal 82 is arranged in a specific example Device includes:
Data acquisition module 822, the data type of data for obtaining with fiscard 81 requires terminal 82 to send are corresponding Data;
Terminal first information interactive module 823, data for obtaining data acquisition module 822 as reply data to Fiscard 81 is sent, and receives the cyphertext responses information of the return of fiscard 81, which includes the card of fiscard 81 Number information, fiscard 81 carry out the first application cryptogram of encryption acquisition with storage Si Yue to the reply data;Being also used to will Received first authentication data of the second information exchange module of terminal 825 is sent to fiscard 81, and receives the return of fiscard 81 Second authentication result;
Encrypted message receiving module 824, the trading password information of the fiscard 81 for receiving user's input;
The second information exchange module of terminal 825, for sending checking request to card issuer's server 83 of fiscard, this is tested Card request includes above-mentioned first application cryptogram, above-mentioned card number information, above-mentioned trading password information and above-mentioned reply data;And it connects The auth response that card feeding-discharging side's server 83 is returned according to the checking request;
Validity decision module 826, for determining finance according to above-mentioned first authentication result, above-mentioned second authentication result The legitimacy of card user identity.
Wherein, above-mentioned auth response includes the first authentication result and the first authentication data, and the first authentication result includes: hair Card side's server obtains the private Yue corresponding with the card number information of storage, carries out encryption acquisition to reply data using the private Yue Card people's consistency desired result knot of acquisition is compared after second application cryptogram, by second application cryptogram with the first application cryptogram Fruit, the password correctness check results that verification acquisition is carried out to trading password information, above-mentioned first authentication data include described the Two application cryptograms and verification result mark;
Above-mentioned second authentication result is carried out verification result mark with first application cryptogram by the fiscard Processing obtain process data, with storage Si Yue to the process data carry out encryption obtain the second authentication data after, will be described Second authentication data and first authentication data compare determination.
Correspondingly, as shown in figure 8, in the specific example, the verifying fiscard user identity of fiscard 81 is arranged in The device of reliability includes:
Card client information interactive module 811 receives the reply data that terminal 82 is sent, and the reply data includes the terminal The data corresponding with the data type that the data type of the data sent according to financial card request terminal obtains, and to described Terminal returns to cyphertext responses information, and the cyphertext responses information includes card number information, the card end encrypting module of the fiscard of storage The first application cryptogram generated;And the first authentication data that the terminal is sent is received, first authentication data includes the Two application cryptograms and verification result mark, and second authentication result are sent to the terminal, by the terminal according to The first authentication result that the second authentication result and card issuer's server that authentication module determines return determines financial card user body The legitimacy of part;
Process data determining module 812 is handled for identifying the verification result with first application cryptogram, Obtain process data;
Card end encrypting module 813 is answered for carrying out encryption acquisition described first to the reply data with storage Si Yue With ciphertext, and encryption is carried out to the process data with the Si Yue of storage and obtains the second authentication data;
Authentication module 814, for comparing second authentication data and first authentication data described in determination Second authentication result.
Correspondingly, as shown in figure 8, in the specific example, the verifying fiscard that card issuer's server 83 is arranged in is used The device of family identity reliability includes:
Server-side information exchange module 831, for receiving the checking request of terminal transmission, the checking request includes first Application cryptogram, the card number information of fiscard, trading password information and reply data, and auth response generation module is generated Auth response is sent to the terminal, and the first authentication data in auth response is sent to fiscard by the terminal, is received It is true according to the first authentication result, second authentication result in auth response after the second authentication result returned to fiscard Deposit melts the legitimacy of card user identity;
Block people's consistency desired result module 832, for obtaining Si Yue corresponding with the card number information, using the Si Yue to institute It states reply data and carries out encryption the second application cryptogram of acquisition, and second application cryptogram and first application cryptogram are compared Block people's consistency desired result result to obtaining;
Cryptographic check module 833 obtains password correctness check results for carrying out verification to the trading password information;
Auth response generation module 834, for generating the auth response, the auth response includes the first authentication result And first authentication data, first authentication result includes card people's consistency desired result result, password correctness school It tests as a result, first authentication data includes second application cryptogram and verification result mark.
In view of the safety of terminal and financial cartoon letters, in a specific example, terminal can pass through near-field communication (Near Field Communication, is abbreviated as NFC, near field communication (NFC)) interacts with fiscard.On and Stating reply data can also be obtained based on the demand of fiscard.
Accordingly, in a specific example:
Above-mentioned terminal first information interactive module 823, the fiscard hair also by near-field communication near field communication range Send utility command;And the utility command response message that the fiscard is returned based on the utility command is received, the application life Enabling includes the information for requiring the data type of data of terminal transmission in response message.
Correspondingly, above-mentioned card client information interactive module 811, is also used to receive the application that terminal is sent by near-field communication Order;And utility command response message is returned to the terminal according to the utility command, in the utility command response message The information of data type including the data for requiring terminal to send.
As it can be seen that being based on this embodiment scheme, terminal and fiscard are interacted by near-field communication, and then may insure gold Melt the safety of communication process between card and terminal.
Furthermore, it is possible to allow fiscard to be communicated with terminal again when needed, accordingly, as shown in figure 8, being arranged in terminal 82 On the device of verifying fiscard user identity reliability can also include:
Nformation alert module 821, for providing the prompt information by fiscard close to terminal near-field communication induction region.
The device of embodiment present invention as described above can be applied to any need and combine fiscard to financial card user The field that the legitimacy and reliability of identity are verified, such as transaction payment.By taking transaction payment as an example, in answering for transaction payment With scene, above-mentioned reply data may include: exchange hour, type of transaction, transaction amount, transaction currency code, random number, end Hold performance information.
At this point, as shown in connection with fig. 8, in the case, the verifying fiscard user identity reliability in terminal 82 is arranged in Device can also include:
Transaction results determining module 827, the conjunction of the fiscard user identity for being determined according to validity decision module 826 Method determines transaction payment as a result, and showing transaction payment result.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with Relevant hardware is instructed to complete by computer program, it is non-volatile computer-readable that the program can be stored in one It takes in storage medium, in the embodiment of the present invention, which be can be stored in the storage medium of computer system, and by the calculating At least one processor in machine system executes, and includes the process such as the embodiment of above-mentioned each method with realization.Wherein, described Storage medium can be magnetic disk, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access Memory, RAM) etc..
Each technical characteristic of embodiment described above can be combined arbitrarily, for simplicity of description, not to above-mentioned reality It applies all possible combination of each technical characteristic in example to be all described, as long as however, the combination of these technical characteristics is not deposited In contradiction, all should be considered as described in this specification.
The embodiments described above only express several embodiments of the present invention, and the description thereof is more specific and detailed, but simultaneously It cannot therefore be construed as limiting the scope of the patent.It should be pointed out that coming for those of ordinary skill in the art It says, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to protection of the invention Range.Therefore, the scope of protection of the patent of the invention shall be subject to the appended claims.

Claims (12)

1. a kind of method for verifying fiscard user identity reliability, which is characterized in that comprising steps of
Data corresponding with the data type of data that financial card request terminal is sent are obtained, and using the data of acquisition as response Data are sent to the fiscard;
The cyphertext responses information that the fiscard returns is received, the cyphertext responses information includes the card number letter of the fiscard Breath, the fiscard carry out the first application cryptogram of encryption acquisition with storage Si Yue to the reply data;
Receive the trading password information of the fiscard of user's input;
To card issuer's server of the fiscard send checking request, the checking request include first application cryptogram, The card number information, the trading password information and the reply data;
The auth response that card issuer's server is returned according to the checking request is received, the auth response is recognized including first Demonstrate,prove result and the first authentication data, first authentication result include: card issuer's server obtain storage with it is described The corresponding Si Yue of card number information, using the Si Yue to the reply data carry out encryption obtain the second application cryptogram after, by this Card people's consistency desired result result of acquisition is compared with first application cryptogram, believes the trading password for two application cryptograms Breath carries out the password correctness check results of verification acquisition, and first authentication data includes second application cryptogram and verifying As a result it identifies;
First authentication data is sent to the fiscard, and receives the fiscard and identifies the verification result and institute The first application cryptogram is stated to carry out processing acquisition process data, carry out encryption acquisition second to the process data with storage Si Yue The second determining authentication result is compared after authentication data, by second authentication data and first authentication data;
According to first authentication result, second authentication result, the legitimacy of fiscard user identity is determined.
2. the method for verifying fiscard user identity reliability according to claim 1, which is characterized in that obtaining and gold Before the corresponding data of data type for melting the data of card request terminal transmission, further comprise the steps of:
Pass through fiscard sending application order of the near-field communication near field communication range;
Receive the utility command response message that the fiscard is returned based on the utility command, the utility command response message In include require terminal send data data type information.
3. the method for verifying fiscard user identity reliability according to claim 1 or 2, which is characterized in that further include Step: determining transaction payment according to the legitimacy of determining fiscard user identity as a result, and showing transaction payment result Show.
4. a kind of method for verifying fiscard user identity reliability, which is characterized in that comprising steps of
The reply data that terminal is sent is received, the reply data includes the number that the terminal is sent according to financial card request terminal According to data type obtain data corresponding with the data type;
Encryption is carried out to the reply data with storage Si Yue and obtains the first application cryptogram, and returns to ciphertext to the terminal and rings Information is answered, the cyphertext responses information includes the card number information of the fiscard of storage, first application cryptogram;
The first authentication data that the terminal is sent is received, first authentication data includes the second application cryptogram and verifying knot Fruit mark;The method of determination of second application cryptogram are as follows: card issuer's server obtains the corresponding with the card number information of storage Si Yue encrypts the reply data using the Si Yue to obtain second application cryptogram;
Verification result mark is subjected to processing with first application cryptogram and obtains process data, with storage Si Yue to institute It states process data and carries out encryption and obtain the second authentication data, and second authentication data and first authentication data are carried out pair Than determining the second authentication result;
Second authentication result is sent to the terminal, by the terminal according to second authentication result and card issuer The first authentication result that server returns determines the legitimacy of fiscard user identity;First authentication result includes: described Card issuer's server is obtained the Si Yue corresponding with the card number information of storage, is added using the Si Yue to the reply data After the second application cryptogram of close acquisition, second application cryptogram is consistent with first application cryptogram card people that acquisition is compared Property check results, to trading password information carry out verification acquisition password correctness check results.
5. the method for verifying fiscard user identity reliability according to claim 4, which is characterized in that receiving terminal Before the reply data of transmission, further comprise the steps of:
Receive the utility command that terminal is sent by near-field communication;
Utility command response message is returned to the terminal according to the utility command, includes in the utility command response message It is required that the information of the data type for the data that terminal is sent.
6. a kind of method for verifying fiscard user identity reliability, which is characterized in that comprising steps of
The checking request that terminal is sent is received, the checking request includes the first application cryptogram, the card number information of fiscard, transaction Encrypted message and reply data;
It obtains Si Yue corresponding with the card number information, the second application of encryption acquisition is carried out to the reply data using the Si Yue Ciphertext, and second application cryptogram is compared to acquisition card people's consistency desired result result with first application cryptogram;
Verification is carried out to the trading password information and obtains password correctness check results;
Auth response is generated, the auth response includes the first authentication result and the first authentication data, the first certification knot Fruit includes card people's consistency desired result result, the password correctness check results, and first authentication data includes described Second application cryptogram and verification result mark;
The auth response is returned to the terminal, first authentication data is sent to fiscard by the terminal, is received After the second authentication result returned to fiscard, fiscard is determined according to first authentication result, second authentication result The legitimacy of user identity;The method of determination of second authentication result are as follows: the fiscard by the verification result mark with First application cryptogram carries out processing and obtains process data, carries out encryption to the process data with storage Si Yue and obtain the It is compared after two authentication datas, by second authentication data and first authentication data and determines that obtaining described second authenticates As a result.
7. a kind of device for verifying fiscard user identity reliability characterized by comprising
Data acquisition module, for obtaining data corresponding with the data type of data of financial card request terminal transmission;
Terminal first information interactive module, data for obtaining the data acquisition module are as reply data to the gold Melt card transmission, and receive the cyphertext responses information that the fiscard returns, the cyphertext responses information includes the fiscard Card number information, the fiscard carry out the first application cryptogram of encryption acquisition with storage Si Yue to the reply data;It will be whole The for holding received first authentication data of the second information exchange module to be sent to the fiscard, and receiving that the fiscard returns Two authentication results;
Encrypted message receiving module, the trading password information of the fiscard for receiving user's input;
The second information exchange module of terminal, for sending checking request, the verifying to card issuer's server of the fiscard Request includes first application cryptogram, the card number information, the trading password information and the reply data;And it receives The auth response that card issuer's server is returned according to the checking request;
Validity decision module, for determining finance card user body according to first authentication result, second authentication result The legitimacy of part;
The auth response includes the first authentication result and the first authentication data, and first authentication result includes: the hair Card side's server is obtained the Si Yue corresponding with the card number information of storage, is encrypted using the Si Yue to the reply data Card people's consistency of acquisition is compared after obtaining the second application cryptogram, by second application cryptogram with first application cryptogram Check results, the password correctness check results that verification acquisition is carried out to the trading password information, first authentication data It is identified including second application cryptogram and verification result;
Verification result mark is carried out processing acquisition with first application cryptogram by the fiscard by the second authentication result Process data, with storage Si Yue to the process data carry out encryption obtain the second authentication data after, described second is authenticated Data and first authentication data compare determination.
8. the device of verifying fiscard user identity reliability according to claim 7, which is characterized in that
The terminal first information interactive module, the fiscard sending application life also by near-field communication near field communication range It enables;And the utility command response message that the fiscard is returned based on the utility command is received, the utility command response letter It include the information of the data type for the data for requiring terminal to send in breath.
9. the device of verifying fiscard user identity reliability according to claim 7 or 8, which is characterized in that further include:
The legitimacy of transaction results determining module, the fiscard user identity for being determined according to the validity decision module is true Transaction payment is determined as a result, and showing transaction payment result.
10. a kind of device for verifying fiscard user identity reliability characterized by comprising
Card client information interactive module receives the reply data that terminal is sent, and the reply data includes the terminal according to finance The data corresponding with the data type that the data type for the data that card request terminal is sent obtains, and returned to the terminal Cyphertext responses information, the cyphertext responses information include that the card number information of fiscard of storage, card end encrypting module generate One application cryptogram;And the first authentication data that the terminal is sent is received, first authentication data includes that the second application is close Text and verification result mark, and second authentication result is sent to the terminal, by the terminal according to authentication module The first authentication result that the second determining authentication result and card issuer's server return determines the legal of fiscard user identity Property;
The method of determination of second application cryptogram are as follows: card issuer's server obtains the private corresponding with the card number information of storage Yue encrypts the reply data using the Si Yue to obtain second application cryptogram;First authentication result includes: Card issuer's server obtain storage Si Yue corresponding with the card number information, using the Si Yue to the reply data into The card people of acquisition is compared after row encryption the second application cryptogram of acquisition, by second application cryptogram with first application cryptogram Consistency desired result result, the password correctness check results that verification acquisition is carried out to trading password information;
Process data determining module being handled with first application cryptogram for identifying the verification result, being obtained Number of passes evidence;
Card end encrypting module obtains first application cryptogram for carrying out encryption to the reply data with storage Si Yue, And encryption is carried out to the process data with the Si Yue of storage and obtains the second authentication data;
Authentication module determines second certification for comparing second authentication data and first authentication data As a result.
11. the device of verifying fiscard user identity reliability according to claim 10, it is characterised in that:
The card client information interactive module is also used to receive the utility command that terminal is sent by near-field communication;And according to described Utility command returns to utility command response message to the terminal, includes that terminal is required to send in the utility command response message Data data type information.
12. a kind of device for verifying fiscard user identity reliability characterized by comprising
Server-side information exchange module, for receiving the checking request of terminal transmission, the checking request includes that the first application is close Text, the card number information of fiscard, trading password information and reply data, and the verifying that auth response generation module is generated is rung It should be sent to the terminal, the first authentication data in auth response is sent to fiscard by the terminal, receives finance After blocking the second authentication result returned, finance is determined according to the first authentication result, second authentication result in auth response The legitimacy of card user identity;The method of determination of second authentication result are as follows: the fiscard identifies the verification result Processing acquisition process data is carried out with first application cryptogram, encryption acquisition is carried out to the process data with storage Si Yue It is compared after second authentication data, by second authentication data and first authentication data and determines that obtaining described second recognizes Demonstrate,prove result;
Block people's consistency desired result module, for obtaining Si Yue corresponding with the card number information, using the Si Yue to the response Data carry out encryption and obtain the second application cryptogram, and acquisition is compared with first application cryptogram in second application cryptogram Block people's consistency desired result result;
Cryptographic check module obtains password correctness check results for carrying out verification to the trading password information;
Auth response generation module, for generating the auth response, the auth response includes the first authentication result and the One authentication data, first authentication result include card people's consistency desired result result, the password correctness check results, First authentication data includes second application cryptogram and verification result mark.
CN201610289386.1A 2016-05-03 2016-05-03 Verify the method and device of fiscard user identity reliability Active CN105897721B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201610289386.1A CN105897721B (en) 2016-05-03 2016-05-03 Verify the method and device of fiscard user identity reliability
PCT/CN2017/082457 WO2017190633A1 (en) 2016-05-03 2017-04-28 Method and device for reliably verifying identity of financial card user

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610289386.1A CN105897721B (en) 2016-05-03 2016-05-03 Verify the method and device of fiscard user identity reliability

Publications (2)

Publication Number Publication Date
CN105897721A CN105897721A (en) 2016-08-24
CN105897721B true CN105897721B (en) 2019-01-25

Family

ID=56703165

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610289386.1A Active CN105897721B (en) 2016-05-03 2016-05-03 Verify the method and device of fiscard user identity reliability

Country Status (2)

Country Link
CN (1) CN105897721B (en)
WO (1) WO2017190633A1 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105897721B (en) * 2016-05-03 2019-01-25 广州广电运通金融电子股份有限公司 Verify the method and device of fiscard user identity reliability
WO2018136914A1 (en) 2017-01-23 2018-07-26 Mastercard International Incorporated Method and system for authentication via a trusted execution environment
CN108322560A (en) * 2018-01-17 2018-07-24 深圳喆行科技有限公司 A kind of method and system of read-write equipment initialization
CN109815803B (en) * 2018-12-18 2023-04-18 平安科技(深圳)有限公司 Face examination risk control method and device, computer equipment and storage medium
CN109816359B (en) * 2019-02-27 2021-05-18 银联商务股份有限公司 Service calling method and system
CN112630570A (en) * 2020-12-16 2021-04-09 满帮信息咨询有限公司 ETC (electronic toll Collection) equipment effectiveness detection method and device, electronic equipment and medium
CN113132101A (en) * 2021-04-19 2021-07-16 上海同态信息科技有限责任公司 Financial user identity authentication method and system based on data privacy calculation

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162535A (en) * 2006-10-13 2008-04-16 中国银联股份有限公司 Method and system for realizing magnetic stripe card trading by IC card
CN101710433A (en) * 2008-12-31 2010-05-19 深圳市江波龙电子有限公司 Electronic payment card and transaction method thereof
CN104021473A (en) * 2014-05-30 2014-09-03 刘劲彤 Safe payment method of visual financial card
CN104408620A (en) * 2014-11-13 2015-03-11 中国科学院数据与通信保护研究教育中心 Safe NFC (near field communication) payment method and safe NFC payment system
EP2889823A1 (en) * 2013-12-31 2015-07-01 Gemalto SA Method for securing a completion step of an online transaction

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105897721B (en) * 2016-05-03 2019-01-25 广州广电运通金融电子股份有限公司 Verify the method and device of fiscard user identity reliability

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162535A (en) * 2006-10-13 2008-04-16 中国银联股份有限公司 Method and system for realizing magnetic stripe card trading by IC card
CN101710433A (en) * 2008-12-31 2010-05-19 深圳市江波龙电子有限公司 Electronic payment card and transaction method thereof
EP2889823A1 (en) * 2013-12-31 2015-07-01 Gemalto SA Method for securing a completion step of an online transaction
CN104021473A (en) * 2014-05-30 2014-09-03 刘劲彤 Safe payment method of visual financial card
CN104408620A (en) * 2014-11-13 2015-03-11 中国科学院数据与通信保护研究教育中心 Safe NFC (near field communication) payment method and safe NFC payment system

Also Published As

Publication number Publication date
CN105897721A (en) 2016-08-24
WO2017190633A1 (en) 2017-11-09

Similar Documents

Publication Publication Date Title
CN105897721B (en) Verify the method and device of fiscard user identity reliability
Basin et al. The EMV standard: Break, fix, verify
US20150135279A1 (en) Personal identity control
US20060005024A1 (en) Dual-path pre-approval authentication method
CN104079562B (en) A kind of safety certifying method and relevant apparatus based on payment terminal
AU2010315111A1 (en) Verification of portable consumer devices for 3-D secure services
CN106209383B (en) A kind of method and device of mobile payment security certification
CN102202300A (en) System and method for dynamic password authentication based on dual channels
CN108234385A (en) A kind of method for authenticating user identity and device
CN112789643A (en) System and method for password authentication of contactless cards
JP2015537399A (en) Application system for mobile payment and method for providing and using mobile payment means
WO2015065249A1 (en) Method and system for protecting information against unauthorized use (variants)
CN105591745A (en) Method and system for performing identity authentication on user using third-party application
CN106209386B (en) A kind of methods, devices and systems for realizing safety certification
CN106372942A (en) Payment method and system based on safety certificate mechanism
US20120284787A1 (en) Personal Secured Access Devices
CN106330888B (en) The method and device of payment safety in a kind of guarantee the Internet line
EP3364352A1 (en) Determining legitimate conditions at a computing device
CN110166471A (en) A kind of portal authentication method and device
CN101425901A (en) Control method and device for customer identity verification in processing terminals
US11386427B2 (en) System for secure authentication of a user's identity in an electronic system for banking transactions
CN104980276B (en) Identity identifying method for safety information interaction
US11301847B1 (en) Systems and methods for an authorized identification system
WO2015162276A2 (en) Secure token implementation
Cobourne et al. Using the smart card web server in secure branchless banking

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant